Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/8mLrDh9eLsNUS9kLFbEPCo7kPpw.roa
File: 8mLrDh9eLsNUS9kLFbEPCo7kPpw.roa (raw, json)
Hash identifier: 0/F1650Mn6Dy3Vt3vBXVsqIwX0PEqG4DAJDM4LnZh4Q=
Subject key identifier: F2:62:EB:0E:1F:5E:2E:C3:54:4B:D9:0B:15:B1:0F:0A:8E:E4:3E:9C
Certificate issuer: /CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Certificate serial: 0181E015092C7907F64D547E9FF69873359F
Authority key identifier: 8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/8mLrDh9eLsNUS9kLFbEPCo7kPpw.roa
Signing time: Fri 08 Jul 2022 23:11:23 +0000
ROA not before: Fri 08 Jul 2022 23:11:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41155
IP address blocks: 45.158.139.0/24 maxlen: 24
45.158.136.0/24 maxlen: 24
45.158.137.0/24 maxlen: 24
45.158.138.0/24 maxlen: 24
194.0.193.0/24 maxlen: 24
194.0.221.0/24 maxlen: 24
194.0.223.0/24 maxlen: 24
45.156.74.0/24 maxlen: 24
45.156.75.0/24 maxlen: 24
45.156.72.0/24 maxlen: 24
45.156.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e0:15:09:2c:79:07:f6:4d:54:7e:9f:f6:98:73:35:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Validity
Not Before: Jul 8 23:11:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f262eb0e1f5e2ec3544bd90b15b10f0a8ee43e9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ec:1e:44:cf:0f:6c:f2:19:17:65:59:cd:8c:
cb:70:c6:76:d4:02:af:e9:bc:80:b7:96:2c:46:3a:
64:c1:3f:9e:54:eb:bf:1a:ed:ee:a4:48:ae:5b:4e:
6d:4f:40:15:1e:56:19:e5:42:5d:e5:5e:05:33:26:
16:c8:10:6e:68:37:c5:59:2c:96:6b:ac:9d:54:a6:
5f:bb:d4:fc:cc:ee:b1:a4:5f:4c:02:0a:bc:d8:8f:
92:28:c6:a9:2f:6b:51:0d:de:00:2e:98:11:74:25:
9f:f0:23:9d:2b:ce:ac:ef:7b:1f:01:66:47:2e:54:
92:09:9f:8a:c4:5c:14:8e:42:47:ba:67:bc:66:27:
c1:70:d2:80:ec:37:66:23:65:4b:ed:4d:e8:6e:46:
ed:f5:3f:7c:06:96:f1:1a:ba:99:45:92:e7:7c:e0:
75:73:22:11:c9:69:0c:c1:7b:ba:d1:2a:d1:d0:65:
84:56:14:0d:11:ce:0c:bf:0a:37:f2:ff:d4:91:b3:
17:43:e2:81:7c:98:6d:3a:67:32:f0:e1:7c:a4:79:
48:88:50:21:2b:63:2e:ac:45:81:43:8f:2f:61:94:
06:a2:2d:96:53:05:77:38:a6:3b:60:10:41:b2:f1:
c0:ff:e5:14:3e:82:89:a2:a8:a2:a7:2f:90:c9:59:
d3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:62:EB:0E:1F:5E:2E:C3:54:4B:D9:0B:15:B1:0F:0A:8E:E4:3E:9C
X509v3 Authority Key Identifier:
keyid:8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/8mLrDh9eLsNUS9kLFbEPCo7kPpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/i7EwjGqXfVy5A78lqWMIsOjOO0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.72.0/22
45.158.136.0/22
194.0.193.0/24
194.0.221.0/24
194.0.223.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:02:fb:31:4c:63:9d:32:53:32:74:bb:9e:0f:7b:69:38:fb:
d0:4d:cf:57:9d:58:ba:ea:e0:ee:2a:ee:d9:7e:f1:63:d2:dc:
c0:da:1d:d8:6b:57:d6:a6:da:4b:4d:97:63:db:de:eb:c4:05:
10:10:3e:41:5e:71:b3:63:d6:9e:1d:41:12:c6:0a:26:6e:81:
bc:eb:e2:b0:e1:ad:8a:0e:bf:84:c4:58:46:a4:49:e0:a6:96:
f4:90:67:2b:76:02:e6:3a:5d:0e:2b:f4:09:51:ba:79:45:e3:
5d:ab:6f:de:82:64:aa:3b:16:1d:d9:6a:50:ff:8d:65:df:2c:
b2:50:93:10:05:ec:da:ba:eb:ac:fd:50:da:de:9c:f0:fb:74:
1b:e8:93:88:56:3e:17:bc:86:8f:90:13:c8:d4:2a:13:93:ab:
e5:ae:33:dc:88:88:da:17:76:91:1c:41:72:3d:2b:68:5a:0e:
0a:6f:87:0e:ba:2f:58:1f:bf:ec:1f:ef:19:c1:f3:08:94:df:
d6:fb:44:c3:49:23:35:3e:73:0b:a7:ea:8d:3a:50:77:50:9d:
79:a8:fc:9e:e8:01:43:52:d6:0e:09:70:14:23:e7:f5:5f:22:
42:4b:cb:8e:e7:ec:73:87:76:20:0e:0c:d2:ee:7a:44:0d:0c:
47:ac:75:96
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYHgFQkseQf2TVR+n/aYczWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYjEzMDhjNmE5NzdkNWNiOTAzYmYyNWE5NjMwOGIwZThj
ZTNiNDYwHhcNMjIwNzA4MjMxMTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjYyZWIwZTFmNWUyZWMzNTQ0YmQ5MGIxNWIxMGYwYThlZTQzZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOweRM8PbPIZF2VZzYzLcMZ21AKv
6byAt5YsRjpkwT+eVOu/Gu3upEiuW05tT0AVHlYZ5UJd5V4FMyYWyBBuaDfFWSyW
a6ydVKZfu9T8zO6xpF9MAgq82I+SKMapL2tRDd4ALpgRdCWf8COdK86s73sfAWZH
LlSSCZ+KxFwUjkJHume8ZifBcNKA7DdmI2VL7U3obkbt9T98BpbxGrqZRZLnfOB1
cyIRyWkMwXu60SrR0GWEVhQNEc4Mvwo38v/UkbMXQ+KBfJhtOmcy8OF8pHlIiFAh
K2MurEWBQ48vYZQGoi2WUwV3OKY7YBBBsvHA/+UUPoKJoqiipy+QyVnTDQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPJi6w4fXi7DVEvZCxWxDwqO5D6cMB8GA1UdIwQY
MBaAFIuxMIxql31cuQO/JaljCLDozjtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMt
MTAxYWJkNzM5MWE2LzEvOG1MckRoOWVMc05VUzlrTEZiRVBDbzdrUHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMtMTAxYWJkNzM5MWE2
LzEvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLZxIAwQC
LZ6IAwQAwgDBAwQAwgDdAwQAwgDfMA0GCSqGSIb3DQEBCwUAA4IBAQA8AvsxTGOd
MlMydLueD3tpOPvQTc9XnVi66uDuKu7ZfvFj0tzA2h3Ya1fWptpLTZdj297rxAUQ
ED5BXnGzY9aeHUESxgomboG86+Kw4a2KDr+ExFhGpEngppb0kGcrdgLmOl0OK/QJ
Ubp5ReNdq2/egmSqOxYd2WpQ/41l3yyyUJMQBezauuus/VDa3pzw+3Qb6JOIVj4X
vIaPkBPI1CoTk6vlrjPciIjaF3aRHEFyPStoWg4Kb4cOui9YH7/sH+8ZwfMIlN/W
+0TDSSM1PnMLp+qNOlB3UJ15qPye6AFDUtYOCXAUI+f1XyJCS8uO5+xzh3YgDgzS
7npEDQxHrHWW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:06 2025 by rpki-client