Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/j7Z8HaM5wBHZzKQELDN-uxJT1Mo.roa
File: j7Z8HaM5wBHZzKQELDN-uxJT1Mo.roa (raw, json)
Hash identifier: HIqGBpy0Y717ez44OHY/alrwczUwGhwpNy2uUdhnPSs=
Subject key identifier: 8F:B6:7C:1D:A3:39:C0:11:D9:CC:A4:04:2C:33:7E:BB:12:53:D4:CA
Certificate issuer: /CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Certificate serial: 01856DE649E3FB20BF464F3814631E2BC3C1
Authority key identifier: 8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/j7Z8HaM5wBHZzKQELDN-uxJT1Mo.roa
Signing time: Sun 01 Jan 2023 15:14:46 +0000
ROA not before: Sun 01 Jan 2023 15:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207787
IP address blocks: 45.93.246.0/24 maxlen: 24
45.93.245.0/24 maxlen: 24
45.93.244.0/24 maxlen: 24
45.93.247.0/24 maxlen: 24
2a0e:2940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:49:e3:fb:20:bf:46:4f:38:14:63:1e:2b:c3:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Validity
Not Before: Jan 1 15:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fb67c1da339c011d9cca4042c337ebb1253d4ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6b:09:bd:82:eb:22:bc:fe:de:82:48:df:f2:
68:9d:18:55:cb:a5:25:c8:1c:df:9f:81:39:74:24:
94:09:85:fc:a5:4c:18:a4:10:81:3f:18:76:9d:4c:
86:17:74:32:e3:42:f7:7b:04:90:41:3f:72:6f:6d:
cc:24:8c:2a:33:4b:c5:0c:54:f6:b0:73:09:d7:f8:
cf:dc:e4:e8:93:38:6c:c8:1f:fb:18:59:a2:2c:fe:
cd:8b:5d:aa:ce:6c:61:ba:e3:80:e9:bc:59:6f:10:
50:b1:b1:8d:9b:8b:59:58:9c:aa:25:5b:e1:9f:3a:
a5:a4:90:3e:af:42:ba:14:d4:a2:f3:17:9a:c7:70:
fe:1a:2d:93:49:07:48:3f:82:59:3e:a6:34:68:c2:
57:3d:fc:d4:a6:dc:e5:11:74:38:90:8c:01:3c:3e:
2f:af:74:3a:a2:08:cb:74:d6:ee:11:84:11:9d:86:
b7:d7:5e:99:fd:8c:cb:0e:15:bf:9c:9b:b9:d7:7b:
75:af:81:7b:f3:cc:e1:c0:14:92:1d:c6:f6:bf:57:
49:2a:f3:23:bb:64:8e:0c:63:4f:ad:fa:27:8a:ff:
f8:f6:7d:65:fc:a9:59:3b:79:ac:04:8b:b5:b1:16:
2d:c0:98:1b:95:8d:2d:74:39:7a:14:58:d7:75:4a:
d1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B6:7C:1D:A3:39:C0:11:D9:CC:A4:04:2C:33:7E:BB:12:53:D4:CA
X509v3 Authority Key Identifier:
keyid:8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/j7Z8HaM5wBHZzKQELDN-uxJT1Mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/i7EwjGqXfVy5A78lqWMIsOjOO0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.244.0/22
IPv6:
2a0e:2940::/29
Signature Algorithm: sha256WithRSAEncryption
3f:72:95:38:56:4f:2f:f7:27:21:d6:64:b1:ff:66:56:6f:f9:
f1:d0:6e:60:3d:11:e6:0a:f2:9e:12:1b:61:4c:9f:88:17:5f:
3f:e7:49:20:14:06:bd:a1:6b:0d:46:59:84:80:3e:7f:4a:af:
58:e1:a1:8e:eb:af:75:ad:a2:10:96:74:d5:f2:5d:65:0e:d1:
d9:ca:5c:16:42:44:25:72:cf:1a:32:91:a4:3a:2d:a2:5b:1f:
d2:3e:8e:d8:9c:f3:09:84:62:1d:a4:6c:eb:5a:e6:4c:b7:f2:
4f:0d:2c:61:1d:9b:01:69:58:ab:e9:db:a6:1c:98:52:57:b4:
38:86:0a:6f:24:51:ba:9e:b0:f4:a0:8a:bc:7e:13:be:4b:f9:
b0:02:50:83:20:49:5e:3b:99:e1:fa:b6:93:a2:4a:07:59:61:
ad:b2:57:7b:5d:7b:01:4b:ec:f6:b0:4a:6b:59:93:78:b4:a1:
0e:ea:ee:18:dc:85:c2:cc:0b:a3:8e:6d:90:91:1d:01:0f:7d:
f5:7c:b4:62:2e:61:6c:14:1a:96:48:fa:bb:3f:b3:da:ce:ed:
6b:c9:bc:e7:60:82:61:18:56:8e:62:83:42:56:f5:a2:4e:e9:
61:1e:88:26:a2:29:9d:82:eb:1d:12:b0:25:6f:45:62:f5:d4:
23:20:e0:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt5knj+yC/Rk84FGMeK8PBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYjEzMDhjNmE5NzdkNWNiOTAzYmYyNWE5NjMwOGIwZThj
ZTNiNDYwHhcNMjMwMTAxMTUxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmI2N2MxZGEzMzljMDExZDljY2E0MDQyYzMzN2ViYjEyNTNkNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGsJvYLrIrz+3oJI3/JonRhVy6Ul
yBzfn4E5dCSUCYX8pUwYpBCBPxh2nUyGF3Qy40L3ewSQQT9yb23MJIwqM0vFDFT2
sHMJ1/jP3OTokzhsyB/7GFmiLP7Ni12qzmxhuuOA6bxZbxBQsbGNm4tZWJyqJVvh
nzqlpJA+r0K6FNSi8xeax3D+Gi2TSQdIP4JZPqY0aMJXPfzUptzlEXQ4kIwBPD4v
r3Q6ogjLdNbuEYQRnYa3116Z/YzLDhW/nJu513t1r4F788zhwBSSHcb2v1dJKvMj
u2SODGNPrfoniv/49n1l/KlZO3msBIu1sRYtwJgblY0tdDl6FFjXdUrRcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI+2fB2jOcAR2cykBCwzfrsSU9TKMB8GA1UdIwQY
MBaAFIuxMIxql31cuQO/JaljCLDozjtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMt
MTAxYWJkNzM5MWE2LzEvajdaOEhhTTV3QkhaektRRUxETi11eEpUMU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMtMTAxYWJkNzM5MWE2
LzEvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLV30MA0E
AgACMAcDBQMqDilAMA0GCSqGSIb3DQEBCwUAA4IBAQA/cpU4Vk8v9ych1mSx/2ZW
b/nx0G5gPRHmCvKeEhthTJ+IF18/50kgFAa9oWsNRlmEgD5/Sq9Y4aGO6691raIQ
lnTV8l1lDtHZylwWQkQlcs8aMpGkOi2iWx/SPo7YnPMJhGIdpGzrWuZMt/JPDSxh
HZsBaVir6dumHJhSV7Q4hgpvJFG6nrD0oIq8fhO+S/mwAlCDIEleO5nh+raTokoH
WWGtsld7XXsBS+z2sEprWZN4tKEO6u4Y3IXCzAujjm2QkR0BD331fLRiLmFsFBqW
SPq7P7Pazu1rybznYIJhGFaOYoNCVvWiTulhHogmoimdgusdErAlb0Vi9dQjIOCP
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:41 2025 by rpki-client