Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/_0xMIz64aqxPcbRsMzXvcg7c-0U.roa
File: _0xMIz64aqxPcbRsMzXvcg7c-0U.roa (raw, json)
Hash identifier: RA+6t40MMOIqmv2oGfCH5PBjaiY2sr7+D8GtjO/5DU4=
Subject key identifier: FF:4C:4C:23:3E:B8:6A:AC:4F:71:B4:6C:33:35:EF:72:0E:DC:FB:45
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018C96B7D1BE81DECEA20860BBCD49DC3930
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/_0xMIz64aqxPcbRsMzXvcg7c-0U.roa
Signing time: Sat 23 Dec 2023 12:47:58 +0000
ROA not before: Sat 23 Dec 2023 12:47:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46562
IP address blocks: 45.156.220.0/24 maxlen: 24
185.235.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:96:b7:d1:be:81:de:ce:a2:08:60:bb:cd:49:dc:39:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Dec 23 12:47:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff4c4c233eb86aac4f71b46c3335ef720edcfb45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d0:95:f6:e3:fb:3d:f7:f2:06:99:bb:05:2e:
ff:0c:84:b5:45:3f:82:ac:d0:8d:64:19:80:02:b4:
69:3f:ac:2c:d9:08:b6:b2:b5:0a:51:6f:f6:d6:9d:
11:c5:81:41:ca:7d:57:b6:43:6f:c0:e9:23:62:da:
81:87:39:9e:be:b7:d8:55:a7:1f:96:73:58:56:4c:
49:9d:3c:ac:35:45:0c:8f:4c:82:19:81:4f:67:85:
26:ca:be:07:88:80:fd:54:73:97:ea:26:7a:d4:67:
d2:e4:36:f9:66:2e:95:d1:ac:75:72:a6:36:02:5d:
b0:be:2e:97:3c:c0:13:b4:03:ab:1c:92:32:1d:24:
00:9f:64:16:e5:74:8d:14:96:9d:7d:9e:b8:4c:9c:
20:2f:85:2a:f1:93:cb:36:f0:2f:66:48:2f:48:94:
f2:6a:43:7d:f0:a7:fa:77:ad:e1:77:76:46:8e:3a:
19:f9:63:c1:9e:a4:84:38:f3:cb:71:37:2d:c3:cf:
39:40:51:68:0b:77:87:26:77:39:71:13:ab:0a:a5:
45:84:54:09:b8:3f:40:cd:66:ce:1c:5e:ba:1a:d9:
07:ec:c7:13:36:87:1f:71:4d:23:9c:da:a2:e3:d0:
27:34:63:f5:81:99:9e:59:bf:dc:d0:cf:e3:ab:7c:
84:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:4C:4C:23:3E:B8:6A:AC:4F:71:B4:6C:33:35:EF:72:0E:DC:FB:45
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/_0xMIz64aqxPcbRsMzXvcg7c-0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.220.0/24
185.235.167.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:4e:cf:80:ec:d3:03:8b:b7:8d:68:0a:d1:03:ff:24:d0:cc:
67:66:60:51:4c:d2:33:0f:bd:de:af:1b:ff:db:a1:aa:8f:c8:
e8:05:a9:f0:a2:45:11:9c:b7:39:72:4b:8d:54:da:68:70:cf:
b2:cd:21:0f:b5:be:bf:05:cd:ba:0a:09:a2:b7:29:f9:a8:af:
ce:84:2a:56:89:c6:93:11:4b:71:82:73:25:72:96:7b:6c:ea:
e9:4a:c1:8d:2f:0b:36:1c:5c:be:13:e6:10:1f:e9:1f:5e:4f:
fe:73:3e:35:97:18:71:7d:35:d6:d7:ce:f3:b0:98:3c:b2:fc:
e0:ae:bb:4b:9d:7c:bf:0c:94:42:b9:84:a1:68:58:1d:f8:a8:
c8:b1:fa:32:76:f8:39:7b:d0:d3:4f:86:e5:48:6f:83:cb:4b:
6f:03:db:a2:11:ae:1e:5d:e8:29:b4:28:3f:77:60:3b:4c:f2:
7e:fa:a8:dd:c8:a2:53:36:82:9f:10:86:0f:91:d0:bd:a7:3e:
03:33:ff:c0:6c:42:be:97:ef:2d:e0:07:ff:22:b9:4b:bd:89:
bd:a1:a0:be:e1:a9:aa:3e:dd:16:da:98:c6:f3:9d:e3:1f:39:
eb:3b:6c:f8:d4:e3:18:82:00:0e:7d:e1:04:1d:14:7f:cf:4b:
66:73:9d:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyWt9G+gd7Ooghgu81J3DkwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMxMjIzMTI0NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjRjNGMyMzNlYjg2YWFjNGY3MWI0NmMzMzM1ZWY3MjBlZGNmYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dCV9uP7PffyBpm7BS7/DIS1RT+C
rNCNZBmAArRpP6ws2Qi2srUKUW/21p0RxYFByn1XtkNvwOkjYtqBhzmevrfYVacf
lnNYVkxJnTysNUUMj0yCGYFPZ4Umyr4HiID9VHOX6iZ61GfS5Db5Zi6V0ax1cqY2
Al2wvi6XPMATtAOrHJIyHSQAn2QW5XSNFJadfZ64TJwgL4Uq8ZPLNvAvZkgvSJTy
akN98Kf6d63hd3ZGjjoZ+WPBnqSEOPPLcTctw885QFFoC3eHJnc5cROrCqVFhFQJ
uD9AzWbOHF66GtkH7McTNocfcU0jnNqi49AnNGP1gZmeWb/c0M/jq3yEHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP9MTCM+uGqsT3G0bDM173IO3PtFMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvXzB4TUl6NjRhcXhQY2JSc016WHZjZzdjLTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZzcAwQA
ueunMA0GCSqGSIb3DQEBCwUAA4IBAQCNTs+A7NMDi7eNaArRA/8k0MxnZmBRTNIz
D73erxv/26Gqj8joBanwokURnLc5ckuNVNpocM+yzSEPtb6/Bc26Cgmityn5qK/O
hCpWicaTEUtxgnMlcpZ7bOrpSsGNLws2HFy+E+YQH+kfXk/+cz41lxhxfTXW187z
sJg8svzgrrtLnXy/DJRCuYShaFgd+KjIsfoydvg5e9DTT4blSG+Dy0tvA9uiEa4e
XegptCg/d2A7TPJ++qjdyKJTNoKfEIYPkdC9pz4DM//AbEK+l+8t4Af/IrlLvYm9
oaC+4amqPt0W2pjG853jHznrO2z41OMYggAOfeEEHRR/z0tmc50H
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:29 2025 by rpki-client