Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e4e057-c698-4933-9d05-7c0a94ae1719/1/IGr64hzhTUCVq10jI0-JsjeLU7Y.roa
File: IGr64hzhTUCVq10jI0-JsjeLU7Y.roa (raw, json)
Hash identifier: T5fVXdwHGVeWTa4vIE1hOwbsPAnprdkDngGOdeaNTOU=
Subject key identifier: 20:6A:FA:E2:1C:E1:4D:40:95:AB:5D:23:23:4F:89:B2:37:8B:53:B6
Certificate issuer: /CN=267e595ab226cbfc53c0b89650f1b39670ff0b4e
Certificate serial: 01856FE7130436752127C8FBD2D50B1956AB
Authority key identifier: 26:7E:59:5A:B2:26:CB:FC:53:C0:B8:96:50:F1:B3:96:70:FF:0B:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jn5ZWrImy_xTwLiWUPGzlnD_C04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/e4e057-c698-4933-9d05-7c0a94ae1719/1/IGr64hzhTUCVq10jI0-JsjeLU7Y.roa
Signing time: Mon 02 Jan 2023 00:34:52 +0000
ROA not before: Mon 02 Jan 2023 00:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212778
IP address blocks: 145.87.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:13:04:36:75:21:27:c8:fb:d2:d5:0b:19:56:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=267e595ab226cbfc53c0b89650f1b39670ff0b4e
Validity
Not Before: Jan 2 00:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=206afae21ce14d4095ab5d23234f89b2378b53b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:85:22:26:97:06:84:20:cd:8f:cf:c2:91:83:
df:57:7a:99:51:18:cc:0d:e4:39:ae:06:6f:4d:6d:
09:35:54:d7:a3:fe:f0:d6:f5:03:d2:f1:76:fd:41:
c2:9c:e5:8b:3e:64:55:c8:6d:47:49:d5:f4:44:7f:
b6:3d:11:2a:2c:b2:c0:ae:06:01:f3:d3:77:e3:d7:
a5:f5:ee:3c:d5:0e:7b:f5:4f:96:3b:80:82:1c:64:
51:b1:c1:fa:e1:a9:89:e2:2a:f5:59:5c:ce:48:b6:
88:36:5e:57:b6:fc:21:ec:ec:be:01:c9:bb:26:a5:
64:58:bd:e3:f9:90:5f:88:a0:92:33:24:f8:58:e1:
17:5d:08:a4:42:65:20:c1:b8:32:1b:73:7a:b7:33:
c1:9e:38:51:7b:88:ea:5a:09:1f:9e:c5:3a:26:e9:
22:8f:ea:7b:5d:be:fe:b1:75:fa:47:7c:a6:5e:fb:
62:f2:2a:d3:75:31:9d:2e:9c:b0:44:63:4b:c2:1b:
b4:50:46:ee:5c:d6:c1:a1:bb:42:a6:49:a5:87:bd:
3f:96:d6:b6:58:04:09:d3:4b:0a:0f:17:f5:6a:bd:
52:d1:9e:ee:30:ff:31:dc:8a:35:c5:c4:f0:b9:35:
ed:fe:b3:45:71:e7:c2:c9:a9:c2:53:22:5f:2a:3a:
dc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:6A:FA:E2:1C:E1:4D:40:95:AB:5D:23:23:4F:89:B2:37:8B:53:B6
X509v3 Authority Key Identifier:
keyid:26:7E:59:5A:B2:26:CB:FC:53:C0:B8:96:50:F1:B3:96:70:FF:0B:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jn5ZWrImy_xTwLiWUPGzlnD_C04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e4e057-c698-4933-9d05-7c0a94ae1719/1/IGr64hzhTUCVq10jI0-JsjeLU7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e4e057-c698-4933-9d05-7c0a94ae1719/1/Jn5ZWrImy_xTwLiWUPGzlnD_C04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.87.0.0/22
Signature Algorithm: sha256WithRSAEncryption
27:d0:a2:77:f5:ad:a5:29:64:89:9e:0e:45:90:e0:80:f5:31:
a4:e3:f2:8a:18:55:0f:6b:2b:9c:61:cc:55:eb:b7:df:1d:c4:
5b:fe:e7:d1:f9:de:13:2e:a5:f3:9c:f8:b7:98:fa:99:85:4b:
83:bb:29:42:e0:24:39:a0:a0:e1:bb:da:97:3f:05:a8:fd:0a:
ea:f2:9f:eb:f1:7f:7a:69:ff:be:7a:9d:ed:d5:03:23:9f:e0:
d4:e0:f6:5b:ab:07:bd:4a:67:04:65:4f:be:86:23:56:08:f7:
7e:c5:10:d7:1c:1a:bc:50:c7:aa:c0:69:0a:7f:8d:ad:b4:f2:
3f:27:59:98:b8:c4:56:dd:3d:4b:03:b4:b0:cf:42:f6:6e:54:
a2:4e:a5:d2:c2:c2:1a:98:fb:a7:cf:7c:b6:35:c6:3c:e4:c5:
2e:b6:59:a3:b3:81:77:a1:8e:66:57:16:bb:7e:ff:eb:1d:cc:
48:ed:77:62:f7:cc:02:61:10:88:fc:72:c7:c4:2c:43:dc:34:
df:0e:de:28:96:78:59:15:8f:fb:ee:59:23:0b:77:c6:16:45:
3a:1e:3a:df:b3:b6:c0:15:06:da:bb:68:2d:c1:ae:eb:81:5b:
81:15:79:87:f4:65:f0:bb:a4:8c:dc:cc:73:46:dc:6c:b3:0f:
5f:66:5e:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5xMENnUhJ8j70tULGVarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2N2U1OTVhYjIyNmNiZmM1M2MwYjg5NjUwZjFiMzk2NzBm
ZjBiNGUwHhcNMjMwMTAyMDAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDZhZmFlMjFjZTE0ZDQwOTVhYjVkMjMyMzRmODliMjM3OGI1M2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoUiJpcGhCDNj8/CkYPfV3qZURjM
DeQ5rgZvTW0JNVTXo/7w1vUD0vF2/UHCnOWLPmRVyG1HSdX0RH+2PREqLLLArgYB
89N349el9e481Q579U+WO4CCHGRRscH64amJ4ir1WVzOSLaINl5Xtvwh7Oy+Acm7
JqVkWL3j+ZBfiKCSMyT4WOEXXQikQmUgwbgyG3N6tzPBnjhRe4jqWgkfnsU6Juki
j+p7Xb7+sXX6R3ymXvti8irTdTGdLpywRGNLwhu0UEbuXNbBobtCpkmlh70/lta2
WAQJ00sKDxf1ar1S0Z7uMP8x3Io1xcTwuTXt/rNFcefCyanCUyJfKjrcawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCBq+uIc4U1AlatdIyNPibI3i1O2MB8GA1UdIwQY
MBaAFCZ+WVqyJsv8U8C4llDxs5Zw/wtOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm41WldySW15X3hUd0xpV1VQR3psbkRfQzA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lNGUwNTctYzY5OC00OTMzLTlkMDUt
N2MwYTk0YWUxNzE5LzEvSUdyNjRoemhUVUNWcTEwakkwLUpzamVMVTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lNGUwNTctYzY5OC00OTMzLTlkMDUtN2MwYTk0YWUxNzE5
LzEvSm41WldySW15X3hUd0xpV1VQR3psbkRfQzA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkVcAMA0G
CSqGSIb3DQEBCwUAA4IBAQAn0KJ39a2lKWSJng5FkOCA9TGk4/KKGFUPayucYcxV
67ffHcRb/ufR+d4TLqXznPi3mPqZhUuDuylC4CQ5oKDhu9qXPwWo/Qrq8p/r8X96
af++ep3t1QMjn+DU4PZbqwe9SmcEZU++hiNWCPd+xRDXHBq8UMeqwGkKf42ttPI/
J1mYuMRW3T1LA7Swz0L2blSiTqXSwsIamPunz3y2NcY85MUutlmjs4F3oY5mVxa7
fv/rHcxI7Xdi98wCYRCI/HLHxCxD3DTfDt4olnhZFY/77lkjC3fGFkU6Hjrfs7bA
FQbau2gtwa7rgVuBFXmH9GXwu6SM3MxzRtxssw9fZl6Y
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:05 2025 by rpki-client