Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/WEtuHgUAeuB3mGJEmEGX6btgZd4.roa
File: WEtuHgUAeuB3mGJEmEGX6btgZd4.roa (raw, json)
Hash identifier: lGLapJzkGXKjltsChpPS6y29mWYMNDRdCDvVsbGIWSA=
Subject key identifier: 58:4B:6E:1E:05:00:7A:E0:77:98:62:44:98:41:97:E9:BB:60:65:DE
Certificate issuer: /CN=19a43d81657a3c38c150de55797f1c7b5f0c2ebb
Certificate serial: 018A61327598D37A926BEEC1530B916EC222
Authority key identifier: 19:A4:3D:81:65:7A:3C:38:C1:50:DE:55:79:7F:1C:7B:5F:0C:2E:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/WEtuHgUAeuB3mGJEmEGX6btgZd4.roa
Signing time: Mon 04 Sep 2023 17:16:51 +0000
ROA not before: Mon 04 Sep 2023 17:16:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207375
IP address blocks: 80.64.232.0/21 maxlen: 25
93.88.24.0/22 maxlen: 25
45.145.108.0/22 maxlen: 25
2a0e:fdc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:61:32:75:98:d3:7a:92:6b:ee:c1:53:0b:91:6e:c2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19a43d81657a3c38c150de55797f1c7b5f0c2ebb
Validity
Not Before: Sep 4 17:16:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=584b6e1e05007ae077986244984197e9bb6065de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:66:d3:3c:e7:cf:1a:4c:ed:df:10:4b:06:0b:
45:75:57:6b:db:ff:21:52:35:76:49:1c:0f:80:51:
90:25:e3:76:ef:7e:0d:fb:37:3c:e5:3c:65:8c:88:
db:37:c9:75:81:22:a7:3a:0c:b2:c8:7c:02:e5:9a:
ad:6b:2e:c0:be:f3:ae:db:9e:fc:9b:71:22:b1:cc:
29:eb:9a:38:f2:fc:4b:2d:07:3a:d4:d7:94:29:78:
a9:be:8a:fe:cd:7b:f8:6c:c9:48:2d:dd:10:ca:d0:
8c:b9:fd:25:15:4b:4b:82:f3:4a:9a:54:77:fc:1f:
67:4c:26:d4:5b:cf:64:61:71:11:26:53:c5:02:73:
8f:c9:d3:75:1f:26:93:f7:43:ba:8f:4b:ae:27:1c:
dc:69:6b:7b:82:05:c2:96:b5:86:4f:08:c1:d0:35:
20:a4:31:9b:ae:6c:82:bf:55:ff:74:ca:79:03:4b:
ea:99:5b:9c:2e:39:f2:cd:40:e6:64:ab:36:bb:91:
15:97:75:80:e6:fc:1c:1b:31:ed:b9:2b:e3:9d:17:
97:b3:0e:ca:35:7d:6d:4d:af:44:fd:7e:f6:1e:ff:
05:0e:26:51:2e:20:e2:1c:25:be:c4:82:92:5b:4a:
41:16:c1:14:34:f1:47:ac:1f:78:58:be:2d:f8:a6:
92:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:4B:6E:1E:05:00:7A:E0:77:98:62:44:98:41:97:E9:BB:60:65:DE
X509v3 Authority Key Identifier:
keyid:19:A4:3D:81:65:7A:3C:38:C1:50:DE:55:79:7F:1C:7B:5F:0C:2E:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/WEtuHgUAeuB3mGJEmEGX6btgZd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/GaQ9gWV6PDjBUN5VeX8ce18MLrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.108.0/22
80.64.232.0/21
93.88.24.0/22
IPv6:
2a0e:fdc0::/29
Signature Algorithm: sha256WithRSAEncryption
35:06:f9:54:ff:27:e3:8f:ce:68:f5:fa:a8:b6:54:2c:96:7d:
e2:ea:66:c3:48:7b:0d:36:52:4b:61:df:3e:ad:5c:a7:b8:39:
44:9e:47:e9:b8:0f:36:0a:9e:31:20:04:73:16:2a:9d:bf:f0:
70:b7:e0:22:50:46:e8:5f:6d:5e:d3:82:5e:2b:44:6e:b3:fd:
09:c8:74:c3:e0:d0:49:5c:fe:05:ff:8c:05:8f:8b:44:ee:11:
6a:d1:10:c8:5c:85:4b:fe:da:c4:73:f0:3c:de:37:ac:84:98:
43:a9:cd:e4:0d:c3:9a:1c:5f:3a:45:3a:cb:6d:56:a9:d0:85:
97:01:43:3c:62:fa:f8:46:33:22:e7:26:6b:e9:2f:a7:45:43:
b3:f9:32:2e:b4:12:f2:29:57:49:79:18:14:e2:48:82:d7:94:
2b:df:2e:99:0a:08:39:80:a5:ba:8a:7d:bc:0a:07:42:29:2b:
54:2a:8d:f9:2b:81:e8:a4:8e:6d:f6:d7:6b:59:b3:b8:f2:dc:
d5:71:e5:68:a7:e1:f3:2c:e9:c3:df:f7:ec:51:e6:f6:31:f1:
d5:95:d8:9b:9e:2a:da:ac:6d:84:90:ad:ef:32:6f:58:78:4e:
12:bd:5a:81:3e:37:6b:be:9b:62:07:8d:e4:95:db:5a:88:91:
5c:67:7c:52
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYphMnWY03qSa+7BUwuRbsIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YTQzZDgxNjU3YTNjMzhjMTUwZGU1NTc5N2YxYzdiNWYw
YzJlYmIwHhcNMjMwOTA0MTcxNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODRiNmUxZTA1MDA3YWUwNzc5ODYyNDQ5ODQxOTdlOWJiNjA2NWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGbTPOfPGkzt3xBLBgtFdVdr2/8h
UjV2SRwPgFGQJeN2734N+zc85TxljIjbN8l1gSKnOgyyyHwC5Zqtay7AvvOu2578
m3Eiscwp65o48vxLLQc61NeUKXipvor+zXv4bMlILd0QytCMuf0lFUtLgvNKmlR3
/B9nTCbUW89kYXERJlPFAnOPydN1HyaT90O6j0uuJxzcaWt7ggXClrWGTwjB0DUg
pDGbrmyCv1X/dMp5A0vqmVucLjnyzUDmZKs2u5EVl3WA5vwcGzHtuSvjnReXsw7K
NX1tTa9E/X72Hv8FDiZRLiDiHCW+xIKSW0pBFsEUNPFHrB94WL4t+KaScwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFhLbh4FAHrgd5hiRJhBl+m7YGXeMB8GA1UdIwQY
MBaAFBmkPYFlejw4wVDeVXl/HHtfDC67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2FROWdXVjZQRGpCVU41VmVYOGNlMThNTHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8wZjNjNjEtMDJkZi00YWY3LWI5M2Yt
MDdmNzRjMDE5NzMyLzEvV0V0dUhnVUFldUIzbUdKRW1FR1g2YnRnWmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8wZjNjNjEtMDJkZi00YWY3LWI5M2YtMDdmNzRjMDE5NzMy
LzEvR2FROWdXVjZQRGpCVU41VmVYOGNlMThNTHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZFsAwQD
UEDoAwQCXVgYMA0EAgACMAcDBQMqDv3AMA0GCSqGSIb3DQEBCwUAA4IBAQA1BvlU
/yfjj85o9fqotlQsln3i6mbDSHsNNlJLYd8+rVynuDlEnkfpuA82Cp4xIARzFiqd
v/Bwt+AiUEboX21e04JeK0Rus/0JyHTD4NBJXP4F/4wFj4tE7hFq0RDIXIVL/trE
c/A83jeshJhDqc3kDcOaHF86RTrLbVap0IWXAUM8Yvr4RjMi5yZr6S+nRUOz+TIu
tBLyKVdJeRgU4kiC15Qr3y6ZCgg5gKW6in28CgdCKStUKo35K4HopI5t9tdrWbO4
8tzVceVop+HzLOnD3/fsUeb2MfHVldibnirarG2EkK3vMm9YeE4SvVqBPjdrvpti
B43kldtaiJFcZ3xS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:43 2025 by rpki-client