Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/1-WRVe2G0xcB5iAlQLPPoFM8XdA4.roa
File: 1-WRVe2G0xcB5iAlQLPPoFM8XdA4.roa (raw, json)
Hash identifier: /OqrBNxiv57buyAQqVeK8zK7uWPSFXigg5KGenK3oeA=
Subject key identifier: F9:64:55:7B:61:B4:C5:C0:79:88:09:50:2C:F3:E8:14:CF:17:74:0E
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01850AABDE8189E0D66670A22B48F3784966
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/1-WRVe2G0xcB5iAlQLPPoFM8XdA4.roa
Signing time: Tue 13 Dec 2022 08:48:33 +0000
ROA not before: Tue 13 Dec 2022 08:48:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 5.105.29.0/24 maxlen: 24
91.200.212.0/22 maxlen: 24
85.255.176.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:ab:de:81:89:e0:d6:66:70:a2:2b:48:f3:78:49:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Dec 13 08:48:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f964557b61b4c5c0798809502cf3e814cf17740e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2a:88:07:1b:fe:c2:bb:aa:f4:a1:69:da:d6:
f5:95:5d:b0:93:63:99:ef:6e:68:da:dd:9d:4a:dd:
e7:b7:e0:cb:51:e4:ca:d6:4d:05:e9:7d:fc:30:02:
44:fa:ec:f6:b3:4c:2e:92:08:e4:c3:40:e3:6c:e1:
60:ea:3c:89:e5:ca:e3:f0:12:1d:81:8c:8a:6e:60:
18:b3:24:f0:ea:81:43:61:05:48:12:75:bb:77:2d:
6e:38:b9:f9:6d:47:21:61:26:8a:f7:55:da:2d:44:
85:e8:33:8a:ff:4e:3d:6a:65:97:f7:a0:9d:15:07:
3d:5e:d7:c4:e7:d9:d5:9f:87:6a:3f:f8:6e:a4:b0:
c0:b4:43:00:22:84:33:49:ee:4d:bf:2a:3c:84:33:
8a:e1:85:89:a0:1a:fe:e3:bb:21:87:8b:62:4c:f0:
87:8a:6d:13:d9:87:52:3f:a5:1b:e2:f1:c5:ca:b1:
40:65:7d:1c:51:86:2a:f6:cd:48:da:12:f4:4a:16:
b2:0c:36:ea:b7:eb:e6:82:54:80:0c:f9:cc:5d:88:
16:4e:c6:26:f4:68:3c:d4:e0:b6:58:30:1a:05:24:
69:36:70:a7:47:d9:4d:89:5a:e3:f2:ef:2a:1d:fe:
2d:23:f7:5b:5c:23:ae:75:38:b9:ae:c1:68:6f:d5:
06:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:64:55:7B:61:B4:C5:C0:79:88:09:50:2C:F3:E8:14:CF:17:74:0E
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/1-WRVe2G0xcB5iAlQLPPoFM8XdA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.29.0/24
85.255.176.0/21
91.200.212.0/22
Signature Algorithm: sha256WithRSAEncryption
80:c1:bf:c4:06:d0:8c:ff:d1:96:92:58:fb:29:1e:94:5a:38:
c9:94:5f:ad:0e:32:24:ca:a7:80:33:04:af:32:b8:27:da:8d:
fc:5d:6b:3e:ee:a9:b4:f6:77:9c:63:2f:be:cc:e2:98:d9:d6:
ad:8d:60:30:20:14:f3:7c:95:66:ad:d1:b5:16:8e:07:6c:5c:
ee:e5:ac:1a:40:1d:e0:20:9a:68:3d:5d:05:a3:af:27:c4:2c:
3b:8e:b7:76:1e:8a:ff:ed:6b:6b:42:1b:9e:a7:8e:cf:68:b6:
29:4f:f6:bd:47:49:e3:70:05:91:a1:6c:2d:d4:3b:09:94:d5:
5c:99:d2:74:95:ca:80:a1:40:d7:56:58:f1:e5:91:ac:09:59:
10:6b:91:1d:c7:50:38:b7:5f:de:5a:30:4a:3d:b8:b0:f4:3d:
52:36:7d:41:9b:54:19:76:af:70:5a:fc:fa:f0:b8:da:78:d0:
81:84:24:3c:00:62:08:ad:ff:b0:ac:89:07:24:fc:a3:de:35:
20:b9:8e:0d:e3:4f:2e:c8:91:78:89:96:cf:16:8b:55:aa:f7:
fa:c5:84:6f:1f:1e:2d:77:62:9b:68:19:09:30:db:9a:92:8f:
c2:40:58:c1:11:f7:48:f5:31:96:ce:26:61:ba:df:ba:46:7f:
6d:56:8e:19
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYUKq96BieDWZnCiK0jzeElmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjEzMDg0ODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTY0NTU3YjYxYjRjNWMwNzk4ODA5NTAyY2YzZTgxNGNmMTc3NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiqIBxv+wruq9KFp2tb1lV2wk2OZ
725o2t2dSt3nt+DLUeTK1k0F6X38MAJE+uz2s0wukgjkw0DjbOFg6jyJ5crj8BId
gYyKbmAYsyTw6oFDYQVIEnW7dy1uOLn5bUchYSaK91XaLUSF6DOK/049amWX96Cd
FQc9XtfE59nVn4dqP/hupLDAtEMAIoQzSe5Nvyo8hDOK4YWJoBr+47shh4tiTPCH
im0T2YdSP6Ub4vHFyrFAZX0cUYYq9s1I2hL0ShayDDbqt+vmglSADPnMXYgWTsYm
9Gg81OC2WDAaBSRpNnCnR9lNiVrj8u8qHf4tI/dbXCOudTi5rsFob9UG0QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPlkVXthtMXAeYgJUCzz6BTPF3QOMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMS1XUlZlMkcweGNCNWlBbFFMUFBvRk04WGRBNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDUvOGZjNzQ2LWZjMDgtNDIxMS1iYTNiLTg5MzkwNmZiNzg1
OC8xLzNmaTBVbFRsUncwZFRNNXZ0OV9VME5nN1hWay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAAVpHQME
A1X/sAMEAlvI1DANBgkqhkiG9w0BAQsFAAOCAQEAgMG/xAbQjP/RlpJY+ykelFo4
yZRfrQ4yJMqngDMErzK4J9qN/F1rPu6ptPZ3nGMvvszimNnWrY1gMCAU83yVZq3R
tRaOB2xc7uWsGkAd4CCaaD1dBaOvJ8QsO463dh6K/+1ra0IbnqeOz2i2KU/2vUdJ
43AFkaFsLdQ7CZTVXJnSdJXKgKFA11ZY8eWRrAlZEGuRHcdQOLdf3lowSj24sPQ9
UjZ9QZtUGXavcFr8+vC42njQgYQkPABiCK3/sKyJByT8o941ILmODeNPLsiReImW
zxaLVar3+sWEbx8eLXdim2gZCTDbmpKPwkBYwRH3SPUxls4mYbrfukZ/bVaOGQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:00 2025 by rpki-client