Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/a5f498-6c76-4230-93d1-a39e009627ef/1/Cn7fhs5T9pgLWe4KF9-MHaWyJQI.roa
File: Cn7fhs5T9pgLWe4KF9-MHaWyJQI.roa (raw, json)
Hash identifier: 2Lpr30EDEFByJLMKTiyFJLJpDXT5P94vFwVb/bVG+R0=
Subject key identifier: 0A:7E:DF:86:CE:53:F6:98:0B:59:EE:0A:17:DF:8C:1D:A5:B2:25:02
Certificate issuer: /CN=e13d3fb6a863ac0fa4d1feefe3aec39ed8d3895c
Certificate serial: 01856D787290835571E5FB03F515923D1401
Authority key identifier: E1:3D:3F:B6:A8:63:AC:0F:A4:D1:FE:EF:E3:AE:C3:9E:D8:D3:89:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4T0_tqhjrA-k0f7v467DntjTiVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/a5f498-6c76-4230-93d1-a39e009627ef/1/Cn7fhs5T9pgLWe4KF9-MHaWyJQI.roa
Signing time: Sun 01 Jan 2023 13:14:48 +0000
ROA not before: Sun 01 Jan 2023 13:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208170
IP address blocks: 45.156.103.0/24 maxlen: 24
45.156.100.0/24 maxlen: 24
45.156.101.0/24 maxlen: 24
45.156.100.0/22 maxlen: 22
45.156.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:72:90:83:55:71:e5:fb:03:f5:15:92:3d:14:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e13d3fb6a863ac0fa4d1feefe3aec39ed8d3895c
Validity
Not Before: Jan 1 13:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a7edf86ce53f6980b59ee0a17df8c1da5b22502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ec:85:c2:f5:25:d7:83:9a:fc:18:61:ef:cc:
d6:0a:1b:d6:0e:10:3c:aa:9d:7a:d3:61:b9:9b:40:
6a:bf:7a:ed:04:0b:40:ef:82:56:88:fd:9d:43:ff:
f3:66:9d:87:5c:2e:24:4a:d9:17:e2:a9:24:b0:65:
d1:74:41:c6:2e:c0:86:bb:0a:ef:f2:83:32:74:ec:
6e:4e:f2:40:c9:53:49:22:f5:d8:e5:f8:3c:da:e7:
9e:4c:8b:aa:f8:7f:d2:10:fc:e6:f6:7f:db:31:d8:
cf:01:08:7d:50:5c:b7:49:b3:bd:94:20:17:67:ab:
30:ad:b3:e0:a4:de:19:1d:60:1a:44:de:7c:22:01:
59:fe:1c:55:22:63:4b:ea:f0:6c:34:2b:de:8d:4b:
f7:4e:1c:61:58:80:b9:eb:64:6e:39:bb:ce:46:4e:
1e:da:cd:24:91:c6:b6:81:f7:90:14:aa:0f:a3:cb:
d7:76:31:65:58:9f:ad:be:ab:31:2b:ba:70:34:d6:
f0:79:fc:6b:6e:ca:fc:23:8d:57:e5:96:b8:62:72:
ed:90:f1:95:67:a3:ae:54:81:37:30:1e:00:19:e4:
30:af:9b:08:21:32:d6:4f:a6:5d:c7:be:e3:b0:01:
37:41:28:52:86:8d:96:78:31:23:72:07:ed:96:ed:
60:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:7E:DF:86:CE:53:F6:98:0B:59:EE:0A:17:DF:8C:1D:A5:B2:25:02
X509v3 Authority Key Identifier:
keyid:E1:3D:3F:B6:A8:63:AC:0F:A4:D1:FE:EF:E3:AE:C3:9E:D8:D3:89:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4T0_tqhjrA-k0f7v467DntjTiVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a5f498-6c76-4230-93d1-a39e009627ef/1/Cn7fhs5T9pgLWe4KF9-MHaWyJQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a5f498-6c76-4230-93d1-a39e009627ef/1/4T0_tqhjrA-k0f7v467DntjTiVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.100.0/22
Signature Algorithm: sha256WithRSAEncryption
81:86:61:5b:5e:e7:ed:29:81:85:84:f2:bb:04:ce:a7:dc:ac:
13:52:3d:81:68:41:f6:a3:9e:3c:1f:91:60:2d:73:2e:0e:27:
3d:b9:02:22:2e:e6:f1:4d:82:d1:63:ab:f7:60:bb:1e:ce:dd:
20:1e:2f:dc:c7:7b:fd:89:93:68:58:14:62:ae:60:bc:97:04:
43:bb:c6:7e:cf:45:da:f8:77:97:5b:8b:13:79:f0:2d:2d:71:
3e:38:9d:40:5b:36:c0:26:f7:d2:57:f8:72:a0:51:64:0b:43:
16:b4:90:38:9f:b2:1f:cc:5f:3f:aa:7e:a1:33:ff:c0:13:cf:
64:93:6f:2e:86:ba:4c:4b:d0:b9:5c:ec:cb:50:07:17:0a:28:
3b:7b:3b:19:fb:2f:65:2c:43:29:04:8a:6d:9c:9a:46:58:1e:
7f:9d:40:5e:29:8f:fe:d2:dc:61:de:66:37:b0:3a:e2:6c:01:
ee:09:ed:63:a6:fa:0b:9b:e6:2e:62:ae:45:af:bc:f3:1d:fd:
6e:e5:2e:28:c7:27:ee:6c:c2:2b:25:f4:de:39:99:fa:29:8f:
a0:13:f8:0f:d6:de:1a:be:f7:fb:64:e9:4b:6d:1f:7d:ea:98:
08:a4:84:fb:3f:d4:62:57:f2:9e:ec:55:a7:94:c0:cd:55:ab:
d2:f2:c7:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteHKQg1Vx5fsD9RWSPRQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxM2QzZmI2YTg2M2FjMGZhNGQxZmVlZmUzYWVjMzllZDhk
Mzg5NWMwHhcNMjMwMTAxMTMxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTdlZGY4NmNlNTNmNjk4MGI1OWVlMGExN2RmOGMxZGE1YjIyNTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOyFwvUl14Oa/Bhh78zWChvWDhA8
qp1602G5m0Bqv3rtBAtA74JWiP2dQ//zZp2HXC4kStkX4qkksGXRdEHGLsCGuwrv
8oMydOxuTvJAyVNJIvXY5fg82ueeTIuq+H/SEPzm9n/bMdjPAQh9UFy3SbO9lCAX
Z6swrbPgpN4ZHWAaRN58IgFZ/hxVImNL6vBsNCvejUv3ThxhWIC562RuObvORk4e
2s0kkca2gfeQFKoPo8vXdjFlWJ+tvqsxK7pwNNbwefxrbsr8I41X5Za4YnLtkPGV
Z6OuVIE3MB4AGeQwr5sIITLWT6Zdx77jsAE3QShSho2WeDEjcgftlu1glQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAp+34bOU/aYC1nuChffjB2lsiUCMB8GA1UdIwQY
MBaAFOE9P7aoY6wPpNH+7+Ouw57Y04lcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFQwX3RxaGpyQS1rMGY3djQ2N0RudGpUaVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9hNWY0OTgtNmM3Ni00MjMwLTkzZDEt
YTM5ZTAwOTYyN2VmLzEvQ243ZmhzNVQ5cGdMV2U0S0Y5LU1IYVd5SlFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9hNWY0OTgtNmM3Ni00MjMwLTkzZDEtYTM5ZTAwOTYyN2Vm
LzEvNFQwX3RxaGpyQS1rMGY3djQ2N0RudGpUaVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZxkMA0G
CSqGSIb3DQEBCwUAA4IBAQCBhmFbXuftKYGFhPK7BM6n3KwTUj2BaEH2o548H5Fg
LXMuDic9uQIiLubxTYLRY6v3YLsezt0gHi/cx3v9iZNoWBRirmC8lwRDu8Z+z0Xa
+HeXW4sTefAtLXE+OJ1AWzbAJvfSV/hyoFFkC0MWtJA4n7IfzF8/qn6hM//AE89k
k28uhrpMS9C5XOzLUAcXCig7ezsZ+y9lLEMpBIptnJpGWB5/nUBeKY/+0txh3mY3
sDribAHuCe1jpvoLm+YuYq5Fr7zzHf1u5S4oxyfubMIrJfTeOZn6KY+gE/gP1t4a
vvf7ZOlLbR996pgIpIT7P9RiV/Ke7FWnlMDNVavS8sfI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:12 2025 by rpki-client