Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/e35hQltxuS5yKRrrOPKVyqZFnD8.roa
File: e35hQltxuS5yKRrrOPKVyqZFnD8.roa (raw, json)
Hash identifier: IA7yKwUBoei4JBXWLBAM7FCweaNy88GVQ2qHzQl7QpE=
Subject key identifier: 7B:7E:61:42:5B:71:B9:2E:72:29:1A:EB:38:F2:95:CA:A6:45:9C:3F
Certificate issuer: /CN=4a4ad03a0f592bb9c97c3052a690125d846415a4
Certificate serial: 01879391DE7B34E0224FCDA0F1830A4E6833
Authority key identifier: 4A:4A:D0:3A:0F:59:2B:B9:C9:7C:30:52:A6:90:12:5D:84:64:15:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SkrQOg9ZK7nJfDBSppASXYRkFaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/e35hQltxuS5yKRrrOPKVyqZFnD8.roa
Signing time: Tue 18 Apr 2023 08:53:43 +0000
ROA not before: Tue 18 Apr 2023 08:53:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207782
IP address blocks: 45.11.203.0/24 maxlen: 24
45.11.202.0/24 maxlen: 24
45.11.200.0/24 maxlen: 24
45.81.101.0/24 maxlen: 24
45.81.100.0/24 maxlen: 24
45.81.103.0/24 maxlen: 24
45.81.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:91:de:7b:34:e0:22:4f:cd:a0:f1:83:0a:4e:68:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a4ad03a0f592bb9c97c3052a690125d846415a4
Validity
Not Before: Apr 18 08:53:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b7e61425b71b92e72291aeb38f295caa6459c3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:32:dc:04:c8:cf:d1:f0:58:e6:84:13:dd:d7:
04:4d:bd:6b:25:5f:c2:9a:aa:60:1e:4e:1e:01:41:
91:4d:44:bc:20:ba:54:80:77:07:ba:c8:93:05:a4:
be:56:bb:03:52:d5:86:76:bf:3c:34:12:f3:de:27:
11:9f:05:5b:e4:9a:9d:74:93:45:fb:e0:2d:d8:e1:
e4:e9:f3:c9:55:58:a2:8e:2e:00:bb:1f:29:aa:29:
ec:19:44:5c:9a:c1:3b:b9:3d:10:06:34:40:95:2d:
14:b2:f3:22:98:ee:1e:22:89:dc:13:83:4a:5c:a5:
16:0f:67:5b:54:19:2c:eb:73:53:08:0f:20:bc:f1:
e3:20:71:10:1e:c7:c5:da:b3:d7:d7:b7:63:21:1f:
66:e3:fe:c2:fb:e6:90:01:15:5b:ff:b9:07:e0:62:
62:4e:cc:2e:5f:31:3f:4a:59:c4:68:78:64:52:42:
7f:5d:28:ca:35:35:1f:e6:65:98:66:71:60:f5:cf:
00:09:91:03:3c:c7:65:a3:34:4a:e7:1f:bc:67:5d:
e5:31:b3:71:78:6e:aa:27:d4:9d:22:83:be:08:a5:
43:37:4b:33:7a:65:97:d0:0d:49:ee:fe:7e:2e:69:
b6:f7:33:3e:83:6f:a0:ec:1a:de:88:75:b8:dc:d1:
1e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:7E:61:42:5B:71:B9:2E:72:29:1A:EB:38:F2:95:CA:A6:45:9C:3F
X509v3 Authority Key Identifier:
keyid:4A:4A:D0:3A:0F:59:2B:B9:C9:7C:30:52:A6:90:12:5D:84:64:15:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SkrQOg9ZK7nJfDBSppASXYRkFaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/e35hQltxuS5yKRrrOPKVyqZFnD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/SkrQOg9ZK7nJfDBSppASXYRkFaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.200.0/24
45.11.202.0/23
45.81.100.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:25:1c:c3:df:c4:6f:7e:ac:5f:05:ab:7b:0a:b3:36:9d:5e:
c6:69:04:db:8a:c8:9f:1e:5d:dd:0a:b8:6b:41:72:a5:59:9c:
18:7e:0b:de:f1:b9:fb:5c:93:f3:f0:64:b4:b9:5e:ea:c9:37:
90:c2:d2:3e:3b:07:62:37:1d:a8:8d:a1:57:cf:98:f1:7b:dd:
70:8d:2b:ba:67:dc:e4:3e:cc:ea:a4:3c:f5:0b:95:84:df:98:
6e:ee:80:b9:75:c2:b0:07:ed:f6:01:04:86:ed:fe:3b:09:9f:
ad:f8:4c:02:d4:40:f9:15:7d:f6:bb:09:35:7b:82:dc:8f:3d:
1b:11:d3:10:37:49:22:85:e4:fb:66:e0:8a:ee:c3:ed:93:84:
37:1b:d9:3c:bb:5d:62:35:7a:83:ae:f4:f6:76:45:ee:a0:09:
f8:de:7c:5f:d9:2c:51:d7:6f:8a:38:32:a4:1e:ca:15:ca:b5:
3b:3e:5a:c1:8f:c3:56:71:17:c6:e8:a2:b3:30:ac:e7:a5:31:
bf:a7:71:96:7e:0e:0c:e9:5d:ba:91:98:5f:4a:69:45:31:4f:
de:ab:29:77:65:06:99:89:1d:e6:11:5e:0f:6f:e4:29:3a:17:
1c:37:6b:7f:1e:07:31:f4:21:8f:68:a0:89:94:dc:61:90:26:
fa:e0:b2:72
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeTkd57NOAiT82g8YMKTmgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNGFkMDNhMGY1OTJiYjljOTdjMzA1MmE2OTAxMjVkODQ2
NDE1YTQwHhcNMjMwNDE4MDg1MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjdlNjE0MjViNzFiOTJlNzIyOTFhZWIzOGYyOTVjYWE2NDU5YzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DLcBMjP0fBY5oQT3dcETb1rJV/C
mqpgHk4eAUGRTUS8ILpUgHcHusiTBaS+VrsDUtWGdr88NBLz3icRnwVb5JqddJNF
++At2OHk6fPJVViiji4Aux8pqinsGURcmsE7uT0QBjRAlS0UsvMimO4eIoncE4NK
XKUWD2dbVBks63NTCA8gvPHjIHEQHsfF2rPX17djIR9m4/7C++aQARVb/7kH4GJi
TswuXzE/SlnEaHhkUkJ/XSjKNTUf5mWYZnFg9c8ACZEDPMdlozRK5x+8Z13lMbNx
eG6qJ9SdIoO+CKVDN0szemWX0A1J7v5+Lmm29zM+g2+g7BreiHW43NEeqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHt+YUJbcbkucika6zjylcqmRZw/MB8GA1UdIwQY
MBaAFEpK0DoPWSu5yXwwUqaQEl2EZBWkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tyUU9nOVpLN25KZkRCU3BwQVNYWVJrRmFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xNjc5MDMtZjQyNi00YmYwLTkyMzMt
YTlhYzY2YmU0OGY3LzEvZTM1aFFsdHh1UzV5S1Jyck9QS1Z5cVpGbkQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xNjc5MDMtZjQyNi00YmYwLTkyMzMtYTlhYzY2YmU0OGY3
LzEvU2tyUU9nOVpLN25KZkRCU3BwQVNYWVJrRmFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQvIAwQB
LQvKAwQCLVFkMA0GCSqGSIb3DQEBCwUAA4IBAQCiJRzD38RvfqxfBat7CrM2nV7G
aQTbisifHl3dCrhrQXKlWZwYfgve8bn7XJPz8GS0uV7qyTeQwtI+OwdiNx2ojaFX
z5jxe91wjSu6Z9zkPszqpDz1C5WE35hu7oC5dcKwB+32AQSG7f47CZ+t+EwC1ED5
FX32uwk1e4Lcjz0bEdMQN0kiheT7ZuCK7sPtk4Q3G9k8u11iNXqDrvT2dkXuoAn4
3nxf2SxR12+KODKkHsoVyrU7PlrBj8NWcRfG6KKzMKznpTG/p3GWfg4M6V26kZhf
SmlFMU/eqyl3ZQaZiR3mEV4Pb+QpOhccN2t/Hgcx9CGPaKCJlNxhkCb64LJy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:12 2025 by rpki-client