Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/jRkO2erngcYZOnot52fkJj_jbYM.roa
File: jRkO2erngcYZOnot52fkJj_jbYM.roa (raw, json)
Hash identifier: ReT1R7BM23ZQXyt9/PF0ODR/Q17xYQhxhnbflQnlgNQ=
Subject key identifier: 8D:19:0E:D9:EA:E7:81:C6:19:3A:7A:2D:E7:67:E4:26:3F:E3:6D:83
Certificate issuer: /CN=498fe5b282b1c7db00f67bb4a13d9f79520508b7
Certificate serial: 0186F968E80DF836AAAC2307C82CD723DB3E
Authority key identifier: 49:8F:E5:B2:82:B1:C7:DB:00:F6:7B:B4:A1:3D:9F:79:52:05:08:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SY_lsoKxx9sA9nu0oT2feVIFCLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/jRkO2erngcYZOnot52fkJj_jbYM.roa
Signing time: Sun 19 Mar 2023 10:27:27 +0000
ROA not before: Sun 19 Mar 2023 10:27:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51889
IP address blocks: 45.147.76.0/24 maxlen: 24
45.147.77.0/24 maxlen: 24
45.147.78.0/24 maxlen: 24
45.147.76.0/22 maxlen: 22
45.147.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f9:68:e8:0d:f8:36:aa:ac:23:07:c8:2c:d7:23:db:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=498fe5b282b1c7db00f67bb4a13d9f79520508b7
Validity
Not Before: Mar 19 10:27:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d190ed9eae781c6193a7a2de767e4263fe36d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4b:2a:53:6f:d6:4a:b8:35:eb:eb:03:f6:65:
d8:98:81:16:cd:a5:f6:4b:c1:9b:9c:8f:4e:03:39:
5e:78:84:aa:f4:75:70:b7:0a:8d:3e:70:05:71:6c:
ed:1a:66:a9:d6:9b:4b:fd:f4:40:a5:0d:de:12:21:
41:a9:14:da:82:73:87:05:e6:fa:66:e1:57:cb:63:
89:0b:ff:a1:2a:50:e2:67:91:6a:ce:75:37:6b:9a:
f2:4a:44:b3:f9:31:6f:2c:f1:d7:64:37:f9:17:10:
52:55:9a:51:88:0d:56:83:7e:ca:15:03:44:c2:e0:
cd:1d:e2:15:b9:de:1c:2f:e5:53:79:d2:f7:ee:6c:
7f:31:0d:13:69:c0:db:da:36:7d:51:ba:41:69:50:
ab:8c:15:da:d9:c1:e9:a2:24:cc:cc:d9:50:83:a4:
98:29:40:86:2b:6d:ce:ca:f2:2c:d6:3d:56:de:fe:
c2:be:9e:8f:dc:7e:8d:4e:b0:e4:8b:ca:4f:dd:17:
98:e3:45:25:84:a4:5b:34:5a:dd:ea:62:72:65:32:
4a:16:8c:35:12:8b:8a:cf:4f:ac:a8:b1:db:4e:33:
40:73:bc:ed:60:82:36:e2:80:1b:33:4b:c0:61:17:
9f:5b:8d:03:d7:39:7c:2c:60:34:c6:bb:08:f1:07:
77:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:19:0E:D9:EA:E7:81:C6:19:3A:7A:2D:E7:67:E4:26:3F:E3:6D:83
X509v3 Authority Key Identifier:
keyid:49:8F:E5:B2:82:B1:C7:DB:00:F6:7B:B4:A1:3D:9F:79:52:05:08:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SY_lsoKxx9sA9nu0oT2feVIFCLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/jRkO2erngcYZOnot52fkJj_jbYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/SY_lsoKxx9sA9nu0oT2feVIFCLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.76.0/22
Signature Algorithm: sha256WithRSAEncryption
67:47:7d:dd:a9:d8:8f:26:ed:95:15:35:f3:0b:87:c2:1e:95:
a2:64:c6:81:f5:81:44:ba:6f:7b:f8:a7:ca:9d:76:42:e6:0f:
3b:0f:ce:1c:66:27:b8:91:f8:a9:82:6c:53:55:96:1e:b9:1b:
89:da:95:07:dc:77:1b:21:38:4a:22:a6:61:fe:4a:87:54:56:
b0:73:23:5f:07:7c:8d:49:83:4e:13:0f:ae:95:35:05:6c:de:
8a:de:0a:d7:56:94:3c:99:97:4c:59:e1:98:16:f7:0d:98:7f:
4d:47:5a:b7:e5:b3:9f:34:a5:dd:e3:72:72:fb:d0:6f:bf:41:
a3:bc:34:b3:c0:27:45:d6:a0:79:65:51:83:59:5c:86:48:4a:
87:97:d3:b4:3d:c9:33:a8:6a:0e:42:e5:b8:86:54:a8:7f:5a:
42:58:67:87:c7:b7:80:b0:12:8d:5c:47:9f:17:7e:3f:8c:7f:
ca:b7:f8:ff:83:f4:44:03:33:eb:26:41:1a:ac:80:3f:d5:08:
30:3f:26:8d:f0:c5:51:b5:cf:30:07:af:c9:54:73:82:80:7a:
d1:37:47:b4:76:24:e1:82:a9:7b:3b:e0:0d:64:5f:6d:92:d6:
c4:73:e7:ab:f8:5f:4b:1d:d5:ac:75:5e:08:a9:3f:dc:52:4f:
38:98:83:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb5aOgN+DaqrCMHyCzXI9s+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5OGZlNWIyODJiMWM3ZGIwMGY2N2JiNGExM2Q5Zjc5NTIw
NTA4YjcwHhcNMjMwMzE5MTAyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDE5MGVkOWVhZTc4MWM2MTkzYTdhMmRlNzY3ZTQyNjNmZTM2ZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUsqU2/WSrg16+sD9mXYmIEWzaX2
S8GbnI9OAzleeISq9HVwtwqNPnAFcWztGmap1ptL/fRApQ3eEiFBqRTagnOHBeb6
ZuFXy2OJC/+hKlDiZ5FqznU3a5rySkSz+TFvLPHXZDf5FxBSVZpRiA1Wg37KFQNE
wuDNHeIVud4cL+VTedL37mx/MQ0TacDb2jZ9UbpBaVCrjBXa2cHpoiTMzNlQg6SY
KUCGK23OyvIs1j1W3v7Cvp6P3H6NTrDki8pP3ReY40UlhKRbNFrd6mJyZTJKFow1
EouKz0+sqLHbTjNAc7ztYII24oAbM0vAYRefW40D1zl8LGA0xrsI8Qd39wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0ZDtnq54HGGTp6Ledn5CY/422DMB8GA1UdIwQY
MBaAFEmP5bKCscfbAPZ7tKE9n3lSBQi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lfbHNvS3h4OXNBOW51MG9UMmZlVklGQ0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zODRmMjktZmQ0ZC00MzZhLWI4NWIt
MDA0MDNiNjQwNTVhLzEvalJrTzJlcm5nY1laT25vdDUyZmtKal9qYllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zODRmMjktZmQ0ZC00MzZhLWI4NWItMDA0MDNiNjQwNTVh
LzEvU1lfbHNvS3h4OXNBOW51MG9UMmZlVklGQ0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZNMMA0G
CSqGSIb3DQEBCwUAA4IBAQBnR33dqdiPJu2VFTXzC4fCHpWiZMaB9YFEum97+KfK
nXZC5g87D84cZie4kfipgmxTVZYeuRuJ2pUH3HcbIThKIqZh/kqHVFawcyNfB3yN
SYNOEw+ulTUFbN6K3grXVpQ8mZdMWeGYFvcNmH9NR1q35bOfNKXd43Jy+9Bvv0Gj
vDSzwCdF1qB5ZVGDWVyGSEqHl9O0PckzqGoOQuW4hlSof1pCWGeHx7eAsBKNXEef
F34/jH/Kt/j/g/REAzPrJkEarIA/1QgwPyaN8MVRtc8wB6/JVHOCgHrRN0e0diTh
gql7O+ANZF9tktbEc+er+F9LHdWsdV4IqT/cUk84mIMx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:30 2025 by rpki-client