Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/cfPHQLStveu107iGLCFSzcxSQr4.roa
File: cfPHQLStveu107iGLCFSzcxSQr4.roa (raw, json)
Hash identifier: Yyddd8fA9fFLNt+KnP8dx/3fQw5BNavMV3hxvObERiU=
Subject key identifier: 71:F3:C7:40:B4:AD:BD:EB:B5:D3:B8:86:2C:21:52:CD:CC:52:42:BE
Certificate issuer: /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial: 0186F4931D006FB5A618577F051D6A66A9E7
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/cfPHQLStveu107iGLCFSzcxSQr4.roa
Signing time: Sat 18 Mar 2023 11:55:27 +0000
ROA not before: Sat 18 Mar 2023 11:55:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208555
IP address blocks: 45.129.36.0/22 maxlen: 22
45.129.36.0/24 maxlen: 24
45.129.37.0/24 maxlen: 24
45.129.38.0/24 maxlen: 24
45.129.39.0/24 maxlen: 24
45.129.38.0/23 maxlen: 23
185.126.202.0/24 maxlen: 24
185.53.143.0/24 maxlen: 24
185.53.141.0/24 maxlen: 24
185.53.142.0/23 maxlen: 23
185.53.142.0/24 maxlen: 24
185.53.140.0/24 maxlen: 24
185.53.140.0/23 maxlen: 23
185.53.140.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f4:93:1d:00:6f:b5:a6:18:57:7f:05:1d:6a:66:a9:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Validity
Not Before: Mar 18 11:55:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71f3c740b4adbdebb5d3b8862c2152cdcc5242be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f5:3b:b3:ef:0a:00:25:a9:8e:3c:03:f2:7d:
b8:a5:56:18:31:76:fa:92:3f:1c:6c:ec:68:12:54:
de:8e:3f:68:31:28:d0:03:81:ca:6f:46:f2:6c:d9:
47:53:5e:cd:dd:4f:37:13:a4:98:47:a0:73:f0:38:
73:fd:51:3b:36:ec:e0:d3:23:0f:2c:a5:54:14:7b:
e9:3f:06:d6:f2:30:c1:d2:7a:a1:93:9a:35:1e:6d:
66:ee:65:1d:c8:61:4a:fe:5a:40:98:d4:3a:5b:a6:
6d:21:8a:f1:10:ee:74:cf:61:a8:7b:13:e7:ec:0f:
46:86:70:60:e8:41:d1:e8:e2:e3:9d:41:19:ed:10:
95:0d:b5:30:4c:36:54:e6:03:0d:47:39:38:6b:5a:
74:01:fc:37:78:5f:03:9d:00:f0:e8:a1:56:a7:fe:
fb:97:93:99:0a:ec:71:22:71:50:b7:e3:0d:f7:18:
eb:8a:e5:21:5b:f1:7d:ef:b4:05:de:9a:8a:9a:54:
bf:3a:fa:27:7a:c4:eb:78:c6:77:98:cf:4c:2b:98:
f2:06:fd:54:6b:d7:ec:28:58:85:67:ac:b5:d8:1e:
8d:77:0a:17:90:a3:68:fb:1f:3b:a8:b3:29:1e:3a:
fc:6d:81:2b:65:19:ff:13:1c:e4:22:00:6c:9f:52:
98:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F3:C7:40:B4:AD:BD:EB:B5:D3:B8:86:2C:21:52:CD:CC:52:42:BE
X509v3 Authority Key Identifier:
keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/cfPHQLStveu107iGLCFSzcxSQr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.36.0/22
185.53.140.0/22
185.126.202.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:8c:00:88:a4:ae:3b:22:52:6b:47:02:be:3f:91:75:5d:59:
55:19:84:6b:ad:cf:d3:6a:e2:ca:d3:89:81:5f:79:00:f1:43:
37:57:5b:df:3e:cd:69:e3:03:e7:e3:6a:a8:c0:d8:6d:a9:cf:
80:70:42:f9:ea:05:80:72:e0:a7:74:65:96:b2:b9:b2:d0:e3:
a6:57:9d:88:a1:58:f7:fe:da:e7:c1:d6:23:b1:e4:4b:ed:1b:
e5:a1:d2:11:b4:06:fc:8d:9a:91:02:12:c8:8f:4c:b3:de:cc:
87:71:c1:3a:9f:b9:93:00:79:78:e5:44:d1:30:98:fa:0e:56:
d8:23:9a:d4:ea:de:51:d8:43:0e:cb:94:d8:a8:71:b6:56:4c:
d5:f7:17:31:72:61:10:9c:fa:03:35:9e:55:b7:5a:86:f0:2d:
96:45:a5:42:bc:f6:cb:6d:36:94:db:61:1c:b7:b4:15:30:a8:
df:e4:7e:df:43:e1:7d:25:a8:52:27:e7:c2:be:66:2f:32:10:
d4:15:8d:22:ab:c0:13:a0:3c:6c:0f:f3:42:0b:11:b0:c9:e7:
f7:fb:4e:21:da:44:6e:f9:02:00:11:8f:b4:76:e2:db:9a:3e:
2a:30:4a:f5:3e:25:7c:e3:72:8a:05:80:cb:a4:37:61:a8:66:
6d:7d:42:20
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYb0kx0Ab7WmGFd/BR1qZqnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2UwY2Q4YjNlMDQ0ZWRiODIzYWVmNjg4YWFmYjBiNzVk
ZTg2NzUwHhcNMjMwMzE4MTE1NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWYzYzc0MGI0YWRiZGViYjVkM2I4ODYyYzIxNTJjZGNjNTI0MmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPU7s+8KACWpjjwD8n24pVYYMXb6
kj8cbOxoElTejj9oMSjQA4HKb0bybNlHU17N3U83E6SYR6Bz8Dhz/VE7Nuzg0yMP
LKVUFHvpPwbW8jDB0nqhk5o1Hm1m7mUdyGFK/lpAmNQ6W6ZtIYrxEO50z2GoexPn
7A9GhnBg6EHR6OLjnUEZ7RCVDbUwTDZU5gMNRzk4a1p0Afw3eF8DnQDw6KFWp/77
l5OZCuxxInFQt+MN9xjriuUhW/F977QF3pqKmlS/OvonesTreMZ3mM9MK5jyBv1U
a9fsKFiFZ6y12B6NdwoXkKNo+x87qLMpHjr8bYErZRn/ExzkIgBsn1KYGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHHzx0C0rb3rtdO4hiwhUs3MUkK+MB8GA1UdIwQY
MBaAFCk+DNiz4ETtuCOu9oiq+wt13oZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMt
YmIyMTdjYzNiNzhkLzEvY2ZQSFFMU3R2ZXUxMDdpR0xDRlN6Y3hTUXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMtYmIyMTdjYzNiNzhk
LzEvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYEkAwQC
uTWMAwQAuX7KMA0GCSqGSIb3DQEBCwUAA4IBAQBtjACIpK47IlJrRwK+P5F1XVlV
GYRrrc/TauLK04mBX3kA8UM3V1vfPs1p4wPn42qowNhtqc+AcEL56gWAcuCndGWW
srmy0OOmV52IoVj3/trnwdYjseRL7RvlodIRtAb8jZqRAhLIj0yz3syHccE6n7mT
AHl45UTRMJj6DlbYI5rU6t5R2EMOy5TYqHG2VkzV9xcxcmEQnPoDNZ5Vt1qG8C2W
RaVCvPbLbTaU22Ect7QVMKjf5H7fQ+F9JahSJ+fCvmYvMhDUFY0iq8AToDxsD/NC
CxGwyef3+04h2kRu+QIAEY+0duLbmj4qMEr1PiV843KKBYDLpDdhqGZtfUIg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:59 2025 by rpki-client