Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/v7HRpORyB2OmLfBkyj9e-WJEPH8.roa
File: v7HRpORyB2OmLfBkyj9e-WJEPH8.roa (raw, json)
Hash identifier: M/LWnQej6dxs2FZzdF36wgSRAcdUl8FW/kTcmzFn2WA=
Subject key identifier: BF:B1:D1:A4:E4:72:07:63:A6:2D:F0:64:CA:3F:5E:F9:62:44:3C:7F
Certificate issuer: /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial: 01856E8B27F31C37A145CD9360DED0FBF6FF
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/v7HRpORyB2OmLfBkyj9e-WJEPH8.roa
Signing time: Sun 01 Jan 2023 18:14:51 +0000
ROA not before: Sun 01 Jan 2023 18:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208555
IP address blocks: 45.129.36.0/24 maxlen: 24
45.129.37.0/24 maxlen: 24
45.129.38.0/24 maxlen: 24
45.129.39.0/24 maxlen: 24
45.129.38.0/23 maxlen: 23
185.126.202.0/24 maxlen: 24
185.53.143.0/24 maxlen: 24
185.53.141.0/24 maxlen: 24
185.53.142.0/24 maxlen: 24
185.53.140.0/24 maxlen: 24
185.53.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:27:f3:1c:37:a1:45:cd:93:60:de:d0:fb:f6:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Validity
Not Before: Jan 1 18:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfb1d1a4e4720763a62df064ca3f5ef962443c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:33:cf:bc:e1:3d:0b:27:ba:08:fd:a7:62:45:
42:2b:52:50:ed:27:0d:2a:c7:48:80:73:5f:00:6a:
98:2d:24:32:45:66:30:2f:19:b0:91:c2:fe:4f:99:
46:ec:64:f2:1a:a7:fc:03:43:94:5b:f3:08:aa:d8:
05:de:e9:9f:ff:94:07:1d:ab:39:e7:14:70:e5:80:
27:49:c5:ee:a2:a8:2c:b9:b0:d8:eb:2d:22:03:fc:
74:a9:84:9b:7b:33:27:9e:47:de:c3:62:a5:57:13:
f2:6c:72:89:13:98:50:82:b8:55:09:88:28:cf:5f:
3f:c1:88:f8:63:ba:46:95:15:42:84:e7:2c:dc:e7:
c8:2a:ce:50:8c:b8:8d:cb:41:f8:8c:49:7f:fb:43:
d5:75:e0:ba:f1:28:5c:9a:fa:da:a8:75:ad:4e:93:
63:94:9a:6d:45:fe:8b:f7:89:0e:1f:55:09:e8:e7:
ff:1a:6b:bf:d9:fe:7f:a4:eb:3f:0e:7e:af:70:a7:
0f:bf:8a:de:e1:f6:64:71:d3:af:ed:d4:fe:1f:cf:
ef:b9:94:82:fd:19:2f:5b:05:29:fc:b4:9d:d4:c4:
5e:3f:56:75:9f:a0:d4:e0:76:a8:74:f5:5a:cd:6d:
bd:03:d5:00:25:82:34:73:92:57:ad:53:e4:e9:3b:
7e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B1:D1:A4:E4:72:07:63:A6:2D:F0:64:CA:3F:5E:F9:62:44:3C:7F
X509v3 Authority Key Identifier:
keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/v7HRpORyB2OmLfBkyj9e-WJEPH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.36.0/22
185.53.140.0/22
185.126.202.0/24
Signature Algorithm: sha256WithRSAEncryption
46:1d:19:1e:0f:22:e7:d4:98:7c:41:1b:c1:c2:97:66:34:bc:
c7:f3:75:f8:d0:c1:fa:0b:fc:78:f3:47:1f:73:9f:b3:16:7c:
f6:eb:37:a8:f4:03:f9:97:66:cc:5b:fa:de:a9:a6:ed:37:f9:
00:78:94:33:dd:24:ef:fa:bb:66:db:a6:d6:11:80:c6:c0:d2:
6f:81:23:bc:c6:7d:15:40:0a:1e:df:cc:d1:97:ea:20:7d:ec:
6c:66:1a:11:d5:59:83:5c:6d:6c:11:61:30:41:cd:66:72:32:
95:81:e6:b2:0f:38:b7:e0:2b:75:6b:ee:e8:8e:2c:fd:de:00:
2c:9d:ce:04:0d:a3:89:a5:f3:84:90:82:ad:03:fc:eb:cf:78:
ae:a2:13:f7:63:96:10:c0:ed:16:ac:a9:00:c3:0b:15:6f:5e:
7b:ba:7e:5a:8b:2a:b3:fb:7f:d7:f6:17:45:85:a0:a4:e4:00:
6b:35:88:bd:e9:3b:5a:85:71:ec:6c:4c:a2:09:47:a4:47:98:
04:71:20:57:9e:53:b2:37:c6:5b:30:52:1d:20:d7:aa:57:d7:
81:ce:ca:c4:76:4f:ea:ae:fe:71:7f:c8:b0:41:6f:16:27:e4:
27:d2:d4:ed:54:ca:b6:e1:97:b5:3b:eb:ed:12:a5:eb:57:48:
ef:5b:74:bb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuiyfzHDehRc2TYN7Q+/b/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2UwY2Q4YjNlMDQ0ZWRiODIzYWVmNjg4YWFmYjBiNzVk
ZTg2NzUwHhcNMjMwMTAxMTgxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmIxZDFhNGU0NzIwNzYzYTYyZGYwNjRjYTNmNWVmOTYyNDQzYzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjPPvOE9Cye6CP2nYkVCK1JQ7ScN
KsdIgHNfAGqYLSQyRWYwLxmwkcL+T5lG7GTyGqf8A0OUW/MIqtgF3umf/5QHHas5
5xRw5YAnScXuoqgsubDY6y0iA/x0qYSbezMnnkfew2KlVxPybHKJE5hQgrhVCYgo
z18/wYj4Y7pGlRVChOcs3OfIKs5QjLiNy0H4jEl/+0PVdeC68ShcmvraqHWtTpNj
lJptRf6L94kOH1UJ6Of/Gmu/2f5/pOs/Dn6vcKcPv4re4fZkcdOv7dT+H8/vuZSC
/RkvWwUp/LSd1MReP1Z1n6DU4HaodPVazW29A9UAJYI0c5JXrVPk6Tt+bQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL+x0aTkcgdjpi3wZMo/XvliRDx/MB8GA1UdIwQY
MBaAFCk+DNiz4ETtuCOu9oiq+wt13oZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMt
YmIyMTdjYzNiNzhkLzEvdjdIUnBPUnlCMk9tTGZCa3lqOWUtV0pFUEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMtYmIyMTdjYzNiNzhk
LzEvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYEkAwQC
uTWMAwQAuX7KMA0GCSqGSIb3DQEBCwUAA4IBAQBGHRkeDyLn1Jh8QRvBwpdmNLzH
83X40MH6C/x480cfc5+zFnz26zeo9AP5l2bMW/reqabtN/kAeJQz3STv+rtm26bW
EYDGwNJvgSO8xn0VQAoe38zRl+ogfexsZhoR1VmDXG1sEWEwQc1mcjKVgeayDzi3
4Ct1a+7ojiz93gAsnc4EDaOJpfOEkIKtA/zrz3iuohP3Y5YQwO0WrKkAwwsVb157
un5aiyqz+3/X9hdFhaCk5ABrNYi96TtahXHsbEyiCUekR5gEcSBXnlOyN8ZbMFId
INeqV9eBzsrEdk/qrv5xf8iwQW8WJ+Qn0tTtVMq24Ze1O+vtEqXrV0jvW3S7
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:41 2025 by rpki-client