Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/cu70hsU9uj-w-NqiAJwvrwmEsmA.roa
File: cu70hsU9uj-w-NqiAJwvrwmEsmA.roa (raw, json)
Hash identifier: lpnmzhfWW0n0m/FAiFgRHfwPUOxi+Nr49Wf/MECbdrs=
Subject key identifier: 72:EE:F4:86:C5:3D:BA:3F:B0:F8:DA:A2:00:9C:2F:AF:09:84:B2:60
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0181CEF26F833BD85D507E2F36CB954E108A
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/cu70hsU9uj-w-NqiAJwvrwmEsmA.roa
Signing time: Tue 05 Jul 2022 15:20:03 +0000
ROA not before: Tue 05 Jul 2022 15:20:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49981
IP address blocks: 45.88.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ce:f2:6f:83:3b:d8:5d:50:7e:2f:36:cb:95:4e:10:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jul 5 15:20:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72eef486c53dba3fb0f8daa2009c2faf0984b260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:38:1e:1a:6d:7c:4d:de:91:99:4f:b1:1c:70:
27:a6:e8:67:44:d0:a6:4c:d5:89:f5:5d:3c:88:e1:
0b:3c:aa:4b:ed:65:59:76:01:f3:38:16:fc:1e:a1:
9d:bd:f5:8a:24:7c:e6:9a:93:d9:bd:80:76:17:06:
1f:cb:5c:02:95:57:1b:9a:fb:52:39:05:5f:20:92:
e5:cf:68:c9:68:21:df:b2:73:7b:16:8d:87:92:41:
90:16:19:0c:c3:72:fa:33:7d:57:b3:1c:bb:c4:e9:
fa:eb:5d:ed:37:ab:a3:0a:d3:29:4b:a9:fe:ef:37:
18:c5:90:f9:30:32:db:18:1f:fc:37:79:66:54:75:
9b:93:9b:37:a2:f2:88:08:bc:23:0f:d3:bd:8e:a1:
f6:e6:25:bb:7e:92:32:89:0f:87:79:d7:18:68:32:
f4:d8:e7:82:28:0c:21:5a:46:cd:6b:cd:86:5c:88:
8b:9f:a1:ef:ea:be:26:0e:a7:ac:a8:87:a0:9f:1e:
e5:10:18:93:c0:65:1b:89:e4:f1:d9:b5:6b:9e:46:
ea:6d:7b:68:cc:27:a7:30:31:a2:d5:7d:28:25:88:
0a:3f:0d:a2:ba:48:d1:7b:9e:f9:1e:df:12:70:8b:
90:b7:44:63:53:36:4f:7a:91:06:de:35:16:c6:44:
74:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:EE:F4:86:C5:3D:BA:3F:B0:F8:DA:A2:00:9C:2F:AF:09:84:B2:60
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/cu70hsU9uj-w-NqiAJwvrwmEsmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.187.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:e2:9a:b0:9e:83:1c:8b:79:ad:9f:e8:f9:df:d8:b1:4a:4f:
c0:12:56:fb:31:c6:7a:a2:a8:54:86:62:96:fc:ae:a4:21:a8:
f5:79:87:9c:cd:c8:a1:4d:ed:d2:44:0e:24:3c:13:d4:c3:12:
4d:92:4a:5f:b4:7c:57:2c:94:d7:62:7f:7a:54:ce:ec:cc:2b:
aa:04:51:00:05:50:d0:a3:e2:de:57:59:cc:54:42:1c:bc:fb:
b9:f3:a5:43:de:a9:61:c1:74:eb:59:56:06:eb:89:e0:27:8b:
10:4d:32:02:ed:89:2e:4e:0b:26:6f:ed:e4:55:6b:0c:3f:4a:
12:97:c2:5d:09:6d:bb:08:68:f1:39:4b:ac:fe:54:85:a3:27:
41:1d:c9:f2:a9:b7:52:77:f9:11:fd:46:2a:e9:a5:46:e3:d8:
4f:ee:77:06:e5:7b:33:bf:e6:8a:62:c0:4a:ec:11:4e:0a:cb:
00:2a:3c:a8:2f:84:e5:55:65:bf:50:b2:8e:81:87:5d:be:01:
33:ac:e5:4b:a4:d6:a4:71:44:36:da:5a:24:69:93:c0:74:cf:
e2:b8:4a:6d:db:82:68:7a:12:ba:23:f1:32:77:08:ec:ae:39:
b2:59:d1:a1:86:e7:c2:3a:da:5a:1d:12:8c:49:b2:ce:39:6c:
80:41:6c:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHO8m+DO9hdUH4vNsuVThCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjIwNzA1MTUyMDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmVlZjQ4NmM1M2RiYTNmYjBmOGRhYTIwMDljMmZhZjA5ODRiMjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijgeGm18Td6RmU+xHHAnpuhnRNCm
TNWJ9V08iOELPKpL7WVZdgHzOBb8HqGdvfWKJHzmmpPZvYB2FwYfy1wClVcbmvtS
OQVfIJLlz2jJaCHfsnN7Fo2HkkGQFhkMw3L6M31Xsxy7xOn6613tN6ujCtMpS6n+
7zcYxZD5MDLbGB/8N3lmVHWbk5s3ovKICLwjD9O9jqH25iW7fpIyiQ+HedcYaDL0
2OeCKAwhWkbNa82GXIiLn6Hv6r4mDqesqIegnx7lEBiTwGUbieTx2bVrnkbqbXto
zCenMDGi1X0oJYgKPw2iukjRe575Ht8ScIuQt0RjUzZPepEG3jUWxkR0cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHLu9IbFPbo/sPjaogCcL68JhLJgMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvY3U3MGhzVTl1ai13LU5xaUFKd3Zyd21Fc21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVi7MA0G
CSqGSIb3DQEBCwUAA4IBAQCd4pqwnoMci3mtn+j539ixSk/AElb7McZ6oqhUhmKW
/K6kIaj1eYeczcihTe3SRA4kPBPUwxJNkkpftHxXLJTXYn96VM7szCuqBFEABVDQ
o+LeV1nMVEIcvPu586VD3qlhwXTrWVYG64ngJ4sQTTIC7YkuTgsmb+3kVWsMP0oS
l8JdCW27CGjxOUus/lSFoydBHcnyqbdSd/kR/UYq6aVG49hP7ncG5Xszv+aKYsBK
7BFOCssAKjyoL4TlVWW/ULKOgYddvgEzrOVLpNakcUQ22lokaZPAdM/iuEpt24Jo
ehK6I/EydwjsrjmyWdGhhufCOtpaHRKMSbLOOWyAQWz6
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:37:54 2025 by rpki-client