Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/hDSc71drwZkxJAqrLIqwHnpwN20.roa
File: hDSc71drwZkxJAqrLIqwHnpwN20.roa (raw, json)
Hash identifier: dO2f3DdKUYbg6h3jOhcBQC/hQjXSNFv7s/iSpQ4guvc=
Subject key identifier: 84:34:9C:EF:57:6B:C1:99:31:24:0A:AB:2C:8A:B0:1E:7A:70:37:6D
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 01856F42C907BC2F03CDCF01BCAE9F751056
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/hDSc71drwZkxJAqrLIqwHnpwN20.roa
Signing time: Sun 01 Jan 2023 21:35:25 +0000
ROA not before: Sun 01 Jan 2023 21:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45929
IP address blocks: 45.132.120.0/22 maxlen: 22
45.82.4.0/22 maxlen: 22
45.88.84.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:c9:07:bc:2f:03:cd:cf:01:bc:ae:9f:75:10:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 1 21:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84349cef576bc19931240aab2c8ab01e7a70376d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4c:c9:de:7f:e1:ea:b5:ba:e7:cb:17:49:aa:
85:54:1b:b2:32:c4:b4:02:ac:85:75:d3:af:2f:c9:
f4:71:5d:44:f3:10:3b:02:e0:c4:8e:98:54:08:3f:
e8:c9:67:81:20:b3:c7:e6:74:1b:24:63:7d:f9:89:
33:13:dd:67:f9:ca:5f:ed:43:85:7b:3a:c4:9f:ea:
43:88:94:9b:60:77:db:48:af:a7:57:26:62:c9:4f:
14:bc:25:16:fb:58:dd:40:d0:4f:64:e7:89:0e:66:
67:38:87:db:3f:af:30:81:26:c4:6d:64:e1:80:42:
3f:3a:b8:35:ae:dc:24:90:ff:82:d1:fc:76:6a:5b:
cc:34:91:9a:2a:9a:df:00:4e:d5:b1:24:18:1c:d6:
09:f5:3b:cc:d0:33:9c:ed:28:13:37:f1:08:3b:a8:
48:3c:55:36:a3:2e:ec:cc:0b:19:b0:14:9c:ac:b7:
e8:1e:b2:c8:03:4f:5e:aa:87:e1:04:60:c9:d2:3f:
c4:92:79:fb:eb:dc:b9:65:9b:f3:11:a2:b5:80:05:
a1:b6:7d:2d:03:83:3b:56:50:3a:e8:58:ff:92:c2:
14:4f:47:fb:96:72:f7:6a:3c:b7:a5:04:1b:35:e2:
5e:f9:15:e2:d2:1e:49:04:5a:96:e2:e9:0a:58:61:
14:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:34:9C:EF:57:6B:C1:99:31:24:0A:AB:2C:8A:B0:1E:7A:70:37:6D
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/hDSc71drwZkxJAqrLIqwHnpwN20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.4.0/22
45.88.84.0/22
45.132.120.0/22
Signature Algorithm: sha256WithRSAEncryption
07:7d:d3:29:56:43:09:1c:cc:6c:55:02:7e:10:1c:d0:84:23:
55:57:5e:53:bd:86:d3:2d:ec:df:c6:c7:a0:3c:f2:1c:70:32:
74:ad:88:46:0c:a3:2d:2c:4f:ef:fe:2a:2d:bf:38:b9:9e:6f:
a3:b0:d3:e3:82:21:e5:0b:02:4d:f7:0d:8f:23:da:88:08:97:
c1:66:5b:c1:61:02:52:a5:03:8a:3d:a8:ad:93:fe:cf:f6:7a:
d0:f7:59:97:15:34:b4:e0:70:23:df:10:31:be:b3:f5:e7:a3:
f3:6a:55:78:ac:06:44:52:55:df:a7:bf:fe:fb:01:26:8c:c7:
fe:60:a6:11:2a:11:1c:36:4c:ab:42:30:79:d3:39:3e:a1:c5:
90:99:ae:dd:ea:e9:e7:24:0d:6d:4e:99:ae:21:14:c3:e6:9f:
e7:3d:3d:62:2f:cf:29:96:b8:c8:e9:a4:d3:ab:6e:26:9b:3d:
a6:d3:0a:61:55:bd:f9:b9:26:e9:7e:6d:d7:b4:45:fb:17:bb:
0c:8d:98:bf:03:13:71:a2:24:8f:1d:23:de:46:37:46:a4:5f:
c2:c5:4e:2e:cc:23:ec:d4:de:4c:57:1c:26:c9:92:e4:2d:5f:
e0:21:cc:e4:46:7b:80:c6:b5:12:98:d7:d9:d5:97:94:33:53:
93:83:f6:40
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvQskHvC8Dzc8BvK6fdRBWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjMwMTAxMjEzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDM0OWNlZjU3NmJjMTk5MzEyNDBhYWIyYzhhYjAxZTdhNzAzNzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEzJ3n/h6rW658sXSaqFVBuyMsS0
AqyFddOvL8n0cV1E8xA7AuDEjphUCD/oyWeBILPH5nQbJGN9+YkzE91n+cpf7UOF
ezrEn+pDiJSbYHfbSK+nVyZiyU8UvCUW+1jdQNBPZOeJDmZnOIfbP68wgSbEbWTh
gEI/Org1rtwkkP+C0fx2alvMNJGaKprfAE7VsSQYHNYJ9TvM0DOc7SgTN/EIO6hI
PFU2oy7szAsZsBScrLfoHrLIA09eqofhBGDJ0j/Eknn769y5ZZvzEaK1gAWhtn0t
A4M7VlA66Fj/ksIUT0f7lnL3ajy3pQQbNeJe+RXi0h5JBFqW4ukKWGEUVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIQ0nO9Xa8GZMSQKqyyKsB56cDdtMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvaERTYzcxZHJ3Wmt4SkFxckxJcXdIbnB3TjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVIEAwQC
LVhUAwQCLYR4MA0GCSqGSIb3DQEBCwUAA4IBAQAHfdMpVkMJHMxsVQJ+EBzQhCNV
V15TvYbTLezfxsegPPIccDJ0rYhGDKMtLE/v/iotvzi5nm+jsNPjgiHlCwJN9w2P
I9qICJfBZlvBYQJSpQOKPaitk/7P9nrQ91mXFTS04HAj3xAxvrP156PzalV4rAZE
UlXfp7/++wEmjMf+YKYRKhEcNkyrQjB50zk+ocWQma7d6unnJA1tTpmuIRTD5p/n
PT1iL88plrjI6aTTq24mmz2m0wphVb35uSbpfm3XtEX7F7sMjZi/AxNxoiSPHSPe
RjdGpF/CxU4uzCPs1N5MVxwmyZLkLV/gIczkRnuAxrUSmNfZ1ZeUM1OTg/ZA
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:33 2025 by rpki-client