Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/8ea3f1-6b82-47ca-88a1-87913c35492a/1/8CNFTFmWrLSl1m--hQ-Psivs7II.roa
File: 8CNFTFmWrLSl1m--hQ-Psivs7II.roa (raw, json)
Hash identifier: c5WrahtslYkXZHpBXUMdMZ7+JabxJNb/os0y1EzJ7b8=
Subject key identifier: F0:23:45:4C:59:96:AC:B4:A5:D6:6F:BE:85:0F:8F:B2:2B:EC:EC:82
Certificate issuer: /CN=f27a23607f6d1e6e6ced1dd94c9bd10b306f609d
Certificate serial: 01856C782F0780278F2578FACEA5783F4D45
Authority key identifier: F2:7A:23:60:7F:6D:1E:6E:6C:ED:1D:D9:4C:9B:D1:0B:30:6F:60:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nojYH9tHm5s7R3ZTJvRCzBvYJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/8ea3f1-6b82-47ca-88a1-87913c35492a/1/8CNFTFmWrLSl1m--hQ-Psivs7II.roa
Signing time: Sun 01 Jan 2023 08:34:53 +0000
ROA not before: Sun 01 Jan 2023 08:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136133
IP address blocks: 45.154.183.0/24 maxlen: 24
45.154.182.0/24 maxlen: 24
45.154.181.0/24 maxlen: 24
45.154.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:2f:07:80:27:8f:25:78:fa:ce:a5:78:3f:4d:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f27a23607f6d1e6e6ced1dd94c9bd10b306f609d
Validity
Not Before: Jan 1 08:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f023454c5996acb4a5d66fbe850f8fb22becec82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:be:24:11:3c:cf:ed:1c:15:3c:b6:2e:df:d4:
5f:ff:54:e2:7e:40:89:8f:1e:f1:8d:a5:9c:4a:49:
d3:6a:9c:78:40:3f:16:c6:51:19:48:84:61:d9:94:
57:8c:25:9b:ba:9c:9a:2c:9a:25:a1:a7:82:91:d4:
0c:3c:db:10:93:09:34:f8:89:0f:71:91:87:1d:85:
f3:bf:1f:88:c2:e7:00:9a:13:ff:94:79:d6:73:4b:
ab:82:14:63:06:02:fd:10:5b:89:15:f9:4b:f4:cf:
e1:20:67:4d:89:70:ef:a9:fd:0a:16:7e:a7:a3:70:
a3:8e:ac:2e:64:8c:da:64:ed:73:b7:b3:6c:fb:b4:
9b:36:65:98:80:aa:6c:79:80:b1:18:a9:d4:53:69:
7a:39:68:54:ad:a1:ff:33:8d:7b:b7:69:f0:15:3c:
f5:82:a3:6a:c5:de:e1:86:cc:cd:4c:09:a7:c1:dd:
c3:7b:11:0b:80:79:32:6a:aa:71:fc:9b:dc:8f:bc:
7b:f2:21:ef:e6:41:f9:a8:a9:e1:3c:79:1e:8f:1b:
0c:f4:97:9c:da:f4:68:2d:d5:17:09:27:ba:8c:81:
37:7d:76:33:14:d0:22:4e:e5:e0:0c:87:fa:fb:f5:
fb:64:a6:89:e2:7f:52:af:81:b8:e0:fd:fa:c8:85:
d8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:23:45:4C:59:96:AC:B4:A5:D6:6F:BE:85:0F:8F:B2:2B:EC:EC:82
X509v3 Authority Key Identifier:
keyid:F2:7A:23:60:7F:6D:1E:6E:6C:ED:1D:D9:4C:9B:D1:0B:30:6F:60:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nojYH9tHm5s7R3ZTJvRCzBvYJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8ea3f1-6b82-47ca-88a1-87913c35492a/1/8CNFTFmWrLSl1m--hQ-Psivs7II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8ea3f1-6b82-47ca-88a1-87913c35492a/1/8nojYH9tHm5s7R3ZTJvRCzBvYJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.180.0/22
Signature Algorithm: sha256WithRSAEncryption
86:f4:8f:d7:2b:1c:4a:5c:6b:4e:f0:ec:71:f6:0f:72:fe:3c:
57:3a:13:f9:aa:0c:2e:89:42:c8:db:8f:58:ed:3f:f8:cf:a3:
5d:e8:8a:b8:49:5b:31:23:b5:88:b1:1a:f6:df:3f:25:4a:73:
ad:5e:a1:93:9c:b9:a5:61:d5:3a:b3:46:d2:be:81:6e:f3:e2:
ea:ce:95:6d:6b:cd:c4:71:97:13:9b:e2:3e:3d:71:e9:d5:46:
3f:fc:be:ea:d1:49:67:7c:d2:da:15:23:10:2f:f7:e3:91:6d:
0c:88:ef:22:fe:2d:7a:14:ed:c9:63:1c:11:d2:3a:49:78:3c:
c4:66:f5:cd:1d:70:59:cf:8b:8e:c8:f0:d1:ce:5e:53:c2:a2:
83:36:08:70:f3:29:84:4f:98:21:25:76:7d:59:fd:19:50:1e:
45:bf:23:db:1c:08:e9:40:f1:1a:c9:fd:3b:dc:8f:c8:4c:40:
32:0a:ee:ff:52:03:04:4d:a9:6d:12:de:fb:e1:45:a7:af:58:
26:0d:68:37:98:30:8d:23:e4:b8:b9:21:59:4a:d7:97:c8:69:
4a:36:8d:78:fa:b7:fe:fd:55:cc:c9:11:89:0e:17:ef:19:9b:
1f:53:67:6b:a5:66:88:3b:6b:fa:7a:40:a4:8a:6a:49:08:ba:
5c:1f:53:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseC8HgCePJXj6zqV4P01FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyN2EyMzYwN2Y2ZDFlNmU2Y2VkMWRkOTRjOWJkMTBiMzA2
ZjYwOWQwHhcNMjMwMTAxMDgzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDIzNDU0YzU5OTZhY2I0YTVkNjZmYmU4NTBmOGZiMjJiZWNlYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo74kETzP7RwVPLYu39Rf/1TifkCJ
jx7xjaWcSknTapx4QD8WxlEZSIRh2ZRXjCWbupyaLJoloaeCkdQMPNsQkwk0+IkP
cZGHHYXzvx+IwucAmhP/lHnWc0urghRjBgL9EFuJFflL9M/hIGdNiXDvqf0KFn6n
o3CjjqwuZIzaZO1zt7Ns+7SbNmWYgKpseYCxGKnUU2l6OWhUraH/M417t2nwFTz1
gqNqxd7hhszNTAmnwd3DexELgHkyaqpx/Jvcj7x78iHv5kH5qKnhPHkejxsM9Jec
2vRoLdUXCSe6jIE3fXYzFNAiTuXgDIf6+/X7ZKaJ4n9Sr4G44P36yIXYowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPAjRUxZlqy0pdZvvoUPj7Ir7OyCMB8GA1UdIwQY
MBaAFPJ6I2B/bR5ubO0d2Uyb0Qswb2CdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG5vallIOXRIbTVzN1IzWlRKdlJDekJ2WUowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC84ZWEzZjEtNmI4Mi00N2NhLTg4YTEt
ODc5MTNjMzU0OTJhLzEvOENORlRGbVdyTFNsMW0tLWhRLVBzaXZzN0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC84ZWEzZjEtNmI4Mi00N2NhLTg4YTEtODc5MTNjMzU0OTJh
LzEvOG5vallIOXRIbTVzN1IzWlRKdlJDekJ2WUowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZq0MA0G
CSqGSIb3DQEBCwUAA4IBAQCG9I/XKxxKXGtO8Oxx9g9y/jxXOhP5qgwuiULI249Y
7T/4z6Nd6Iq4SVsxI7WIsRr23z8lSnOtXqGTnLmlYdU6s0bSvoFu8+LqzpVta83E
cZcTm+I+PXHp1UY//L7q0UlnfNLaFSMQL/fjkW0MiO8i/i16FO3JYxwR0jpJeDzE
ZvXNHXBZz4uOyPDRzl5TwqKDNghw8ymET5ghJXZ9Wf0ZUB5FvyPbHAjpQPEayf07
3I/ITEAyCu7/UgMETaltEt774UWnr1gmDWg3mDCNI+S4uSFZSteXyGlKNo14+rf+
/VXMyRGJDhfvGZsfU2drpWaIO2v6ekCkimpJCLpcH1Mj
-----END CERTIFICATE-----
Generated at Sun Apr 13 09:58:02 2025 by rpki-client