Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/8ab976-e53a-4c43-a8e8-2014fe0a1611/1/A8c9dB9FGIkFG__AODmRZBrbpOI.roa
File: A8c9dB9FGIkFG__AODmRZBrbpOI.roa (raw, json)
Hash identifier: r8P+rW2fRhY8wZ6rlmOMK7Qpn39zvygQ9T77EfCvLWs=
Subject key identifier: 03:C7:3D:74:1F:45:18:89:05:1B:FF:C0:38:39:91:64:1A:DB:A4:E2
Certificate issuer: /CN=323e300a7b63ad4fefbae671f51abc24f1128719
Certificate serial: 01856DD3EF7F5F6FBCB2CD56C8A31B327787
Authority key identifier: 32:3E:30:0A:7B:63:AD:4F:EF:BA:E6:71:F5:1A:BC:24:F1:12:87:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mj4wCntjrU_vuuZx9Rq8JPEShxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/8ab976-e53a-4c43-a8e8-2014fe0a1611/1/A8c9dB9FGIkFG__AODmRZBrbpOI.roa
Signing time: Sun 01 Jan 2023 14:54:43 +0000
ROA not before: Sun 01 Jan 2023 14:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208418
IP address blocks: 45.81.52.0/24 maxlen: 24
45.81.52.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d3:ef:7f:5f:6f:bc:b2:cd:56:c8:a3:1b:32:77:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=323e300a7b63ad4fefbae671f51abc24f1128719
Validity
Not Before: Jan 1 14:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03c73d741f451889051bffc0383991641adba4e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:28:27:9d:1f:15:9b:fd:2f:1d:96:07:46:5a:
55:92:25:42:02:5b:63:f1:a1:f4:56:68:4c:d4:ba:
c2:84:74:16:69:30:66:ed:5e:d2:61:8e:28:df:59:
99:1c:99:5c:8e:9b:e1:fc:2b:64:4b:b8:cb:39:7f:
15:a6:9f:e2:b5:46:c8:98:83:a0:d0:cf:9f:53:52:
c3:91:21:9b:c1:60:4d:ca:48:eb:43:ed:1c:e7:33:
ed:f8:bb:ea:50:cd:bf:35:62:39:a6:f6:ff:a4:df:
2f:43:32:3d:bb:c5:c2:be:3f:81:cb:ea:a0:de:8c:
06:78:b2:1d:13:a5:6e:51:33:43:13:2a:de:c3:d9:
41:98:7a:fb:54:6d:18:b5:9c:02:d8:0e:d6:06:c0:
ea:5f:c3:55:50:04:f4:54:c0:78:f5:54:92:1b:e8:
ad:70:fc:92:f6:20:0e:c3:b0:bf:5d:5c:ba:e6:64:
0e:06:7c:58:75:d9:22:b9:60:6c:f5:a5:23:17:36:
ea:5c:58:51:44:7f:97:0f:31:2b:76:69:5a:51:3f:
55:47:85:bc:44:08:27:96:d1:28:55:9c:9c:56:98:
a7:8c:ed:f6:b2:01:8c:ed:9b:54:e5:c5:a3:a6:02:
8c:e3:4b:19:ac:f0:2b:39:92:77:fc:2d:1a:f4:fd:
df:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C7:3D:74:1F:45:18:89:05:1B:FF:C0:38:39:91:64:1A:DB:A4:E2
X509v3 Authority Key Identifier:
keyid:32:3E:30:0A:7B:63:AD:4F:EF:BA:E6:71:F5:1A:BC:24:F1:12:87:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mj4wCntjrU_vuuZx9Rq8JPEShxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/8ab976-e53a-4c43-a8e8-2014fe0a1611/1/A8c9dB9FGIkFG__AODmRZBrbpOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/8ab976-e53a-4c43-a8e8-2014fe0a1611/1/Mj4wCntjrU_vuuZx9Rq8JPEShxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.52.0/22
Signature Algorithm: sha256WithRSAEncryption
34:37:bc:20:fb:53:e5:08:75:51:9a:81:64:32:27:10:4a:c0:
ba:47:cb:48:ad:da:9f:f5:1f:92:15:f6:60:8c:c9:82:45:83:
c3:33:fb:37:52:da:95:a2:b0:c1:23:66:06:e9:94:df:d8:c2:
80:f7:27:58:c5:60:23:6e:be:b9:77:b4:bf:84:86:83:5e:35:
11:80:90:3f:80:82:f7:6b:dc:fc:c3:4b:ff:fe:0f:3e:e7:49:
5c:ad:db:10:34:c4:8a:e0:79:8d:0b:c6:d8:03:4e:bf:61:51:
94:bd:2a:92:3b:13:63:b1:ba:f9:f9:fb:79:30:17:89:97:07:
97:85:dc:a7:4e:08:91:38:b8:51:55:eb:80:bc:a7:23:1f:2b:
d2:59:82:9b:a5:4b:8f:0e:88:70:e4:23:66:71:7c:a9:27:60:
f9:50:45:a3:92:0f:8d:9a:6f:37:2d:ce:d4:9b:c7:0a:b0:77:
a9:7e:93:cc:c8:28:ae:25:10:aa:fd:82:61:b9:aa:da:6f:be:
f9:84:99:f5:2c:71:2c:97:5f:1a:44:fd:92:78:9d:9b:3b:c6:
ff:eb:b9:59:94:e0:de:fe:17:60:0e:ad:ef:a6:a4:56:3d:c8:
49:3f:cb:45:7c:5c:f8:9e:de:dc:a2:cc:35:9a:73:84:04:65:
48:82:e0:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt0+9/X2+8ss1WyKMbMneHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyM2UzMDBhN2I2M2FkNGZlZmJhZTY3MWY1MWFiYzI0ZjEx
Mjg3MTkwHhcNMjMwMTAxMTQ1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2M3M2Q3NDFmNDUxODg5MDUxYmZmYzAzODM5OTE2NDFhZGJhNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSgnnR8Vm/0vHZYHRlpVkiVCAltj
8aH0VmhM1LrChHQWaTBm7V7SYY4o31mZHJlcjpvh/CtkS7jLOX8Vpp/itUbImIOg
0M+fU1LDkSGbwWBNykjrQ+0c5zPt+LvqUM2/NWI5pvb/pN8vQzI9u8XCvj+By+qg
3owGeLIdE6VuUTNDEyrew9lBmHr7VG0YtZwC2A7WBsDqX8NVUAT0VMB49VSSG+it
cPyS9iAOw7C/XVy65mQOBnxYddkiuWBs9aUjFzbqXFhRRH+XDzErdmlaUT9VR4W8
RAgnltEoVZycVpinjO32sgGM7ZtU5cWjpgKM40sZrPArOZJ3/C0a9P3fXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAPHPXQfRRiJBRv/wDg5kWQa26TiMB8GA1UdIwQY
MBaAFDI+MAp7Y61P77rmcfUavCTxEocZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWo0d0NudGpyVV92dXVaeDlScThKUEVTaHhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC84YWI5NzYtZTUzYS00YzQzLWE4ZTgt
MjAxNGZlMGExNjExLzEvQThjOWRCOUZHSWtGR19fQU9EbVJaQnJicE9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC84YWI5NzYtZTUzYS00YzQzLWE4ZTgtMjAxNGZlMGExNjEx
LzEvTWo0d0NudGpyVV92dXVaeDlScThKUEVTaHhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVE0MA0G
CSqGSIb3DQEBCwUAA4IBAQA0N7wg+1PlCHVRmoFkMicQSsC6R8tIrdqf9R+SFfZg
jMmCRYPDM/s3UtqVorDBI2YG6ZTf2MKA9ydYxWAjbr65d7S/hIaDXjURgJA/gIL3
a9z8w0v//g8+50lcrdsQNMSK4HmNC8bYA06/YVGUvSqSOxNjsbr5+ft5MBeJlweX
hdynTgiROLhRVeuAvKcjHyvSWYKbpUuPDohw5CNmcXypJ2D5UEWjkg+Nmm83Lc7U
m8cKsHepfpPMyCiuJRCq/YJhuarab775hJn1LHEsl18aRP2SeJ2bO8b/67lZlODe
/hdgDq3vpqRWPchJP8tFfFz4nt7cosw1mnOEBGVIguAn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:43 2025 by rpki-client