Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/795baf-508b-477d-8926-2d953600ff37/1/JW_4N6OskKzw2mO0vr5yRwnV7bY.roa
File: JW_4N6OskKzw2mO0vr5yRwnV7bY.roa (raw, json)
Hash identifier: 0zayEAcxCn92x6M73aEJj9JxnZg+E0V3Gz6seAmMxu4=
Subject key identifier: 25:6F:F8:37:A3:AC:90:AC:F0:DA:63:B4:BE:BE:72:47:09:D5:ED:B6
Certificate issuer: /CN=99a62d3073a82da86542acfc36f6fcb9e66a05bb
Certificate serial: 01856CCB04D8136CB128FD0589E841AB2EF1
Authority key identifier: 99:A6:2D:30:73:A8:2D:A8:65:42:AC:FC:36:F6:FC:B9:E6:6A:05:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/maYtMHOoLahlQqz8Nvb8ueZqBbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/795baf-508b-477d-8926-2d953600ff37/1/JW_4N6OskKzw2mO0vr5yRwnV7bY.roa
Signing time: Sun 01 Jan 2023 10:05:22 +0000
ROA not before: Sun 01 Jan 2023 10:05:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212097
IP address blocks: 45.81.88.0/24 maxlen: 24
45.81.89.0/24 maxlen: 24
45.81.90.0/24 maxlen: 24
45.81.91.0/24 maxlen: 24
45.81.88.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:04:d8:13:6c:b1:28:fd:05:89:e8:41:ab:2e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99a62d3073a82da86542acfc36f6fcb9e66a05bb
Validity
Not Before: Jan 1 10:05:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=256ff837a3ac90acf0da63b4bebe724709d5edb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fc:57:53:e2:07:84:fd:23:0a:eb:ac:de:82:
e1:38:4d:45:d0:92:38:49:c7:c2:15:94:13:f7:c1:
ed:13:09:78:6d:4c:49:e3:d0:57:92:09:21:5b:cd:
e9:04:87:97:ce:a1:c9:0a:43:99:57:f6:ba:e3:5b:
fd:84:c2:e5:ac:86:71:ac:ce:86:75:1f:25:ef:d6:
75:3f:46:ab:3b:0e:cc:c3:f5:61:73:4e:c4:34:40:
66:df:03:22:2e:63:fe:d1:47:cc:de:ce:58:ae:23:
19:27:99:5a:86:69:e4:d5:c0:30:45:15:d0:52:12:
f7:1d:34:01:c6:03:cd:f4:99:5d:81:64:64:e9:02:
a2:71:ed:2b:81:61:3e:9a:3e:5b:18:c1:20:f0:e5:
6b:2a:e7:f3:7f:55:94:6e:a9:16:b0:a8:d2:9a:d6:
04:2f:19:f3:4d:2a:27:5c:4e:e8:30:80:89:80:1c:
80:28:fa:9c:8e:8b:ea:fb:5d:fb:8b:5b:0c:45:fe:
7f:ea:12:46:06:20:34:96:de:c9:fc:e2:c5:ea:8e:
7c:d2:bf:af:8e:3b:cc:ee:0d:b4:75:8e:0c:96:f2:
dc:d9:34:1a:9c:3c:1e:d9:41:68:d6:8b:09:1d:dc:
f6:0b:e0:b7:32:d0:8f:0f:d8:10:59:0c:a9:f3:5c:
93:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:6F:F8:37:A3:AC:90:AC:F0:DA:63:B4:BE:BE:72:47:09:D5:ED:B6
X509v3 Authority Key Identifier:
keyid:99:A6:2D:30:73:A8:2D:A8:65:42:AC:FC:36:F6:FC:B9:E6:6A:05:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maYtMHOoLahlQqz8Nvb8ueZqBbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/795baf-508b-477d-8926-2d953600ff37/1/JW_4N6OskKzw2mO0vr5yRwnV7bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/795baf-508b-477d-8926-2d953600ff37/1/maYtMHOoLahlQqz8Nvb8ueZqBbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.88.0/22
Signature Algorithm: sha256WithRSAEncryption
43:47:ce:84:47:66:44:91:8d:c8:d5:fc:cb:5b:b8:e1:a8:99:
62:87:50:86:ba:4c:1e:6a:d1:b7:92:dd:b4:d8:eb:95:57:d6:
fc:b2:8a:3c:f4:a0:08:2b:e6:a7:bd:5c:58:85:91:23:df:40:
b0:6e:0a:d3:66:c2:e1:24:65:09:7e:a3:32:7b:17:85:e3:bd:
42:d9:c7:00:7e:bc:3e:78:5a:1b:94:de:26:4e:60:1f:11:43:
ec:82:95:d9:3e:40:b7:71:79:84:1e:b6:5e:6b:02:65:2c:15:
e8:ce:88:d3:b5:c7:ac:dd:18:bd:85:34:4b:f4:c3:e7:c4:b1:
82:2a:f8:2e:29:e3:86:08:80:c8:9a:86:15:8c:24:75:ee:cc:
21:bf:19:de:e4:72:7c:1f:dd:fe:b3:a0:7b:90:cd:48:67:e4:
80:49:97:5f:e6:a3:11:5c:31:b0:1c:05:2d:b7:a6:32:d5:22:
85:31:bc:d5:d3:e8:56:c7:f9:f7:6f:ee:ec:9c:8a:da:fd:f8:
06:9b:b4:17:df:a7:ec:47:c1:9d:44:4c:88:41:5d:e5:ce:19:
66:33:f2:b7:8d:8b:1e:c7:f1:44:9c:51:c0:c2:3f:e2:4d:5b:
2a:a4:59:ef:e4:47:8c:11:b6:2f:97:e1:6a:1f:64:bb:5c:d6:
82:72:29:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsywTYE2yxKP0FiehBqy7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTYyZDMwNzNhODJkYTg2NTQyYWNmYzM2ZjZmY2I5ZTY2
YTA1YmIwHhcNMjMwMTAxMTAwNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTZmZjgzN2EzYWM5MGFjZjBkYTYzYjRiZWJlNzI0NzA5ZDVlZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPxXU+IHhP0jCuus3oLhOE1F0JI4
ScfCFZQT98HtEwl4bUxJ49BXkgkhW83pBIeXzqHJCkOZV/a641v9hMLlrIZxrM6G
dR8l79Z1P0arOw7Mw/Vhc07ENEBm3wMiLmP+0UfM3s5YriMZJ5lahmnk1cAwRRXQ
UhL3HTQBxgPN9JldgWRk6QKice0rgWE+mj5bGMEg8OVrKufzf1WUbqkWsKjSmtYE
LxnzTSonXE7oMICJgByAKPqcjovq+137i1sMRf5/6hJGBiA0lt7J/OLF6o580r+v
jjvM7g20dY4MlvLc2TQanDwe2UFo1osJHdz2C+C3MtCPD9gQWQyp81yTNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCVv+DejrJCs8NpjtL6+ckcJ1e22MB8GA1UdIwQY
MBaAFJmmLTBzqC2oZUKs/Db2/LnmagW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFZdE1IT29MYWhsUXF6OE52Yjh1ZVpxQmJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTViYWYtNTA4Yi00NzdkLTg5MjYt
MmQ5NTM2MDBmZjM3LzEvSldfNE42T3NrS3p3Mm1PMHZyNXlSd25WN2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83OTViYWYtNTA4Yi00NzdkLTg5MjYtMmQ5NTM2MDBmZjM3
LzEvbWFZdE1IT29MYWhsUXF6OE52Yjh1ZVpxQmJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVFYMA0G
CSqGSIb3DQEBCwUAA4IBAQBDR86ER2ZEkY3I1fzLW7jhqJlih1CGukweatG3kt20
2OuVV9b8soo89KAIK+anvVxYhZEj30CwbgrTZsLhJGUJfqMyexeF471C2ccAfrw+
eFoblN4mTmAfEUPsgpXZPkC3cXmEHrZeawJlLBXozojTtces3Ri9hTRL9MPnxLGC
KvguKeOGCIDImoYVjCR17swhvxne5HJ8H93+s6B7kM1IZ+SASZdf5qMRXDGwHAUt
t6Yy1SKFMbzV0+hWx/n3b+7snIra/fgGm7QX36fsR8GdREyIQV3lzhlmM/K3jYse
x/FEnFHAwj/iTVsqpFnv5EeMEbYvl+FqH2S7XNaCcinl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:21 2025 by rpki-client