Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/795baf-508b-477d-8926-2d953600ff37/1/vB7aJ7FkVxpv5quTdIxPjaiRItQ.roa
File: vB7aJ7FkVxpv5quTdIxPjaiRItQ.roa (raw, json)
Hash identifier: wkMCXCb2mv0ulEvwQHeJPFsox7iTlT+Lt4T9N8JL1W8=
Subject key identifier: BC:1E:DA:27:B1:64:57:1A:6F:E6:AB:93:74:8C:4F:8D:A8:91:22:D4
Certificate issuer: /CN=99a62d3073a82da86542acfc36f6fcb9e66a05bb
Certificate serial: 01847B43AE66BD5A0D6F6135E5FE8FE66C38
Authority key identifier: 99:A6:2D:30:73:A8:2D:A8:65:42:AC:FC:36:F6:FC:B9:E6:6A:05:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/maYtMHOoLahlQqz8Nvb8ueZqBbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/795baf-508b-477d-8926-2d953600ff37/1/vB7aJ7FkVxpv5quTdIxPjaiRItQ.roa
Signing time: Tue 15 Nov 2022 12:29:03 +0000
ROA not before: Tue 15 Nov 2022 12:29:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212097
IP address blocks: 45.81.88.0/24 maxlen: 24
45.81.89.0/24 maxlen: 24
45.81.90.0/24 maxlen: 24
45.81.91.0/24 maxlen: 24
45.81.88.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7b:43:ae:66:bd:5a:0d:6f:61:35:e5:fe:8f:e6:6c:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99a62d3073a82da86542acfc36f6fcb9e66a05bb
Validity
Not Before: Nov 15 12:29:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bc1eda27b164571a6fe6ab93748c4f8da89122d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6b:b6:78:8e:bf:d6:99:32:f7:f1:2a:a7:99:
cd:87:f8:85:76:3b:df:38:9e:5b:2d:4b:51:30:ee:
18:d3:26:b6:af:a3:d9:ce:42:45:94:ff:e8:1d:76:
7e:d6:90:16:7d:bd:06:6a:ee:e5:3b:8f:48:59:d9:
20:94:75:e9:78:ca:54:1d:fc:f7:e6:4d:ea:1e:b9:
ae:a7:ea:eb:cf:76:4c:d5:f1:0c:1a:02:df:2d:8c:
58:4d:9c:16:02:33:4f:97:6b:86:fe:4b:66:a4:00:
24:f9:3e:46:6e:db:72:12:b8:1e:84:93:a4:d2:95:
55:9f:de:90:2b:0a:c3:69:d4:5b:51:9a:d8:77:98:
ce:1d:dd:07:01:63:dd:60:9f:c4:83:dd:c7:08:f7:
db:5f:34:2e:07:3b:b7:4a:15:04:d3:43:1f:82:e9:
38:7b:92:72:38:af:3b:14:61:80:c0:95:af:fd:54:
07:13:7d:bd:74:7e:a4:9f:45:ca:40:98:1d:04:2f:
80:ca:9c:fc:d1:43:08:3b:2f:11:0e:73:2f:b0:76:
ed:7f:fb:25:b8:71:be:5b:21:49:b5:32:e5:bf:06:
d2:b9:72:86:de:89:11:52:81:4b:4f:51:df:fd:3b:
d2:2f:84:e5:cd:1a:62:ac:ee:e4:db:59:de:5f:9a:
e6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1E:DA:27:B1:64:57:1A:6F:E6:AB:93:74:8C:4F:8D:A8:91:22:D4
X509v3 Authority Key Identifier:
keyid:99:A6:2D:30:73:A8:2D:A8:65:42:AC:FC:36:F6:FC:B9:E6:6A:05:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maYtMHOoLahlQqz8Nvb8ueZqBbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/795baf-508b-477d-8926-2d953600ff37/1/vB7aJ7FkVxpv5quTdIxPjaiRItQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/795baf-508b-477d-8926-2d953600ff37/1/maYtMHOoLahlQqz8Nvb8ueZqBbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.88.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:17:48:ed:0f:09:ab:39:87:96:6e:66:9c:52:69:1d:eb:4d:
8d:cd:6e:c6:af:3e:e4:97:87:3a:43:04:67:1c:e6:9d:0e:63:
47:43:54:83:26:f5:f4:ce:5a:9f:61:fe:1d:4a:59:60:0b:c9:
b3:8e:83:e9:c5:3c:6f:6d:54:0f:20:ac:f4:ac:07:98:cf:ef:
fb:26:d5:11:f1:7f:64:81:85:9f:e9:ea:34:eb:e3:43:22:ed:
23:61:bc:62:a2:dc:2e:70:c0:66:90:39:ec:fa:eb:8c:41:c1:
d0:72:27:68:ac:c7:ea:d3:01:ee:30:2f:82:21:43:08:4e:28:
dd:e2:bd:c2:1f:70:65:8e:6a:c3:25:f7:39:95:6e:df:a5:de:
d1:fa:75:53:b1:b4:9f:50:a7:12:e0:07:99:8d:94:fe:af:f1:
8b:13:2d:62:61:69:1b:69:00:e7:54:66:d6:88:d0:48:17:43:
93:b9:bc:f3:e8:3b:f0:44:65:5e:a9:f5:c1:56:ef:5f:fc:9a:
bf:b3:3a:ff:df:b2:67:e3:9c:1d:99:5b:42:fc:3b:93:ba:2b:
61:8b:5c:c4:01:6f:af:0a:d4:73:9f:4e:fc:f1:69:5f:0c:69:
ae:e2:f7:05:6c:2f:2f:92:60:9b:ba:b4:51:b1:f1:d0:d2:39:
fb:5d:cc:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR7Q65mvVoNb2E15f6P5mw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTYyZDMwNzNhODJkYTg2NTQyYWNmYzM2ZjZmY2I5ZTY2
YTA1YmIwHhcNMjIxMTE1MTIyOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzFlZGEyN2IxNjQ1NzFhNmZlNmFiOTM3NDhjNGY4ZGE4OTEyMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWu2eI6/1pky9/Eqp5nNh/iFdjvf
OJ5bLUtRMO4Y0ya2r6PZzkJFlP/oHXZ+1pAWfb0Gau7lO49IWdkglHXpeMpUHfz3
5k3qHrmup+rrz3ZM1fEMGgLfLYxYTZwWAjNPl2uG/ktmpAAk+T5GbttyErgehJOk
0pVVn96QKwrDadRbUZrYd5jOHd0HAWPdYJ/Eg93HCPfbXzQuBzu3ShUE00Mfguk4
e5JyOK87FGGAwJWv/VQHE329dH6kn0XKQJgdBC+Aypz80UMIOy8RDnMvsHbtf/sl
uHG+WyFJtTLlvwbSuXKG3okRUoFLT1Hf/TvSL4TlzRpirO7k21neX5rmaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwe2iexZFcab+ark3SMT42okSLUMB8GA1UdIwQY
MBaAFJmmLTBzqC2oZUKs/Db2/LnmagW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFZdE1IT29MYWhsUXF6OE52Yjh1ZVpxQmJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTViYWYtNTA4Yi00NzdkLTg5MjYt
MmQ5NTM2MDBmZjM3LzEvdkI3YUo3RmtWeHB2NXF1VGRJeFBqYWlSSXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83OTViYWYtNTA4Yi00NzdkLTg5MjYtMmQ5NTM2MDBmZjM3
LzEvbWFZdE1IT29MYWhsUXF6OE52Yjh1ZVpxQmJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVFYMA0G
CSqGSIb3DQEBCwUAA4IBAQB7F0jtDwmrOYeWbmacUmkd602NzW7Grz7kl4c6QwRn
HOadDmNHQ1SDJvX0zlqfYf4dSllgC8mzjoPpxTxvbVQPIKz0rAeYz+/7JtUR8X9k
gYWf6eo06+NDIu0jYbxiotwucMBmkDns+uuMQcHQcidorMfq0wHuMC+CIUMITijd
4r3CH3BljmrDJfc5lW7fpd7R+nVTsbSfUKcS4AeZjZT+r/GLEy1iYWkbaQDnVGbW
iNBIF0OTubzz6DvwRGVeqfXBVu9f/Jq/szr/37Jn45wdmVtC/DuTuithi1zEAW+v
CtRzn0788WlfDGmu4vcFbC8vkmCburRRsfHQ0jn7XcwY
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:51:24 2025 by rpki-client