Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/v1jPk_uJdp00M6wgKyEz8RqaduI.roa
File: v1jPk_uJdp00M6wgKyEz8RqaduI.roa (raw, json)
Hash identifier: X0EKN8Z5U0b2gpmBjfv4SYfF70cDTF//xjNWiFpEM3I=
Subject key identifier: BF:58:CF:93:FB:89:76:9D:34:33:AC:20:2B:21:33:F1:1A:9A:76:E2
Certificate issuer: /CN=4e5aa38eea324e2bd7ab6427e7596a9fa41db0e3
Certificate serial: 08F2EA66
Authority key identifier: 4E:5A:A3:8E:EA:32:4E:2B:D7:AB:64:27:E7:59:6A:9F:A4:1D:B0:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TlqjjuoyTivXq2Qn51lqn6QdsOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/v1jPk_uJdp00M6wgKyEz8RqaduI.roa
Signing time: Sat 01 Jan 2022 10:53:44 +0000
ROA not before: Sat 01 Jan 2022 10:53:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60798
IP address blocks: 45.138.201.0/24 maxlen: 24
45.138.200.0/22 maxlen: 22
45.138.200.0/24 maxlen: 24
45.14.184.0/22 maxlen: 24
185.229.236.0/22 maxlen: 24
185.25.204.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150137446 (0x8f2ea66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5aa38eea324e2bd7ab6427e7596a9fa41db0e3
Validity
Not Before: Jan 1 10:53:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf58cf93fb89769d3433ac202b2133f11a9a76e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6c:69:4e:2c:97:ca:73:69:e4:82:b4:04:62:
f0:8a:15:c0:00:ad:c7:5c:61:15:ca:aa:5a:cb:39:
b6:fe:ce:95:32:40:88:22:8b:e7:d9:fd:4b:aa:1b:
24:eb:55:d2:07:75:b1:8f:3a:1c:06:74:a9:44:89:
e9:57:17:ad:1e:c7:38:2c:39:0b:c4:ad:6c:37:a2:
90:4c:bc:33:c9:b6:16:78:50:63:86:41:85:db:40:
33:5d:b9:78:9b:2a:34:b5:c1:03:04:ba:7a:de:80:
0a:58:7f:a0:91:1d:1e:99:05:83:bb:d0:2e:a0:ee:
a2:1d:43:49:5b:01:94:56:07:91:3e:2d:6b:31:e5:
a4:f7:e0:6f:f8:a4:6d:52:b1:66:b0:0e:5b:e2:4c:
fd:97:c4:60:66:20:9f:8b:52:df:eb:44:8e:fa:73:
9e:c4:97:85:67:59:cb:9d:a9:24:e2:7c:08:3d:6b:
47:49:c3:0d:47:7f:1f:27:97:0a:22:70:3e:47:9f:
4e:f8:70:18:23:b3:89:d6:64:c0:50:9b:ba:c3:30:
0b:c2:ba:1d:ac:3a:42:46:f5:dc:54:e9:64:3c:2e:
c1:03:bb:5a:e6:3a:64:62:9e:94:97:a7:7e:27:a7:
f3:1d:d7:1b:fa:ac:3d:1a:0c:82:d0:e8:44:35:de:
45:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:58:CF:93:FB:89:76:9D:34:33:AC:20:2B:21:33:F1:1A:9A:76:E2
X509v3 Authority Key Identifier:
keyid:4E:5A:A3:8E:EA:32:4E:2B:D7:AB:64:27:E7:59:6A:9F:A4:1D:B0:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TlqjjuoyTivXq2Qn51lqn6QdsOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/v1jPk_uJdp00M6wgKyEz8RqaduI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/TlqjjuoyTivXq2Qn51lqn6QdsOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.184.0/22
45.138.200.0/22
185.25.204.0/22
185.229.236.0/22
Signature Algorithm: sha256WithRSAEncryption
74:a4:20:c6:58:b9:d7:47:bf:51:6a:19:a4:08:69:97:dc:51:
fa:26:54:b7:08:49:d6:98:e9:a9:8a:8f:12:26:fe:21:bf:18:
7b:d6:20:91:49:05:57:89:02:2d:71:0c:94:c4:f0:30:a0:35:
c6:32:b5:6d:0f:6d:2f:59:06:40:29:c5:bd:e5:b4:cc:50:25:
b2:2f:de:69:70:1a:6c:37:12:66:76:ef:31:37:d8:ed:ea:cd:
dc:58:b0:98:f8:29:6d:95:db:05:25:bd:47:ed:ca:d4:06:5e:
62:86:f3:e4:f6:28:63:8f:d7:20:df:3a:e2:b0:a3:32:bd:e4:
ad:df:40:95:a0:dd:00:54:7b:78:b4:ae:ca:5e:f6:2c:66:b8:
d9:58:e0:64:42:c3:fd:20:e8:3e:d5:b5:25:7e:2c:8b:cc:be:
c0:ec:72:58:25:5c:45:e7:e3:b0:57:cf:1c:ff:fe:87:27:89:
3e:23:35:51:18:aa:42:7a:75:88:3c:27:72:5c:32:e9:6f:4e:
3e:73:f5:ab:d4:82:58:fc:e6:0f:b4:10:31:7e:e7:58:b9:ca:
8d:2c:fb:6c:af:a8:0e:98:cb:25:b0:eb:79:e6:2d:f8:70:11:
16:ce:bb:71:e6:44:0c:c9:a8:55:d5:7f:c2:dc:11:84:2a:a0:
52:b3:42:11
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECPLqZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZTVhYTM4ZWVhMzI0ZTJiZDdhYjY0MjdlNzU5NmE5ZmE0MWRiMGUzMB4XDTIyMDEw
MTEwNTM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmY1OGNmOTNmYjg5
NzY5ZDM0MzNhYzIwMmIyMTMzZjExYTlhNzZlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBsaU4sl8pzaeSCtARi8IoVwACtx1xhFcqqWss5tv7OlTJA
iCKL59n9S6obJOtV0gd1sY86HAZ0qUSJ6VcXrR7HOCw5C8StbDeikEy8M8m2FnhQ
Y4ZBhdtAM125eJsqNLXBAwS6et6AClh/oJEdHpkFg7vQLqDuoh1DSVsBlFYHkT4t
azHlpPfgb/ikbVKxZrAOW+JM/ZfEYGYgn4tS3+tEjvpznsSXhWdZy52pJOJ8CD1r
R0nDDUd/HyeXCiJwPkefTvhwGCOzidZkwFCbusMwC8K6Haw6Qkb13FTpZDwuwQO7
WuY6ZGKelJenfien8x3XG/qsPRoMgtDoRDXeRRsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBS/WM+T+4l2nTQzrCArITPxGpp24jAfBgNVHSMEGDAWgBROWqOO6jJOK9er
ZCfnWWqfpB2w4zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RscWpqdW95VGl2WHEyUW41MWxxbjZRZHNPTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvNzY3MTE5LTI4YWEtNDMzOS1iNzQxLTRlZWVkOGE0MzA4Yi8x
L3YxalBrX3VKZHAwME02d2dLeUV6OFJxYWR1SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
NzY3MTE5LTI4YWEtNDMzOS1iNzQxLTRlZWVkOGE0MzA4Yi8xL1RscWpqdW95VGl2
WHEyUW41MWxxbjZRZHNPTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAi0OuAMEAi2KyAMEArkZzAMEArnl
7DANBgkqhkiG9w0BAQsFAAOCAQEAdKQgxli510e/UWoZpAhpl9xR+iZUtwhJ1pjp
qYqPEib+Ib8Ye9YgkUkFV4kCLXEMlMTwMKA1xjK1bQ9tL1kGQCnFveW0zFAlsi/e
aXAabDcSZnbvMTfY7erN3FiwmPgpbZXbBSW9R+3K1AZeYobz5PYoY4/XIN864rCj
Mr3krd9AlaDdAFR7eLSuyl72LGa42VjgZELD/SDoPtW1JX4si8y+wOxyWCVcRefj
sFfPHP/+hyeJPiM1URiqQnp1iDwnclwy6W9OPnP1q9SCWPzmD7QQMX7nWLnKjSz7
bK+oDpjLJbDreeYt+HARFs67ceZEDMmoVdV/wtwRhCqgUrNCEQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:13 2025 by rpki-client