Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/eLXdpt7VG_uJPqjBPaXAvFc7UZM.roa
File: eLXdpt7VG_uJPqjBPaXAvFc7UZM.roa (raw, json)
Hash identifier: DLd/4HrMd4R2DAw6JC1Y8Ffr335Cmsxypq/CfWrQJyc=
Subject key identifier: 78:B5:DD:A6:DE:D5:1B:FB:89:3E:A8:C1:3D:A5:C0:BC:57:3B:51:93
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 018506EEA6C942947D56DDB3DE9A7400607E
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/eLXdpt7VG_uJPqjBPaXAvFc7UZM.roa
Signing time: Mon 12 Dec 2022 15:23:01 +0000
ROA not before: Mon 12 Dec 2022 15:23:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209408
IP address blocks: 45.66.224.0/22 maxlen: 22
81.29.149.0/24 maxlen: 24
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:ee:a6:c9:42:94:7d:56:dd:b3:de:9a:74:00:60:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Dec 12 15:23:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78b5dda6ded51bfb893ea8c13da5c0bc573b5193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:14:67:94:e4:04:02:3b:71:00:0e:73:fd:96:
24:88:50:76:1c:69:06:30:57:e6:27:2f:f8:d3:e6:
6f:eb:d0:5f:47:27:f0:d2:66:3b:b4:ab:99:ab:a3:
fc:20:7f:b9:a0:0f:28:23:e4:2e:0c:c8:d4:41:f8:
6a:a5:93:95:f2:a1:c4:a4:5f:db:c0:7a:6c:9f:13:
26:3d:a1:a3:ad:5d:b8:11:35:1a:df:d1:07:55:da:
9d:a6:7d:90:ca:ed:a0:78:bc:ff:9d:70:bd:9c:88:
aa:53:1e:cf:30:96:37:90:9b:08:26:d1:7b:d7:50:
9e:1e:37:0a:71:c2:f9:7e:40:c3:57:c7:08:8a:ca:
bf:c2:95:bf:d7:2e:c3:1f:a4:ae:69:96:b9:f8:ce:
4b:94:bb:c4:55:06:20:4d:73:fc:da:5a:f1:57:83:
fe:da:0d:93:ec:f0:f3:55:e2:8a:48:19:b9:a3:94:
4d:f4:2a:d4:a7:6b:06:58:0f:8e:c9:2c:af:6d:4f:
2d:1d:e5:17:9a:f8:9d:8d:44:17:2b:d9:96:c3:9c:
43:63:20:c6:c6:f9:52:0b:27:df:5b:8f:76:29:13:
36:90:99:41:e3:85:8a:94:29:fb:3e:9d:c6:d6:8b:
4d:35:8b:de:94:4b:4c:c4:1c:bb:6a:9f:6f:58:ee:
ef:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:B5:DD:A6:DE:D5:1B:FB:89:3E:A8:C1:3D:A5:C0:BC:57:3B:51:93
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/eLXdpt7VG_uJPqjBPaXAvFc7UZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
81.29.149.0/24
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
86:fc:17:73:b1:7e:52:17:38:94:28:2f:c0:ef:df:53:bf:b9:
98:60:ba:c5:78:d1:24:d2:a1:7e:89:2e:68:6f:1f:5e:12:16:
a4:a7:a3:8a:61:db:05:04:7b:24:07:7a:73:d2:48:2f:7c:38:
51:8d:d9:d9:4f:ef:f4:13:ad:a8:46:49:57:f1:95:8a:06:52:
8f:4a:e1:e9:0b:e4:26:24:1b:bc:9c:97:6e:df:1f:fe:6e:2c:
0e:86:41:c3:20:73:37:65:10:f2:fd:cd:ef:6d:f8:53:a1:38:
47:2f:72:70:4e:e5:8d:74:34:63:98:76:60:de:1b:35:01:16:
c7:07:35:77:43:19:cf:90:36:a1:f0:a2:1b:52:73:8e:82:b8:
a7:e4:15:6d:1e:32:85:d9:07:1e:5a:ab:4e:6c:d0:30:f3:72:
68:5a:ea:5a:ce:41:ee:4d:02:76:0d:cb:36:1a:f8:ff:a8:06:
51:73:fa:5d:dc:be:9a:c6:9f:3a:ff:5f:a6:3c:f0:f8:52:ff:
4d:f3:a8:82:1e:cf:40:f9:47:a7:e4:65:9e:c9:8e:3a:3d:b9:
1f:f7:94:bd:aa:69:0d:da:d1:44:72:47:b4:66:d5:05:39:e2:
f4:db:25:af:b0:97:c9:80:d8:54:30:9e:85:08:b5:f1:e5:ca:
44:e0:40:79
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYUG7qbJQpR9Vt2z3pp0AGB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjIxMjEyMTUyMzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGI1ZGRhNmRlZDUxYmZiODkzZWE4YzEzZGE1YzBiYzU3M2I1MTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRRnlOQEAjtxAA5z/ZYkiFB2HGkG
MFfmJy/40+Zv69BfRyfw0mY7tKuZq6P8IH+5oA8oI+QuDMjUQfhqpZOV8qHEpF/b
wHpsnxMmPaGjrV24ETUa39EHVdqdpn2Qyu2geLz/nXC9nIiqUx7PMJY3kJsIJtF7
11CeHjcKccL5fkDDV8cIisq/wpW/1y7DH6SuaZa5+M5LlLvEVQYgTXP82lrxV4P+
2g2T7PDzVeKKSBm5o5RN9CrUp2sGWA+OySyvbU8tHeUXmvidjUQXK9mWw5xDYyDG
xvlSCyffW492KRM2kJlB44WKlCn7Pp3G1otNNYvelEtMxBy7ap9vWO7viQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHi13abe1Rv7iT6owT2lwLxXO1GTMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvZUxYZHB0N1ZHX3VKUHFqQlBhWEF2RmM3VVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLULgAwQA
UR2VMA0EAgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQCG/BdzsX5SFziU
KC/A799Tv7mYYLrFeNEk0qF+iS5obx9eEhakp6OKYdsFBHskB3pz0kgvfDhRjdnZ
T+/0E62oRklX8ZWKBlKPSuHpC+QmJBu8nJdu3x/+biwOhkHDIHM3ZRDy/c3vbfhT
oThHL3JwTuWNdDRjmHZg3hs1ARbHBzV3QxnPkDah8KIbUnOOgrin5BVtHjKF2Qce
WqtObNAw83JoWupazkHuTQJ2Dcs2Gvj/qAZRc/pd3L6axp86/1+mPPD4Uv9N86iC
Hs9A+Uen5GWeyY46Pbkf95S9qmkN2tFEcke0ZtUFOeL02yWvsJfJgNhUMJ6FCLXx
5cpE4EB5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:56 2023 by rpki-client on console-fra.rpki-client.org