Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/8LrYzFkr8MKldtnyQV78uz_uYdQ.roa
File: 8LrYzFkr8MKldtnyQV78uz_uYdQ.roa (raw, json)
Hash identifier: G4cDu4H+tEEFck6jwAb2XOi8I8qatjA9oErijY0B2uw=
Subject key identifier: F0:BA:D8:CC:59:2B:F0:C2:A5:76:D9:F2:41:5E:FC:BB:3F:EE:61:D4
Certificate issuer: /CN=740f65f302335baa90ed81c05384d53f2332391a
Certificate serial: 018C63DEF8ECEDD41CE54266447A6E59A46E
Authority key identifier: 74:0F:65:F3:02:33:5B:AA:90:ED:81:C0:53:84:D5:3F:23:32:39:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/8LrYzFkr8MKldtnyQV78uz_uYdQ.roa
Signing time: Wed 13 Dec 2023 15:50:06 +0000
ROA not before: Wed 13 Dec 2023 15:50:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206844
IP address blocks: 185.174.160.0/22 maxlen: 22
45.156.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:de:f8:ec:ed:d4:1c:e5:42:66:44:7a:6e:59:a4:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=740f65f302335baa90ed81c05384d53f2332391a
Validity
Not Before: Dec 13 15:50:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0bad8cc592bf0c2a576d9f2415efcbb3fee61d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f3:3e:37:52:9d:52:29:02:cf:e2:cf:72:69:
ce:33:60:6c:f4:1f:64:66:30:69:bc:ed:53:0a:4c:
8d:77:47:a1:52:f2:4f:c7:15:d2:98:dc:4a:31:df:
92:84:4c:36:fd:8a:50:82:92:30:6a:d9:ab:3d:b8:
6f:88:b1:92:a3:d3:2a:ef:8f:0b:2e:7d:a3:da:e1:
8b:4f:90:c4:60:5a:14:53:c5:37:5f:38:da:c8:30:
c8:ce:1d:38:c8:06:77:c7:30:7b:fb:b1:6a:4d:5f:
63:ec:d6:e7:4c:41:53:16:f6:ef:49:d2:09:dc:71:
cc:d4:f8:8f:d0:bb:43:e3:d6:ab:25:1a:53:59:ee:
c9:8b:bc:87:dc:c7:de:b7:99:e3:48:f7:9d:0d:db:
d3:fc:fc:3f:1d:af:17:c2:09:b7:21:07:28:5f:85:
02:56:0c:cd:82:d7:73:c9:9b:b6:65:c0:5a:a0:45:
94:15:aa:63:2e:15:08:19:bd:36:f4:69:35:56:ef:
20:9e:7d:2e:9e:20:c5:fc:e9:bb:00:4f:e4:9e:2a:
b8:c8:89:b5:62:3c:bf:2d:5c:e3:56:fc:a2:2d:0c:
62:c8:d5:7d:7d:f3:77:37:5e:31:1d:d3:0e:51:48:
b4:2b:a0:ed:a7:27:2c:11:c4:83:86:9b:53:2f:6e:
e7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:BA:D8:CC:59:2B:F0:C2:A5:76:D9:F2:41:5E:FC:BB:3F:EE:61:D4
X509v3 Authority Key Identifier:
keyid:74:0F:65:F3:02:33:5B:AA:90:ED:81:C0:53:84:D5:3F:23:32:39:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/8LrYzFkr8MKldtnyQV78uz_uYdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/dA9l8wIzW6qQ7YHAU4TVPyMyORo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.32.0/22
185.174.160.0/22
Signature Algorithm: sha256WithRSAEncryption
09:17:b1:f9:cd:9d:dc:d1:9d:f0:f7:95:e0:0f:f2:3e:33:09:
9f:f5:b4:48:0c:0f:b6:89:73:71:9c:f4:d5:7f:e5:ef:7a:35:
ff:a2:30:56:e2:2e:b8:6d:bf:a8:d9:68:94:e9:a8:fd:a3:30:
06:00:a7:47:21:85:bc:1d:6c:74:26:e8:7e:44:81:f4:b8:e2:
2d:34:d4:c2:60:af:f6:c2:95:60:3c:3a:bf:fa:54:20:61:2a:
93:4e:00:21:5b:ed:28:52:95:1c:06:f1:1c:e4:18:ad:cc:79:
eb:00:ae:a3:c9:ec:e2:7a:b3:4f:db:7d:19:20:d3:b4:23:a8:
67:32:b1:ee:99:eb:ae:03:cb:21:9a:b7:1d:68:e9:bd:20:3c:
f6:ec:8a:ff:f5:97:ed:4b:59:54:dd:cc:f4:41:27:f6:86:12:
80:44:4f:62:ec:fa:20:0c:90:e1:c4:db:75:06:f4:20:da:91:
fa:4c:02:7a:38:09:77:ae:87:4e:7c:51:d2:90:95:a6:64:95:
48:27:87:6e:4d:37:fb:48:f3:3e:a4:1c:6b:94:79:9d:be:a9:
b9:d4:08:2b:73:f8:16:f3:6a:0f:10:44:e5:c8:d2:43:12:ed:
76:ae:5c:41:a4:ad:65:72:64:05:1b:8a:2e:3b:0b:cd:38:4c:
65:4b:d0:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxj3vjs7dQc5UJmRHpuWaRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MGY2NWYzMDIzMzViYWE5MGVkODFjMDUzODRkNTNmMjMz
MjM5MWEwHhcNMjMxMjEzMTU1MDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGJhZDhjYzU5MmJmMGMyYTU3NmQ5ZjI0MTVlZmNiYjNmZWU2MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/M+N1KdUikCz+LPcmnOM2Bs9B9k
ZjBpvO1TCkyNd0ehUvJPxxXSmNxKMd+ShEw2/YpQgpIwatmrPbhviLGSo9Mq748L
Ln2j2uGLT5DEYFoUU8U3XzjayDDIzh04yAZ3xzB7+7FqTV9j7NbnTEFTFvbvSdIJ
3HHM1PiP0LtD49arJRpTWe7Ji7yH3Mfet5njSPedDdvT/Pw/Ha8Xwgm3IQcoX4UC
VgzNgtdzyZu2ZcBaoEWUFapjLhUIGb029Gk1Vu8gnn0uniDF/Om7AE/kniq4yIm1
Yjy/LVzjVvyiLQxiyNV9ffN3N14xHdMOUUi0K6DtpycsEcSDhptTL27n4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPC62MxZK/DCpXbZ8kFe/Ls/7mHUMB8GA1UdIwQY
MBaAFHQPZfMCM1uqkO2BwFOE1T8jMjkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEE5bDh3SXpXNnFRN1lIQVU0VFZQeU15T1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8zYjFjMWYtMmQ4Yy00ODYxLWI3MWQt
ZDAzYTJjNDM1YWVjLzEvOExyWXpGa3I4TUtsZHRueVFWNzh1el91WWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8zYjFjMWYtMmQ4Yy00ODYxLWI3MWQtZDAzYTJjNDM1YWVj
LzEvZEE5bDh3SXpXNnFRN1lIQVU0VFZQeU15T1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZwgAwQC
ua6gMA0GCSqGSIb3DQEBCwUAA4IBAQAJF7H5zZ3c0Z3w95XgD/I+Mwmf9bRIDA+2
iXNxnPTVf+XvejX/ojBW4i64bb+o2WiU6aj9ozAGAKdHIYW8HWx0Juh+RIH0uOIt
NNTCYK/2wpVgPDq/+lQgYSqTTgAhW+0oUpUcBvEc5BitzHnrAK6jyezierNP230Z
INO0I6hnMrHumeuuA8shmrcdaOm9IDz27Ir/9ZftS1lU3cz0QSf2hhKARE9i7Pog
DJDhxNt1BvQg2pH6TAJ6OAl3rodOfFHSkJWmZJVIJ4duTTf7SPM+pBxrlHmdvqm5
1Agrc/gW82oPEETlyNJDEu12rlxBpK1lcmQFG4ouOwvNOExlS9C1
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:58 2025 by rpki-client