Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/8J7DtvRNsCpAHvIWDhCUF7Jy-WM.roa
File: 8J7DtvRNsCpAHvIWDhCUF7Jy-WM.roa (raw, json)
Hash identifier: OHF3qSxTDwZXCgroPYVjvB5zLasqTehAfV6nvoedXDE=
Subject key identifier: F0:9E:C3:B6:F4:4D:B0:2A:40:1E:F2:16:0E:10:94:17:B2:72:F9:63
Certificate issuer: /CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Certificate serial: 084F873D
Authority key identifier: 2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/8J7DtvRNsCpAHvIWDhCUF7Jy-WM.roa
Signing time: Sat 01 Jan 2022 07:53:46 +0000
ROA not before: Sat 01 Jan 2022 07:53:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57264
IP address blocks: 45.159.36.0/24 maxlen: 24
45.159.36.0/22 maxlen: 22
45.159.38.0/24 maxlen: 24
45.159.37.0/24 maxlen: 24
45.159.39.0/24 maxlen: 24
2a0f:7080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139429693 (0x84f873d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Validity
Not Before: Jan 1 07:53:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f09ec3b6f44db02a401ef2160e109417b272f963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a4:2b:d2:1a:81:40:6b:9b:d2:54:42:56:1d:
6c:f0:b2:92:db:a3:bf:a1:1c:5e:1b:39:97:ed:0e:
60:89:8f:23:df:34:19:c0:33:a3:1e:87:03:30:da:
ad:9a:82:23:04:83:39:40:ff:b5:d2:0d:e9:1f:9e:
47:c4:ce:68:e2:47:d5:47:80:10:82:d2:61:81:9a:
63:9b:f5:af:31:09:0b:70:76:d2:2b:33:13:be:49:
ff:4f:67:ce:25:d6:6c:1d:a4:ae:f9:59:86:e4:1c:
55:a3:03:2f:5d:c1:2f:8c:cf:6c:f5:4c:a6:84:cb:
68:2a:8c:13:af:98:82:90:ef:05:4f:82:93:2f:8c:
1a:d4:b2:8b:5f:5f:b4:12:64:02:49:22:19:54:2a:
8c:69:73:f1:6a:02:02:af:3f:e8:e3:38:d4:8d:73:
75:5d:83:a4:2f:7b:36:60:9a:40:52:74:81:a9:c5:
cc:0e:a8:cc:29:2b:8d:ad:1d:42:a2:82:f5:70:41:
8e:5b:00:e9:00:83:3c:6c:b1:34:d6:ea:44:a9:9a:
b3:ab:33:b4:1c:31:ff:0e:41:11:40:d6:06:23:47:
e3:ab:1f:01:cc:59:a2:05:24:a0:79:0c:6e:2a:29:
a8:ce:73:a2:53:b0:91:ae:b0:af:53:97:32:2a:75:
f2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:9E:C3:B6:F4:4D:B0:2A:40:1E:F2:16:0E:10:94:17:B2:72:F9:63
X509v3 Authority Key Identifier:
keyid:2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/8J7DtvRNsCpAHvIWDhCUF7Jy-WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.36.0/22
IPv6:
2a0f:7080::/29
Signature Algorithm: sha256WithRSAEncryption
2d:1b:e7:8f:e2:5b:4f:22:9a:ee:38:22:97:6a:38:fc:0f:ae:
b5:b1:f1:42:5b:2d:d1:ba:83:9a:b3:95:12:b0:55:02:da:60:
d1:70:47:86:1e:ac:d8:80:ef:31:dc:7e:02:63:f5:04:8b:af:
b3:b8:27:dc:a8:84:7b:05:d9:a1:3d:f0:08:b7:5d:61:7b:70:
a0:ee:55:20:35:97:0e:36:aa:df:a1:61:77:4a:82:fc:bb:ef:
a7:54:15:a4:42:32:bd:54:5c:4d:00:58:ef:d2:aa:ce:bb:d3:
f3:91:81:18:15:73:3d:6c:f2:6a:aa:f3:af:cd:ef:37:2f:c5:
7d:03:b7:f3:80:db:c5:11:92:59:fd:f4:7d:65:43:35:c1:29:
a6:be:43:9b:fb:77:09:97:b0:ea:d6:44:76:f5:5f:db:58:2d:
ff:57:1e:e8:e1:ad:0a:94:6f:6e:01:15:63:a8:22:93:86:0d:
a0:fb:18:4f:07:91:87:79:d3:c4:a4:7b:6b:a5:b1:6e:7f:ae:
eb:21:3f:8e:4a:e9:a6:b6:bc:00:e8:e7:0c:9b:73:fc:8f:04:
db:b4:3f:58:35:1c:c9:f3:78:85:29:13:5c:40:e6:e3:02:16:
df:70:14:24:78:dd:88:15:d3:30:a2:21:f6:e8:cb:db:d7:d2:
cd:79:0a:65
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECE+HPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjRlMmQzNGNjZWU0NTc2YjVjZTc2MDVhMDg0ZTZjMDg1MjJjMjI4MB4XDTIyMDEw
MTA3NTM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjA5ZWMzYjZmNDRk
YjAyYTQwMWVmMjE2MGUxMDk0MTdiMjcyZjk2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6kK9IagUBrm9JUQlYdbPCyktujv6EcXhs5l+0OYImPI980
GcAzox6HAzDarZqCIwSDOUD/tdIN6R+eR8TOaOJH1UeAEILSYYGaY5v1rzEJC3B2
0iszE75J/09nziXWbB2krvlZhuQcVaMDL13BL4zPbPVMpoTLaCqME6+YgpDvBU+C
ky+MGtSyi19ftBJkAkkiGVQqjGlz8WoCAq8/6OM41I1zdV2DpC97NmCaQFJ0ganF
zA6ozCkrja0dQqKC9XBBjlsA6QCDPGyxNNbqRKmas6sztBwx/w5BEUDWBiNH46sf
AcxZogUkoHkMbiopqM5zolOwka6wr1OXMip18sUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTwnsO29E2wKkAe8hYOEJQXsnL5YzAfBgNVHSMEGDAWgBQrTi00zO5FdrXO
dgWghObAhSLCKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0swNHROTXp1UlhhMXpuWUZvSVRtd0lVaXdpZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvZDg5OWNjLTUzNTctNDcxYS1iYzFjLTA3N2JjOGJhMWU1ZC8x
LzhKN0R0dlJOc0NwQUh2SVdEaENVRjdKeS1XTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
ZDg5OWNjLTUzNTctNDcxYS1iYzFjLTA3N2JjOGJhMWU1ZC8xL0swNHROTXp1Ulhh
MXpuWUZvSVRtd0lVaXdpZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2fJDANBAIAAjAHAwUDKg9wgDAN
BgkqhkiG9w0BAQsFAAOCAQEALRvnj+JbTyKa7jgil2o4/A+utbHxQlst0bqDmrOV
ErBVAtpg0XBHhh6s2IDvMdx+AmP1BIuvs7gn3KiEewXZoT3wCLddYXtwoO5VIDWX
Djaq36Fhd0qC/Lvvp1QVpEIyvVRcTQBY79KqzrvT85GBGBVzPWzyaqrzr83vNy/F
fQO384DbxRGSWf30fWVDNcEppr5Dm/t3CZew6tZEdvVf21gt/1ce6OGtCpRvbgEV
Y6gik4YNoPsYTweRh3nTxKR7a6Wxbn+u6yE/jkrppra8AOjnDJtz/I8E27Q/WDUc
yfN4hSkTXEDm4wIW33AUJHjdiBXTMKIh9ujL29fSzXkKZQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:09:46 2025 by rpki-client