Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/02c254-36bf-4c8c-98d9-7e9837a9228c/1/XcUd7bNAzP3QOSqomGMMLT1vtAg.roa
File: XcUd7bNAzP3QOSqomGMMLT1vtAg.roa (raw, json)
Hash identifier: ZpXjeP2cLag+D7/oeRZYMEHCvTyjAplHZzHJNnmDbCI=
Subject key identifier: 5D:C5:1D:ED:B3:40:CC:FD:D0:39:2A:A8:98:63:0C:2D:3D:6F:B4:08
Certificate issuer: /CN=c76a265ca8ad7273a8a130a1763283d2ff1b4dda
Certificate serial: 049100D9
Authority key identifier: C7:6A:26:5C:A8:AD:72:73:A8:A1:30:A1:76:32:83:D2:FF:1B:4D:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x2omXKitcnOooTChdjKD0v8bTdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/02c254-36bf-4c8c-98d9-7e9837a9228c/1/XcUd7bNAzP3QOSqomGMMLT1vtAg.roa
Signing time: Sat 01 Jan 2022 12:01:03 +0000
ROA not before: Sat 01 Jan 2022 12:01:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208016
IP address blocks: 45.85.48.0/22 maxlen: 22
2a0e:b680::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76611801 (0x49100d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c76a265ca8ad7273a8a130a1763283d2ff1b4dda
Validity
Not Before: Jan 1 12:01:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dc51dedb340ccfdd0392aa898630c2d3d6fb408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1c:56:4a:c5:90:09:3c:2c:79:3f:48:ac:57:
01:8e:d8:35:fe:dc:08:95:79:39:57:ee:9f:70:d9:
ee:ce:b2:44:73:4f:29:27:02:ee:ef:6f:cc:02:b2:
a9:02:b0:41:34:67:64:17:bf:29:3c:43:d1:05:c5:
55:88:db:2f:31:5d:2c:fd:8e:e2:14:af:e5:ab:d0:
7d:5a:be:a9:1e:7f:dd:fa:bf:12:79:7d:b6:84:3c:
fe:f5:5e:4c:47:54:22:1f:50:11:7f:a7:bc:56:97:
07:e8:7a:6c:43:18:86:c7:2c:ac:03:50:3d:4d:3f:
84:f7:9e:22:86:e3:2d:51:bb:2f:24:f5:25:1c:45:
82:ca:47:35:3f:7f:6f:0a:57:4e:1a:24:01:de:a5:
60:89:cc:40:a1:46:97:65:77:05:e3:a8:54:01:cc:
06:0c:ff:3d:50:3c:22:0e:62:0f:12:7b:82:97:a4:
80:5b:6f:ef:fe:59:a4:94:b3:17:09:b3:09:ac:33:
11:8e:e0:f6:3d:bd:73:e8:fe:ee:a4:13:96:44:d0:
10:31:d3:ea:8c:a5:76:70:38:cc:54:28:7f:66:eb:
19:fb:e4:01:20:ab:ec:05:30:0c:b9:68:7f:46:f4:
73:22:ae:07:a1:13:49:e4:bc:fd:7e:f8:94:9f:88:
77:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C5:1D:ED:B3:40:CC:FD:D0:39:2A:A8:98:63:0C:2D:3D:6F:B4:08
X509v3 Authority Key Identifier:
keyid:C7:6A:26:5C:A8:AD:72:73:A8:A1:30:A1:76:32:83:D2:FF:1B:4D:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x2omXKitcnOooTChdjKD0v8bTdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/02c254-36bf-4c8c-98d9-7e9837a9228c/1/XcUd7bNAzP3QOSqomGMMLT1vtAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/02c254-36bf-4c8c-98d9-7e9837a9228c/1/x2omXKitcnOooTChdjKD0v8bTdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.48.0/22
IPv6:
2a0e:b680::/29
Signature Algorithm: sha256WithRSAEncryption
71:cd:16:dc:d8:d0:b8:41:ef:02:26:e3:ce:3a:89:d5:fc:5e:
11:b3:37:5c:28:17:5a:34:fe:d2:c9:fd:95:9d:7e:d4:8f:5d:
81:da:2c:4a:2c:27:76:60:94:5a:2b:34:e5:1b:2f:de:fb:32:
6b:d5:de:d0:db:d6:5b:1c:e6:21:dd:cd:c8:6b:5e:05:f2:9f:
81:5a:41:d5:cb:bd:84:7a:05:eb:2b:e4:c2:0e:20:bd:08:d0:
52:11:5b:8e:f8:f3:37:00:4c:ab:b8:70:0d:f9:5c:94:91:0a:
a6:83:92:d2:00:9e:30:ab:d5:e2:b2:da:f9:61:93:ff:ee:bc:
d5:75:74:fc:f6:46:56:d7:df:ca:b2:91:33:cb:e5:60:4a:91:
d1:1a:57:0f:f9:38:62:53:01:23:e3:bb:60:1d:3c:96:4d:c8:
e1:3e:eb:65:10:be:f3:97:b8:75:5c:ee:b9:0b:c6:db:ab:88:
1d:14:ce:b7:e4:c7:97:5c:38:48:2c:15:23:64:e9:e6:22:84:
42:92:c6:f5:26:99:2a:37:1e:65:24:83:7b:39:25:5f:3b:ea:
55:a2:d1:7b:c1:65:67:0b:6e:04:3c:8c:77:07:c1:40:5a:ef:
36:33:f0:d2:59:84:07:70:dd:37:51:0a:97:5f:a0:ce:96:4b:
cd:20:6b:7d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBJEA2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzZhMjY1Y2E4YWQ3MjczYThhMTMwYTE3NjMyODNkMmZmMWI0ZGRhMB4XDTIyMDEw
MTEyMDEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRjNTFkZWRiMzQw
Y2NmZGQwMzkyYWE4OTg2MzBjMmQzZDZmYjQwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKccVkrFkAk8LHk/SKxXAY7YNf7cCJV5OVfun3DZ7s6yRHNP
KScC7u9vzAKyqQKwQTRnZBe/KTxD0QXFVYjbLzFdLP2O4hSv5avQfVq+qR5/3fq/
Enl9toQ8/vVeTEdUIh9QEX+nvFaXB+h6bEMYhscsrANQPU0/hPeeIobjLVG7LyT1
JRxFgspHNT9/bwpXThokAd6lYInMQKFGl2V3BeOoVAHMBgz/PVA8Ig5iDxJ7gpek
gFtv7/5ZpJSzFwmzCawzEY7g9j29c+j+7qQTlkTQEDHT6oyldnA4zFQof2brGfvk
ASCr7AUwDLlof0b0cyKuB6ETSeS8/X74lJ+Id7ECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRdxR3ts0DM/dA5KqiYYwwtPW+0CDAfBgNVHSMEGDAWgBTHaiZcqK1yc6ih
MKF2MoPS/xtN2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gyb21YS2l0Y25Pb29UQ2hkaktEMHY4YlRkby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvMDJjMjU0LTM2YmYtNGM4Yy05OGQ5LTdlOTgzN2E5MjI4Yy8x
L1hjVWQ3Yk5BelAzUU9TcW9tR01NTFQxdnRBZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
MDJjMjU0LTM2YmYtNGM4Yy05OGQ5LTdlOTgzN2E5MjI4Yy8xL3gyb21YS2l0Y25P
b29UQ2hkaktEMHY4YlRkby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi1VMDANBAIAAjAHAwUDKg62gDAN
BgkqhkiG9w0BAQsFAAOCAQEAcc0W3NjQuEHvAibjzjqJ1fxeEbM3XCgXWjT+0sn9
lZ1+1I9dgdosSiwndmCUWis05Rsv3vsya9Xe0NvWWxzmId3NyGteBfKfgVpB1cu9
hHoF6yvkwg4gvQjQUhFbjvjzNwBMq7hwDflclJEKpoOS0gCeMKvV4rLa+WGT/+68
1XV0/PZGVtffyrKRM8vlYEqR0RpXD/k4YlMBI+O7YB08lk3I4T7rZRC+85e4dVzu
uQvG26uIHRTOt+THl1w4SCwVI2Tp5iKEQpLG9SaZKjceZSSDezklXzvqVaLRe8Fl
ZwtuBDyMdwfBQFrvNjPw0lmEB3DdN1EKl1+gzpZLzSBrfQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:13 2025 by rpki-client