Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/7fQ5qCUf9yiLzdlQXwccOIj25PA.roa
File: 7fQ5qCUf9yiLzdlQXwccOIj25PA.roa (raw, json)
Hash identifier: TdWTLa4opWId4g0jROoXf3N286cdKqN2eJYf2DXxp+E=
Subject key identifier: ED:F4:39:A8:25:1F:F7:28:8B:CD:D9:50:5F:07:1C:38:88:F6:E4:F0
Certificate issuer: /CN=bd6fa37a2483cf579fa86250119ac0133475aad8
Certificate serial: 8B3F8D
Authority key identifier: BD:6F:A3:7A:24:83:CF:57:9F:A8:62:50:11:9A:C0:13:34:75:AA:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/7fQ5qCUf9yiLzdlQXwccOIj25PA.roa
Signing time: Sat 01 Jan 2022 02:58:39 +0000
ROA not before: Sat 01 Jan 2022 02:58:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6134
IP address blocks: 45.147.24.0/24 maxlen: 24
45.147.25.0/24 maxlen: 24
45.147.27.0/24 maxlen: 24
45.158.229.0/24 maxlen: 24
45.147.26.0/24 maxlen: 24
45.158.228.0/24 maxlen: 24
45.158.230.0/24 maxlen: 24
45.158.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9125773 (0x8b3f8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd6fa37a2483cf579fa86250119ac0133475aad8
Validity
Not Before: Jan 1 02:58:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=edf439a8251ff7288bcdd9505f071c3888f6e4f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:91:6e:df:e0:c2:7e:c4:54:f9:f7:86:14:75:
21:18:c7:4a:ff:bd:84:56:57:8c:11:12:08:21:27:
65:ba:81:71:9b:13:78:5e:43:03:77:45:cc:8a:17:
5f:c6:04:8d:6e:5b:b8:27:91:b9:6f:97:17:4a:53:
a4:06:f3:8c:48:42:32:83:b0:dd:1d:4a:14:11:e1:
f2:a4:49:5e:de:14:17:7a:b8:6f:19:bd:2c:75:50:
fb:10:8f:ae:c5:a3:61:2b:60:0e:44:0d:62:78:ea:
8f:75:f4:4f:4f:40:d0:3d:f8:ba:77:d7:75:1d:6d:
66:bb:07:a4:eb:10:af:e3:26:db:05:8e:59:e5:57:
41:1b:c8:ad:ef:c4:3f:13:73:f4:25:9f:17:c8:c8:
04:cf:6e:af:bf:33:07:3b:6b:49:e2:a5:cd:97:42:
ce:34:65:fb:c5:67:8d:ff:a3:db:04:e3:ad:26:20:
17:33:f4:0f:4f:83:86:5f:8d:30:11:a2:d0:51:31:
8c:9e:6e:f3:b6:94:2a:28:9d:24:bb:7f:ce:57:c5:
b7:a5:65:29:c9:bc:31:78:de:cd:1a:38:af:fd:eb:
13:e3:d9:f8:37:b1:f2:f1:6a:8a:c6:6a:53:19:67:
0d:d1:07:6f:0a:29:a3:d5:6f:f2:17:52:df:18:f7:
19:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F4:39:A8:25:1F:F7:28:8B:CD:D9:50:5F:07:1C:38:88:F6:E4:F0
X509v3 Authority Key Identifier:
keyid:BD:6F:A3:7A:24:83:CF:57:9F:A8:62:50:11:9A:C0:13:34:75:AA:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/7fQ5qCUf9yiLzdlQXwccOIj25PA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/vW-jeiSDz1efqGJQEZrAEzR1qtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.24.0/22
45.158.228.0/22
Signature Algorithm: sha256WithRSAEncryption
41:e0:1d:f7:ee:94:9e:96:b3:e7:d4:88:82:fd:5b:4a:d6:59:
e3:fd:56:46:fc:ad:d8:14:e1:21:8f:0f:ed:38:ed:0f:74:a4:
db:a7:6a:99:bc:df:cf:16:56:20:1e:c2:57:d0:8d:a5:c8:83:
47:76:a4:a2:7e:06:7a:d0:ff:2f:bd:1a:95:1b:7f:01:db:54:
5e:30:a4:33:5c:38:18:a2:c9:29:3b:bd:fa:01:52:0b:d9:b8:
1e:cc:08:27:b5:d7:9c:c3:47:5e:cb:a9:81:1a:b6:52:a6:2d:
31:9b:02:58:66:cc:f4:29:6a:2d:66:0c:a2:09:ae:bf:7b:5e:
2f:0b:9b:08:9e:32:45:81:10:ab:0d:ea:c7:c0:2c:9b:af:dc:
b7:eb:29:70:3e:ad:4d:7c:6b:f8:35:6f:85:c8:8b:40:44:74:
28:a1:d0:c1:b3:01:35:3b:5c:2b:3f:4c:46:06:56:9d:1c:41:
16:46:0f:1b:9f:cd:d4:bd:50:3b:ca:87:df:90:35:16:03:d3:
4b:8a:8b:11:d8:5c:57:02:a8:f1:66:5a:4d:81:ba:8b:34:64:
a8:e7:71:44:a9:a8:bc:e8:5e:fd:9c:e7:ce:46:0d:3b:f1:2e:
af:ee:bd:ea:6e:26:01:b5:20:c7:0c:6d:93:31:e6:fc:37:c4:
bd:fa:4c:9a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAIs/jTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZDZmYTM3YTI0ODNjZjU3OWZhODYyNTAxMTlhYzAxMzM0NzVhYWQ4MB4XDTIyMDEw
MTAyNTgzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWRmNDM5YTgyNTFm
ZjcyODhiY2RkOTUwNWYwNzFjMzg4OGY2ZTRmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJWRbt/gwn7EVPn3hhR1IRjHSv+9hFZXjBESCCEnZbqBcZsT
eF5DA3dFzIoXX8YEjW5buCeRuW+XF0pTpAbzjEhCMoOw3R1KFBHh8qRJXt4UF3q4
bxm9LHVQ+xCPrsWjYStgDkQNYnjqj3X0T09A0D34unfXdR1tZrsHpOsQr+Mm2wWO
WeVXQRvIre/EPxNz9CWfF8jIBM9ur78zBztrSeKlzZdCzjRl+8Vnjf+j2wTjrSYg
FzP0D0+Dhl+NMBGi0FExjJ5u87aUKiidJLt/zlfFt6VlKcm8MXjezRo4r/3rE+PZ
+Dex8vFqisZqUxlnDdEHbwopo9Vv8hdS3xj3GdcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTt9DmoJR/3KIvN2VBfBxw4iPbk8DAfBgNVHSMEGDAWgBS9b6N6JIPPV5+o
YlARmsATNHWq2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZXLWplaVNEejFlZnFHSlFFWnJBRXpSMXF0Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvZTNhZGEyLWM5ZGYtNDRlMi04YjBmLThmZjE2MTFlOGJiNC8x
LzdmUTVxQ1VmOXlpTHpkbFFYd2NjT0lqMjVQQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
ZTNhZGEyLWM5ZGYtNDRlMi04YjBmLThmZjE2MTFlOGJiNC8xL3ZXLWplaVNEejFl
ZnFHSlFFWnJBRXpSMXF0Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2TGAMEAi2e5DANBgkqhkiG9w0B
AQsFAAOCAQEAQeAd9+6Unpaz59SIgv1bStZZ4/1WRvyt2BThIY8P7TjtD3Sk26dq
mbzfzxZWIB7CV9CNpciDR3akon4GetD/L70alRt/AdtUXjCkM1w4GKLJKTu9+gFS
C9m4HswIJ7XXnMNHXsupgRq2UqYtMZsCWGbM9ClqLWYMogmuv3teLwubCJ4yRYEQ
qw3qx8Asm6/ct+spcD6tTXxr+DVvhciLQER0KKHQwbMBNTtcKz9MRgZWnRxBFkYP
G5/N1L1QO8qH35A1FgPTS4qLEdhcVwKo8WZaTYG6izRkqOdxRKmovOhe/ZznzkYN
O/Eur+696m4mAbUgxwxtkzHm/DfEvfpMmg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:09 2025 by rpki-client