Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/uDLOf7PiE6oPq83IDXQ__p5QS60.roa
File: uDLOf7PiE6oPq83IDXQ__p5QS60.roa (raw, json)
Hash identifier: yy2pBytweExPW4JEirwIWQNQipEPT9N08Fp8bKEJ1uw=
Subject key identifier: B8:32:CE:7F:B3:E2:13:AA:0F:AB:CD:C8:0D:74:3F:FE:9E:50:4B:AD
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 018BF61A48A0D3C77FB60E2208FC27DFDC27
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/uDLOf7PiE6oPq83IDXQ__p5QS60.roa
Signing time: Wed 22 Nov 2023 08:16:39 +0000
ROA not before: Wed 22 Nov 2023 08:16:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 45.91.67.0/24 maxlen: 24
45.82.14.0/24 maxlen: 24
45.82.15.0/24 maxlen: 24
91.200.150.0/24 maxlen: 24
91.200.151.0/24 maxlen: 24
91.200.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:1a:48:a0:d3:c7:7f:b6:0e:22:08:fc:27:df:dc:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Nov 22 08:16:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b832ce7fb3e213aa0fabcdc80d743ffe9e504bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b3:76:ba:c5:3a:9c:82:94:6b:ba:f2:95:0c:
f2:bc:45:a5:1e:f6:a2:56:6e:47:3f:db:5d:e6:3e:
8e:71:a9:2b:ad:86:b9:3c:7d:41:84:45:02:e0:df:
06:95:9e:cf:94:79:e1:73:3a:5c:40:62:ce:55:23:
7e:0f:5d:b8:99:15:40:61:9d:b9:12:47:5e:a3:ff:
97:35:cc:45:e9:85:fb:ec:5a:f1:6e:04:25:38:1b:
b4:6c:e6:a1:f3:56:36:e5:04:8e:1e:bc:24:6e:7e:
28:8a:eb:84:c7:0c:31:48:28:19:44:99:35:8f:ba:
83:52:a1:d3:e8:97:fa:92:c3:c2:22:03:29:e5:8a:
76:57:a0:87:2a:d5:8d:db:d3:89:96:7f:78:ef:e2:
73:32:c8:0f:d0:bb:06:43:3e:16:01:f3:a7:f7:51:
44:bf:61:5d:0f:ce:00:b1:22:57:d5:ad:0f:68:8f:
c4:31:35:c7:7d:55:2d:b5:98:b0:7e:12:68:3d:95:
38:5d:92:d2:0c:9d:a0:e4:8c:ee:d8:cb:42:f5:cf:
e5:06:13:36:28:91:a3:64:c6:5c:c6:4b:56:5f:df:
2a:8d:ef:fe:84:f4:32:f2:64:0d:7c:4f:72:c6:b2:
3a:d9:35:20:e2:fc:f0:b4:cc:be:f1:f7:e6:32:9a:
33:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:32:CE:7F:B3:E2:13:AA:0F:AB:CD:C8:0D:74:3F:FE:9E:50:4B:AD
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/uDLOf7PiE6oPq83IDXQ__p5QS60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.14.0/23
45.91.67.0/24
91.200.148.0/24
91.200.150.0/23
Signature Algorithm: sha256WithRSAEncryption
28:23:5f:44:3b:ce:14:f8:d0:f8:ec:04:9c:dd:22:cd:24:98:
f2:f0:ee:67:32:26:70:a5:80:c1:1a:69:22:f0:d2:72:f4:6c:
90:6b:e0:65:f7:de:94:b0:98:42:45:1b:7d:e9:09:23:14:30:
82:79:cb:45:84:69:a5:11:0d:34:9a:ef:ad:e0:3d:1a:a0:40:
16:79:a0:42:1c:28:bf:94:4e:0b:2a:d9:9a:e3:27:f6:aa:a3:
41:ea:bc:c2:7c:c9:5a:d9:66:42:14:ee:27:e0:c9:33:2b:9d:
73:16:02:31:b0:85:52:f1:b1:14:25:c4:ba:5a:fe:bd:71:a3:
8a:85:49:05:07:c9:e7:66:e7:1f:b1:21:23:10:fe:0f:26:3b:
89:50:21:5a:2f:9e:5c:51:84:24:e8:1d:d3:47:47:f5:d0:23:
85:73:4b:f9:23:49:c7:39:d3:9d:03:80:cc:bc:70:1b:06:f7:
72:ee:62:ae:b3:67:09:4c:9d:0a:24:be:a7:d4:e1:46:a3:68:
db:e7:38:ea:1e:65:5c:c3:3d:e5:39:74:54:45:2f:84:61:0d:
a2:37:89:17:e8:be:bc:d3:b9:6f:86:1f:ab:de:41:c5:e1:46:
d6:ac:58:e1:f2:d9:86:38:39:e4:c9:0a:94:20:71:00:b9:8b:
43:10:99:e1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYv2Gkig08d/tg4iCPwn39wnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMxMTIyMDgxNjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODMyY2U3ZmIzZTIxM2FhMGZhYmNkYzgwZDc0M2ZmZTllNTA0YmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrN2usU6nIKUa7rylQzyvEWlHvai
Vm5HP9td5j6OcakrrYa5PH1BhEUC4N8GlZ7PlHnhczpcQGLOVSN+D124mRVAYZ25
Ekdeo/+XNcxF6YX77FrxbgQlOBu0bOah81Y25QSOHrwkbn4oiuuExwwxSCgZRJk1
j7qDUqHT6Jf6ksPCIgMp5Yp2V6CHKtWN29OJln947+JzMsgP0LsGQz4WAfOn91FE
v2FdD84AsSJX1a0PaI/EMTXHfVUttZiwfhJoPZU4XZLSDJ2g5Izu2MtC9c/lBhM2
KJGjZMZcxktWX98qje/+hPQy8mQNfE9yxrI62TUg4vzwtMy+8ffmMpozOQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLgyzn+z4hOqD6vNyA10P/6eUEutMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvdURMT2Y3UGlFNm9QcTgzSURYUV9fcDVRUzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLVIOAwQA
LVtDAwQAW8iUAwQBW8iWMA0GCSqGSIb3DQEBCwUAA4IBAQAoI19EO84U+ND47ASc
3SLNJJjy8O5nMiZwpYDBGmki8NJy9GyQa+Bl996UsJhCRRt96QkjFDCCectFhGml
EQ00mu+t4D0aoEAWeaBCHCi/lE4LKtma4yf2qqNB6rzCfMla2WZCFO4n4MkzK51z
FgIxsIVS8bEUJcS6Wv69caOKhUkFB8nnZucfsSEjEP4PJjuJUCFaL55cUYQk6B3T
R0f10COFc0v5I0nHOdOdA4DMvHAbBvdy7mKus2cJTJ0KJL6n1OFGo2jb5zjqHmVc
wz3lOXRURS+EYQ2iN4kX6L6807lvhh+r3kHF4UbWrFjh8tmGODnkyQqUIHEAuYtD
EJnh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:35 2025 by rpki-client