Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/45XworeXtLGUjSQQ_KujUe3LbBs.roa
File: 45XworeXtLGUjSQQ_KujUe3LbBs.roa (raw, json)
Hash identifier: yS4DyimHMHp8oROhHr7mJ5HpbThH+pnZvug6T5UDBgY=
Subject key identifier: E3:95:F0:A2:B7:97:B4:B1:94:8D:24:10:FC:AB:A3:51:ED:CB:6C:1B
Certificate issuer: /CN=3bfc6431f5333b6ddd31e83b69682d8e8ee06fc1
Certificate serial: 0185708CD0E9D94387FD145CC9A38615276B
Authority key identifier: 3B:FC:64:31:F5:33:3B:6D:DD:31:E8:3B:69:68:2D:8E:8E:E0:6F:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_xkMfUzO23dMeg7aWgtjo7gb8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/45XworeXtLGUjSQQ_KujUe3LbBs.roa
Signing time: Mon 02 Jan 2023 03:35:54 +0000
ROA not before: Mon 02 Jan 2023 03:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29423
IP address blocks: 185.241.32.0/22 maxlen: 24
185.102.92.0/22 maxlen: 24
2a06:2380::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:d0:e9:d9:43:87:fd:14:5c:c9:a3:86:15:27:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfc6431f5333b6ddd31e83b69682d8e8ee06fc1
Validity
Not Before: Jan 2 03:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e395f0a2b797b4b1948d2410fcaba351edcb6c1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:fe:f8:ce:f4:4c:17:0d:50:c7:5d:61:b2:25:
34:f4:6f:b0:ce:0e:45:a5:1c:24:97:4e:6c:ff:1e:
bd:64:7a:ac:9c:e0:3f:82:61:5c:d6:ab:4c:0d:f9:
a3:c2:5a:2a:6c:3c:06:ce:a2:bf:8e:dc:5c:5e:80:
dc:f9:f7:c1:99:bc:18:05:74:bc:01:2f:35:69:2f:
ee:c8:0f:3f:9a:c9:cf:94:22:e1:dd:c2:60:55:46:
37:dc:b0:de:44:70:b1:4d:da:a6:3c:aa:df:c6:7d:
7d:49:ff:39:a7:b9:73:6f:02:55:23:75:74:7e:47:
69:35:74:52:66:86:37:a4:82:f0:12:62:f6:42:4b:
7c:3e:40:ec:ec:1e:3e:99:8c:15:7f:a3:2a:16:0f:
0a:6c:83:d7:07:24:bc:20:fe:5b:f4:01:cd:fb:0f:
f5:31:f0:de:10:b2:1c:bd:ae:ce:8a:8b:c2:11:57:
68:05:b8:3a:07:70:d5:f8:4d:61:a6:6e:ec:02:eb:
26:ca:f7:66:19:f5:c7:05:e5:4e:93:b0:61:78:9f:
e3:73:74:22:92:29:0e:ba:85:4f:0d:21:1c:93:6f:
68:44:df:51:ad:ea:98:6e:8d:41:1f:a1:6f:75:bb:
b8:8e:9b:be:0d:3a:0e:95:69:a2:be:53:d6:8b:cc:
c3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:95:F0:A2:B7:97:B4:B1:94:8D:24:10:FC:AB:A3:51:ED:CB:6C:1B
X509v3 Authority Key Identifier:
keyid:3B:FC:64:31:F5:33:3B:6D:DD:31:E8:3B:69:68:2D:8E:8E:E0:6F:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_xkMfUzO23dMeg7aWgtjo7gb8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/45XworeXtLGUjSQQ_KujUe3LbBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/O_xkMfUzO23dMeg7aWgtjo7gb8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.92.0/22
185.241.32.0/22
IPv6:
2a06:2380::/29
Signature Algorithm: sha256WithRSAEncryption
b5:4d:03:23:48:e7:6a:8c:f5:59:99:8a:c0:65:ff:6b:38:7e:
16:d3:08:e3:c3:a6:c2:d7:21:4e:76:72:a0:cf:74:ff:b1:15:
e4:05:a7:67:9b:c2:ba:6a:23:b6:2a:07:31:71:c7:2a:56:3d:
6c:a0:d6:f0:fa:db:f4:77:4a:2f:54:5a:e6:68:57:ec:95:99:
90:60:ed:07:a1:40:b5:8f:de:c8:d4:54:db:d4:9c:21:1f:12:
97:b5:20:f5:5c:27:7c:95:8f:94:28:8c:cc:b9:08:7a:35:3e:
d4:b6:90:3b:a4:71:6d:e0:66:09:0c:27:a0:59:e6:7f:03:0e:
b5:00:dc:73:f8:3f:85:90:e0:cf:8b:9f:a5:10:32:2c:f1:60:
7f:8e:37:13:a9:77:a3:27:91:20:cc:40:60:eb:00:5a:56:3d:
55:89:fc:2e:23:9b:f6:a9:f5:08:90:ad:65:3e:c8:4c:13:36:
61:d5:e9:e8:d5:08:cc:1f:65:88:d0:99:f0:e1:2e:ac:6a:a4:
da:34:6f:cc:4c:aa:96:0f:24:70:94:bd:e9:a9:5a:14:8f:a0:
34:f0:b8:0b:ca:50:3b:13:9e:2d:76:1d:0c:76:00:08:50:16:
b8:81:9e:41:8a:9a:49:33:fd:95:24:8c:08:09:85:a9:98:48:
26:7c:e5:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwjNDp2UOH/RRcyaOGFSdrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmM2NDMxZjUzMzNiNmRkZDMxZTgzYjY5NjgyZDhlOGVl
MDZmYzEwHhcNMjMwMTAyMDMzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzk1ZjBhMmI3OTdiNGIxOTQ4ZDI0MTBmY2FiYTM1MWVkY2I2YzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2P74zvRMFw1Qx11hsiU09G+wzg5F
pRwkl05s/x69ZHqsnOA/gmFc1qtMDfmjwloqbDwGzqK/jtxcXoDc+ffBmbwYBXS8
AS81aS/uyA8/msnPlCLh3cJgVUY33LDeRHCxTdqmPKrfxn19Sf85p7lzbwJVI3V0
fkdpNXRSZoY3pILwEmL2Qkt8PkDs7B4+mYwVf6MqFg8KbIPXByS8IP5b9AHN+w/1
MfDeELIcva7OiovCEVdoBbg6B3DV+E1hpm7sAusmyvdmGfXHBeVOk7BheJ/jc3Qi
kikOuoVPDSEck29oRN9RreqYbo1BH6Fvdbu4jpu+DToOlWmivlPWi8zD7wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOOV8KK3l7SxlI0kEPyro1Hty2wbMB8GA1UdIwQY
MBaAFDv8ZDH1Mztt3THoO2loLY6O4G/BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT194a01mVXpPMjNkTWVnN2FXZ3RqbzdnYjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9mNWE4YjEtNmUyMi00OTYxLWIzOGIt
ZmUwMWVlYzQwZWMxLzEvNDVYd29yZVh0TEdValNRUV9LdWpVZTNMYkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9mNWE4YjEtNmUyMi00OTYxLWIzOGItZmUwMWVlYzQwZWMx
LzEvT194a01mVXpPMjNkTWVnN2FXZ3RqbzdnYjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWZcAwQC
ufEgMA0EAgACMAcDBQMqBiOAMA0GCSqGSIb3DQEBCwUAA4IBAQC1TQMjSOdqjPVZ
mYrAZf9rOH4W0wjjw6bC1yFOdnKgz3T/sRXkBadnm8K6aiO2KgcxcccqVj1soNbw
+tv0d0ovVFrmaFfslZmQYO0HoUC1j97I1FTb1JwhHxKXtSD1XCd8lY+UKIzMuQh6
NT7UtpA7pHFt4GYJDCegWeZ/Aw61ANxz+D+FkODPi5+lEDIs8WB/jjcTqXejJ5Eg
zEBg6wBaVj1VifwuI5v2qfUIkK1lPshMEzZh1eno1QjMH2WI0Jnw4S6saqTaNG/M
TKqWDyRwlL3pqVoUj6A08LgLylA7E54tdh0MdgAIUBa4gZ5BippJM/2VJIwICYWp
mEgmfOU0
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:08 2025 by rpki-client