Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/db9bc8-4b06-4baf-8ba8-dfc056545be4/1/9GPa7fM9GFBNJKYEfc0L90_VwrM.roa
File: 9GPa7fM9GFBNJKYEfc0L90_VwrM.roa (raw, json)
Hash identifier: N3VlGkkPREaNedumQSNJUUQ1Neo4fOcelf5ERGaBfBo=
Subject key identifier: F4:63:DA:ED:F3:3D:18:50:4D:24:A6:04:7D:CD:0B:F7:4F:D5:C2:B3
Certificate issuer: /CN=dca082489a4140c0a78e03d50b6bfd5402b044ea
Certificate serial: 01856E1D33F6D97CBA08EF23DF4494FF4688
Authority key identifier: DC:A0:82:48:9A:41:40:C0:A7:8E:03:D5:0B:6B:FD:54:02:B0:44:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3KCCSJpBQMCnjgPVC2v9VAKwROo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/db9bc8-4b06-4baf-8ba8-dfc056545be4/1/9GPa7fM9GFBNJKYEfc0L90_VwrM.roa
Signing time: Sun 01 Jan 2023 16:14:45 +0000
ROA not before: Sun 01 Jan 2023 16:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208712
IP address blocks: 45.87.236.0/23 maxlen: 23
2a06:7a80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:1d:33:f6:d9:7c:ba:08:ef:23:df:44:94:ff:46:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dca082489a4140c0a78e03d50b6bfd5402b044ea
Validity
Not Before: Jan 1 16:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f463daedf33d18504d24a6047dcd0bf74fd5c2b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f3:6a:fd:53:b4:16:0f:2b:6e:29:bf:60:a0:
6c:2a:49:7a:4d:3b:8d:0d:a6:f5:f6:cf:e1:26:c7:
f4:eb:7a:ff:8f:a9:53:cf:b9:b5:6f:b6:0d:4a:12:
57:5d:1c:a7:03:04:27:e1:ac:ee:c0:83:18:ad:cc:
f2:ce:6b:33:a7:30:0f:e7:1d:3e:23:5d:67:aa:e8:
fc:75:ce:56:96:a1:9c:7c:5d:17:ca:20:a3:4b:ec:
51:f6:e1:f2:b3:91:cc:90:bb:65:04:92:79:69:2f:
73:f5:96:9b:6d:6c:7f:e4:b7:bc:69:e3:0e:60:f0:
9d:9e:8b:ed:ff:a5:94:1a:16:ea:a9:82:f4:d5:ff:
bc:07:a2:8e:0d:3b:5c:66:ce:1e:c7:57:e6:ee:43:
7f:9c:03:30:05:50:80:47:ff:8a:df:2c:45:91:bd:
61:d5:07:cf:16:61:83:b0:66:b2:3d:0f:6c:bf:6d:
37:31:0d:86:62:83:2f:b5:b5:70:90:a7:29:bf:41:
32:4a:15:f9:8f:0b:1e:f7:ae:ec:24:c9:b7:e8:bc:
b4:59:68:38:36:9e:80:0e:6a:ff:d0:79:27:f4:8f:
db:65:c6:5b:8e:e4:c3:5b:92:2b:38:ab:64:3c:c5:
1d:4d:cd:32:61:28:db:a2:37:cf:d8:dd:11:bc:72:
75:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:63:DA:ED:F3:3D:18:50:4D:24:A6:04:7D:CD:0B:F7:4F:D5:C2:B3
X509v3 Authority Key Identifier:
keyid:DC:A0:82:48:9A:41:40:C0:A7:8E:03:D5:0B:6B:FD:54:02:B0:44:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3KCCSJpBQMCnjgPVC2v9VAKwROo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/db9bc8-4b06-4baf-8ba8-dfc056545be4/1/9GPa7fM9GFBNJKYEfc0L90_VwrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/db9bc8-4b06-4baf-8ba8-dfc056545be4/1/3KCCSJpBQMCnjgPVC2v9VAKwROo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.236.0/23
IPv6:
2a06:7a80::/48
Signature Algorithm: sha256WithRSAEncryption
a0:c6:2f:f8:61:04:20:a5:ca:4a:76:ba:b3:61:49:4d:81:b2:
23:81:1e:d3:3e:94:61:b2:66:66:2a:4d:cd:f3:06:d8:f1:4c:
46:88:8c:7d:82:d3:54:fe:9b:7b:fa:9e:37:a4:fa:f7:23:89:
0e:30:92:6f:07:10:60:60:6b:b1:9c:2b:c4:e3:f6:db:aa:79:
de:c0:15:00:1f:be:60:b2:dd:6f:bd:11:d7:bb:e2:90:74:36:
ec:96:75:b7:94:91:a2:5e:e9:ec:ce:10:80:09:b9:e1:3f:eb:
b5:73:fd:d0:01:d8:fc:9d:3d:5e:54:ad:55:17:5e:3e:ed:16:
24:06:e2:23:35:84:ab:78:dd:c5:51:ab:d2:3c:96:34:6e:d1:
93:e0:5e:57:7a:db:07:14:c7:5a:61:fa:48:38:50:75:1a:a2:
c3:25:2f:d0:ee:2c:94:e8:fa:98:8b:be:d8:ef:54:99:9f:e0:
2e:ff:89:b3:c5:09:2c:14:4a:7e:5b:bd:48:95:65:76:43:5c:
0b:d6:71:f4:06:3f:dd:8b:62:39:07:68:8f:a0:bf:aa:79:fe:
d9:ac:99:c8:ce:84:d9:b5:ae:12:c0:cb:b2:6c:01:1a:33:d0:
e3:2a:53:74:6c:74:82:ad:3c:2f:ec:0b:90:d8:2b:c2:d0:dd:
7e:f2:06:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuHTP22Xy6CO8j30SU/0aIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYTA4MjQ4OWE0MTQwYzBhNzhlMDNkNTBiNmJmZDU0MDJi
MDQ0ZWEwHhcNMjMwMTAxMTYxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDYzZGFlZGYzM2QxODUwNGQyNGE2MDQ3ZGNkMGJmNzRmZDVjMmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/Nq/VO0Fg8rbim/YKBsKkl6TTuN
Dab19s/hJsf063r/j6lTz7m1b7YNShJXXRynAwQn4azuwIMYrczyzmszpzAP5x0+
I11nquj8dc5WlqGcfF0XyiCjS+xR9uHys5HMkLtlBJJ5aS9z9ZabbWx/5Le8aeMO
YPCdnovt/6WUGhbqqYL01f+8B6KODTtcZs4ex1fm7kN/nAMwBVCAR/+K3yxFkb1h
1QfPFmGDsGayPQ9sv203MQ2GYoMvtbVwkKcpv0EyShX5jwse967sJMm36Ly0WWg4
Np6ADmr/0Hkn9I/bZcZbjuTDW5IrOKtkPMUdTc0yYSjbojfP2N0RvHJ19QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPRj2u3zPRhQTSSmBH3NC/dP1cKzMB8GA1UdIwQY
MBaAFNyggkiaQUDAp44D1Qtr/VQCsETqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0tDQ1NKcEJRTUNuamdQVkMydjlWQUt3Uk9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9kYjliYzgtNGIwNi00YmFmLThiYTgt
ZGZjMDU2NTQ1YmU0LzEvOUdQYTdmTTlHRkJOSktZRWZjMEw5MF9Wd3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9kYjliYzgtNGIwNi00YmFmLThiYTgtZGZjMDU2NTQ1YmU0
LzEvM0tDQ1NKcEJRTUNuamdQVkMydjlWQUt3Uk9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBLVfsMA8E
AgACMAkDBwAqBnqAAAAwDQYJKoZIhvcNAQELBQADggEBAKDGL/hhBCClykp2urNh
SU2BsiOBHtM+lGGyZmYqTc3zBtjxTEaIjH2C01T+m3v6njek+vcjiQ4wkm8HEGBg
a7GcK8Tj9tuqed7AFQAfvmCy3W+9Ede74pB0NuyWdbeUkaJe6ezOEIAJueE/67Vz
/dAB2PydPV5UrVUXXj7tFiQG4iM1hKt43cVRq9I8ljRu0ZPgXld62wcUx1ph+kg4
UHUaosMlL9DuLJTo+piLvtjvVJmf4C7/ibPFCSwUSn5bvUiVZXZDXAvWcfQGP92L
YjkHaI+gv6p5/tmsmcjOhNm1rhLAy7JsARoz0OMqU3RsdIKtPC/sC5DYK8LQ3X7y
BnI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:40 2025 by rpki-client