Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/RpiAecbzjkiHgS8sRbmGpIoridY.roa
File: RpiAecbzjkiHgS8sRbmGpIoridY.roa (raw, json)
Hash identifier: USWYN3z/raWpx4sEro/Zar62QjN1C7qzAz1Nia6eS/g=
Subject key identifier: 46:98:80:79:C6:F3:8E:48:87:81:2F:2C:45:B9:86:A4:8A:2B:89:D6
Certificate issuer: /CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Certificate serial: 018571958EA3C1A6F69F9ED47332914D27BC
Authority key identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/RpiAecbzjkiHgS8sRbmGpIoridY.roa
Signing time: Mon 02 Jan 2023 08:25:04 +0000
ROA not before: Mon 02 Jan 2023 08:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208909
IP address blocks: 162.213.67.0/24 maxlen: 24
162.213.66.0/24 maxlen: 24
162.213.65.0/24 maxlen: 24
45.15.137.0/24 maxlen: 24
45.15.136.0/24 maxlen: 24
45.15.139.0/24 maxlen: 24
45.15.138.0/24 maxlen: 24
185.41.98.0/24 maxlen: 24
185.41.97.0/24 maxlen: 24
185.41.96.0/24 maxlen: 24
185.41.99.0/24 maxlen: 24
185.132.90.0/24 maxlen: 24
162.213.64.0/24 maxlen: 24
91.204.124.0/22 maxlen: 22
2a0e:3c80::/29 maxlen: 29
2a01:57a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:8e:a3:c1:a6:f6:9f:9e:d4:73:32:91:4d:27:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Validity
Not Before: Jan 2 08:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46988079c6f38e4887812f2c45b986a48a2b89d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6e:aa:17:b5:1b:d6:41:aa:85:89:b5:2b:7d:
71:9b:c4:35:28:41:65:f1:30:cf:a6:ca:ca:1c:f2:
d1:02:63:19:8a:d9:03:99:d1:01:ad:11:2a:2b:f8:
ff:01:80:b4:18:60:37:9e:82:ec:d0:ca:43:17:91:
29:8a:f9:29:40:74:07:37:c6:57:32:74:36:07:89:
9e:a8:a7:d5:98:27:17:33:85:6e:ae:5d:0d:b9:2c:
96:60:3b:e8:b5:9b:f9:ec:de:34:88:17:f7:a5:0c:
af:8a:62:8b:f9:45:77:91:9d:05:fc:20:b1:c1:1d:
82:4a:d7:4b:dd:cc:6c:fb:bf:4b:4b:e3:30:d8:f9:
00:8e:10:5c:64:6e:e4:76:8d:bb:ec:e7:35:68:11:
07:82:38:a9:d0:ae:57:2a:24:99:38:99:39:34:3f:
c6:68:8b:98:e4:29:0c:26:51:a6:9c:a4:dd:d0:6e:
3d:15:ae:58:ed:36:e4:6a:74:6b:ae:f1:db:82:5e:
bc:7d:77:61:bf:3e:88:48:76:f6:cd:62:ac:ec:1c:
a8:29:40:4a:c3:58:c2:78:25:5a:9b:b9:d7:38:33:
c9:3d:00:9f:ee:48:cf:e8:9c:c3:f2:98:9a:7c:f8:
6b:b8:40:b9:a3:10:83:6b:43:d9:d8:4e:85:c7:f4:
23:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:98:80:79:C6:F3:8E:48:87:81:2F:2C:45:B9:86:A4:8A:2B:89:D6
X509v3 Authority Key Identifier:
keyid:C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/RpiAecbzjkiHgS8sRbmGpIoridY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.136.0/22
91.204.124.0/22
162.213.64.0/22
185.41.96.0/22
185.132.90.0/24
IPv6:
2a01:57a0::/32
2a0e:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
01:19:57:c6:96:70:be:e1:89:c0:ba:fe:dd:37:56:b3:45:26:
ae:9d:6b:7f:19:6d:e9:d3:22:02:b4:e1:13:db:aa:44:62:a6:
3b:47:e9:73:a1:7a:92:41:5a:5b:77:56:80:4f:ce:6d:51:ff:
75:52:8a:5b:09:92:17:ba:c0:9e:76:da:18:9f:c1:9d:e2:4b:
e9:aa:b5:23:62:a9:88:19:24:4a:dc:7b:aa:32:85:0b:25:3e:
df:de:5c:fb:5b:c4:a3:97:ad:b1:35:b6:11:47:b8:83:dd:40:
02:15:21:91:ca:0a:42:13:d0:3d:78:c4:2e:b3:e0:ca:9b:98:
68:c2:d4:72:39:af:82:18:35:6a:da:1e:b0:c4:d2:aa:07:2d:
e9:fd:57:ff:cf:b2:91:ce:de:fc:da:a3:47:6a:a1:16:7a:48:
42:21:e0:a9:4d:ca:21:82:9c:98:68:41:c8:7c:3e:40:ea:f2:
fd:bc:86:56:96:4e:97:82:df:13:82:be:bf:bc:d5:a8:8d:f0:
cc:72:0d:45:86:30:87:a9:29:26:60:5a:0c:13:a6:e6:1f:f6:
c9:83:17:22:7f:78:5c:14:9d:8e:96:94:96:5c:ae:ab:39:a2:
a4:b6:23:20:8d:ab:7e:89:5f:f8:7e:1f:d4:90:f6:49:fd:9e:
9b:e9:58:79
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVxlY6jwab2n57UczKRTSe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZThlNTZiMThkNDVjNjQ2ZjAzY2I2ZjkwNjlkYTBjOGIz
Yzc0YWQwHhcNMjMwMTAyMDgyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njk4ODA3OWM2ZjM4ZTQ4ODc4MTJmMmM0NWI5ODZhNDhhMmI4OWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlW6qF7Ub1kGqhYm1K31xm8Q1KEFl
8TDPpsrKHPLRAmMZitkDmdEBrREqK/j/AYC0GGA3noLs0MpDF5EpivkpQHQHN8ZX
MnQ2B4meqKfVmCcXM4Vurl0NuSyWYDvotZv57N40iBf3pQyvimKL+UV3kZ0F/CCx
wR2CStdL3cxs+79LS+Mw2PkAjhBcZG7kdo277Oc1aBEHgjip0K5XKiSZOJk5ND/G
aIuY5CkMJlGmnKTd0G49Fa5Y7TbkanRrrvHbgl68fXdhvz6ISHb2zWKs7ByoKUBK
w1jCeCVam7nXODPJPQCf7kjP6JzD8piafPhruEC5oxCDa0PZ2E6Fx/QjJQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFEaYgHnG845Ih4EvLEW5hqSKK4nWMB8GA1UdIwQY
MBaAFMDo5WsY1FxkbwPLb5Bp2gyLPHStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQt
NzQ1YmNlMzA2MGM5LzEvUnBpQWVjYnpqa2lIZ1M4c1JibUdwSW9yaWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQtNzQ1YmNlMzA2MGM5
LzEvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLQ+IAwQC
W8x8AwQCotVAAwQCuSlgAwQAuYRaMBQEAgACMA4DBQAqAVegAwUDKg48gDANBgkq
hkiG9w0BAQsFAAOCAQEAARlXxpZwvuGJwLr+3TdWs0Umrp1rfxlt6dMiArThE9uq
RGKmO0fpc6F6kkFaW3dWgE/ObVH/dVKKWwmSF7rAnnbaGJ/BneJL6aq1I2KpiBkk
Stx7qjKFCyU+395c+1vEo5etsTW2EUe4g91AAhUhkcoKQhPQPXjELrPgypuYaMLU
cjmvghg1atoesMTSqgct6f1X/8+ykc7e/NqjR2qhFnpIQiHgqU3KIYKcmGhByHw+
QOry/byGVpZOl4LfE4K+v7zVqI3wzHINRYYwh6kpJmBaDBOm5h/2yYMXIn94XBSd
jpaUllyuqzmipLYjII2rfolf+H4f1JD2Sf2em+lYeQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:01 2025 by rpki-client