Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/3ciE2f1LLmg_gpTbuIIgeeFU2Vo.roa
File: 3ciE2f1LLmg_gpTbuIIgeeFU2Vo.roa (raw, json)
Hash identifier: 2NU7pQqFYNfy8n56mS0ige8+OIpwrRzTB+z/kXXisEE=
Subject key identifier: DD:C8:84:D9:FD:4B:2E:68:3F:82:94:DB:B8:82:20:79:E1:54:D9:5A
Certificate issuer: /CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Certificate serial: 018848540066D93336A6734C833D1688539B
Authority key identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/3ciE2f1LLmg_gpTbuIIgeeFU2Vo.roa
Signing time: Tue 23 May 2023 11:17:24 +0000
ROA not before: Tue 23 May 2023 11:17:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.85.108.0/22 maxlen: 22
45.139.1.0/24 maxlen: 24
45.94.96.0/22 maxlen: 22
45.139.0.0/24 maxlen: 24
45.13.250.0/24 maxlen: 24
45.130.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:48:54:00:66:d9:33:36:a6:73:4c:83:3d:16:88:53:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Validity
Not Before: May 23 11:17:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddc884d9fd4b2e683f8294dbb8822079e154d95a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d2:49:d6:a5:14:50:fd:1a:56:f2:0a:67:0f:
97:1f:7c:df:1b:3e:39:b0:10:96:e8:26:4c:19:b7:
e4:c5:3b:d0:a3:a4:97:e9:29:98:48:35:02:52:56:
92:02:b2:a8:4c:15:89:62:55:3d:f9:2e:5a:b2:b8:
63:bd:a8:57:66:d6:9b:d9:72:17:36:5d:9a:35:96:
3b:a7:27:71:43:0f:8e:8a:c3:f1:9f:e8:d0:9b:dd:
ef:aa:42:cc:03:d4:08:d9:14:22:57:60:bd:db:cf:
1d:84:f7:5f:4f:b0:5c:1c:05:06:57:b2:f8:b8:12:
a9:17:9c:f6:92:67:a0:a0:a3:48:bd:3a:b4:0c:c3:
6d:df:54:19:55:bc:d5:d9:86:6d:09:5d:7b:55:d9:
81:8c:b2:07:b9:b7:b9:2f:bd:44:6c:5e:36:66:a6:
9c:a5:98:3f:f0:75:f3:7e:c9:3b:ee:d8:c4:51:cb:
27:bc:91:4f:47:18:ea:77:b3:0b:1b:b7:a0:74:00:
bb:57:eb:17:69:12:66:1c:9f:b5:df:ba:4c:da:eb:
54:d5:87:52:a3:80:7d:25:f8:90:d1:f2:58:0f:e5:
e8:73:8a:50:c5:3d:07:f0:10:0d:15:5e:73:7b:48:
ed:0c:e6:52:6c:9e:9d:2a:05:75:af:f8:65:d8:08:
98:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C8:84:D9:FD:4B:2E:68:3F:82:94:DB:B8:82:20:79:E1:54:D9:5A
X509v3 Authority Key Identifier:
keyid:7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/3ciE2f1LLmg_gpTbuIIgeeFU2Vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.250.0/24
45.85.108.0/22
45.94.96.0/22
45.130.65.0/24
45.139.0.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:7c:06:2d:c1:02:b0:62:dd:af:c0:3e:9d:43:de:aa:e4:65:
b1:fe:f3:7d:65:86:2c:8d:6f:00:7d:d5:1a:89:e4:7c:2b:07:
49:9a:42:11:5f:87:3b:be:dd:d2:77:07:41:a8:76:af:4a:26:
b5:af:0a:21:10:08:83:47:88:57:2b:ff:4d:51:d6:64:bd:34:
65:b4:a4:a7:2c:21:83:6a:3e:90:f4:d9:8d:85:a7:31:1e:41:
ad:9d:d5:a8:cf:70:bd:1a:9b:d6:af:12:92:d5:ac:4e:a4:f0:
76:26:b0:d2:e1:45:57:c3:ce:bb:65:3e:25:61:f6:4d:a0:d2:
7e:86:31:b2:94:5b:31:c3:f5:91:60:90:cf:91:7f:69:a5:7a:
3b:07:c5:74:0a:5e:c8:d3:2f:00:d3:ec:d9:7c:b2:13:a9:ce:
78:51:20:55:fb:51:91:d0:cc:93:df:f4:a1:b1:b3:dd:83:4b:
cf:5c:0f:01:36:96:15:95:4e:66:38:cd:a1:d4:50:00:d2:10:
85:dd:87:2e:97:92:bc:ff:d7:27:a7:21:7a:eb:a2:9c:7f:eb:
ea:7b:9b:28:a3:d4:7c:7b:71:48:8b:89:57:c4:07:95:88:30:
b3:8a:8b:46:eb:14:8b:80:81:27:43:79:80:90:e0:f8:ba:3e:
69:b9:c5:4b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYhIVABm2TM2pnNMgz0WiFObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTY0M2JiMzk5YzZkODdhZGM0YzdjYmE1ZDJiNzJmYmQw
MGQwNDYwHhcNMjMwNTIzMTExNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGM4ODRkOWZkNGIyZTY4M2Y4Mjk0ZGJiODgyMjA3OWUxNTRkOTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdJJ1qUUUP0aVvIKZw+XH3zfGz45
sBCW6CZMGbfkxTvQo6SX6SmYSDUCUlaSArKoTBWJYlU9+S5asrhjvahXZtab2XIX
Nl2aNZY7pydxQw+OisPxn+jQm93vqkLMA9QI2RQiV2C9288dhPdfT7BcHAUGV7L4
uBKpF5z2kmegoKNIvTq0DMNt31QZVbzV2YZtCV17VdmBjLIHube5L71EbF42Zqac
pZg/8HXzfsk77tjEUcsnvJFPRxjqd7MLG7egdAC7V+sXaRJmHJ+137pM2utU1YdS
o4B9JfiQ0fJYD+Xoc4pQxT0H8BANFV5ze0jtDOZSbJ6dKgV1r/hl2AiY1QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN3IhNn9Sy5oP4KU27iCIHnhVNlaMB8GA1UdIwQY
MBaAFHymQ7s5nG2HrcTHy6XSty+9ANBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMt
NDRlYTY0NzIxYzllLzEvM2NpRTJmMUxMbWdfZ3BUYnVJSWdlZUZVMlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMtNDRlYTY0NzIxYzll
LzEvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQ36AwQC
LVVsAwQCLV5gAwQALYJBAwQBLYsAMA0GCSqGSIb3DQEBCwUAA4IBAQCpfAYtwQKw
Yt2vwD6dQ96q5GWx/vN9ZYYsjW8AfdUaieR8KwdJmkIRX4c7vt3SdwdBqHavSia1
rwohEAiDR4hXK/9NUdZkvTRltKSnLCGDaj6Q9NmNhacxHkGtndWoz3C9GpvWrxKS
1axOpPB2JrDS4UVXw867ZT4lYfZNoNJ+hjGylFsxw/WRYJDPkX9ppXo7B8V0Cl7I
0y8A0+zZfLITqc54USBV+1GR0MyT3/ShsbPdg0vPXA8BNpYVlU5mOM2h1FAA0hCF
3Ycul5K8/9cnpyF666Kcf+vqe5soo9R8e3FIi4lXxAeViDCziotG6xSLgIEnQ3mA
kOD4uj5pucVL
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:41 2025 by rpki-client