Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/DO8pvyGVVlqU8TSiafaUE_QPbTM.roa
File: DO8pvyGVVlqU8TSiafaUE_QPbTM.roa (raw, json)
Hash identifier: aj59wcUE/yB2zOZ+uAbHoHWU1g/lcUwRV/hWiIhs2kM=
Subject key identifier: 0C:EF:29:BF:21:95:56:5A:94:F1:34:A2:69:F6:94:13:F4:0F:6D:33
Certificate issuer: /CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Certificate serial: 0188486E8CDAFF15AFE6BB8EA71B4EDE5634
Authority key identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/DO8pvyGVVlqU8TSiafaUE_QPbTM.roa
Signing time: Tue 23 May 2023 11:46:24 +0000
ROA not before: Tue 23 May 2023 11:46:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.85.108.0/22 maxlen: 22
45.139.1.0/24 maxlen: 24
45.94.96.0/22 maxlen: 22
45.139.0.0/24 maxlen: 24
45.13.250.0/24 maxlen: 24
45.13.251.0/24 maxlen: 24
45.130.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:48:6e:8c:da:ff:15:af:e6:bb:8e:a7:1b:4e:de:56:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Validity
Not Before: May 23 11:46:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0cef29bf2195565a94f134a269f69413f40f6d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:e1:9d:fb:4a:2a:b0:79:f3:59:04:7b:ad:26:
7b:86:a8:e8:d7:b9:58:1a:13:7d:ca:f2:d1:c2:59:
47:f5:c0:a0:7e:85:d0:93:46:f5:c0:fd:b6:8a:f4:
ca:27:01:9d:1e:e6:30:da:4d:81:87:75:73:e1:33:
2a:33:b9:e1:fe:5c:aa:1a:fa:af:af:f5:9e:67:89:
73:fe:4a:55:31:e2:e1:bd:81:68:b2:72:5f:e8:4c:
1b:1c:64:57:8f:4f:d1:9e:73:00:93:c5:4d:74:7e:
28:61:82:31:c1:10:1e:53:46:12:54:dc:c2:9b:10:
57:8e:bf:65:0d:a8:47:1b:5a:69:19:fe:83:47:e9:
c0:6f:c3:2d:0b:a4:2a:74:65:01:fd:25:19:6b:01:
f4:ac:2d:2a:b9:31:8b:98:bf:3d:5e:f8:42:a0:06:
91:5c:12:2d:e1:91:a2:c8:8e:82:71:e0:5e:18:b2:
1c:0b:69:df:dc:dc:f7:77:ba:0d:ba:16:40:a5:46:
b7:26:bd:d4:db:0e:e1:76:1d:a1:66:eb:b1:1f:dc:
3c:b0:9e:6c:87:65:4a:84:37:fa:8f:55:a7:e0:15:
43:84:35:cb:29:54:57:50:e7:8b:9d:3f:ee:c8:ae:
56:e5:4f:8a:89:b5:7d:94:f1:88:ee:8b:90:ea:27:
9b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:EF:29:BF:21:95:56:5A:94:F1:34:A2:69:F6:94:13:F4:0F:6D:33
X509v3 Authority Key Identifier:
keyid:7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/DO8pvyGVVlqU8TSiafaUE_QPbTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.250.0/23
45.85.108.0/22
45.94.96.0/22
45.130.65.0/24
45.139.0.0/23
Signature Algorithm: sha256WithRSAEncryption
78:f7:60:36:ba:63:3a:40:69:66:36:14:27:ec:41:a9:3c:d7:
fe:bc:06:67:9c:e4:1c:cb:3e:43:37:78:11:65:20:a3:6f:8f:
49:b1:6f:ca:33:aa:fc:26:5d:f6:3e:f4:32:7d:3d:32:de:94:
93:2a:41:c7:ea:64:05:9a:83:92:17:de:6e:aa:3b:18:53:96:
d8:6c:28:de:de:ea:96:d8:d4:55:06:fa:6a:39:ce:44:86:8a:
9f:ff:a5:d3:3a:ee:ed:45:8b:d0:af:39:70:69:07:ad:e2:6d:
1c:d8:b9:cb:70:19:ba:de:bf:18:8a:3b:f1:f4:72:4b:9e:6b:
79:49:b8:b5:10:bf:7e:9d:80:2c:02:19:1a:d4:10:7c:9a:cf:
3e:f6:eb:b0:de:bd:97:54:88:50:4a:a8:d0:fb:66:2d:f6:08:
9e:4b:2e:d6:f1:5b:1f:be:2a:b6:f6:3d:6c:bb:1b:b7:3f:fa:
07:1e:77:f5:85:9d:3a:dc:22:43:9b:44:d8:41:23:b2:73:2a:
65:5b:dc:9f:82:bd:50:d7:76:f7:72:57:6c:0b:83:37:39:de:
8b:4b:e6:c1:5d:d6:22:29:52:a0:38:d4:b4:6b:dc:9d:10:4b:
fd:3c:60:bd:73:fe:7a:6a:5a:bc:c5:e5:e4:45:a6:9a:ad:b9:
40:03:bd:82
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYhIboza/xWv5ruOpxtO3lY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTY0M2JiMzk5YzZkODdhZGM0YzdjYmE1ZDJiNzJmYmQw
MGQwNDYwHhcNMjMwNTIzMTE0NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2VmMjliZjIxOTU1NjVhOTRmMTM0YTI2OWY2OTQxM2Y0MGY2ZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7+Gd+0oqsHnzWQR7rSZ7hqjo17lY
GhN9yvLRwllH9cCgfoXQk0b1wP22ivTKJwGdHuYw2k2Bh3Vz4TMqM7nh/lyqGvqv
r/WeZ4lz/kpVMeLhvYFosnJf6EwbHGRXj0/RnnMAk8VNdH4oYYIxwRAeU0YSVNzC
mxBXjr9lDahHG1ppGf6DR+nAb8MtC6QqdGUB/SUZawH0rC0quTGLmL89XvhCoAaR
XBIt4ZGiyI6CceBeGLIcC2nf3Nz3d7oNuhZApUa3Jr3U2w7hdh2hZuuxH9w8sJ5s
h2VKhDf6j1Wn4BVDhDXLKVRXUOeLnT/uyK5W5U+KibV9lPGI7ouQ6iebrQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAzvKb8hlVZalPE0omn2lBP0D20zMB8GA1UdIwQY
MBaAFHymQ7s5nG2HrcTHy6XSty+9ANBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMt
NDRlYTY0NzIxYzllLzEvRE84cHZ5R1ZWbHFVOFRTaWFmYVVFX1FQYlRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMtNDRlYTY0NzIxYzll
LzEvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLQ36AwQC
LVVsAwQCLV5gAwQALYJBAwQBLYsAMA0GCSqGSIb3DQEBCwUAA4IBAQB492A2umM6
QGlmNhQn7EGpPNf+vAZnnOQcyz5DN3gRZSCjb49JsW/KM6r8Jl32PvQyfT0y3pST
KkHH6mQFmoOSF95uqjsYU5bYbCje3uqW2NRVBvpqOc5Ehoqf/6XTOu7tRYvQrzlw
aQet4m0c2LnLcBm63r8Yijvx9HJLnmt5Sbi1EL9+nYAsAhka1BB8ms8+9uuw3r2X
VIhQSqjQ+2Yt9gieSy7W8Vsfviq29j1suxu3P/oHHnf1hZ063CJDm0TYQSOycypl
W9yfgr1Q13b3cldsC4M3Od6LS+bBXdYiKVKgONS0a9ydEEv9PGC9c/56alq8xeXk
RaaarblAA72C
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:22 2025 by rpki-client