Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/hdXqP4uTVUS-l5fnkLVGaEhJW7s.roa
File: hdXqP4uTVUS-l5fnkLVGaEhJW7s.roa (raw, json)
Hash identifier: NGf2GgJRfdzrPVUsrFEkO19ngIyVkQ0KVXAsU7NP0HQ=
Subject key identifier: 85:D5:EA:3F:8B:93:55:44:BE:97:97:E7:90:B5:46:68:48:49:5B:BB
Certificate issuer: /CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Certificate serial: 012179E2
Authority key identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/hdXqP4uTVUS-l5fnkLVGaEhJW7s.roa
Signing time: Sat 01 Jan 2022 05:59:26 +0000
ROA not before: Sat 01 Jan 2022 05:59:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 11426
IP address blocks: 45.85.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18971106 (0x12179e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Validity
Not Before: Jan 1 05:59:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85d5ea3f8b935544be9797e790b5466848495bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fa:b5:ab:68:69:bf:62:78:b3:05:23:84:eb:
ac:c1:5d:61:4e:36:df:48:af:f4:12:ca:b3:65:16:
e3:a9:14:17:f7:8e:8d:7a:39:33:31:ba:c0:4e:ac:
27:6b:0c:64:ba:fa:a9:d8:45:6a:0d:af:4f:e0:1e:
62:2f:50:c0:03:00:88:e7:d5:5e:cf:e4:97:0d:ce:
c4:4f:d3:e4:2a:46:c2:15:06:46:22:c9:f4:e4:12:
f0:10:54:82:a6:f0:6d:be:9a:17:a3:8a:09:26:46:
f4:4d:ed:34:49:60:2c:ae:01:05:f9:d3:72:13:a0:
2c:01:13:2c:85:2e:2c:d4:dc:15:a5:98:2a:0c:ba:
03:ef:40:f1:e5:d0:9c:74:0a:a1:a0:05:91:99:ec:
46:3e:1f:07:6a:be:84:6e:3c:06:1a:84:89:13:16:
1b:54:00:fb:92:ed:aa:1d:f6:cf:1f:7b:52:6f:cc:
11:96:5a:6f:74:15:12:81:2d:fc:d5:f2:fe:a6:b1:
ea:b4:df:f4:4c:60:2f:5c:27:41:4e:58:4b:c2:5d:
46:98:4b:92:f7:98:39:b5:6e:23:06:d2:a0:e4:e0:
77:88:91:7a:5a:74:44:cb:3d:3e:d3:44:73:0f:b4:
83:26:2c:22:eb:17:78:ba:53:b9:96:30:dc:77:81:
53:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D5:EA:3F:8B:93:55:44:BE:97:97:E7:90:B5:46:68:48:49:5B:BB
X509v3 Authority Key Identifier:
keyid:7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/hdXqP4uTVUS-l5fnkLVGaEhJW7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.108.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:76:60:19:48:c7:ef:f0:ef:4e:c1:eb:89:76:d1:cd:d3:51:
35:98:08:08:fd:eb:cd:a8:d9:8c:24:87:c1:66:42:e1:66:79:
d3:86:51:e2:22:bb:f0:a0:49:a1:8a:d7:98:f6:5f:ae:fe:8c:
c8:03:10:77:52:b3:f3:75:0c:27:97:2b:fa:70:ed:53:0b:5e:
2a:23:31:45:58:8e:ee:e9:83:ad:3e:b6:78:ef:7a:51:1d:e4:
0a:5b:d5:17:5b:52:37:72:01:37:b4:43:f3:74:c3:d4:da:44:
33:0c:71:09:f5:70:81:7a:57:6a:71:30:12:82:e8:93:00:25:
2e:40:00:08:9b:56:f7:34:d0:66:4b:17:5a:25:71:f3:4b:21:
70:aa:da:27:e9:99:af:20:fc:a6:02:e4:00:00:40:94:8c:e1:
ad:0f:02:87:3d:54:e1:6e:36:0b:3f:15:be:5b:73:29:a0:a1:
3c:3f:a2:b1:df:f9:86:9c:a9:b2:11:0e:39:74:d4:b1:1e:9e:
df:08:47:94:0b:39:ff:e5:53:3e:b8:fa:8c:13:a8:9b:89:16:
63:9a:c6:69:f0:28:fe:d1:aa:dd:09:67:f6:62:d1:23:ec:e2:
86:4a:6d:df:9e:c2:0c:89:0e:42:0a:5d:7e:99:c1:80:5f:f4:
ea:ff:2e:94
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEASF54jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2E2NDNiYjM5OWM2ZDg3YWRjNGM3Y2JhNWQyYjcyZmJkMDBkMDQ2MB4XDTIyMDEw
MTA1NTkyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVkNWVhM2Y4Yjkz
NTU0NGJlOTc5N2U3OTBiNTQ2Njg0ODQ5NWJiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMX6tatoab9ieLMFI4TrrMFdYU4230iv9BLKs2UW46kUF/eO
jXo5MzG6wE6sJ2sMZLr6qdhFag2vT+AeYi9QwAMAiOfVXs/klw3OxE/T5CpGwhUG
RiLJ9OQS8BBUgqbwbb6aF6OKCSZG9E3tNElgLK4BBfnTchOgLAETLIUuLNTcFaWY
Kgy6A+9A8eXQnHQKoaAFkZnsRj4fB2q+hG48BhqEiRMWG1QA+5Ltqh32zx97Um/M
EZZab3QVEoEt/NXy/qax6rTf9ExgL1wnQU5YS8JdRphLkveYObVuIwbSoOTgd4iR
elp0RMs9PtNEcw+0gyYsIusXeLpTuZYw3HeBUxcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSF1eo/i5NVRL6Xl+eQtUZoSElbuzAfBgNVHSMEGDAWgBR8pkO7OZxth63E
x8ul0rcvvQDQRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZLWkR1em1jYllldHhNZkxwZEszTDcwQTBFWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvYzAzMDFkLTU4MDEtNGFjNi1iNTAzLTQ0ZWE2NDcyMWM5ZS8x
L2hkWHFQNHVUVlVTLWw1Zm5rTFZHYUVoSlc3cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
YzAzMDFkLTU4MDEtNGFjNi1iNTAzLTQ0ZWE2NDcyMWM5ZS8xL2ZLWkR1em1jYlll
dHhNZkxwZEszTDcwQTBFWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1VbDANBgkqhkiG9w0BAQsFAAOC
AQEAX3ZgGUjH7/DvTsHriXbRzdNRNZgICP3rzajZjCSHwWZC4WZ504ZR4iK78KBJ
oYrXmPZfrv6MyAMQd1Kz83UMJ5cr+nDtUwteKiMxRViO7umDrT62eO96UR3kClvV
F1tSN3IBN7RD83TD1NpEMwxxCfVwgXpXanEwEoLokwAlLkAACJtW9zTQZksXWiVx
80shcKraJ+mZryD8pgLkAABAlIzhrQ8Chz1U4W42Cz8VvltzKaChPD+isd/5hpyp
shEOOXTUsR6e3whHlAs5/+VTPrj6jBOom4kWY5rGafAo/tGq3Qln9mLRI+zihkpt
357CDIkOQgpdfpnBgF/06v8ulA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:34 2025 by rpki-client