Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/74fe2c-87d1-468d-a121-d1095be7c48f/1/pGi7QaidkdQgMZ4CrWyIqKD_6KY.roa
File: pGi7QaidkdQgMZ4CrWyIqKD_6KY.roa (raw, json)
Hash identifier: Qz4WdJR625RJsRGjNlttDIgDFhPe321RmickxY72k+A=
Subject key identifier: A4:68:BB:41:A8:9D:91:D4:20:31:9E:02:AD:6C:88:A8:A0:FF:E8:A6
Certificate issuer: /CN=79c8bf6850a7a7e2af34cc16236dd083094e0cee
Certificate serial: 01857094E1A05151CA2AE10B91372C83DDE0
Authority key identifier: 79:C8:BF:68:50:A7:A7:E2:AF:34:CC:16:23:6D:D0:83:09:4E:0C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eci_aFCnp-KvNMwWI23QgwlODO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/74fe2c-87d1-468d-a121-d1095be7c48f/1/pGi7QaidkdQgMZ4CrWyIqKD_6KY.roa
Signing time: Mon 02 Jan 2023 03:44:43 +0000
ROA not before: Mon 02 Jan 2023 03:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208742
IP address blocks: 45.84.248.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:e1:a0:51:51:ca:2a:e1:0b:91:37:2c:83:dd:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79c8bf6850a7a7e2af34cc16236dd083094e0cee
Validity
Not Before: Jan 2 03:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a468bb41a89d91d420319e02ad6c88a8a0ffe8a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:3e:c8:f3:6f:63:7b:5b:dc:4a:b5:8a:de:17:
06:d2:c8:e5:0a:e6:9e:fd:8b:0b:8c:13:7c:22:3a:
4d:d7:bc:26:9b:cc:6a:c2:c0:fd:2e:fc:5f:8f:1f:
b0:2d:00:d2:fd:20:07:d7:50:fd:27:b7:e9:7c:04:
95:38:8c:4f:2d:7e:ce:91:a8:cd:cd:18:40:2b:c8:
ff:3e:ec:4c:a1:0d:b9:d8:6d:df:c4:79:01:93:69:
1b:c7:7d:b3:40:6f:6e:bf:22:63:ff:68:f4:ee:d9:
71:9e:67:05:ae:3f:09:a9:70:03:45:71:a1:1c:a5:
ca:7e:f6:cb:fb:f8:d1:71:28:f7:9d:66:1c:8d:81:
ab:16:24:1f:81:5e:6b:85:1e:15:7a:f0:0f:2e:b7:
31:8f:1a:da:ac:0d:e0:5a:75:38:82:a8:3d:93:22:
a7:fc:9c:77:2b:ef:f4:8d:80:8a:21:76:da:6f:9f:
f5:16:68:ce:be:fb:16:24:e0:8c:3e:33:ce:67:fc:
95:1f:dd:51:d7:b6:ec:f7:b5:c0:ac:6e:96:2f:93:
b7:66:e1:43:a9:10:d9:6a:f9:b3:81:a1:0f:20:8f:
bf:09:b5:17:4b:f2:70:f2:f4:3b:54:5f:68:69:27:
15:8b:df:b4:53:e2:5d:7d:34:2c:44:30:9e:0e:ad:
93:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:68:BB:41:A8:9D:91:D4:20:31:9E:02:AD:6C:88:A8:A0:FF:E8:A6
X509v3 Authority Key Identifier:
keyid:79:C8:BF:68:50:A7:A7:E2:AF:34:CC:16:23:6D:D0:83:09:4E:0C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eci_aFCnp-KvNMwWI23QgwlODO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/74fe2c-87d1-468d-a121-d1095be7c48f/1/pGi7QaidkdQgMZ4CrWyIqKD_6KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/74fe2c-87d1-468d-a121-d1095be7c48f/1/eci_aFCnp-KvNMwWI23QgwlODO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.248.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:8d:ac:7d:49:0c:1d:2a:20:fb:a6:a4:d0:4d:1d:5f:9a:d1:
53:e9:6d:0e:fe:29:02:f5:23:4b:60:03:a2:d4:23:c6:fb:7b:
1d:fc:9c:54:82:99:51:c7:17:cc:0d:2f:27:08:55:f1:50:ae:
14:3d:91:47:13:a5:8c:78:71:fb:c3:41:a3:12:15:ce:0b:12:
dd:52:1b:3e:2c:c4:d4:df:6e:a9:3d:c2:dd:94:59:da:1d:5c:
1b:b6:1f:0f:4f:75:4f:0c:41:4b:9a:25:23:6c:be:7d:74:0c:
00:b8:2d:34:c9:ec:de:c4:af:78:38:36:a1:d8:1a:83:69:01:
0c:61:de:e3:6f:f0:c5:f6:4d:56:08:54:cc:3f:94:8d:35:44:
98:2e:8d:f8:d1:df:42:86:8a:eb:ec:19:f9:f5:84:4e:1e:2b:
e6:56:7f:5d:3c:2f:a2:83:0c:50:14:12:84:7d:c1:9a:61:8e:
73:2c:72:a3:81:2b:0f:21:7b:ce:bb:88:54:04:10:c3:06:ed:
6e:53:3e:6f:39:6e:f6:b1:49:0c:dd:80:f4:2f:3f:47:59:31:
b7:d2:98:02:8f:6e:44:73:27:e5:79:15:64:e8:43:61:90:f2:
91:06:51:b6:34:71:b6:f8:93:9f:43:1c:b2:67:74:78:66:f7:
03:04:50:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlOGgUVHKKuELkTcsg93gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YzhiZjY4NTBhN2E3ZTJhZjM0Y2MxNjIzNmRkMDgzMDk0
ZTBjZWUwHhcNMjMwMTAyMDM0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDY4YmI0MWE4OWQ5MWQ0MjAzMTllMDJhZDZjODhhOGEwZmZlOGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgD7I829je1vcSrWK3hcG0sjlCuae
/YsLjBN8IjpN17wmm8xqwsD9Lvxfjx+wLQDS/SAH11D9J7fpfASVOIxPLX7OkajN
zRhAK8j/PuxMoQ252G3fxHkBk2kbx32zQG9uvyJj/2j07tlxnmcFrj8JqXADRXGh
HKXKfvbL+/jRcSj3nWYcjYGrFiQfgV5rhR4VevAPLrcxjxrarA3gWnU4gqg9kyKn
/Jx3K+/0jYCKIXbab5/1FmjOvvsWJOCMPjPOZ/yVH91R17bs97XArG6WL5O3ZuFD
qRDZavmzgaEPII+/CbUXS/Jw8vQ7VF9oaScVi9+0U+JdfTQsRDCeDq2TGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRou0GonZHUIDGeAq1siKig/+imMB8GA1UdIwQY
MBaAFHnIv2hQp6firzTMFiNt0IMJTgzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWNpX2FGQ25wLUt2Tk13V0kyM1Fnd2xPRE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS83NGZlMmMtODdkMS00NjhkLWExMjEt
ZDEwOTViZTdjNDhmLzEvcEdpN1FhaWRrZFFnTVo0Q3JXeUlxS0RfNktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS83NGZlMmMtODdkMS00NjhkLWExMjEtZDEwOTViZTdjNDhm
LzEvZWNpX2FGQ25wLUt2Tk13V0kyM1Fnd2xPRE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVT4MA0G
CSqGSIb3DQEBCwUAA4IBAQAujax9SQwdKiD7pqTQTR1fmtFT6W0O/ikC9SNLYAOi
1CPG+3sd/JxUgplRxxfMDS8nCFXxUK4UPZFHE6WMeHH7w0GjEhXOCxLdUhs+LMTU
326pPcLdlFnaHVwbth8PT3VPDEFLmiUjbL59dAwAuC00yezexK94ODah2BqDaQEM
Yd7jb/DF9k1WCFTMP5SNNUSYLo340d9Chorr7Bn59YROHivmVn9dPC+igwxQFBKE
fcGaYY5zLHKjgSsPIXvOu4hUBBDDBu1uUz5vOW72sUkM3YD0Lz9HWTG30pgCj25E
cyfleRVk6ENhkPKRBlG2NHG2+JOfQxyyZ3R4ZvcDBFBf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:25 2025 by rpki-client