Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/1773cfN0rg3_o4lFqTAHKjwcitA.roa
File: 1773cfN0rg3_o4lFqTAHKjwcitA.roa (raw, json)
Hash identifier: oU00zMFZuLgieHuW3GYG3goKQ7cAhKGOkaq8TG0RsXc=
Subject key identifier: D7:BE:F7:71:F3:74:AE:0D:FF:A3:89:45:A9:30:07:2A:3C:1C:8A:D0
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018983FC265B7ECBC61DA50774262164CE4A
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/1773cfN0rg3_o4lFqTAHKjwcitA.roa
Signing time: Sun 23 Jul 2023 18:21:27 +0000
ROA not before: Sun 23 Jul 2023 18:21:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58305
IP address blocks: 198.105.124.0/23 maxlen: 24
45.43.64.0/19 maxlen: 24
45.43.66.0/23 maxlen: 24
45.43.74.0/23 maxlen: 24
45.43.76.0/22 maxlen: 24
45.43.80.0/22 maxlen: 24
198.105.96.0/19 maxlen: 24
198.105.116.0/23 maxlen: 24
155.254.32.0/22 maxlen: 24
155.254.32.0/19 maxlen: 24
155.254.48.0/23 maxlen: 23
155.254.62.0/24 maxlen: 24
107.161.160.0/24 maxlen: 24
107.161.161.0/24 maxlen: 24
107.161.162.0/24 maxlen: 24
107.161.168.0/24 maxlen: 24
107.161.169.0/24 maxlen: 24
107.161.170.0/24 maxlen: 24
107.161.171.0/24 maxlen: 24
107.181.128.0/19 maxlen: 24
107.181.138.0/23 maxlen: 24
107.181.144.0/23 maxlen: 24
162.220.240.0/24 maxlen: 24
162.220.242.0/24 maxlen: 24
162.220.240.0/21 maxlen: 24
162.220.241.0/24 maxlen: 24
113.20.156.0/22 maxlen: 24
107.161.174.0/23 maxlen: 24
162.217.250.0/24 maxlen: 24
162.217.251.0/24 maxlen: 24
2a05:9f40::/29 maxlen: 48
2a07:9944:20::/48 maxlen: 48
2a07:9942:39d7::/48 maxlen: 48
2a07:9940::/29 maxlen: 48
2a07:9944:10::/48 maxlen: 48
2a02:2ca0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:83:fc:26:5b:7e:cb:c6:1d:a5:07:74:26:21:64:ce:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jul 23 18:21:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7bef771f374ae0dffa38945a930072a3c1c8ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3b:e8:84:f7:15:be:44:be:ea:d9:f7:77:02:
af:89:ff:c9:0f:37:31:47:86:20:5d:74:7a:19:6d:
29:7b:22:d5:47:1f:df:57:bb:52:b2:2e:02:f1:42:
6c:29:67:f0:35:1f:6c:1e:e8:91:bd:29:33:b9:67:
30:e4:ba:1f:74:e6:49:8e:85:8a:c6:c1:8e:ec:a3:
00:6b:97:60:de:22:b4:78:f1:ba:df:fe:46:91:cf:
9d:09:52:2a:8c:1e:bf:ae:7a:cf:ef:30:fa:af:4f:
97:6d:0c:0f:77:e8:18:c9:63:f6:21:bb:61:f9:ad:
35:bf:53:94:e0:4c:53:9e:30:2f:3b:79:0b:a2:bc:
40:a3:02:b3:e5:96:7b:c7:94:3b:ae:7a:81:9d:bc:
50:19:91:07:88:ea:aa:55:21:fa:b4:eb:bb:2b:9a:
68:5c:e6:3d:ca:56:54:fe:66:84:11:a0:95:93:b9:
0d:6e:15:77:78:50:29:2e:5f:eb:5e:1d:d1:f8:86:
c5:85:24:43:bc:3f:ec:35:ca:1d:aa:31:4f:fa:09:
78:94:d1:ef:14:d6:1f:42:74:47:c6:8e:2f:a0:9e:
55:1f:82:4e:da:df:03:57:57:7c:ea:0f:5c:0e:60:
6f:b6:51:3d:93:bd:a1:e1:d9:bd:f2:28:86:c8:13:
5b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:BE:F7:71:F3:74:AE:0D:FF:A3:89:45:A9:30:07:2A:3C:1C:8A:D0
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/1773cfN0rg3_o4lFqTAHKjwcitA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/19
107.161.160.0-107.161.162.255
107.161.168.0/22
107.161.174.0/23
107.181.128.0/19
113.20.156.0/22
155.254.32.0/19
162.217.250.0/23
162.220.240.0/21
198.105.96.0/19
IPv6:
2a02:2ca0::/29
2a05:9f40::/29
2a07:9940::/29
Signature Algorithm: sha256WithRSAEncryption
83:7c:d4:83:41:cb:55:70:1e:95:9c:16:d8:1f:41:11:1f:d7:
86:df:9d:08:1d:bf:bb:f8:22:23:2a:d1:7a:6c:7b:e1:f3:07:
d5:20:10:30:ca:38:4e:c7:da:4e:e6:21:32:4d:34:a5:26:36:
5a:e1:28:30:ce:05:dc:6a:71:6d:1e:eb:13:37:5a:b2:ef:26:
73:45:04:cb:b4:ff:32:10:24:4d:bd:71:9e:5c:e7:79:2c:a9:
3e:16:10:c3:6a:d8:5b:be:bd:eb:70:cd:0d:2e:9d:3e:6a:f6:
56:90:27:17:75:14:87:42:a3:6e:02:bb:11:6c:be:fd:f9:44:
b2:40:59:fe:44:fd:92:f7:5c:06:e2:a1:d5:ee:f5:7a:74:0c:
7d:df:9b:b4:8f:a0:57:f9:91:51:25:9e:aa:90:52:2d:62:47:
8e:44:2f:7c:a1:14:2f:7e:c6:d2:7b:5b:99:a4:d6:05:65:8c:
ee:f7:21:a3:7b:b2:93:00:c6:c0:6f:fb:74:f7:27:bd:68:5e:
cf:fe:b1:71:c6:06:fc:49:c3:6e:b9:89:33:9f:56:59:90:a6:
a9:d8:80:8a:08:2b:ac:7d:45:02:b7:16:84:8e:18:dd:99:8c:
df:21:9a:85:8c:24:6d:e3:74:4f:0c:26:45:78:c1:f1:16:c1:
ad:56:e3:62
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYmD/CZbfsvGHaUHdCYhZM5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwNzIzMTgyMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2JlZjc3MWYzNzRhZTBkZmZhMzg5NDVhOTMwMDcyYTNjMWM4YWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzvohPcVvkS+6tn3dwKvif/JDzcx
R4YgXXR6GW0peyLVRx/fV7tSsi4C8UJsKWfwNR9sHuiRvSkzuWcw5LofdOZJjoWK
xsGO7KMAa5dg3iK0ePG63/5Gkc+dCVIqjB6/rnrP7zD6r0+XbQwPd+gYyWP2Ibth
+a01v1OU4ExTnjAvO3kLorxAowKz5ZZ7x5Q7rnqBnbxQGZEHiOqqVSH6tOu7K5po
XOY9ylZU/maEEaCVk7kNbhV3eFApLl/rXh3R+IbFhSRDvD/sNcodqjFP+gl4lNHv
FNYfQnRHxo4voJ5VH4JO2t8DV1d86g9cDmBvtlE9k72h4dm98iiGyBNb7QIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFNe+93HzdK4N/6OJRakwByo8HIrQMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvMTc3M2NmTjByZzNfbzRsRnFUQUhLandjaXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBKBAIAATBEAwQFLStAMAwD
BAVroaADBABroaIDBAJroagDBAFroa4DBAVrtYADBAJxFJwDBAWb/iADBAGi2foD
BAOi3PADBAXGaWAwGwQCAAIwFQMFAyoCLKADBQMqBZ9AAwUDKgeZQDANBgkqhkiG
9w0BAQsFAAOCAQEAg3zUg0HLVXAelZwW2B9BER/Xht+dCB2/u/giIyrRemx74fMH
1SAQMMo4TsfaTuYhMk00pSY2WuEoMM4F3GpxbR7rEzdasu8mc0UEy7T/MhAkTb1x
nlzneSypPhYQw2rYW76963DNDS6dPmr2VpAnF3UUh0KjbgK7EWy+/flEskBZ/kT9
kvdcBuKh1e71enQMfd+btI+gV/mRUSWeqpBSLWJHjkQvfKEUL37G0ntbmaTWBWWM
7vcho3uykwDGwG/7dPcnvWhez/6xccYG/EnDbrmJM59WWZCmqdiAiggrrH1FArcW
hI4Y3ZmM3yGahYwkbeN0TwwmRXjB8RbBrVbjYg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:13 2025 by rpki-client