Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/EHZYAhLbVA34KJ63MpbqUqjZckI.roa
File: EHZYAhLbVA34KJ63MpbqUqjZckI.roa (raw, json)
Hash identifier: cCjfy+uBe27voQjQMgf0GnWcJCm/1ZpH3QGO7D/M5U0=
Subject key identifier: 10:76:58:02:12:DB:54:0D:F8:28:9E:B7:32:96:EA:52:A8:D9:72:42
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0182B0D11852A164D0CC88C09ED1F5A9E4D8
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/EHZYAhLbVA34KJ63MpbqUqjZckI.roa
Signing time: Thu 18 Aug 2022 11:57:49 +0000
ROA not before: Thu 18 Aug 2022 11:57:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 45.8.192.0/24 maxlen: 24
45.8.193.0/24 maxlen: 24
45.8.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b0:d1:18:52:a1:64:d0:cc:88:c0:9e:d1:f5:a9:e4:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Aug 18 11:57:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1076580212db540df8289eb73296ea52a8d97242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a0:a1:d9:d8:18:8b:1a:df:ed:81:c3:5a:62:
2e:78:ef:51:c5:0f:a2:de:a9:62:3d:bf:a1:9e:a9:
c5:ea:d4:d5:c0:d5:8d:7e:c1:75:e4:a5:2c:8f:98:
90:a3:86:90:fe:b2:a0:e9:07:cd:d7:1b:83:3b:92:
ea:0c:09:d5:04:e2:a4:54:ba:73:03:8a:c9:41:e5:
85:6b:97:0f:37:f3:b0:b7:5e:81:42:f7:3e:17:92:
4f:c9:a8:93:b7:09:46:87:d9:e1:7d:62:22:6d:2c:
8d:89:57:ec:81:5e:2f:0c:7e:99:74:6b:00:2f:8b:
b2:bd:31:73:69:bf:dc:65:48:82:fd:07:aa:70:6b:
0b:04:0c:a4:f9:0f:25:8f:e6:fe:b8:40:7f:59:42:
e2:67:c1:40:8c:da:30:5e:11:54:5f:c2:ad:29:30:
db:ac:0b:ef:a5:0a:98:fc:73:81:8c:61:75:f9:6c:
1b:30:a4:2c:02:81:7e:e7:c1:ae:47:2f:9d:43:23:
eb:4a:32:5b:44:fe:0a:81:c1:24:d4:b9:41:13:52:
09:63:fc:70:eb:39:f8:25:99:d2:22:84:23:9d:a7:
4d:70:7c:d2:d3:d1:f1:f5:a0:62:0a:76:01:a1:be:
19:77:47:47:61:65:de:96:9b:5b:db:56:b1:07:1c:
85:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:76:58:02:12:DB:54:0D:F8:28:9E:B7:32:96:EA:52:A8:D9:72:42
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/EHZYAhLbVA34KJ63MpbqUqjZckI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.192.0/23
45.8.202.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:a5:ec:2c:64:07:5a:c4:25:96:5a:51:28:0a:79:4e:4e:4a:
b4:1b:02:00:02:59:90:ce:bc:52:f2:70:de:80:a1:7b:d9:50:
a7:3d:c6:ca:d1:ef:57:e8:6b:33:3d:3f:85:09:d3:30:88:8d:
1a:56:31:c0:83:77:93:0c:ed:92:07:15:7c:df:39:e1:c4:79:
b8:2a:be:c6:55:bc:8b:c3:12:3c:af:33:ad:72:5c:17:82:7c:
cb:51:f2:d2:e7:7c:5a:bc:0e:bf:7a:7e:ea:78:d7:79:f1:a8:
08:87:76:1c:1a:6e:d5:38:56:d6:44:63:88:a3:a8:a1:ae:c9:
f2:9b:3d:56:63:d1:ae:05:97:26:e3:a3:ff:dc:93:ff:47:11:
d1:0c:e8:d8:a5:63:8a:b1:c9:8f:aa:af:cc:6d:76:96:12:e9:
e1:0f:91:44:d3:ba:7d:3a:13:b5:9b:64:c8:d1:79:40:a9:43:
11:0c:07:ae:d3:af:da:68:58:1d:45:52:4a:fc:d3:d4:6f:2d:
2a:6f:fa:ad:47:e0:73:73:15:af:42:a0:f3:a1:fc:dc:af:1a:
87:c3:e7:a2:f4:ea:51:dc:85:5a:51:e2:0f:e0:e4:95:1f:9f:
d9:75:60:fa:27:ef:c8:fb:05:77:14:eb:26:87:3e:d9:15:fd:
0a:89:18:f7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKw0RhSoWTQzIjAntH1qeTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjIwODE4MTE1NzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDc2NTgwMjEyZGI1NDBkZjgyODllYjczMjk2ZWE1MmE4ZDk3MjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqCh2dgYixrf7YHDWmIueO9RxQ+i
3qliPb+hnqnF6tTVwNWNfsF15KUsj5iQo4aQ/rKg6QfN1xuDO5LqDAnVBOKkVLpz
A4rJQeWFa5cPN/Owt16BQvc+F5JPyaiTtwlGh9nhfWIibSyNiVfsgV4vDH6ZdGsA
L4uyvTFzab/cZUiC/QeqcGsLBAyk+Q8lj+b+uEB/WULiZ8FAjNowXhFUX8KtKTDb
rAvvpQqY/HOBjGF1+WwbMKQsAoF+58GuRy+dQyPrSjJbRP4KgcEk1LlBE1IJY/xw
6zn4JZnSIoQjnadNcHzS09Hx9aBiCnYBob4Zd0dHYWXelptb21axBxyFAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBB2WAIS21QN+CietzKW6lKo2XJCMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvRUhaWUFoTGJWQTM0S0o2M01wYnFVcWpaY2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLQjAAwQA
LQjKMA0GCSqGSIb3DQEBCwUAA4IBAQBNpewsZAdaxCWWWlEoCnlOTkq0GwIAAlmQ
zrxS8nDegKF72VCnPcbK0e9X6GszPT+FCdMwiI0aVjHAg3eTDO2SBxV83znhxHm4
Kr7GVbyLwxI8rzOtclwXgnzLUfLS53xavA6/en7qeNd58agIh3YcGm7VOFbWRGOI
o6ihrsnymz1WY9GuBZcm46P/3JP/RxHRDOjYpWOKscmPqq/MbXaWEunhD5FE07p9
OhO1m2TI0XlAqUMRDAeu06/aaFgdRVJK/NPUby0qb/qtR+BzcxWvQqDzofzcrxqH
w+ei9OpR3IVaUeIP4OSVH5/ZdWD6J+/I+wV3FOsmhz7ZFf0KiRj3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:28 2025 by rpki-client