Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/2a6eaa-e437-43bc-972e-3e3bfaa190df/1/EwNrvm9MSnFbZFFHPBRY9QO0MBU.roa
File: EwNrvm9MSnFbZFFHPBRY9QO0MBU.roa (raw, json)
Hash identifier: yInblTmclG1soYnsH/YRHhvIJMmJnvmt85jhX/WzNIw=
Subject key identifier: 13:03:6B:BE:6F:4C:4A:71:5B:64:51:47:3C:14:58:F5:03:B4:30:15
Certificate issuer: /CN=4dcbef06ad05fd6e6e7e7b1084cb1d7d65e6426f
Certificate serial: 018571277152A6979A4F095E28A29008879D
Authority key identifier: 4D:CB:EF:06:AD:05:FD:6E:6E:7E:7B:10:84:CB:1D:7D:65:E6:42:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TcvvBq0F_W5ufnsQhMsdfWXmQm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/2a6eaa-e437-43bc-972e-3e3bfaa190df/1/EwNrvm9MSnFbZFFHPBRY9QO0MBU.roa
Signing time: Mon 02 Jan 2023 06:24:48 +0000
ROA not before: Mon 02 Jan 2023 06:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202208
IP address blocks: 45.154.224.0/23 maxlen: 23
45.154.224.0/22 maxlen: 22
45.154.226.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:71:52:a6:97:9a:4f:09:5e:28:a2:90:08:87:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dcbef06ad05fd6e6e7e7b1084cb1d7d65e6426f
Validity
Not Before: Jan 2 06:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13036bbe6f4c4a715b6451473c1458f503b43015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fe:92:2c:09:f6:a9:eb:b6:58:fb:af:a5:80:
80:20:35:be:84:67:ca:82:a0:fb:8a:e6:ff:6d:9a:
04:0f:3d:db:67:67:da:48:ec:e7:bf:cb:62:11:62:
e3:d8:3a:3b:fc:5d:7e:eb:22:a0:9d:9e:75:cf:f3:
c0:8e:7a:c4:78:8d:17:15:1c:00:86:75:43:00:60:
ff:e8:e1:17:75:5b:6b:da:c0:a0:5a:15:22:fe:50:
36:db:59:bf:58:19:5b:32:17:7f:ac:21:60:62:dc:
8a:6e:02:32:59:20:3d:ff:00:8d:02:90:cb:cd:a1:
d4:ef:40:c8:b1:97:ce:4c:db:40:b8:5b:3b:52:ce:
79:8d:31:a4:f4:e5:2d:e5:5d:f4:2b:75:a6:71:b3:
96:6d:d2:83:53:d0:f0:3b:87:4a:12:02:9d:3e:19:
c2:cb:cc:7f:9f:0f:e3:9c:9e:12:d1:2a:1b:a9:52:
70:0a:0f:6f:b0:77:e0:9c:85:29:31:11:01:b7:4b:
5c:76:80:19:17:9c:d4:19:fb:ba:73:65:e7:3f:b6:
b4:54:8a:3b:d7:65:07:d7:f4:ca:f4:ae:cc:3f:7c:
5c:3c:1f:bc:d1:e8:e1:4b:e4:74:71:a7:99:73:b5:
da:a7:ff:cc:31:93:50:ee:10:8c:a6:f9:17:08:b9:
80:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:03:6B:BE:6F:4C:4A:71:5B:64:51:47:3C:14:58:F5:03:B4:30:15
X509v3 Authority Key Identifier:
keyid:4D:CB:EF:06:AD:05:FD:6E:6E:7E:7B:10:84:CB:1D:7D:65:E6:42:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TcvvBq0F_W5ufnsQhMsdfWXmQm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/2a6eaa-e437-43bc-972e-3e3bfaa190df/1/EwNrvm9MSnFbZFFHPBRY9QO0MBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/2a6eaa-e437-43bc-972e-3e3bfaa190df/1/TcvvBq0F_W5ufnsQhMsdfWXmQm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.224.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:fb:e3:9d:bb:79:f1:48:69:df:bb:0b:95:f1:34:de:f6:34:
92:11:fa:10:fc:6c:16:c4:c8:87:6c:c9:f0:6a:95:29:0c:04:
23:5d:cf:8a:ad:9d:78:0c:69:8d:2d:7f:fa:12:5a:e4:60:3d:
1c:21:21:a0:48:15:67:a9:f1:aa:6c:a0:33:8e:aa:43:e5:d3:
a5:66:08:62:d2:9c:69:ab:45:d3:e6:28:06:ac:22:d7:82:54:
6c:85:9f:96:65:67:74:1c:ab:9a:b3:c8:d9:88:45:ce:08:01:
be:98:c5:3d:3e:40:b6:e0:a6:ef:61:03:bb:5c:48:ab:b4:1d:
fa:7c:59:44:74:ec:79:ce:dd:0a:c6:f6:60:03:4a:69:a6:af:
88:2d:f9:f5:b0:35:78:b1:1d:88:d1:df:be:3e:34:af:3e:64:
fd:b4:7d:1f:b9:46:db:e2:22:20:00:8a:32:2c:8c:d8:a6:d6:
ba:1c:4d:3c:c6:50:76:ee:da:88:36:d0:78:af:ed:6f:61:d6:
66:22:e0:22:e1:95:81:3f:ed:f0:75:72:74:ac:37:1e:00:31:
be:b9:b7:ad:fb:63:f4:77:94:e8:60:62:cf:af:aa:be:bd:ed:
46:b0:94:5a:37:56:88:79:b0:47:69:18:1c:e5:f7:a3:11:3f:
c2:75:8c:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ3FSppeaTwleKKKQCIedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkY2JlZjA2YWQwNWZkNmU2ZTdlN2IxMDg0Y2IxZDdkNjVl
NjQyNmYwHhcNMjMwMTAyMDYyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzAzNmJiZTZmNGM0YTcxNWI2NDUxNDczYzE0NThmNTAzYjQzMDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP6SLAn2qeu2WPuvpYCAIDW+hGfK
gqD7iub/bZoEDz3bZ2faSOznv8tiEWLj2Do7/F1+6yKgnZ51z/PAjnrEeI0XFRwA
hnVDAGD/6OEXdVtr2sCgWhUi/lA221m/WBlbMhd/rCFgYtyKbgIyWSA9/wCNApDL
zaHU70DIsZfOTNtAuFs7Us55jTGk9OUt5V30K3WmcbOWbdKDU9DwO4dKEgKdPhnC
y8x/nw/jnJ4S0SobqVJwCg9vsHfgnIUpMREBt0tcdoAZF5zUGfu6c2XnP7a0VIo7
12UH1/TK9K7MP3xcPB+80ejhS+R0caeZc7Xap//MMZNQ7hCMpvkXCLmAHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBMDa75vTEpxW2RRRzwUWPUDtDAVMB8GA1UdIwQY
MBaAFE3L7watBf1ubn57EITLHX1l5kJvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGN2dkJxMEZfVzV1Zm5zUWhNc2RmV1htUW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yYTZlYWEtZTQzNy00M2JjLTk3MmUt
M2UzYmZhYTE5MGRmLzEvRXdOcnZtOU1TbkZiWkZGSFBCUlk5UU8wTUJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yYTZlYWEtZTQzNy00M2JjLTk3MmUtM2UzYmZhYTE5MGRm
LzEvVGN2dkJxMEZfVzV1Zm5zUWhNc2RmV1htUW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZrgMA0G
CSqGSIb3DQEBCwUAA4IBAQAP++Odu3nxSGnfuwuV8TTe9jSSEfoQ/GwWxMiHbMnw
apUpDAQjXc+KrZ14DGmNLX/6ElrkYD0cISGgSBVnqfGqbKAzjqpD5dOlZghi0pxp
q0XT5igGrCLXglRshZ+WZWd0HKuas8jZiEXOCAG+mMU9PkC24KbvYQO7XEirtB36
fFlEdOx5zt0KxvZgA0pppq+ILfn1sDV4sR2I0d++PjSvPmT9tH0fuUbb4iIgAIoy
LIzYpta6HE08xlB27tqINtB4r+1vYdZmIuAi4ZWBP+3wdXJ0rDceADG+ubet+2P0
d5ToYGLPr6q+ve1GsJRaN1aIebBHaRgc5fejET/CdYxs
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:20 2025 by rpki-client