Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/4lW8Rp7wO5831Msu7AZl6GAMJhM.roa
File: 4lW8Rp7wO5831Msu7AZl6GAMJhM.roa (raw, json)
Hash identifier: PJPNnZ0OX4hWvjlQwyO7PEZJtpVW6GsEhtLWYj49woA=
Subject key identifier: E2:55:BC:46:9E:F0:3B:9F:37:D4:CB:2E:EC:06:65:E8:60:0C:26:13
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41D53A8A9A12AFD6B343205DE8E1B4
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/4lW8Rp7wO5831Msu7AZl6GAMJhM.roa
Signing time: Sun 01 Jan 2023 16:54:46 +0000
ROA not before: Sun 01 Jan 2023 16:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41043
IP address blocks: 89.45.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:d5:3a:8a:9a:12:af:d6:b3:43:20:5d:e8:e1:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e255bc469ef03b9f37d4cb2eec0665e8600c2613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6d:40:9a:5c:6d:dc:d8:2c:17:ff:4d:af:21:
54:12:6f:ee:d7:75:15:7c:a2:8e:0a:6d:2e:70:34:
1a:0a:6c:aa:be:30:eb:89:11:25:fb:2d:ed:ff:3c:
1c:2b:81:14:f8:e7:99:9a:d7:d0:1e:7f:96:1a:77:
b7:84:7d:7d:3c:c8:dc:3a:eb:af:cd:74:7e:98:17:
17:a7:45:cb:fa:36:2f:ae:bb:f0:1f:18:60:55:9f:
2a:09:ef:6e:09:e0:b0:c5:d8:b8:72:31:a2:1d:93:
a4:6d:de:2c:e7:ca:79:8d:6c:7a:50:36:a3:48:18:
02:d6:c0:7d:86:cb:0f:3e:98:a7:41:2e:d3:d3:0e:
ce:dc:6c:36:d6:27:38:3a:41:1c:00:44:ea:ee:bd:
f8:eb:82:5e:ab:9b:90:ec:ce:df:14:34:e7:12:e0:
0b:c5:f8:f4:cc:29:3d:5c:7b:f7:57:84:3d:f3:22:
6b:ae:3d:5d:33:4a:a7:c1:e7:a5:67:1a:df:a0:73:
8c:c6:a3:a0:a5:29:6f:32:ce:0d:c1:0d:0d:81:af:
1d:f4:0c:38:76:aa:4f:dd:ff:f5:f7:ab:21:35:be:
d5:30:f8:fa:e1:2d:55:ea:78:f4:25:53:47:7e:0d:
c7:cb:fa:75:bc:4b:1b:76:27:50:47:8a:33:fa:87:
e9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:55:BC:46:9E:F0:3B:9F:37:D4:CB:2E:EC:06:65:E8:60:0C:26:13
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/4lW8Rp7wO5831Msu7AZl6GAMJhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.47.0/24
Signature Algorithm: sha256WithRSAEncryption
69:a0:70:cc:77:05:5d:b1:bf:9c:29:77:d5:a7:fd:b3:26:77:
14:d9:00:48:d1:23:05:34:de:e3:69:c9:38:71:97:32:64:16:
4b:46:07:4a:ff:0c:49:f2:e3:ce:45:00:b1:2e:bc:b9:fe:53:
97:86:ee:49:a8:b6:49:66:f1:b7:c5:02:21:6b:ad:d3:a5:b9:
7d:3f:28:2d:f8:0f:00:25:bc:0f:c8:4d:7c:cd:7a:df:a4:e7:
d0:14:16:49:e8:43:7d:7d:9f:aa:3a:54:4c:54:d1:dc:c5:00:
42:5e:24:a4:34:9a:fe:09:38:2c:a5:13:b2:88:ca:42:b6:d2:
c0:b7:59:9a:30:2c:b0:ca:67:e4:5f:20:f5:9a:c4:7e:98:6f:
d0:a7:ba:c1:db:95:65:a6:8c:af:10:09:48:22:67:93:97:c6:
b8:ae:e7:36:6f:9c:f9:38:a9:a8:15:47:20:42:41:f6:fc:5f:
29:1d:f2:3b:95:81:fc:b3:9b:b4:68:72:63:6f:e6:97:3c:aa:
6d:7e:2d:82:2e:c2:d7:35:5a:d4:15:90:36:fe:86:d7:c6:70:
70:c3:be:63:4b:0a:19:93:6a:c8:8c:43:6d:65:c2:61:a7:64:
f6:49:d6:e4:02:93:72:44:e7:ec:1c:8f:2b:3d:24:22:c4:8c:
1d:33:28:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuQdU6ipoSr9azQyBd6OG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjU1YmM0NjllZjAzYjlmMzdkNGNiMmVlYzA2NjVlODYwMGMyNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlW1Amlxt3NgsF/9NryFUEm/u13UV
fKKOCm0ucDQaCmyqvjDriREl+y3t/zwcK4EU+OeZmtfQHn+WGne3hH19PMjcOuuv
zXR+mBcXp0XL+jYvrrvwHxhgVZ8qCe9uCeCwxdi4cjGiHZOkbd4s58p5jWx6UDaj
SBgC1sB9hssPPpinQS7T0w7O3Gw21ic4OkEcAETq7r3464Jeq5uQ7M7fFDTnEuAL
xfj0zCk9XHv3V4Q98yJrrj1dM0qnweelZxrfoHOMxqOgpSlvMs4NwQ0Nga8d9Aw4
dqpP3f/196shNb7VMPj64S1V6nj0JVNHfg3Hy/p1vEsbdidQR4oz+ofpsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOJVvEae8DufN9TLLuwGZehgDCYTMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvNGxXOFJwN3dPNTgzMU1zdTdBWmw2R0FNSmhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS0vMA0G
CSqGSIb3DQEBCwUAA4IBAQBpoHDMdwVdsb+cKXfVp/2zJncU2QBI0SMFNN7jack4
cZcyZBZLRgdK/wxJ8uPORQCxLry5/lOXhu5JqLZJZvG3xQIha63Tpbl9Pygt+A8A
JbwPyE18zXrfpOfQFBZJ6EN9fZ+qOlRMVNHcxQBCXiSkNJr+CTgspROyiMpCttLA
t1maMCywymfkXyD1msR+mG/Qp7rB25VlpoyvEAlIImeTl8a4ruc2b5z5OKmoFUcg
QkH2/F8pHfI7lYH8s5u0aHJjb+aXPKptfi2CLsLXNVrUFZA2/obXxnBww75jSwoZ
k2rIjENtZcJhp2T2SdbkApNyROfsHI8rPSQixIwdMyiw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:24 2025 by rpki-client