Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/891fb6-7d26-4744-b5f9-51ff7daba4d5/1/i3eBcvdVqy9oh8fZc2ocztJ-HQM.roa
File: i3eBcvdVqy9oh8fZc2ocztJ-HQM.roa (raw, json)
Hash identifier: Zl2uJfQfi579DTJd3Frbf1xqlU2SmrmhI6PUtPnvkkA=
Subject key identifier: 8B:77:81:72:F7:55:AB:2F:68:87:C7:D9:73:6A:1C:CE:D2:7E:1D:03
Certificate issuer: /CN=ed4cd386ab33787fcd4002622b83876406fff190
Certificate serial: 01856AF7F265D731642460DBA4A973A7E1E9
Authority key identifier: ED:4C:D3:86:AB:33:78:7F:CD:40:02:62:2B:83:87:64:06:FF:F1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7UzThqszeH_NQAJiK4OHZAb_8ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/891fb6-7d26-4744-b5f9-51ff7daba4d5/1/i3eBcvdVqy9oh8fZc2ocztJ-HQM.roa
Signing time: Sun 01 Jan 2023 01:35:12 +0000
ROA not before: Sun 01 Jan 2023 01:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35048
IP address blocks: 45.89.16.0/22 maxlen: 22
2a0a:5687::/32 maxlen: 32
2a0a:5680::/32 maxlen: 32
2a0a:5686::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:f7:f2:65:d7:31:64:24:60:db:a4:a9:73:a7:e1:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed4cd386ab33787fcd4002622b83876406fff190
Validity
Not Before: Jan 1 01:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b778172f755ab2f6887c7d9736a1cced27e1d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:06:eb:48:c6:53:82:04:45:9a:39:2f:63:7b:
7d:45:96:7d:32:62:9d:f4:28:16:02:1c:12:5f:b6:
ca:54:bf:02:d5:2b:8c:28:0f:36:f1:fa:ed:e8:48:
ac:0e:f1:2f:8d:1d:42:5f:88:79:1e:81:66:1f:14:
57:53:4f:71:22:a9:89:cf:cb:31:3e:93:d5:37:7a:
60:b0:c7:53:27:1a:aa:1b:fb:6c:67:08:16:21:a8:
d2:8f:e7:b7:78:05:4e:d3:6b:a7:fa:d7:79:7a:33:
a8:91:8c:cd:9d:94:5e:77:8b:fd:b6:b8:57:b6:51:
96:24:e2:6a:54:05:a0:98:55:bf:15:3f:ad:e3:71:
50:b3:de:d1:fb:3b:76:4f:00:84:2e:08:77:83:b8:
17:f6:b6:63:4f:ab:c4:df:f9:63:f9:6e:f7:90:7a:
49:70:2d:8b:38:92:43:62:9a:16:3e:f0:80:95:2d:
53:fe:4b:00:40:cf:dc:d9:5c:bf:5e:eb:da:b5:13:
7e:67:8a:19:d3:65:36:3a:a3:62:00:db:88:d7:e5:
c3:a8:ee:b8:bf:62:e5:9b:17:24:c4:2f:35:f8:92:
e6:ce:2b:83:f0:bf:90:6e:e9:f0:be:0a:f4:14:b2:
b2:5c:d9:4f:ae:83:49:37:c1:dc:75:15:4b:4f:4a:
38:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:77:81:72:F7:55:AB:2F:68:87:C7:D9:73:6A:1C:CE:D2:7E:1D:03
X509v3 Authority Key Identifier:
keyid:ED:4C:D3:86:AB:33:78:7F:CD:40:02:62:2B:83:87:64:06:FF:F1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7UzThqszeH_NQAJiK4OHZAb_8ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/891fb6-7d26-4744-b5f9-51ff7daba4d5/1/i3eBcvdVqy9oh8fZc2ocztJ-HQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/891fb6-7d26-4744-b5f9-51ff7daba4d5/1/7UzThqszeH_NQAJiK4OHZAb_8ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.16.0/22
IPv6:
2a0a:5680::/32
2a0a:5686::/31
Signature Algorithm: sha256WithRSAEncryption
52:fc:c6:72:af:e7:65:12:69:40:61:ca:96:a4:a3:9a:d3:56:
a3:3d:d9:28:1f:31:ca:51:6d:ba:31:7e:da:51:12:1f:20:34:
51:c8:d2:41:0e:23:a4:49:94:89:81:59:52:10:5d:b7:ab:da:
9a:c0:7c:07:97:2d:ea:54:8d:9c:7f:85:e6:67:ae:7c:4d:f1:
a7:0a:5a:6a:17:75:a1:77:d4:ea:95:62:64:9e:f7:85:b5:e2:
85:a0:cf:e7:f0:f7:b2:cb:d0:37:d3:36:e5:16:57:24:29:82:
96:98:20:0b:a3:20:78:44:9f:95:cc:d0:c6:80:8b:fc:41:13:
1e:dd:6c:07:eb:5a:c7:58:70:9c:d0:fd:72:41:96:99:c2:0d:
5f:f9:70:05:10:5c:b0:f8:b8:c2:82:49:3a:ba:f9:c0:7c:0e:
b1:e7:69:92:8b:b8:82:6f:38:7e:da:99:97:39:81:e4:b8:e2:
5c:da:eb:80:ec:8f:49:16:20:9d:4f:32:b8:d5:3d:d3:85:82:
ef:d4:f1:28:0d:d9:30:2f:3c:d4:66:06:65:79:8b:fe:c4:9e:
e4:2e:c5:c7:be:19:07:2f:60:36:89:49:f5:26:ff:16:fc:01:
84:e6:53:2d:62:66:af:06:2e:b1:52:27:27:c5:b1:bd:a2:bd:
7e:e9:61:d2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVq9/Jl1zFkJGDbpKlzp+HpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNGNkMzg2YWIzMzc4N2ZjZDQwMDI2MjJiODM4NzY0MDZm
ZmYxOTAwHhcNMjMwMTAxMDEzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjc3ODE3MmY3NTVhYjJmNjg4N2M3ZDk3MzZhMWNjZWQyN2UxZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAbrSMZTggRFmjkvY3t9RZZ9MmKd
9CgWAhwSX7bKVL8C1SuMKA828frt6EisDvEvjR1CX4h5HoFmHxRXU09xIqmJz8sx
PpPVN3pgsMdTJxqqG/tsZwgWIajSj+e3eAVO02un+td5ejOokYzNnZRed4v9trhX
tlGWJOJqVAWgmFW/FT+t43FQs97R+zt2TwCELgh3g7gX9rZjT6vE3/lj+W73kHpJ
cC2LOJJDYpoWPvCAlS1T/ksAQM/c2Vy/XuvatRN+Z4oZ02U2OqNiANuI1+XDqO64
v2LlmxckxC81+JLmziuD8L+Qbunwvgr0FLKyXNlProNJN8HcdRVLT0o4LQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIt3gXL3VasvaIfH2XNqHM7Sfh0DMB8GA1UdIwQY
MBaAFO1M04arM3h/zUACYiuDh2QG//GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1V6VGhxc3plSF9OUUFKaUs0T0haQWJfOFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84OTFmYjYtN2QyNi00NzQ0LWI1Zjkt
NTFmZjdkYWJhNGQ1LzEvaTNlQmN2ZFZxeTlvaDhmWmMyb2N6dEotSFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84OTFmYjYtN2QyNi00NzQ0LWI1ZjktNTFmZjdkYWJhNGQ1
LzEvN1V6VGhxc3plSF9OUUFKaUs0T0haQWJfOFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLVkQMBQE
AgACMA4DBQAqClaAAwUBKgpWhjANBgkqhkiG9w0BAQsFAAOCAQEAUvzGcq/nZRJp
QGHKlqSjmtNWoz3ZKB8xylFtujF+2lESHyA0UcjSQQ4jpEmUiYFZUhBdt6vamsB8
B5ct6lSNnH+F5meufE3xpwpaahd1oXfU6pViZJ73hbXihaDP5/D3ssvQN9M25RZX
JCmClpggC6MgeESflczQxoCL/EETHt1sB+tax1hwnND9ckGWmcINX/lwBRBcsPi4
woJJOrr5wHwOsedpkou4gm84ftqZlzmB5LjiXNrrgOyPSRYgnU8yuNU904WC79Tx
KA3ZMC881GYGZXmL/sSe5C7Fx74ZBy9gNolJ9Sb/FvwBhOZTLWJmrwYusVInJ8Wx
vaK9fulh0g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:52 2025 by rpki-client