Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/2ModOwufLAawFX2u6gIizp8YTmU.roa
File: 2ModOwufLAawFX2u6gIizp8YTmU.roa (raw, json)
Hash identifier: vA4aovkWZkPumtVMgbuzmFcv5JmhHSnad+dz+RRj6wY=
Subject key identifier: D8:CA:1D:3B:0B:9F:2C:06:B0:15:7D:AE:EA:02:22:CE:9F:18:4E:65
Certificate issuer: /CN=ac27bc245e76ba5e5c1fc5e9ee55b4b48de7f85a
Certificate serial: 08088012
Authority key identifier: AC:27:BC:24:5E:76:BA:5E:5C:1F:C5:E9:EE:55:B4:B4:8D:E7:F8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rCe8JF52ul5cH8Xp7lW0tI3n-Fo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/2ModOwufLAawFX2u6gIizp8YTmU.roa
Signing time: Tue 01 Feb 2022 08:17:45 +0000
ROA not before: Tue 01 Feb 2022 08:17:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206375
IP address blocks: 45.135.204.0/24 maxlen: 32
45.135.206.0/24 maxlen: 32
45.135.205.0/24 maxlen: 32
45.135.207.0/24 maxlen: 32
139.28.106.0/24 maxlen: 32
139.28.107.0/24 maxlen: 32
185.188.131.0/24 maxlen: 32
185.188.130.0/24 maxlen: 32
185.188.129.0/24 maxlen: 32
185.188.128.0/24 maxlen: 32
185.219.179.0/24 maxlen: 32
185.219.178.0/24 maxlen: 32
185.219.177.0/24 maxlen: 32
185.219.176.0/24 maxlen: 32
139.28.105.0/24 maxlen: 32
139.28.104.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134774802 (0x8088012)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac27bc245e76ba5e5c1fc5e9ee55b4b48de7f85a
Validity
Not Before: Feb 1 08:17:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8ca1d3b0b9f2c06b0157daeea0222ce9f184e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:66:17:e2:fd:20:2f:17:36:bd:b3:2d:23:ae:
32:0c:87:53:18:3a:01:8f:e1:d3:79:83:52:7e:6f:
86:17:14:bf:1e:fe:ec:67:1c:ae:72:06:62:04:ab:
9d:c3:29:10:6b:13:18:fb:fc:e9:49:b9:c3:31:bb:
3b:b9:7f:98:af:5e:ca:75:63:7a:62:c4:62:e8:70:
fd:32:b3:ec:08:9f:ca:7c:c6:c2:07:0f:15:d1:08:
3e:0e:ed:f0:e2:64:54:e7:35:95:04:50:1c:12:f4:
a9:6f:ce:b4:49:e0:04:d9:b5:e8:c1:d5:7d:11:e1:
8c:d2:50:3d:f0:e0:01:83:86:c0:eb:20:d1:07:46:
21:4c:86:77:c5:f4:1a:16:88:dd:2d:d4:66:e1:01:
7a:53:07:96:79:f9:03:9a:77:7c:fd:d7:36:a9:63:
f4:ed:03:cb:66:44:77:80:42:64:17:d0:6d:64:f2:
c6:a7:dd:7b:e7:08:86:71:47:33:0b:5f:a5:23:2f:
f0:60:8b:1e:88:1a:10:8c:06:4b:e6:72:1a:fe:ad:
c3:7b:d3:dc:0d:39:4d:c5:bb:dd:79:67:4f:fe:d2:
42:4b:b9:b0:90:20:78:da:9d:c6:24:87:77:52:66:
de:8d:df:9c:5f:4e:18:3e:ef:51:40:4f:7c:86:5d:
ee:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CA:1D:3B:0B:9F:2C:06:B0:15:7D:AE:EA:02:22:CE:9F:18:4E:65
X509v3 Authority Key Identifier:
keyid:AC:27:BC:24:5E:76:BA:5E:5C:1F:C5:E9:EE:55:B4:B4:8D:E7:F8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rCe8JF52ul5cH8Xp7lW0tI3n-Fo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/2ModOwufLAawFX2u6gIizp8YTmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/rCe8JF52ul5cH8Xp7lW0tI3n-Fo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.204.0/22
139.28.104.0/22
185.188.128.0/22
185.219.176.0/22
Signature Algorithm: sha256WithRSAEncryption
90:9e:fb:a6:84:5a:c1:44:68:da:bd:0c:bc:26:28:36:0d:16:
13:e6:a3:dc:ff:f4:bd:b6:12:7e:fc:1b:de:85:ab:93:13:78:
46:33:40:53:c9:ca:3e:29:ce:ff:96:5d:dc:bc:03:b3:55:87:
14:a7:02:dd:75:63:23:46:16:62:e0:07:82:53:ab:f8:13:54:
0f:4e:f7:06:a4:87:e9:62:85:4b:df:4d:f4:bf:47:00:27:11:
51:44:2e:d0:7f:e2:6b:46:15:be:d0:22:3d:a3:e0:fa:ee:ef:
78:c6:32:a8:de:42:f1:70:dc:e2:72:27:36:69:ff:94:e2:22:
d7:28:86:85:25:03:cf:b1:a4:f7:f9:6b:8a:21:f2:f1:e6:bc:
38:04:2e:90:f2:22:0b:67:60:a6:20:9e:b4:24:b7:c9:8d:7c:
0c:f2:53:3f:68:6b:7d:e0:25:90:3c:2e:52:f6:20:79:79:fb:
c8:17:9f:a5:3e:e1:c3:d4:8c:6f:9c:cc:9b:5a:a8:5a:93:86:
6c:08:36:e6:3d:4c:0a:63:dd:7d:6a:e9:db:f8:f0:3a:68:37:
b9:22:5d:47:d0:1e:79:17:06:24:55:e9:32:17:fc:53:d5:8d:
4f:95:a7:55:0d:47:77:9a:95:36:d4:93:2f:09:eb:d9:58:a9:
30:1a:71:79
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECAiAEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YzI3YmMyNDVlNzZiYTVlNWMxZmM1ZTllZTU1YjRiNDhkZTdmODVhMB4XDTIyMDIw
MTA4MTc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhjYTFkM2IwYjlm
MmMwNmIwMTU3ZGFlZWEwMjIyY2U5ZjE4NGU2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI9mF+L9IC8XNr2zLSOuMgyHUxg6AY/h03mDUn5vhhcUvx7+
7GccrnIGYgSrncMpEGsTGPv86Um5wzG7O7l/mK9eynVjemLEYuhw/TKz7AifynzG
wgcPFdEIPg7t8OJkVOc1lQRQHBL0qW/OtEngBNm16MHVfRHhjNJQPfDgAYOGwOsg
0QdGIUyGd8X0GhaI3S3UZuEBelMHlnn5A5p3fP3XNqlj9O0Dy2ZEd4BCZBfQbWTy
xqfde+cIhnFHMwtfpSMv8GCLHogaEIwGS+ZyGv6tw3vT3A05TcW73XlnT/7SQku5
sJAgeNqdxiSHd1Jm3o3fnF9OGD7vUUBPfIZd7nMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTYyh07C58sBrAVfa7qAiLOnxhOZTAfBgNVHSMEGDAWgBSsJ7wkXna6Xlwf
xenuVbS0jef4WjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JDZThKRjUydWw1Y0g4WHA3bFcwdEkzbi1Gby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzYvZTg1Mzc1LTQwZmYtNGU3Ny1iNGU5LWJiMDY3MWQ4ZWEzMi8x
LzJNb2RPd3VmTEFhd0ZYMnU2Z0lpenA4WVRtVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzYv
ZTg1Mzc1LTQwZmYtNGU3Ny1iNGU5LWJiMDY3MWQ4ZWEzMi8xL3JDZThKRjUydWw1
Y0g4WHA3bFcwdEkzbi1Gby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAi2HzAMEAoscaAMEArm8gAMEArnb
sDANBgkqhkiG9w0BAQsFAAOCAQEAkJ77poRawURo2r0MvCYoNg0WE+aj3P/0vbYS
fvwb3oWrkxN4RjNAU8nKPinO/5Zd3LwDs1WHFKcC3XVjI0YWYuAHglOr+BNUD073
BqSH6WKFS99N9L9HACcRUUQu0H/ia0YVvtAiPaPg+u7veMYyqN5C8XDc4nInNmn/
lOIi1yiGhSUDz7Gk9/lriiHy8ea8OAQukPIiC2dgpiCetCS3yY18DPJTP2hrfeAl
kDwuUvYgeXn7yBefpT7hw9SMb5zMm1qoWpOGbAg25j1MCmPdfWrp2/jwOmg3uSJd
R9AeeRcGJFXpMhf8U9WNT5WnVQ1Hd5qVNtSTLwnr2VipMBpxeQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:07:03 2025 by rpki-client