Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/_fj-xjzIBfXAwOeDL5iPo1O8RPY.roa
File: _fj-xjzIBfXAwOeDL5iPo1O8RPY.roa (raw, json)
Hash identifier: udu3JHb6AvHstRGNkcB9IIUHj84I1PEQf53/7qFFhts=
Subject key identifier: FD:F8:FE:C6:3C:C8:05:F5:C0:C0:E7:83:2F:98:8F:A3:53:BC:44:F6
Certificate issuer: /CN=d45df98bec8276b82ba82d93760447ba44d1a19b
Certificate serial: 46C5A0
Authority key identifier: D4:5D:F9:8B:EC:82:76:B8:2B:A8:2D:93:76:04:47:BA:44:D1:A1:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1F35i-yCdrgrqC2TdgRHukTRoZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/_fj-xjzIBfXAwOeDL5iPo1O8RPY.roa
Signing time: Mon 10 Jan 2022 13:56:34 +0000
ROA not before: Mon 10 Jan 2022 13:56:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44061
IP address blocks: 79.175.208.0/20 maxlen: 20
109.74.96.0/20 maxlen: 20
79.175.224.0/20 maxlen: 20
79.175.240.0/21 maxlen: 21
79.175.248.0/21 maxlen: 21
45.139.95.0/24 maxlen: 24
45.139.92.0/23 maxlen: 23
45.139.94.0/24 maxlen: 24
79.175.192.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4638112 (0x46c5a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45df98bec8276b82ba82d93760447ba44d1a19b
Validity
Not Before: Jan 10 13:56:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fdf8fec63cc805f5c0c0e7832f988fa353bc44f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:66:d9:96:ea:44:b1:2f:d6:fa:15:d6:db:d0:
ba:4d:a7:aa:c4:43:43:2d:8e:c0:40:fd:de:30:8d:
94:db:ca:a6:0c:74:fd:e2:60:ed:5c:1f:3f:ef:bc:
0a:36:2f:ca:f9:27:4c:71:8c:d3:85:49:07:b7:54:
f2:fe:8a:80:af:9a:e1:e7:56:7d:3c:98:41:17:9a:
e0:fd:72:ba:12:a8:df:f5:ae:b7:92:97:c6:20:42:
3b:e7:f5:f1:5d:e9:84:90:6b:20:a3:38:cc:45:fe:
77:8e:95:11:2e:38:aa:6e:76:7e:0f:5e:eb:88:5e:
f8:88:4c:2e:be:44:ac:ed:86:42:df:4b:dd:56:5a:
30:bd:91:70:53:7c:94:dd:76:10:7a:20:bd:6d:74:
a5:f6:0b:42:0b:0b:11:ac:46:40:1b:37:2c:de:a4:
61:33:0d:df:c7:b8:e3:99:81:64:fb:41:10:8a:cc:
2c:ff:a6:b4:52:59:a8:fb:f4:19:f4:cd:3c:b5:44:
a8:e5:8a:61:88:07:fe:4c:df:a3:92:6d:cf:d2:1d:
5e:9f:3e:b7:17:27:44:ac:79:0f:1d:7c:79:4c:67:
b3:5d:1f:81:76:50:7a:69:05:fe:b6:cf:f9:df:4d:
18:0c:67:1f:61:b2:23:27:06:d5:76:e3:55:08:a9:
38:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F8:FE:C6:3C:C8:05:F5:C0:C0:E7:83:2F:98:8F:A3:53:BC:44:F6
X509v3 Authority Key Identifier:
keyid:D4:5D:F9:8B:EC:82:76:B8:2B:A8:2D:93:76:04:47:BA:44:D1:A1:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1F35i-yCdrgrqC2TdgRHukTRoZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/_fj-xjzIBfXAwOeDL5iPo1O8RPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/1F35i-yCdrgrqC2TdgRHukTRoZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.92.0/22
79.175.192.0/18
109.74.96.0/20
Signature Algorithm: sha256WithRSAEncryption
0a:f6:77:fc:2f:c4:69:93:24:12:5f:01:fb:82:b7:09:a5:38:
c9:86:da:49:8d:6b:29:97:5d:3c:d6:d7:38:6b:c3:c4:ab:d2:
25:36:4c:83:da:3f:bc:cf:8e:1f:95:13:2e:98:19:48:6e:72:
22:8c:ac:2c:04:27:25:d8:d2:80:29:d7:db:d5:1c:a8:43:3b:
59:b6:09:5b:ed:75:1e:16:88:60:78:44:13:69:4e:f3:ee:18:
7d:88:a3:5e:e9:cb:27:7d:3d:b7:c8:e3:2e:20:eb:a7:2c:01:
19:94:44:4c:25:91:a2:b6:ca:5b:b7:f3:31:b2:ea:bb:b2:0e:
2f:9a:74:67:91:4e:9b:f6:5a:99:c8:fa:d3:6d:fe:9e:d9:13:
c5:13:d1:3d:b1:ec:bd:9c:1d:84:60:16:f8:fd:41:e9:9a:bd:
81:19:17:8b:de:46:48:64:27:db:a9:92:07:19:f9:42:3e:83:
fa:77:6c:19:d4:4c:74:82:6f:c3:f7:18:91:4e:32:f6:b1:d4:
fa:1d:f7:cd:4b:62:7f:80:5e:a9:a3:00:82:b1:95:33:5b:51:
10:3b:62:33:3d:01:f3:b7:cc:ea:61:5f:62:d8:46:70:15:81:
0a:c7:c4:0e:ea:98:2e:84:c7:5a:96:3b:6b:b2:f8:7b:46:ec:
ec:ba:aa:79
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIDRsWgMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ0
NWRmOThiZWM4Mjc2YjgyYmE4MmQ5Mzc2MDQ0N2JhNDRkMWExOWIwHhcNMjIwMTEw
MTM1NjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmZGY4ZmVjNjNjYzgw
NWY1YzBjMGU3ODMyZjk4OGZhMzUzYmM0NGY2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAumbZlupEsS/W+hXW29C6TaeqxENDLY7AQP3eMI2U28qmDHT9
4mDtXB8/77wKNi/K+SdMcYzThUkHt1Ty/oqAr5rh51Z9PJhBF5rg/XK6Eqjf9a63
kpfGIEI75/XxXemEkGsgozjMRf53jpURLjiqbnZ+D17riF74iEwuvkSs7YZC30vd
VlowvZFwU3yU3XYQeiC9bXSl9gtCCwsRrEZAGzcs3qRhMw3fx7jjmYFk+0EQisws
/6a0Ulmo+/QZ9M08tUSo5YphiAf+TN+jkm3P0h1enz63FydErHkPHXx5TGezXR+B
dlB6aQX+ts/5300YDGcfYbIjJwbVduNVCKk4mwIDAQABo4ICFTCCAhEwHQYDVR0O
BBYEFP34/sY8yAX1wMDngy+Yj6NTvET2MB8GA1UdIwQYMBaAFNRd+Yvsgna4K6gt
k3YER7pE0aGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MUYzNWkteUNkcmdycUMyVGRnUkh1a1RSb1pzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kYS9kZTA2NWQtMzBlMi00M2Q1LWIzNTctYzA5NTZhODAxMzJkLzEv
X2ZqLXhqeklCZlhBd09lREw1aVBvMU84UlBZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9k
ZTA2NWQtMzBlMi00M2Q1LWIzNTctYzA5NTZhODAxMzJkLzEvMUYzNWkteUNkcmdy
cUMyVGRnUkh1a1RSb1pzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsG
CCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYtcAwQGT6/AAwQEbUpgMA0GCSqG
SIb3DQEBCwUAA4IBAQAK9nf8L8RpkyQSXwH7grcJpTjJhtpJjWspl1081tc4a8PE
q9IlNkyD2j+8z44flRMumBlIbnIijKwsBCcl2NKAKdfb1RyoQztZtglb7XUeFohg
eEQTaU7z7hh9iKNe6csnfT23yOMuIOunLAEZlERMJZGitspbt/Mxsuq7sg4vmnRn
kU6b9lqZyPrTbf6e2RPFE9E9sey9nB2EYBb4/UHpmr2BGReL3kZIZCfbqZIHGflC
PoP6d2wZ1Ex0gm/D9xiRTjL2sdT6HffNS2J/gF6powCCsZUzW1EQO2IzPQHzt8zq
YV9i2EZwFYEKx8QO6pguhMdaljtrsvh7Ruzsuqp5
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:00 2025 by rpki-client