Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/V8O-2POZk42BN5jISnGKIzaQSN0.roa
File: V8O-2POZk42BN5jISnGKIzaQSN0.roa (raw, json)
Hash identifier: 7qQgY3rPDBzL79fJKPsHGz/rBk6KoL89dBhOnk7Jw1g=
Subject key identifier: 57:C3:BE:D8:F3:99:93:8D:81:37:98:C8:4A:71:8A:23:36:90:48:DD
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018572CC98AA3FB292908617A8F7C6906535
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/V8O-2POZk42BN5jISnGKIzaQSN0.roa
Signing time: Mon 02 Jan 2023 14:04:48 +0000
ROA not before: Mon 02 Jan 2023 14:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 45.147.47.0/24 maxlen: 24
45.136.6.0/24 maxlen: 24
45.136.7.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.141.150.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:98:aa:3f:b2:92:90:86:17:a8:f7:c6:90:65:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jan 2 14:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57c3bed8f399938d813798c84a718a23369048dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4c:11:50:fa:00:46:f3:28:0f:04:58:6e:d7:
e5:b1:f3:8c:94:d1:d0:68:a9:53:2a:86:a3:05:97:
2a:13:ae:3a:7d:54:d6:1f:05:3f:3d:66:13:04:79:
98:3e:b3:5f:2f:14:c9:21:a9:c1:33:7f:fa:6d:9d:
2a:71:93:ec:d4:9b:6d:db:f3:cf:59:fc:4b:c2:9d:
76:0d:1b:f8:90:b8:62:1d:ed:62:49:95:09:ab:b0:
9a:97:b0:e0:65:a6:15:c6:39:5d:ac:30:d0:68:1c:
30:f0:85:ed:0a:34:33:90:ff:34:cd:37:f5:c2:c6:
52:b2:bb:77:88:e6:1e:1b:36:f1:37:67:28:33:d1:
f6:99:83:2e:db:16:8e:99:12:b8:62:7f:22:63:91:
d5:57:01:9a:aa:f9:5b:ea:6b:78:68:b5:0d:0e:df:
3d:f2:0a:1c:cd:a3:00:49:41:34:82:1d:21:e4:c1:
d8:99:4b:0c:9b:0d:c2:d9:59:a8:85:c2:2e:a6:e1:
91:29:2f:d9:ee:af:3c:60:51:20:6e:01:cd:7b:5a:
36:00:e0:7d:ca:67:1d:64:08:03:b8:38:4c:96:71:
48:d0:cf:13:70:64:e0:0c:74:ba:4a:9c:08:1b:07:
d7:55:9e:cb:c2:7c:e9:b1:f5:76:47:9a:74:1f:a1:
be:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:C3:BE:D8:F3:99:93:8D:81:37:98:C8:4A:71:8A:23:36:90:48:DD
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/V8O-2POZk42BN5jISnGKIzaQSN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.2.0/23
45.136.6.0/23
45.141.148.0/24
45.141.150.0/24
45.147.47.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:e0:4b:dd:f9:b2:ac:bc:ae:33:6c:53:d9:98:11:2c:ea:a5:
10:93:90:18:40:a6:fc:f6:18:99:97:e0:82:06:09:2d:1f:37:
37:75:0f:1a:1e:31:4d:ac:43:4a:08:ff:07:e6:1b:7f:15:3a:
0d:b4:09:cd:1f:4f:3f:41:01:33:06:1e:ca:63:f0:63:dd:10:
64:9e:e8:0f:dd:13:91:88:02:6f:3b:e1:31:61:44:db:18:a3:
57:b4:5e:18:b7:41:40:df:37:e7:6e:c5:f3:6b:75:8d:1d:19:
7c:4c:bc:88:e3:5c:0a:1d:4a:4a:33:de:02:e0:fa:aa:b5:3e:
2a:83:4f:1b:12:e9:69:45:41:3c:91:d1:41:06:ba:c8:cf:23:
57:6b:61:3a:a1:17:20:ac:62:9d:50:de:19:77:b9:1f:f8:a6:
d4:3b:9d:ed:1e:4c:71:a2:42:22:0f:8b:d1:be:a8:84:17:fa:
27:89:19:b3:a4:27:f3:13:e5:63:1e:59:eb:0f:7a:0f:d0:60:
2a:1b:f5:48:a1:d2:62:f2:fc:eb:a6:93:84:d8:8c:bc:35:a4:
51:46:1f:8f:7f:ca:3a:44:ea:0c:5d:1a:88:2f:58:70:f0:9a:
07:44:72:6c:12:51:f5:a9:5e:19:1e:c4:2e:67:8a:2e:a3:27:
fc:2a:15:4a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVyzJiqP7KSkIYXqPfGkGU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjMwMTAyMTQwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2MzYmVkOGYzOTk5MzhkODEzNzk4Yzg0YTcxOGEyMzM2OTA0OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkwRUPoARvMoDwRYbtflsfOMlNHQ
aKlTKoajBZcqE646fVTWHwU/PWYTBHmYPrNfLxTJIanBM3/6bZ0qcZPs1Jtt2/PP
WfxLwp12DRv4kLhiHe1iSZUJq7Cal7DgZaYVxjldrDDQaBww8IXtCjQzkP80zTf1
wsZSsrt3iOYeGzbxN2coM9H2mYMu2xaOmRK4Yn8iY5HVVwGaqvlb6mt4aLUNDt89
8goczaMASUE0gh0h5MHYmUsMmw3C2VmohcIupuGRKS/Z7q88YFEgbgHNe1o2AOB9
ymcdZAgDuDhMlnFI0M8TcGTgDHS6SpwIGwfXVZ7LwnzpsfV2R5p0H6G+HwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFfDvtjzmZONgTeYyEpxiiM2kEjdMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvVjhPLTJQT1prNDJCTjVqSVNuR0tJemFRU04wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLYMCAwQB
LYgGAwQALY2UAwQALY2WAwQALZMvMA0GCSqGSIb3DQEBCwUAA4IBAQAr4Evd+bKs
vK4zbFPZmBEs6qUQk5AYQKb89hiZl+CCBgktHzc3dQ8aHjFNrENKCP8H5ht/FToN
tAnNH08/QQEzBh7KY/Bj3RBknugP3RORiAJvO+ExYUTbGKNXtF4Yt0FA3zfnbsXz
a3WNHRl8TLyI41wKHUpKM94C4PqqtT4qg08bEulpRUE8kdFBBrrIzyNXa2E6oRcg
rGKdUN4Zd7kf+KbUO53tHkxxokIiD4vRvqiEF/oniRmzpCfzE+VjHlnrD3oP0GAq
G/VIodJi8vzrppOE2Iy8NaRRRh+Pf8o6ROoMXRqIL1hw8JoHRHJsElH1qV4ZHsQu
Z4ouoyf8KhVK
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:29:57 2025 by rpki-client