Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/VrhphRp5Yyx0qNH321JWreabg6A.roa
File: VrhphRp5Yyx0qNH321JWreabg6A.roa (raw, json)
Hash identifier: /BrOwuDZFQw9NKVs6418c5OUWLmqCTaRgl+YTBSUVAo=
Subject key identifier: 56:B8:69:85:1A:79:63:2C:74:A8:D1:F7:DB:52:56:AD:E6:9B:83:A0
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 0188860A1ED80F5EB104ABF756D51868EBF0
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/VrhphRp5Yyx0qNH321JWreabg6A.roa
Signing time: Sun 04 Jun 2023 10:53:10 +0000
ROA not before: Sun 04 Jun 2023 10:53:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212512
IP address blocks: 45.131.2.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:86:0a:1e:d8:0f:5e:b1:04:ab:f7:56:d5:18:68:eb:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jun 4 10:53:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56b869851a79632c74a8d1f7db5256ade69b83a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e6:45:f6:84:80:b7:fd:25:19:24:57:9c:98:
8c:14:b2:3f:25:ad:de:1b:8e:de:74:3a:64:ed:19:
45:63:db:74:29:ba:5a:59:b9:3f:b0:1d:0a:f1:f0:
b1:76:78:e9:d3:16:a9:7e:df:97:37:ff:76:29:47:
5d:42:39:18:c3:24:76:e8:f7:c6:ed:30:37:e2:75:
b9:a3:31:d2:7a:94:9b:b0:28:21:9a:18:cd:62:cb:
2a:b6:0f:62:ef:4b:e2:37:1f:b7:43:49:73:15:88:
3d:20:e0:cf:a6:5a:a3:50:7e:b4:7f:7e:38:49:e5:
18:93:2a:71:a1:1a:d6:13:ce:a2:6f:a8:a4:38:63:
84:94:e1:ab:89:ce:a6:40:c0:0d:e4:dc:2a:89:0f:
11:ec:55:5c:54:d1:26:3a:b5:d5:9b:30:cb:bf:ce:
0f:81:26:f9:80:be:9c:42:7f:a7:24:b6:1d:8d:4e:
4d:aa:26:2d:57:65:23:92:1a:6f:1c:d1:a6:08:b6:
f7:51:0d:0d:c4:84:b3:83:ad:e3:d1:b1:37:f9:ef:
af:fb:11:de:33:b1:aa:0a:96:c5:fb:d3:33:5b:7f:
10:e4:e9:5d:78:46:33:01:ec:97:29:f3:55:0c:ec:
37:89:d4:cb:25:45:13:15:9b:7b:81:3a:8a:f2:df:
e0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B8:69:85:1A:79:63:2C:74:A8:D1:F7:DB:52:56:AD:E6:9B:83:A0
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/VrhphRp5Yyx0qNH321JWreabg6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.2.0/24
45.141.148.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:ec:cd:75:18:ec:ea:19:55:fd:1b:94:3d:9c:f3:36:17:3e:
c3:b0:26:0e:e0:17:61:cc:56:4d:25:1d:49:b8:3e:e8:60:dd:
53:ad:38:1d:5f:37:51:08:5b:18:3c:f2:b2:be:7f:89:0b:40:
90:1d:12:d6:db:19:75:5b:40:8e:c8:3e:7f:2c:78:df:30:e1:
a0:92:da:4b:1a:a8:b9:0f:1d:be:72:3f:9b:79:3a:65:cf:63:
d3:3e:5f:03:61:22:d1:7e:ca:31:ea:36:2f:07:40:72:c2:fe:
ab:52:4a:53:ca:b0:67:3a:37:41:b0:1e:c9:8d:b6:6c:2c:5b:
88:8c:0a:ab:d9:43:3e:d3:7d:3a:95:bb:9d:92:b8:74:91:dd:
f3:1b:44:54:16:8e:4f:94:71:63:b5:38:e4:ec:f1:92:ed:a0:
6e:b1:ac:b3:45:50:5c:12:98:d1:55:3d:58:29:0e:60:54:ac:
52:1f:9e:e7:6c:7d:16:39:02:01:da:91:17:20:22:a8:5b:4a:
3d:c1:90:a2:c6:1d:05:76:8b:19:ce:a1:31:cf:e4:41:9d:26:
1a:de:ce:b1:a0:e4:e3:e2:41:f6:e8:e8:af:41:b4:f4:34:2f:
9c:04:07:26:47:b8:67:a5:67:dd:46:f0:ae:53:ad:0b:f9:6b:
d2:05:26:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiGCh7YD16xBKv3VtUYaOvwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjMwNjA0MTA1MzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmI4Njk4NTFhNzk2MzJjNzRhOGQxZjdkYjUyNTZhZGU2OWI4M2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOZF9oSAt/0lGSRXnJiMFLI/Ja3e
G47edDpk7RlFY9t0KbpaWbk/sB0K8fCxdnjp0xapft+XN/92KUddQjkYwyR26PfG
7TA34nW5ozHSepSbsCghmhjNYssqtg9i70viNx+3Q0lzFYg9IODPplqjUH60f344
SeUYkypxoRrWE86ib6ikOGOElOGric6mQMAN5NwqiQ8R7FVcVNEmOrXVmzDLv84P
gSb5gL6cQn+nJLYdjU5NqiYtV2UjkhpvHNGmCLb3UQ0NxISzg63j0bE3+e+v+xHe
M7GqCpbF+9MzW38Q5OldeEYzAeyXKfNVDOw3idTLJUUTFZt7gTqK8t/gmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFa4aYUaeWMsdKjR99tSVq3mm4OgMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvVnJocGhScDVZeXgwcU5IMzIxSldyZWFiZzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYMCAwQA
LY2UMA0GCSqGSIb3DQEBCwUAA4IBAQCp7M11GOzqGVX9G5Q9nPM2Fz7DsCYO4Bdh
zFZNJR1JuD7oYN1TrTgdXzdRCFsYPPKyvn+JC0CQHRLW2xl1W0COyD5/LHjfMOGg
ktpLGqi5Dx2+cj+beTplz2PTPl8DYSLRfsox6jYvB0Bywv6rUkpTyrBnOjdBsB7J
jbZsLFuIjAqr2UM+0306lbudkrh0kd3zG0RUFo5PlHFjtTjk7PGS7aBusayzRVBc
EpjRVT1YKQ5gVKxSH57nbH0WOQIB2pEXICKoW0o9wZCixh0FdosZzqExz+RBnSYa
3s6xoOTj4kH26OivQbT0NC+cBAcmR7hnpWfdRvCuU60L+WvSBSY9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:21 2025 by rpki-client