Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/c8aa4e-dd01-4a1a-8cc0-edf409fedfca/1/P9Eq-bhfcRohG1WsJCilvi558Q8.roa
File: P9Eq-bhfcRohG1WsJCilvi558Q8.roa (raw, json)
Hash identifier: bA76jDPYuOYT0zkT6nydLiSGO+mmRdmo2CgkHJqbrJ4=
Subject key identifier: 3F:D1:2A:F9:B8:5F:71:1A:21:1B:55:AC:24:28:A5:BE:2E:79:F1:0F
Certificate issuer: /CN=554834da8600c96c5fde91278f520e6c0d26fff3
Certificate serial: 07637A6C
Authority key identifier: 55:48:34:DA:86:00:C9:6C:5F:DE:91:27:8F:52:0E:6C:0D:26:FF:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VUg02oYAyWxf3pEnj1IObA0m__M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/c8aa4e-dd01-4a1a-8cc0-edf409fedfca/1/P9Eq-bhfcRohG1WsJCilvi558Q8.roa
Signing time: Sat 01 Jan 2022 13:07:27 +0000
ROA not before: Sat 01 Jan 2022 13:07:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43414
IP address blocks: 185.185.244.0/22 maxlen: 22
45.149.44.0/22 maxlen: 22
2a0b:6980::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123959916 (0x7637a6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=554834da8600c96c5fde91278f520e6c0d26fff3
Validity
Not Before: Jan 1 13:07:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fd12af9b85f711a211b55ac2428a5be2e79f10f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:42:13:c8:43:5c:81:34:eb:00:05:20:1a:5b:
8b:ca:90:45:bb:6d:91:fe:9f:fe:24:dd:23:b9:50:
ee:0b:77:93:ea:2d:21:36:3d:eb:0e:73:b7:5f:08:
ab:d6:2e:f0:5d:21:80:d2:0d:77:67:4c:20:d0:17:
dd:6c:37:21:a0:e5:da:a4:0d:83:39:ce:f5:a2:85:
9d:81:b7:8f:5e:a1:8b:70:10:2f:af:7b:2e:e7:a8:
09:31:57:b1:f7:8c:7b:5f:16:fd:d0:46:2b:31:d2:
0c:0e:c0:cd:50:5b:1f:a3:93:a9:a0:0f:3e:41:ae:
83:bd:b2:25:79:de:b7:09:53:28:06:67:ae:ab:16:
45:e1:5a:a1:a2:98:79:7e:78:1e:01:6e:bb:16:f5:
eb:70:ee:86:38:3c:21:e3:31:3e:51:3b:20:61:43:
93:96:7b:fe:8c:2e:29:3f:6c:dd:25:14:fc:b4:02:
45:83:8c:0a:9c:84:5d:0e:36:9b:16:1e:bb:d1:40:
67:d2:7a:bf:93:b8:e8:d2:17:a7:54:48:86:d1:ee:
cb:0f:e4:b2:ea:5f:1f:7c:63:38:9e:90:0f:88:7e:
59:aa:a0:0d:66:c4:89:13:63:ea:a4:91:b8:d3:0e:
00:f9:5c:b7:88:f0:3d:95:65:09:95:58:29:6d:3d:
bf:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D1:2A:F9:B8:5F:71:1A:21:1B:55:AC:24:28:A5:BE:2E:79:F1:0F
X509v3 Authority Key Identifier:
keyid:55:48:34:DA:86:00:C9:6C:5F:DE:91:27:8F:52:0E:6C:0D:26:FF:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VUg02oYAyWxf3pEnj1IObA0m__M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c8aa4e-dd01-4a1a-8cc0-edf409fedfca/1/P9Eq-bhfcRohG1WsJCilvi558Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c8aa4e-dd01-4a1a-8cc0-edf409fedfca/1/VUg02oYAyWxf3pEnj1IObA0m__M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.44.0/22
185.185.244.0/22
IPv6:
2a0b:6980::/29
Signature Algorithm: sha256WithRSAEncryption
3a:2e:ef:5f:e6:0b:2d:98:aa:2a:87:bc:88:c9:ee:e4:44:f2:
f9:ec:50:5e:c6:1d:5b:10:3d:41:a1:c4:9d:34:24:ca:7d:e0:
81:01:2d:4d:8a:1f:87:a8:43:eb:4a:58:ca:cc:ec:33:50:ca:
b4:ec:80:f6:00:bb:a1:55:67:0e:02:63:be:fb:b0:9e:ad:9b:
88:1c:67:dc:1a:52:45:b2:d0:14:fa:c9:d4:b4:e2:d9:a1:c8:
41:b9:08:14:2a:d6:9f:1c:78:0e:fc:8d:04:38:5f:be:0e:94:
59:8a:ea:d4:2d:4f:69:e0:01:c4:86:7d:a6:15:02:61:f1:7b:
bc:b2:18:08:cf:20:51:a7:2d:14:90:43:17:61:87:24:12:63:
9c:dc:a1:67:06:2d:6f:31:58:5a:4d:61:4c:2d:5c:ec:ff:e3:
ea:f7:89:dc:4d:81:eb:a4:83:91:aa:4c:c4:af:39:a8:b3:e5:
45:72:23:1d:76:51:0e:a7:59:67:33:6c:a2:64:51:74:a4:96:
ae:d3:e6:5a:87:7a:9b:a7:73:fa:f9:76:90:af:ba:a3:8f:8b:
2a:b0:cb:9f:87:b9:74:2b:ea:fa:e9:ad:48:2a:e8:52:18:31:
07:3d:3a:a9:21:92:be:3a:3d:71:6e:42:a1:90:a3:5e:7b:1c:
a0:2b:6a:b9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEB2N6bDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTQ4MzRkYTg2MDBjOTZjNWZkZTkxMjc4ZjUyMGU2YzBkMjZmZmYzMB4XDTIyMDEw
MTEzMDcyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZkMTJhZjliODVm
NzExYTIxMWI1NWFjMjQyOGE1YmUyZTc5ZjEwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9CE8hDXIE06wAFIBpbi8qQRbttkf6f/iTdI7lQ7gt3k+ot
ITY96w5zt18Iq9Yu8F0hgNINd2dMINAX3Ww3IaDl2qQNgznO9aKFnYG3j16hi3AQ
L697LueoCTFXsfeMe18W/dBGKzHSDA7AzVBbH6OTqaAPPkGug72yJXnetwlTKAZn
rqsWReFaoaKYeX54HgFuuxb163Duhjg8IeMxPlE7IGFDk5Z7/owuKT9s3SUU/LQC
RYOMCpyEXQ42mxYeu9FAZ9J6v5O46NIXp1RIhtHuyw/ksupfH3xjOJ6QD4h+Waqg
DWbEiRNj6qSRuNMOAPlct4jwPZVlCZVYKW09v/ECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQ/0Sr5uF9xGiEbVawkKKW+LnnxDzAfBgNVHSMEGDAWgBRVSDTahgDJbF/e
kSePUg5sDSb/8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZVZzAyb1lBeVd4ZjNwRW5qMUlPYkEwbV9fTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGUvYzhhYTRlLWRkMDEtNGExYS04Y2MwLWVkZjQwOWZlZGZjYS8x
L1A5RXEtYmhmY1JvaEcxV3NKQ2lsdmk1NThROC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUv
YzhhYTRlLWRkMDEtNGExYS04Y2MwLWVkZjQwOWZlZGZjYS8xL1ZVZzAyb1lBeVd4
ZjNwRW5qMUlPYkEwbV9fTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAi2VLAMEArm59DANBAIAAjAHAwUD
KgtpgDANBgkqhkiG9w0BAQsFAAOCAQEAOi7vX+YLLZiqKoe8iMnu5ETy+exQXsYd
WxA9QaHEnTQkyn3ggQEtTYofh6hD60pYyszsM1DKtOyA9gC7oVVnDgJjvvuwnq2b
iBxn3BpSRbLQFPrJ1LTi2aHIQbkIFCrWnxx4DvyNBDhfvg6UWYrq1C1PaeABxIZ9
phUCYfF7vLIYCM8gUactFJBDF2GHJBJjnNyhZwYtbzFYWk1hTC1c7P/j6veJ3E2B
66SDkapMxK85qLPlRXIjHXZRDqdZZzNsomRRdKSWrtPmWod6m6dz+vl2kK+6o4+L
KrDLn4e5dCvq+umtSCroUhgxBz06qSGSvjo9cW5CoZCjXnscoCtquQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:01 2025 by rpki-client