Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/EdcllrGcKpWreJ3uQhiM463t_og.roa
File: EdcllrGcKpWreJ3uQhiM463t_og.roa (raw, json)
Hash identifier: XT1D5R/UNb33AtTuK6lerIDTPLmMavXOJh3meypG4QM=
Subject key identifier: 11:D7:25:96:B1:9C:2A:95:AB:78:9D:EE:42:18:8C:E3:AD:ED:FE:88
Certificate issuer: /CN=6dfecfa0e6692595cfbea5266076e8e53efd9461
Certificate serial: 4C9C7F
Authority key identifier: 6D:FE:CF:A0:E6:69:25:95:CF:BE:A5:26:60:76:E8:E5:3E:FD:94:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/EdcllrGcKpWreJ3uQhiM463t_og.roa
Signing time: Sat 01 Jan 2022 01:52:09 +0000
ROA not before: Sat 01 Jan 2022 01:52:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198985
IP address blocks: 46.231.240.0/22 maxlen: 22
45.67.80.0/23 maxlen: 23
185.233.100.0/22 maxlen: 22
2a09:7340::/32 maxlen: 32
2a0c:e300::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5020799 (0x4c9c7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dfecfa0e6692595cfbea5266076e8e53efd9461
Validity
Not Before: Jan 1 01:52:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11d72596b19c2a95ab789dee42188ce3adedfe88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:67:8f:56:7e:a7:02:dd:3b:42:15:ec:60:77:
00:0b:8a:73:e3:ac:a3:f4:4b:c1:c1:78:83:93:cc:
fe:37:9f:90:82:50:d9:1a:5f:17:a1:1f:3d:89:69:
f9:20:28:de:ed:4d:f1:39:67:f2:a8:6f:aa:c5:f7:
13:60:2c:b6:e6:4c:a1:7b:3c:48:bb:16:77:df:86:
51:e8:34:87:d3:33:23:b2:14:ee:ce:fb:d8:88:c9:
c8:36:75:8f:59:eb:67:35:90:b3:70:f3:39:39:36:
4c:2f:41:fb:dc:70:cc:e9:a3:b8:43:8c:71:b8:00:
bf:c5:f4:8e:3e:f9:07:47:27:c8:a8:8a:f9:f4:f3:
e7:ec:95:4f:37:59:8b:34:3f:d4:ba:7f:0c:01:20:
ed:bc:60:31:3b:a8:03:06:ae:99:b1:8d:ed:b9:c5:
c0:4e:57:5a:ad:2d:20:77:2b:d3:96:b1:46:ff:3b:
6b:2c:a3:84:f7:85:06:fc:62:d7:d8:e6:d4:74:ec:
5f:34:a6:44:af:81:76:d1:36:f0:08:35:47:cd:16:
a2:f5:f4:04:f0:f6:9d:5e:2d:5f:43:e5:9d:60:0b:
0c:b3:c2:0d:da:c0:c3:65:24:36:0b:d4:e8:3d:f5:
3d:53:23:12:94:92:4b:43:8c:5b:9c:ed:2b:5c:45:
27:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D7:25:96:B1:9C:2A:95:AB:78:9D:EE:42:18:8C:E3:AD:ED:FE:88
X509v3 Authority Key Identifier:
keyid:6D:FE:CF:A0:E6:69:25:95:CF:BE:A5:26:60:76:E8:E5:3E:FD:94:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/EdcllrGcKpWreJ3uQhiM463t_og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/bf7PoOZpJZXPvqUmYHbo5T79lGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.80.0/23
46.231.240.0/22
185.233.100.0/22
IPv6:
2a09:7340::/32
2a0c:e300::/29
Signature Algorithm: sha256WithRSAEncryption
14:bf:27:04:1f:34:20:75:3d:94:65:60:37:8e:10:3f:b3:bf:
b1:6d:d2:30:49:e9:13:12:a3:ab:30:fc:29:f5:39:08:f5:86:
b7:22:04:f4:dd:64:14:5a:50:3f:ed:ce:b6:97:32:a7:0e:07:
9d:23:88:6a:b3:60:f1:71:a2:22:08:6f:f1:6d:5c:99:50:c5:
b5:e4:62:a9:5b:ca:b6:77:07:73:58:fd:75:56:53:65:a8:c6:
80:d7:20:59:71:6e:6f:26:a7:00:60:94:48:05:dd:24:2b:9c:
8c:7e:b2:72:35:9b:dd:b0:db:13:e0:f2:e9:e3:fa:b9:51:44:
92:83:86:c8:34:ae:5c:d4:15:10:29:ea:b8:5e:11:d3:02:0d:
83:f9:dc:c7:3d:d6:80:2d:a6:e8:e2:20:36:e0:d3:42:89:7e:
4b:3e:24:69:fd:72:89:09:e4:7f:68:3d:9a:cc:5c:6d:87:e4:
33:c9:a0:f8:ec:20:1d:bd:b7:e4:c4:44:b7:ad:20:9a:ea:2a:
80:6a:4d:2c:ab:63:44:f2:9b:1c:f5:ef:74:23:54:1c:65:23:
cc:9d:8d:94:24:a3:8b:b3:0d:28:62:42:4f:d3:96:2c:6b:52:
fb:15:be:1b:9d:6d:0b:b8:60:35:87:0c:77:93:fc:f4:13:a0:
d2:13:dc:bd
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIDTJx/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
ZmVjZmEwZTY2OTI1OTVjZmJlYTUyNjYwNzZlOGU1M2VmZDk0NjEwHhcNMjIwMTAx
MDE1MjA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxMWQ3MjU5NmIxOWMy
YTk1YWI3ODlkZWU0MjE4OGNlM2FkZWRmZTg4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq2ePVn6nAt07QhXsYHcAC4pz46yj9EvBwXiDk8z+N5+QglDZ
Gl8XoR89iWn5ICje7U3xOWfyqG+qxfcTYCy25kyhezxIuxZ334ZR6DSH0zMjshTu
zvvYiMnINnWPWetnNZCzcPM5OTZML0H73HDM6aO4Q4xxuAC/xfSOPvkHRyfIqIr5
9PPn7JVPN1mLND/Uun8MASDtvGAxO6gDBq6ZsY3tucXATldarS0gdyvTlrFG/ztr
LKOE94UG/GLX2ObUdOxfNKZEr4F20TbwCDVHzRai9fQE8PadXi1fQ+WdYAsMs8IN
2sDDZSQ2C9ToPfU9UyMSlJJLQ4xbnO0rXEUnvwIDAQABo4ICKzCCAicwHQYDVR0O
BBYEFBHXJZaxnCqVq3id7kIYjOOt7f6IMB8GA1UdIwQYMBaAFG3+z6DmaSWVz76l
JmB26OU+/ZRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
YmY3UG9PWnBKWlhQdnFVbVlIYm81VDc5bEdFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lNy9mY2ZlYzctZDZjMy00YjQwLWJhMmMtZjk4OGQ0OGU1MWU4LzEv
RWRjbGxyR2NLcFdyZUozdVFoaU00NjN0X29nLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9m
Y2ZlYzctZDZjMy00YjQwLWJhMmMtZjk4OGQ0OGU1MWU4LzEvYmY3UG9PWnBKWlhQ
dnFVbVlIYm81VDc5bEdFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEEG
CCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQBLUNQAwQCLufwAwQCuelkMBQEAgAC
MA4DBQAqCXNAAwUDKgzjADANBgkqhkiG9w0BAQsFAAOCAQEAFL8nBB80IHU9lGVg
N44QP7O/sW3SMEnpExKjqzD8KfU5CPWGtyIE9N1kFFpQP+3Otpcypw4HnSOIarNg
8XGiIghv8W1cmVDFteRiqVvKtncHc1j9dVZTZajGgNcgWXFubyanAGCUSAXdJCuc
jH6ycjWb3bDbE+Dy6eP6uVFEkoOGyDSuXNQVECnquF4R0wINg/ncxz3WgC2m6OIg
NuDTQol+Sz4kaf1yiQnkf2g9msxcbYfkM8mg+OwgHb235MREt60gmuoqgGpNLKtj
RPKbHPXvdCNUHGUjzJ2NlCSji7MNKGJCT9OWLGtS+xW+G51tC7hgNYcMd5P89BOg
0hPcvQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:24 2025 by rpki-client