Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f2e2c9-ceab-4d7b-a9d8-a105776c3347/1/hiDgjLN9vvvXPUGTVog6Nmt3glU.roa
File: hiDgjLN9vvvXPUGTVog6Nmt3glU.roa (raw, json)
Hash identifier: uVx7tq+9vIrQLIctdaJbekuOp3/P0C254URBlpmVEZ4=
Subject key identifier: 86:20:E0:8C:B3:7D:BE:FB:D7:3D:41:93:56:88:3A:36:6B:77:82:55
Certificate issuer: /CN=1b18e0a19ae790fa503951559f47d41b47e7fd0f
Certificate serial: 02023497
Authority key identifier: 1B:18:E0:A1:9A:E7:90:FA:50:39:51:55:9F:47:D4:1B:47:E7:FD:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GxjgoZrnkPpQOVFVn0fUG0fn_Q8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f2e2c9-ceab-4d7b-a9d8-a105776c3347/1/hiDgjLN9vvvXPUGTVog6Nmt3glU.roa
Signing time: Sat 01 Jan 2022 11:02:37 +0000
ROA not before: Sat 01 Jan 2022 11:02:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9304
IP address blocks: 45.85.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33698967 (0x2023497)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b18e0a19ae790fa503951559f47d41b47e7fd0f
Validity
Not Before: Jan 1 11:02:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8620e08cb37dbefbd73d419356883a366b778255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b4:20:a4:16:2d:7f:1b:58:67:3f:c1:51:43:
23:9f:e6:d8:f0:45:76:43:bf:0a:12:67:79:82:cc:
c9:e3:26:0a:1c:c5:56:24:72:81:f6:7a:fc:66:3a:
87:71:9a:b2:0b:b1:1d:a7:08:3d:db:91:bb:ce:92:
ba:3c:21:28:d8:13:c8:2b:97:f7:b3:87:2f:4f:79:
32:0b:f1:5c:bd:1a:b0:7f:ae:a0:3f:04:bd:14:1f:
c5:3f:be:87:1a:98:e3:67:c3:6d:0c:5f:8b:01:fe:
b8:a2:ff:f7:0c:a0:30:dd:51:f8:f3:2c:ec:6b:2e:
75:d1:e2:8f:93:bc:a2:c6:5d:25:3a:81:6b:40:b9:
69:e9:3e:ba:12:1a:87:e5:f9:86:ef:16:c7:35:d2:
ff:bd:db:73:7e:e0:4e:96:01:68:a0:55:c6:79:07:
c8:c3:8a:5e:81:5d:64:14:ce:f9:29:f0:a5:8b:da:
89:0c:93:10:a1:25:a1:3c:5a:a5:f1:47:26:b3:21:
ea:a3:d7:ff:b9:ab:8c:24:8f:b9:c7:49:4e:23:f9:
fd:1c:34:b6:08:12:40:d6:0d:08:4f:db:ec:13:9a:
46:2d:6f:a7:83:d1:b9:44:cf:dd:96:9c:7a:c2:8b:
e6:6d:0d:1b:c9:1f:55:05:bb:5b:25:c5:dc:3e:db:
c7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:20:E0:8C:B3:7D:BE:FB:D7:3D:41:93:56:88:3A:36:6B:77:82:55
X509v3 Authority Key Identifier:
keyid:1B:18:E0:A1:9A:E7:90:FA:50:39:51:55:9F:47:D4:1B:47:E7:FD:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GxjgoZrnkPpQOVFVn0fUG0fn_Q8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f2e2c9-ceab-4d7b-a9d8-a105776c3347/1/hiDgjLN9vvvXPUGTVog6Nmt3glU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f2e2c9-ceab-4d7b-a9d8-a105776c3347/1/GxjgoZrnkPpQOVFVn0fUG0fn_Q8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.168.0/22
Signature Algorithm: sha256WithRSAEncryption
d5:57:61:b8:62:84:56:2d:64:9e:76:7f:78:08:69:5e:39:cc:
b4:ab:08:a9:05:90:37:1e:f7:80:cd:18:4d:b6:73:8f:7b:49:
72:d9:df:74:0b:ab:07:c9:2c:b1:bf:7e:2e:2d:56:2d:8b:3b:
54:99:1d:1e:b5:a4:6c:ed:21:09:f8:f9:f3:be:1e:6a:18:56:
5f:60:28:2d:85:fe:43:ed:7c:da:ec:44:c6:d2:87:04:a5:02:
19:68:70:af:52:9a:41:39:18:be:b1:1f:5d:0d:77:63:8b:ce:
68:bb:f6:a7:5c:48:f8:8d:7c:c8:c5:63:54:b8:33:12:89:63:
db:35:25:63:98:b2:6a:ef:f8:3c:46:71:53:5c:34:54:61:85:
43:ea:12:e4:8d:47:10:1b:e3:18:24:a6:b4:87:17:d8:dc:08:
4b:e3:6c:98:23:e2:35:52:65:2e:67:4c:74:f4:c7:b6:cd:a9:
e3:f5:bc:53:0d:9e:05:b6:69:e3:a7:ef:35:0b:8a:51:8f:45:
9b:a6:df:b0:9c:3f:6f:07:11:5d:dc:3d:0e:17:18:12:e6:bc:
c1:92:59:57:5c:67:d6:68:54:db:63:0f:4d:50:89:f3:78:99:
6f:32:40:fd:40:4c:0c:6b:37:94:8e:78:79:2b:8a:a5:15:8f:
17:0a:db:fe
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAgI0lzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjE4ZTBhMTlhZTc5MGZhNTAzOTUxNTU5ZjQ3ZDQxYjQ3ZTdmZDBmMB4XDTIyMDEw
MTExMDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODYyMGUwOGNiMzdk
YmVmYmQ3M2Q0MTkzNTY4ODNhMzY2Yjc3ODI1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALW0IKQWLX8bWGc/wVFDI5/m2PBFdkO/ChJneYLMyeMmChzF
ViRygfZ6/GY6h3GasguxHacIPduRu86SujwhKNgTyCuX97OHL095MgvxXL0asH+u
oD8EvRQfxT++hxqY42fDbQxfiwH+uKL/9wygMN1R+PMs7GsuddHij5O8osZdJTqB
a0C5aek+uhIah+X5hu8WxzXS/73bc37gTpYBaKBVxnkHyMOKXoFdZBTO+SnwpYva
iQyTEKEloTxapfFHJrMh6qPX/7mrjCSPucdJTiP5/Rw0tggSQNYNCE/b7BOaRi1v
p4PRuUTP3ZacesKL5m0NG8kfVQW7WyXF3D7bxx8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSGIOCMs32++9c9QZNWiDo2a3eCVTAfBgNVHSMEGDAWgBQbGOChmueQ+lA5
UVWfR9QbR+f9DzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d4amdvWnJua1BwUU9WRlZuMGZVRzBmbl9ROC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZjJlMmM5LWNlYWItNGQ3Yi1hOWQ4LWExMDU3NzZjMzM0Ny8x
L2hpRGdqTE45dnZ2WFBVR1RWb2c2Tm10M2dsVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZjJlMmM5LWNlYWItNGQ3Yi1hOWQ4LWExMDU3NzZjMzM0Ny8xL0d4amdvWnJua1Bw
UU9WRlZuMGZVRzBmbl9ROC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1VqDANBgkqhkiG9w0BAQsFAAOC
AQEA1VdhuGKEVi1knnZ/eAhpXjnMtKsIqQWQNx73gM0YTbZzj3tJctnfdAurB8ks
sb9+Li1WLYs7VJkdHrWkbO0hCfj5874eahhWX2AoLYX+Q+182uxExtKHBKUCGWhw
r1KaQTkYvrEfXQ13Y4vOaLv2p1xI+I18yMVjVLgzEolj2zUlY5iyau/4PEZxU1w0
VGGFQ+oS5I1HEBvjGCSmtIcX2NwIS+NsmCPiNVJlLmdMdPTHts2p4/W8Uw2eBbZp
46fvNQuKUY9Fm6bfsJw/bwcRXdw9DhcYEua8wZJZV1xn1mhU22MPTVCJ83iZbzJA
/UBMDGs3lI54eSuKpRWPFwrb/g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:27:58 2025 by rpki-client