Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/4a757c-adde-485c-9171-f603538412c8/1/8yP8cPvOfDEJG-EjYmJfbtXfftY.roa
File: 8yP8cPvOfDEJG-EjYmJfbtXfftY.roa (raw, json)
Hash identifier: vL7OBeZfHIzrUI3rnGZBOJIFfcZJ9tr+sUnvvEmzMqY=
Subject key identifier: F3:23:FC:70:FB:CE:7C:31:09:1B:E1:23:62:62:5F:6E:D5:DF:7E:D6
Certificate issuer: /CN=cd1242e6c7ebd82a23fa1a08f396ebe5ab34cf6b
Certificate serial: 01856DCAD486491735BC9F71A508B6253C2B
Authority key identifier: CD:12:42:E6:C7:EB:D8:2A:23:FA:1A:08:F3:96:EB:E5:AB:34:CF:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRJC5sfr2Coj-hoI85br5as0z2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/4a757c-adde-485c-9171-f603538412c8/1/8yP8cPvOfDEJG-EjYmJfbtXfftY.roa
Signing time: Sun 01 Jan 2023 14:44:47 +0000
ROA not before: Sun 01 Jan 2023 14:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208978
IP address blocks: 45.10.34.0/23 maxlen: 23
45.10.32.0/22 maxlen: 22
45.10.32.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:d4:86:49:17:35:bc:9f:71:a5:08:b6:25:3c:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd1242e6c7ebd82a23fa1a08f396ebe5ab34cf6b
Validity
Not Before: Jan 1 14:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f323fc70fbce7c31091be12362625f6ed5df7ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:94:5a:b9:5d:dc:22:67:26:b9:ff:63:a4:3b:
04:84:a4:27:7c:b9:d3:d2:2e:4b:97:4d:6e:35:2f:
96:a3:71:e2:4b:92:74:bf:ba:e5:9e:cc:75:40:af:
78:7a:8c:49:19:3c:30:66:10:be:a4:d7:dd:80:17:
60:b0:1e:53:d8:a3:aa:a1:5c:2d:6b:45:59:95:b9:
48:0e:a5:3b:7a:26:d9:b4:4d:e6:d9:83:0d:27:ca:
b0:16:e3:9d:18:b6:40:7f:2e:99:85:c6:b6:84:e6:
02:c9:51:10:50:df:8e:db:b0:bc:18:05:38:0e:ba:
69:df:4b:25:13:bb:c9:70:da:eb:6b:2d:2b:f6:52:
67:c8:84:1c:2b:98:c2:32:70:db:fc:65:34:3a:98:
77:ac:e3:58:92:bf:b6:79:db:2b:78:3e:2b:73:6f:
f1:96:58:4d:8c:db:ce:ba:f3:93:3f:1f:c4:3c:c2:
75:0b:98:af:6b:b7:71:15:ad:66:da:64:28:57:7c:
16:65:a7:7e:d8:ba:73:d8:e1:93:de:61:62:d3:01:
07:2a:bc:36:9c:2a:a1:17:a8:23:a6:50:a5:6e:66:
d1:b1:70:b1:7e:66:f0:79:66:26:91:91:3f:56:78:
e1:25:47:c3:a2:d5:d3:f0:7f:26:60:8e:14:e3:f7:
45:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:23:FC:70:FB:CE:7C:31:09:1B:E1:23:62:62:5F:6E:D5:DF:7E:D6
X509v3 Authority Key Identifier:
keyid:CD:12:42:E6:C7:EB:D8:2A:23:FA:1A:08:F3:96:EB:E5:AB:34:CF:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRJC5sfr2Coj-hoI85br5as0z2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/4a757c-adde-485c-9171-f603538412c8/1/8yP8cPvOfDEJG-EjYmJfbtXfftY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/4a757c-adde-485c-9171-f603538412c8/1/zRJC5sfr2Coj-hoI85br5as0z2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.32.0/22
Signature Algorithm: sha256WithRSAEncryption
10:72:f7:44:5d:9f:46:fb:c1:1f:88:24:88:cf:f0:4c:97:fd:
59:47:51:59:13:11:2d:3c:eb:bb:7e:8c:85:7f:fb:68:55:fb:
5a:9a:33:ee:0e:04:8c:e3:58:ad:9e:e2:fa:5a:f0:cf:b2:67:
01:91:4b:55:4a:22:78:b6:6d:4e:a5:85:fa:e6:1b:d6:22:d0:
d2:ca:d6:9a:d9:02:28:43:83:9d:14:bd:e1:0e:1d:ff:8e:7f:
f4:cc:e8:a5:f2:36:5c:32:7e:1e:f0:27:b1:3d:8d:7f:84:d1:
cb:98:6c:fd:38:b1:ee:e0:bb:4b:2b:68:3e:fd:dc:22:a4:f7:
43:cc:50:be:1e:bb:f4:0f:e1:6f:f5:b4:8d:2d:fd:d1:80:57:
9f:ec:c2:f8:ac:47:11:9f:26:7a:e2:76:c6:72:3c:94:c6:82:
0f:8d:d2:d3:53:2c:bc:b4:f2:a5:cf:cb:c2:81:0d:30:04:2d:
8d:c0:cc:d9:bc:5f:00:68:00:6f:9e:58:8b:e5:f9:21:ea:19:
92:11:3d:d3:5f:e2:b1:39:ca:95:d7:99:0c:47:a1:e2:73:8f:
4d:62:ae:50:c8:f2:e8:6a:2f:e6:b0:9e:2e:70:cc:cb:0f:e5:
1d:04:bb:fb:99:99:43:e4:c0:18:42:a5:ec:2c:ef:61:be:be:
9a:77:e8:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtytSGSRc1vJ9xpQi2JTwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTI0MmU2YzdlYmQ4MmEyM2ZhMWEwOGYzOTZlYmU1YWIz
NGNmNmIwHhcNMjMwMTAxMTQ0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzIzZmM3MGZiY2U3YzMxMDkxYmUxMjM2MjYyNWY2ZWQ1ZGY3ZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJRauV3cImcmuf9jpDsEhKQnfLnT
0i5Ll01uNS+Wo3HiS5J0v7rlnsx1QK94eoxJGTwwZhC+pNfdgBdgsB5T2KOqoVwt
a0VZlblIDqU7eibZtE3m2YMNJ8qwFuOdGLZAfy6Zhca2hOYCyVEQUN+O27C8GAU4
Drpp30slE7vJcNrray0r9lJnyIQcK5jCMnDb/GU0Oph3rONYkr+2edsreD4rc2/x
llhNjNvOuvOTPx/EPMJ1C5iva7dxFa1m2mQoV3wWZad+2Lpz2OGT3mFi0wEHKrw2
nCqhF6gjplClbmbRsXCxfmbweWYmkZE/VnjhJUfDotXT8H8mYI4U4/dFvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPMj/HD7znwxCRvhI2JiX27V337WMB8GA1UdIwQY
MBaAFM0SQubH69gqI/oaCPOW6+WrNM9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJKQzVzZnIyQ29qLWhvSTg1YnI1YXMwejJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80YTc1N2MtYWRkZS00ODVjLTkxNzEt
ZjYwMzUzODQxMmM4LzEvOHlQOGNQdk9mREVKRy1FalltSmZidFhmZnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80YTc1N2MtYWRkZS00ODVjLTkxNzEtZjYwMzUzODQxMmM4
LzEvelJKQzVzZnIyQ29qLWhvSTg1YnI1YXMwejJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQogMA0G
CSqGSIb3DQEBCwUAA4IBAQAQcvdEXZ9G+8EfiCSIz/BMl/1ZR1FZExEtPOu7foyF
f/toVftamjPuDgSM41itnuL6WvDPsmcBkUtVSiJ4tm1OpYX65hvWItDSytaa2QIo
Q4OdFL3hDh3/jn/0zOil8jZcMn4e8CexPY1/hNHLmGz9OLHu4LtLK2g+/dwipPdD
zFC+Hrv0D+Fv9bSNLf3RgFef7ML4rEcRnyZ64nbGcjyUxoIPjdLTUyy8tPKlz8vC
gQ0wBC2NwMzZvF8AaABvnliL5fkh6hmSET3TX+KxOcqV15kMR6Hic49NYq5QyPLo
ai/msJ4ucMzLD+UdBLv7mZlD5MAYQqXsLO9hvr6ad+iY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:27 2025 by rpki-client