Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/66b692-4bb3-473e-9413-6261e5b1fc20/1/70b7ljxn4YIjuH__igwRrAJhC2E.roa
File: 70b7ljxn4YIjuH__igwRrAJhC2E.roa (raw, json)
Hash identifier: J45cOM2A21fVwfLS2qQpjuVhCEvnHPZRFd594sFoJhw=
Subject key identifier: EF:46:FB:96:3C:67:E1:82:23:B8:7F:FF:8A:0C:11:AC:02:61:0B:61
Certificate issuer: /CN=3fd4d2fdbee3aa3e121428ea7050c9439d8886a9
Certificate serial: 02FD8F77
Authority key identifier: 3F:D4:D2:FD:BE:E3:AA:3E:12:14:28:EA:70:50:C9:43:9D:88:86:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9TS_b7jqj4SFCjqcFDJQ52Ihqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/66b692-4bb3-473e-9413-6261e5b1fc20/1/70b7ljxn4YIjuH__igwRrAJhC2E.roa
Signing time: Sat 01 Jan 2022 04:53:22 +0000
ROA not before: Sat 01 Jan 2022 04:53:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50254
IP address blocks: 185.145.124.0/22 maxlen: 22
185.145.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50171767 (0x2fd8f77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd4d2fdbee3aa3e121428ea7050c9439d8886a9
Validity
Not Before: Jan 1 04:53:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef46fb963c67e18223b87fff8a0c11ac02610b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cd:c5:cc:30:24:38:e5:8b:23:50:3c:67:1e:
b3:e8:ae:b0:9c:87:cc:0d:43:05:f9:dd:bf:17:b1:
12:7f:b8:20:ac:40:57:2b:28:68:cb:5f:88:e5:d0:
9c:22:bc:09:d8:a9:b3:f9:9a:55:bf:78:ac:a0:7a:
40:41:27:00:b9:d6:9b:65:a9:38:17:82:f5:d1:ef:
69:8b:b2:52:60:0c:5f:87:4d:2f:48:a7:47:32:6b:
49:07:fd:a3:6b:a7:17:82:3c:a4:10:1f:8b:bf:e0:
60:ad:42:7b:28:eb:c6:38:2f:30:c3:62:7b:0f:cc:
54:b2:67:11:6b:e6:94:e3:f5:4b:88:1c:bf:58:08:
41:20:66:85:a7:dd:4a:bd:87:58:5d:bb:01:d3:32:
19:93:ba:a3:d0:68:1f:07:23:a6:8b:39:02:eb:37:
bc:a7:a3:3b:9d:c4:fa:66:df:35:d8:a2:06:f9:ee:
63:74:14:d5:9b:b2:17:84:33:d7:86:2f:78:f4:88:
1a:1c:ce:3d:2f:d4:32:a5:ac:c0:a7:1f:9d:5e:26:
aa:a0:3a:fe:57:20:a2:a3:70:71:67:3b:45:18:4d:
90:d9:94:4b:bb:b1:54:45:38:37:16:ce:81:a8:76:
df:9e:d0:74:27:52:f8:48:7d:12:58:d2:50:18:d7:
5b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:46:FB:96:3C:67:E1:82:23:B8:7F:FF:8A:0C:11:AC:02:61:0B:61
X509v3 Authority Key Identifier:
keyid:3F:D4:D2:FD:BE:E3:AA:3E:12:14:28:EA:70:50:C9:43:9D:88:86:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9TS_b7jqj4SFCjqcFDJQ52Ihqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/66b692-4bb3-473e-9413-6261e5b1fc20/1/70b7ljxn4YIjuH__igwRrAJhC2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/66b692-4bb3-473e-9413-6261e5b1fc20/1/P9TS_b7jqj4SFCjqcFDJQ52Ihqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.124.0/22
Signature Algorithm: sha256WithRSAEncryption
58:65:c9:5e:df:9c:83:a6:bd:a8:f0:ed:5b:47:6d:e8:83:2e:
3e:e0:41:de:eb:01:67:ed:67:b0:9b:1f:c1:74:c6:a5:a6:4a:
b0:16:54:7b:49:dc:35:0b:7c:98:8f:33:47:76:2a:3e:52:cf:
9d:c6:79:b2:3f:68:2b:72:84:23:10:6d:f7:2b:c9:4a:17:41:
f0:e3:7c:fc:dd:9e:5d:a7:16:9d:61:58:ad:48:55:93:f5:da:
be:45:1a:6d:6a:92:cc:e1:2d:5a:6f:1d:4e:7e:f9:22:4d:fc:
71:84:d9:e4:79:27:d2:64:7c:4e:66:d2:75:04:68:9b:37:8b:
8e:f4:48:26:00:9a:aa:2b:64:a9:2a:ba:8b:ee:8c:e3:bd:47:
2f:f9:d6:b5:63:2e:53:d6:e7:bc:16:40:30:d6:0c:30:bb:e9:
73:b9:66:2d:b1:6b:f3:90:81:2c:3e:8b:90:41:df:01:b3:a8:
a3:19:e2:cb:c6:c9:d5:32:8c:43:e8:d3:88:d6:f2:78:55:b9:
9d:13:dc:b9:34:29:86:9c:37:71:e2:a0:7a:c1:7e:29:b0:07:
dc:54:67:11:86:66:e9:32:d5:f9:5c:2a:af:91:5c:ca:06:89:
d9:ea:6a:c1:f8:19:44:eb:66:cd:01:69:82:1e:14:19:17:52:
b0:98:e3:84
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAv2PdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZmQ0ZDJmZGJlZTNhYTNlMTIxNDI4ZWE3MDUwYzk0MzlkODg4NmE5MB4XDTIyMDEw
MTA0NTMyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWY0NmZiOTYzYzY3
ZTE4MjIzYjg3ZmZmOGEwYzExYWMwMjYxMGI2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/NxcwwJDjliyNQPGces+iusJyHzA1DBfndvxexEn+4IKxA
VysoaMtfiOXQnCK8Cdips/maVb94rKB6QEEnALnWm2WpOBeC9dHvaYuyUmAMX4dN
L0inRzJrSQf9o2unF4I8pBAfi7/gYK1CeyjrxjgvMMNiew/MVLJnEWvmlOP1S4gc
v1gIQSBmhafdSr2HWF27AdMyGZO6o9BoHwcjpos5Aus3vKejO53E+mbfNdiiBvnu
Y3QU1ZuyF4Qz14YvePSIGhzOPS/UMqWswKcfnV4mqqA6/lcgoqNwcWc7RRhNkNmU
S7uxVEU4NxbOgah2357QdCdS+Eh9EljSUBjXW/kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTvRvuWPGfhgiO4f/+KDBGsAmELYTAfBgNVHSMEGDAWgBQ/1NL9vuOqPhIU
KOpwUMlDnYiGqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1A5VFNfYjdqcWo0U0ZDanFjRkRKUTUySWhxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvNjZiNjkyLTRiYjMtNDczZS05NDEzLTYyNjFlNWIxZmMyMC8x
LzcwYjdsanhuNFlJanVIX19pZ3dSckFKaEMyRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
NjZiNjkyLTRiYjMtNDczZS05NDEzLTYyNjFlNWIxZmMyMC8xL1A5VFNfYjdqcWo0
U0ZDanFjRkRKUTUySWhxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmRfDANBgkqhkiG9w0BAQsFAAOC
AQEAWGXJXt+cg6a9qPDtW0dt6IMuPuBB3usBZ+1nsJsfwXTGpaZKsBZUe0ncNQt8
mI8zR3YqPlLPncZ5sj9oK3KEIxBt9yvJShdB8ON8/N2eXacWnWFYrUhVk/XavkUa
bWqSzOEtWm8dTn75Ik38cYTZ5Hkn0mR8TmbSdQRomzeLjvRIJgCaqitkqSq6i+6M
471HL/nWtWMuU9bnvBZAMNYMMLvpc7lmLbFr85CBLD6LkEHfAbOooxniy8bJ1TKM
Q+jTiNbyeFW5nRPcuTQphpw3ceKgesF+KbAH3FRnEYZm6TLV+Vwqr5FcygaJ2epq
wfgZROtmzQFpgh4UGRdSsJjjhA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:37:14 2025 by rpki-client