Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/2ewlCb2NVUpb8o4LQlYkw1YSox4.roa
File: 2ewlCb2NVUpb8o4LQlYkw1YSox4.roa (raw, json)
Hash identifier: dvSBYoOAiSjjUr0VUgwpEio/yEIaQoCXVOp8Byr92S4=
Subject key identifier: D9:EC:25:09:BD:8D:55:4A:5B:F2:8E:0B:42:56:24:C3:56:12:A3:1E
Certificate issuer: /CN=44fc887c977393575de6257e75fa99cde2037c6c
Certificate serial: 018571A7903CA7986E555F9B88FD946C7FE5
Authority key identifier: 44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/2ewlCb2NVUpb8o4LQlYkw1YSox4.roa
Signing time: Mon 02 Jan 2023 08:44:44 +0000
ROA not before: Mon 02 Jan 2023 08:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209181
IP address blocks: 45.85.15.0/24 maxlen: 24
45.85.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:90:3c:a7:98:6e:55:5f:9b:88:fd:94:6c:7f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44fc887c977393575de6257e75fa99cde2037c6c
Validity
Not Before: Jan 2 08:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9ec2509bd8d554a5bf28e0b425624c35612a31e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fa:99:d6:cb:00:71:f8:4a:09:76:22:b4:36:
15:c0:76:e4:11:eb:cb:0c:b3:10:4a:54:89:15:70:
37:45:a0:4b:e2:25:ba:6d:03:c5:f3:fc:f8:0b:91:
1b:81:12:e2:92:92:b1:f0:5b:6e:fa:e1:ea:6b:a9:
08:7e:57:36:12:88:b4:46:90:f3:5c:36:8e:c9:ab:
7e:f1:6b:4c:2f:16:e5:45:f1:08:59:c6:be:fc:05:
65:8b:93:86:1d:0f:2c:9c:a3:9c:83:4d:d2:c4:05:
4c:8d:89:0c:d0:3f:d5:9b:9c:27:8f:ba:4a:84:e8:
0c:6b:c5:c5:46:2a:3d:c5:cc:68:f9:20:02:64:2f:
0f:40:b9:67:30:3f:b2:fb:43:3b:ec:d2:82:89:06:
78:7a:bd:4d:e0:97:1c:c8:ef:b3:9e:cc:cb:56:fd:
88:61:a4:f8:ef:4d:7d:1c:72:69:a6:85:2f:8b:98:
2d:41:39:02:de:70:10:22:5d:1e:c1:63:07:56:e4:
1f:c2:aa:e6:4d:66:da:57:21:ef:a0:35:14:ca:b6:
74:d8:d6:70:f9:82:2c:8e:ca:94:de:87:0e:f7:2d:
fc:75:61:4b:ea:ca:de:2e:54:93:32:9a:46:3e:52:
98:fd:3c:86:5c:55:29:9f:f9:45:c2:c7:da:3a:40:
2c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:EC:25:09:BD:8D:55:4A:5B:F2:8E:0B:42:56:24:C3:56:12:A3:1E
X509v3 Authority Key Identifier:
keyid:44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/2ewlCb2NVUpb8o4LQlYkw1YSox4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.14.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:1d:bd:4e:82:c2:4c:9b:a7:3e:e6:1a:60:0e:f0:20:62:90:
3f:0b:e5:c3:85:78:a8:56:b0:5c:c7:a3:dc:6c:86:ce:81:88:
a5:94:2f:08:90:16:03:16:0b:5d:36:4c:6f:86:e6:f8:0f:73:
d7:ae:12:30:81:83:71:4d:ed:35:65:d1:3b:19:cd:6f:e3:56:
ba:d5:a2:f7:2d:5d:52:35:94:c0:3b:3d:e3:08:4a:09:f6:cc:
47:3c:41:56:a9:75:f4:d0:2b:7a:2b:16:7d:d8:09:4f:7d:93:
92:67:ee:78:aa:85:ec:50:d3:f6:2b:a3:94:a9:15:14:a7:cc:
d5:06:75:b0:c5:d3:a7:cb:25:87:b2:8e:79:0f:1e:af:fc:fa:
84:68:8b:66:d3:6c:50:4a:eb:6d:74:cd:4d:9c:e9:f8:43:11:
df:68:81:36:f3:45:55:d4:2e:a9:21:e0:cd:6a:4b:12:7e:a6:
39:a5:99:44:d0:a9:eb:f5:bf:50:6e:b0:e5:55:28:df:90:c5:
5e:84:a6:ed:67:ea:c0:41:79:9d:b8:db:a8:82:72:9c:5f:ff:
cb:a7:4b:50:6e:98:71:f3:27:4f:af:79:b9:d5:a0:71:1e:16:
d9:f5:e4:c2:62:4a:cb:d9:32:76:dc:85:f6:9d:3e:b2:97:06:
ab:a3:5a:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp5A8p5huVV+biP2UbH/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZmM4ODdjOTc3MzkzNTc1ZGU2MjU3ZTc1ZmE5OWNkZTIw
MzdjNmMwHhcNMjMwMTAyMDg0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWVjMjUwOWJkOGQ1NTRhNWJmMjhlMGI0MjU2MjRjMzU2MTJhMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfqZ1ssAcfhKCXYitDYVwHbkEevL
DLMQSlSJFXA3RaBL4iW6bQPF8/z4C5EbgRLikpKx8Ftu+uHqa6kIflc2Eoi0RpDz
XDaOyat+8WtMLxblRfEIWca+/AVli5OGHQ8snKOcg03SxAVMjYkM0D/Vm5wnj7pK
hOgMa8XFRio9xcxo+SACZC8PQLlnMD+y+0M77NKCiQZ4er1N4JccyO+znszLVv2I
YaT47019HHJppoUvi5gtQTkC3nAQIl0ewWMHVuQfwqrmTWbaVyHvoDUUyrZ02NZw
+YIsjsqU3ocO9y38dWFL6sreLlSTMppGPlKY/TyGXFUpn/lFwsfaOkAsOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNnsJQm9jVVKW/KOC0JWJMNWEqMeMB8GA1UdIwQY
MBaAFET8iHyXc5NXXeYlfnX6mc3iA3xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMt
YzM2OWMxZDRjMzM3LzEvMmV3bENiMk5WVXBiOG80TFFsWWt3MVlTb3g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMtYzM2OWMxZDRjMzM3
LzEvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVUOMA0G
CSqGSIb3DQEBCwUAA4IBAQCPHb1OgsJMm6c+5hpgDvAgYpA/C+XDhXioVrBcx6Pc
bIbOgYillC8IkBYDFgtdNkxvhub4D3PXrhIwgYNxTe01ZdE7Gc1v41a61aL3LV1S
NZTAOz3jCEoJ9sxHPEFWqXX00Ct6KxZ92AlPfZOSZ+54qoXsUNP2K6OUqRUUp8zV
BnWwxdOnyyWHso55Dx6v/PqEaItm02xQSuttdM1NnOn4QxHfaIE280VV1C6pIeDN
aksSfqY5pZlE0Knr9b9QbrDlVSjfkMVehKbtZ+rAQXmduNuognKcX//Lp0tQbphx
8ydPr3m51aBxHhbZ9eTCYkrL2TJ23IX2nT6ylwaro1qW
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:14 2025 by rpki-client