Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/XNCZW6F49564o44otKbch1d85VI.roa
File: XNCZW6F49564o44otKbch1d85VI.roa (raw, json)
Hash identifier: dhEMDSGuxWy3hvc5MHOXYX1JHAiM37DzNZ8fnTiFrEM=
Subject key identifier: 5C:D0:99:5B:A1:78:F7:9E:B8:A3:8E:28:B4:A6:DC:87:57:7C:E5:52
Certificate issuer: /CN=44fc887c977393575de6257e75fa99cde2037c6c
Certificate serial: 018571A78EC3776EDD463315850529244CD6
Authority key identifier: 44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/XNCZW6F49564o44otKbch1d85VI.roa
Signing time: Mon 02 Jan 2023 08:44:44 +0000
ROA not before: Mon 02 Jan 2023 08:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 45.85.13.0/24 maxlen: 24
45.85.12.0/23 maxlen: 24
193.43.142.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:8e:c3:77:6e:dd:46:33:15:85:05:29:24:4c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44fc887c977393575de6257e75fa99cde2037c6c
Validity
Not Before: Jan 2 08:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cd0995ba178f79eb8a38e28b4a6dc87577ce552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:77:c9:99:d5:68:f2:76:e4:b1:52:49:32:09:
d1:14:98:47:6c:e9:d7:81:45:d7:80:a4:9f:0c:d3:
4e:a2:f4:55:65:97:a5:63:8d:8b:4e:95:f4:e4:55:
a0:df:f3:7e:94:b2:b5:d8:b5:89:dd:31:59:42:c4:
5c:a4:3d:bd:88:a0:cd:e0:91:af:48:94:ea:00:fe:
59:b4:dc:17:b3:58:00:31:5b:ff:00:c0:2e:b4:a5:
51:a6:0f:a0:93:cb:5e:94:e2:d5:6b:96:3d:54:5c:
a3:02:96:04:32:b3:9b:e9:8b:a6:ed:e8:41:ba:98:
f2:6c:91:67:f6:70:ad:12:26:17:6b:81:52:47:d0:
27:0a:27:53:b5:ca:62:83:df:eb:2c:70:5d:7d:52:
14:45:0c:8a:33:48:71:29:52:0a:04:33:db:89:b2:
17:8b:31:ed:f6:86:ec:77:de:53:9a:15:b3:f6:8c:
a0:60:02:e3:29:93:f7:6d:b2:03:a4:be:35:21:91:
de:72:b7:6d:ee:bd:11:6c:29:4c:9e:f1:e1:0f:4a:
a6:74:70:28:bb:ae:e8:dc:df:95:7a:18:77:db:e3:
36:e2:d0:98:93:a0:94:6b:d6:0e:66:da:97:2e:bf:
e3:79:f0:81:34:6e:4c:6f:43:d4:d5:bf:99:10:7f:
9b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D0:99:5B:A1:78:F7:9E:B8:A3:8E:28:B4:A6:DC:87:57:7C:E5:52
X509v3 Authority Key Identifier:
keyid:44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/XNCZW6F49564o44otKbch1d85VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.12.0/23
193.43.142.0/23
Signature Algorithm: sha256WithRSAEncryption
13:9a:5e:92:c5:67:44:6e:85:6a:30:5d:fd:1c:bf:5b:0f:21:
40:1e:d7:9c:3b:0b:76:61:66:95:28:5d:ec:9a:5f:12:e5:7b:
37:63:7d:2b:a4:2f:fb:89:a6:ac:4c:c4:b9:cf:03:cc:77:f6:
e9:41:7a:78:31:af:a6:e1:3b:0e:f9:ab:f1:47:29:c6:38:09:
27:a9:62:7d:ec:e3:32:e7:da:2f:41:6a:f7:23:d2:97:c4:ed:
57:7a:cd:7b:9a:1c:f5:8f:13:22:ee:d8:fa:81:23:88:de:e7:
4b:c5:09:dd:36:b0:71:a2:68:20:d5:8b:38:ee:59:be:a7:6f:
e1:0b:a2:33:6a:0f:1d:ee:a9:50:89:0c:66:ce:14:d0:1e:8f:
06:b7:84:33:a8:31:60:32:3e:1f:8b:a7:f9:a0:1b:66:5a:b2:
8f:08:65:4e:2a:ef:db:1f:39:f3:6e:60:2a:b7:95:c7:38:f3:
db:b0:d9:5e:d4:14:7c:6a:ad:79:52:5e:5a:b5:59:12:79:55:
53:14:83:0b:0c:e4:d9:11:1d:74:04:36:82:d8:7e:b4:7b:42:
01:3a:4a:43:ef:5d:09:e3:e1:3f:ee:f6:d3:72:95:63:3e:e9:
ac:f1:37:6e:b8:55:6f:97:24:93:6d:9e:74:2b:df:cc:32:e2:
b6:e7:0f:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp47Dd27dRjMVhQUpJEzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZmM4ODdjOTc3MzkzNTc1ZGU2MjU3ZTc1ZmE5OWNkZTIw
MzdjNmMwHhcNMjMwMTAyMDg0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2QwOTk1YmExNzhmNzllYjhhMzhlMjhiNGE2ZGM4NzU3N2NlNTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3fJmdVo8nbksVJJMgnRFJhHbOnX
gUXXgKSfDNNOovRVZZelY42LTpX05FWg3/N+lLK12LWJ3TFZQsRcpD29iKDN4JGv
SJTqAP5ZtNwXs1gAMVv/AMAutKVRpg+gk8telOLVa5Y9VFyjApYEMrOb6Yum7ehB
upjybJFn9nCtEiYXa4FSR9AnCidTtcpig9/rLHBdfVIURQyKM0hxKVIKBDPbibIX
izHt9obsd95TmhWz9oygYALjKZP3bbIDpL41IZHecrdt7r0RbClMnvHhD0qmdHAo
u67o3N+Vehh32+M24tCYk6CUa9YOZtqXLr/jefCBNG5Mb0PU1b+ZEH+blwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFzQmVuhePeeuKOOKLSm3IdXfOVSMB8GA1UdIwQY
MBaAFET8iHyXc5NXXeYlfnX6mc3iA3xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMt
YzM2OWMxZDRjMzM3LzEvWE5DWlc2RjQ5NTY0bzQ0b3RLYmNoMWQ4NVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMtYzM2OWMxZDRjMzM3
LzEvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVUMAwQB
wSuOMA0GCSqGSIb3DQEBCwUAA4IBAQATml6SxWdEboVqMF39HL9bDyFAHtecOwt2
YWaVKF3sml8S5Xs3Y30rpC/7iaasTMS5zwPMd/bpQXp4Ma+m4TsO+avxRynGOAkn
qWJ97OMy59ovQWr3I9KXxO1Xes17mhz1jxMi7tj6gSOI3udLxQndNrBxomgg1Ys4
7lm+p2/hC6Izag8d7qlQiQxmzhTQHo8Gt4QzqDFgMj4fi6f5oBtmWrKPCGVOKu/b
HznzbmAqt5XHOPPbsNle1BR8aq15Ul5atVkSeVVTFIMLDOTZER10BDaC2H60e0IB
OkpD710J4+E/7vbTcpVjPums8TduuFVvlySTbZ50K9/MMuK25w+t
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:27 2025 by rpki-client