Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/vkMuO_fNOQmPrCraQgHgm7mJj7E.roa
File: vkMuO_fNOQmPrCraQgHgm7mJj7E.roa (raw, json)
Hash identifier: HIL6BK6FYa3GFauwGoR0c0dlo22pRQNW3db4KMqqTXo=
Subject key identifier: BE:43:2E:3B:F7:CD:39:09:8F:AC:2A:DA:42:01:E0:9B:B9:89:8F:B1
Certificate issuer: /CN=44fc887c977393575de6257e75fa99cde2037c6c
Certificate serial: 018571A78DD17C8A99FAFE41D0514B6B554C
Authority key identifier: 44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/vkMuO_fNOQmPrCraQgHgm7mJj7E.roa
Signing time: Mon 02 Jan 2023 08:44:44 +0000
ROA not before: Mon 02 Jan 2023 08:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57351
IP address blocks: 45.85.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:8d:d1:7c:8a:99:fa:fe:41:d0:51:4b:6b:55:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44fc887c977393575de6257e75fa99cde2037c6c
Validity
Not Before: Jan 2 08:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be432e3bf7cd39098fac2ada4201e09bb9898fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e2:16:8d:d4:4f:c8:db:55:21:9e:af:86:46:
fb:80:c5:e8:41:29:65:58:55:0c:e0:29:c0:e5:67:
c5:34:bf:b7:fa:9e:bb:6c:88:d9:bf:00:f9:2f:ef:
ef:ab:4b:42:31:33:15:e3:fe:b6:74:fd:00:83:20:
2a:b2:3d:75:ca:82:02:6e:39:00:3c:33:b6:7c:1a:
ca:3b:38:ee:af:ed:7a:37:3c:b2:64:f9:41:a1:b7:
ab:ff:80:11:bd:48:5b:53:c2:1d:58:64:06:40:bc:
2b:0e:69:0d:e1:97:0a:8b:fc:7b:db:64:2a:ca:e5:
20:ff:79:31:95:08:70:5b:32:6f:15:f3:02:67:9f:
f9:3a:76:cd:b6:92:e2:6e:f3:c3:3a:3b:8d:27:ea:
8a:f5:50:8d:be:e3:f6:65:19:d8:d8:f7:ed:f6:cc:
11:7c:61:d3:00:62:53:43:13:3b:e6:99:41:b7:ec:
81:d8:55:09:c9:64:26:44:93:11:57:a4:39:db:14:
9e:a8:aa:99:40:d3:3f:dd:3e:54:07:b5:25:c7:16:
d0:6e:c5:16:db:9f:87:18:a4:db:0e:c0:d8:72:33:
c1:fc:20:bf:de:dc:67:71:07:88:35:6a:a6:2f:b9:
74:43:59:29:48:0e:d0:3c:f7:dd:9d:10:b0:51:68:
77:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:43:2E:3B:F7:CD:39:09:8F:AC:2A:DA:42:01:E0:9B:B9:89:8F:B1
X509v3 Authority Key Identifier:
keyid:44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/vkMuO_fNOQmPrCraQgHgm7mJj7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.15.0/24
Signature Algorithm: sha256WithRSAEncryption
73:2c:83:55:9a:fd:1e:8b:17:07:05:dc:d9:5a:cf:b2:52:79:
b7:a5:80:6b:90:f2:81:3b:ac:26:15:13:c6:e8:05:a9:cb:ac:
eb:f1:84:22:7a:21:7f:c9:76:87:8a:f0:f6:30:4f:b2:98:be:
93:46:69:61:d9:a3:c9:83:27:80:bf:ef:ea:f1:5b:03:7a:1e:
36:4b:52:92:ee:f8:f4:3e:6e:0f:04:5d:33:db:8b:7d:5a:17:
a5:24:a5:93:34:79:6e:0a:cf:9a:83:65:16:24:8b:50:5a:d6:
7e:c6:72:c2:8c:0a:20:96:34:92:a4:78:d8:1a:fe:a4:b2:16:
41:62:6e:ca:2d:0d:ee:80:08:a0:95:50:e1:b3:2e:b6:51:ee:
e0:27:15:4c:ef:79:92:67:2a:38:6a:a5:4f:45:d3:35:f4:b4:
1b:cb:c9:02:f3:ec:c4:96:bb:f4:d3:d4:8d:c9:f9:1f:20:ac:
30:0b:20:f4:0c:08:84:b6:b8:47:cb:0c:7a:55:7b:09:a8:2f:
f5:7c:18:d3:77:c4:f6:99:d9:28:d9:cd:66:d3:e5:3a:66:69:
cc:75:11:21:c1:93:a7:d4:19:20:ac:96:f8:8f:70:7e:28:f0:
49:a6:ce:4d:6a:9e:f9:9a:c9:68:fa:ef:09:73:49:9c:dd:aa:
79:b5:18:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp43RfIqZ+v5B0FFLa1VMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZmM4ODdjOTc3MzkzNTc1ZGU2MjU3ZTc1ZmE5OWNkZTIw
MzdjNmMwHhcNMjMwMTAyMDg0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTQzMmUzYmY3Y2QzOTA5OGZhYzJhZGE0MjAxZTA5YmI5ODk4ZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuIWjdRPyNtVIZ6vhkb7gMXoQSll
WFUM4CnA5WfFNL+3+p67bIjZvwD5L+/vq0tCMTMV4/62dP0AgyAqsj11yoICbjkA
PDO2fBrKOzjur+16NzyyZPlBober/4ARvUhbU8IdWGQGQLwrDmkN4ZcKi/x722Qq
yuUg/3kxlQhwWzJvFfMCZ5/5OnbNtpLibvPDOjuNJ+qK9VCNvuP2ZRnY2Pft9swR
fGHTAGJTQxM75plBt+yB2FUJyWQmRJMRV6Q52xSeqKqZQNM/3T5UB7UlxxbQbsUW
25+HGKTbDsDYcjPB/CC/3txncQeINWqmL7l0Q1kpSA7QPPfdnRCwUWh3LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5DLjv3zTkJj6wq2kIB4Ju5iY+xMB8GA1UdIwQY
MBaAFET8iHyXc5NXXeYlfnX6mc3iA3xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMt
YzM2OWMxZDRjMzM3LzEvdmtNdU9fZk5PUW1QckNyYVFnSGdtN21KajdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMtYzM2OWMxZDRjMzM3
LzEvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVUPMA0G
CSqGSIb3DQEBCwUAA4IBAQBzLINVmv0eixcHBdzZWs+yUnm3pYBrkPKBO6wmFRPG
6AWpy6zr8YQieiF/yXaHivD2ME+ymL6TRmlh2aPJgyeAv+/q8VsDeh42S1KS7vj0
Pm4PBF0z24t9WhelJKWTNHluCs+ag2UWJItQWtZ+xnLCjAogljSSpHjYGv6kshZB
Ym7KLQ3ugAiglVDhsy62Ue7gJxVM73mSZyo4aqVPRdM19LQby8kC8+zElrv009SN
yfkfIKwwCyD0DAiEtrhHywx6VXsJqC/1fBjTd8T2mdko2c1m0+U6ZmnMdREhwZOn
1BkgrJb4j3B+KPBJps5Nap75mslo+u8Jc0mc3ap5tRgb
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:48 2025 by rpki-client