Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/vRAnqOC38UhCwaxKrzHA7C-8rJY.roa
File: vRAnqOC38UhCwaxKrzHA7C-8rJY.roa (raw, json)
Hash identifier: S5h3yCXn3CE6RZhUxR6WZ3EiPvRtIyGNkqnjBhAOAh8=
Subject key identifier: BD:10:27:A8:E0:B7:F1:48:42:C1:AC:4A:AF:31:C0:EC:2F:BC:AC:96
Certificate issuer: /CN=0c477abf0a27ede886fbc42413d7a89c226b11fa
Certificate serial: 018B7B84656EB1D96D9A327B93EF78EF1F65
Authority key identifier: 0C:47:7A:BF:0A:27:ED:E8:86:FB:C4:24:13:D7:A8:9C:22:6B:11:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEd6vwon7eiG-8QkE9eonCJrEfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/vRAnqOC38UhCwaxKrzHA7C-8rJY.roa
Signing time: Sun 29 Oct 2023 12:59:16 +0000
ROA not before: Sun 29 Oct 2023 12:59:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60241
IP address blocks: 45.87.208.0/22 maxlen: 22
2a06:bc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7b:84:65:6e:b1:d9:6d:9a:32:7b:93:ef:78:ef:1f:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c477abf0a27ede886fbc42413d7a89c226b11fa
Validity
Not Before: Oct 29 12:59:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd1027a8e0b7f14842c1ac4aaf31c0ec2fbcac96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:99:0c:4a:28:a3:18:8b:5c:00:ab:72:ef:59:
dc:50:aa:14:2a:9d:6a:13:dd:24:b6:cb:8d:8f:20:
d9:63:e1:dc:ad:6c:57:32:38:62:6f:92:3f:10:70:
23:7d:34:9e:c2:f8:bd:ee:d1:1d:f4:88:4d:95:43:
73:1f:1a:8e:ac:78:57:e4:f3:aa:8c:12:3d:96:39:
8c:5b:72:94:60:8a:29:a2:79:d1:61:ca:da:9e:7c:
d9:31:02:77:36:e9:e9:33:60:95:4e:c7:03:0f:cb:
2f:32:e0:3d:87:10:26:d9:d3:e1:b5:0e:e8:5f:88:
e9:46:cd:07:e7:31:2d:6f:6d:0b:ff:3f:77:3a:e3:
09:da:99:7c:63:7d:f6:ad:92:51:55:43:33:51:17:
6f:e4:e6:1e:f6:e1:6f:25:03:26:fe:ea:83:2f:2c:
fe:1d:f6:e3:8e:f6:5f:a3:25:4a:40:d1:a7:58:a0:
e7:6b:80:ad:8c:8d:ed:ad:ac:9d:f6:1e:89:df:c2:
93:6c:a0:be:10:fe:0c:e0:79:57:80:98:96:47:87:
82:ea:07:d8:7d:e2:5c:2f:9d:58:9a:ce:db:2a:9f:
76:17:05:5b:b4:7f:b0:22:c2:d9:9a:38:98:d3:c1:
cb:eb:db:92:74:ca:85:88:27:c8:d7:dc:7e:35:1f:
f3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:10:27:A8:E0:B7:F1:48:42:C1:AC:4A:AF:31:C0:EC:2F:BC:AC:96
X509v3 Authority Key Identifier:
keyid:0C:47:7A:BF:0A:27:ED:E8:86:FB:C4:24:13:D7:A8:9C:22:6B:11:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEd6vwon7eiG-8QkE9eonCJrEfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/vRAnqOC38UhCwaxKrzHA7C-8rJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/DEd6vwon7eiG-8QkE9eonCJrEfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.208.0/22
IPv6:
2a06:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
9c:35:e7:45:be:33:cd:66:b5:48:b8:87:dc:d2:cd:44:84:cc:
c6:89:bb:07:07:8f:79:56:3e:12:5b:89:4f:14:dd:69:7f:81:
ec:18:49:b7:bc:ea:51:0d:f6:21:19:7b:ee:a0:6b:a9:fc:1f:
6c:d1:36:52:bf:d7:d7:cf:d0:c3:df:71:77:d3:da:5c:3e:b0:
5c:7f:6e:f7:69:b0:d8:2f:33:55:57:8a:19:cd:4e:20:40:da:
3e:66:cd:3a:db:9e:67:7b:6d:fa:fe:ea:dd:cd:0c:de:e0:54:
57:fa:05:49:8c:00:8a:28:51:11:24:e9:5f:a3:46:15:da:34:
3c:70:a1:e5:70:61:d8:17:86:9c:6b:f8:8e:04:06:e8:08:b6:
50:f7:c9:28:27:2d:a9:97:b1:3e:0a:cb:8f:0b:f0:82:d9:4c:
31:a7:13:57:94:eb:8a:77:48:dc:23:b1:f5:76:f0:d4:76:fb:
c2:4f:09:4d:9d:ee:b6:58:23:7c:66:fa:4e:1d:e9:ab:cc:92:
ab:8e:49:3c:65:9c:f7:d8:59:07:2e:c6:8b:57:0e:1b:ff:c0:
5b:f1:c5:3b:82:65:ed:c4:26:3b:51:07:57:1c:00:87:5d:0d:
d3:01:f2:f1:0c:cb:03:96:bc:41:01:66:c5:f6:54:14:f4:fc:
95:ae:ad:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYt7hGVusdltmjJ7k+947x9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDc3YWJmMGEyN2VkZTg4NmZiYzQyNDEzZDdhODljMjI2
YjExZmEwHhcNMjMxMDI5MTI1OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDEwMjdhOGUwYjdmMTQ4NDJjMWFjNGFhZjMxYzBlYzJmYmNhYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJkMSiijGItcAKty71ncUKoUKp1q
E90ktsuNjyDZY+HcrWxXMjhib5I/EHAjfTSewvi97tEd9IhNlUNzHxqOrHhX5POq
jBI9ljmMW3KUYIoponnRYcrannzZMQJ3NunpM2CVTscDD8svMuA9hxAm2dPhtQ7o
X4jpRs0H5zEtb20L/z93OuMJ2pl8Y332rZJRVUMzURdv5OYe9uFvJQMm/uqDLyz+
HfbjjvZfoyVKQNGnWKDna4CtjI3trayd9h6J38KTbKC+EP4M4HlXgJiWR4eC6gfY
feJcL51Yms7bKp92FwVbtH+wIsLZmjiY08HL69uSdMqFiCfI19x+NR/zlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL0QJ6jgt/FIQsGsSq8xwOwvvKyWMB8GA1UdIwQY
MBaAFAxHer8KJ+3ohvvEJBPXqJwiaxH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVkNnZ3b243ZWlHLThRa0U5ZW9uQ0pyRWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81NTZkM2QtMDQyMi00NjEyLWEyMTct
MThmNGY2NmE1MGEwLzEvdlJBbnFPQzM4VWhDd2F4S3J6SEE3Qy04ckpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81NTZkM2QtMDQyMi00NjEyLWEyMTctMThmNGY2NmE1MGEw
LzEvREVkNnZ3b243ZWlHLThRa0U5ZW9uQ0pyRWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVfQMA0E
AgACMAcDBQMqBgvAMA0GCSqGSIb3DQEBCwUAA4IBAQCcNedFvjPNZrVIuIfc0s1E
hMzGibsHB495Vj4SW4lPFN1pf4HsGEm3vOpRDfYhGXvuoGup/B9s0TZSv9fXz9DD
33F309pcPrBcf273abDYLzNVV4oZzU4gQNo+Zs06255ne236/urdzQze4FRX+gVJ
jACKKFERJOlfo0YV2jQ8cKHlcGHYF4aca/iOBAboCLZQ98koJy2pl7E+CsuPC/CC
2UwxpxNXlOuKd0jcI7H1dvDUdvvCTwlNne62WCN8ZvpOHemrzJKrjkk8ZZz32FkH
LsaLVw4b/8Bb8cU7gmXtxCY7UQdXHACHXQ3TAfLxDMsDlrxBAWbF9lQU9PyVrq1Z
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:54 2025 by rpki-client