Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/2e38ea-c9fa-4013-9fd3-858c6f8829eb/1/rFe71Lmtxicxj8wrXGFxwR2BNhE.roa
File: rFe71Lmtxicxj8wrXGFxwR2BNhE.roa (raw, json)
Hash identifier: qFMW0MPLWDZ8hhkXNvfFGb0BEPgHNkhVpX5F+gy6yPA=
Subject key identifier: AC:57:BB:D4:B9:AD:C6:27:31:8F:CC:2B:5C:61:71:C1:1D:81:36:11
Certificate issuer: /CN=962aa32ebec9cea1c93c4bd55f85ef7e0a5d4f92
Certificate serial: 0185E930E38445C8C676F68D421327022F08
Authority key identifier: 96:2A:A3:2E:BE:C9:CE:A1:C9:3C:4B:D5:5F:85:EF:7E:0A:5D:4F:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/liqjLr7JzqHJPEvVX4XvfgpdT5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/2e38ea-c9fa-4013-9fd3-858c6f8829eb/1/rFe71Lmtxicxj8wrXGFxwR2BNhE.roa
Signing time: Wed 25 Jan 2023 13:49:33 +0000
ROA not before: Wed 25 Jan 2023 13:49:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49544
IP address blocks: 45.147.87.0/24 maxlen: 24
2a13:3ec0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:30:e3:84:45:c8:c6:76:f6:8d:42:13:27:02:2f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=962aa32ebec9cea1c93c4bd55f85ef7e0a5d4f92
Validity
Not Before: Jan 25 13:49:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac57bbd4b9adc627318fcc2b5c6171c11d813611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9e:7c:f4:1b:c8:95:cc:84:4d:e4:60:54:d1:
1f:c9:08:9d:75:db:1b:d8:dc:85:a8:78:38:82:e7:
43:69:11:3e:41:ee:56:09:0d:55:c6:8b:9e:5b:8e:
f4:6c:c7:58:31:b3:a8:d1:63:4d:cd:90:ae:b8:44:
c8:19:4e:9e:51:93:64:a1:f4:00:6c:fa:97:cc:35:
4a:e5:ee:46:3a:a2:b7:53:04:65:8b:5b:5c:d9:85:
2d:86:92:7b:59:55:f9:88:b7:99:af:3e:81:df:d0:
85:45:02:7f:5b:a3:27:cb:fa:65:94:62:8c:16:98:
a0:ad:c0:b7:8f:a9:fb:1a:a7:b2:bb:e5:2b:bf:89:
e6:12:2e:52:c1:5f:22:a2:d3:e0:fd:cc:8f:99:47:
f5:d5:a6:ed:90:5f:80:84:2a:d8:a7:cc:04:30:26:
92:c0:11:e3:93:af:44:a7:87:3b:ba:41:a1:5e:cd:
f2:c1:4c:40:90:ec:f5:64:25:5f:7c:e4:a3:8d:4d:
d5:81:1a:1e:5a:c8:5d:1b:19:86:b8:59:7a:1d:98:
7f:b0:e1:54:40:d2:6f:f4:9e:cf:be:e9:3b:b9:36:
d4:c9:f2:a9:f9:f7:ad:74:03:50:af:ab:9a:64:17:
e4:77:14:b1:f0:9c:62:63:f4:bb:dd:40:31:84:cf:
b4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:57:BB:D4:B9:AD:C6:27:31:8F:CC:2B:5C:61:71:C1:1D:81:36:11
X509v3 Authority Key Identifier:
keyid:96:2A:A3:2E:BE:C9:CE:A1:C9:3C:4B:D5:5F:85:EF:7E:0A:5D:4F:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/liqjLr7JzqHJPEvVX4XvfgpdT5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2e38ea-c9fa-4013-9fd3-858c6f8829eb/1/rFe71Lmtxicxj8wrXGFxwR2BNhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2e38ea-c9fa-4013-9fd3-858c6f8829eb/1/liqjLr7JzqHJPEvVX4XvfgpdT5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.87.0/24
IPv6:
2a13:3ec0::/29
Signature Algorithm: sha256WithRSAEncryption
17:98:fd:4d:12:7b:57:f9:09:76:1e:4d:87:41:2b:13:51:65:
46:4e:4b:91:11:a6:8d:c3:5e:24:6c:33:38:2c:bb:98:4a:29:
d3:cf:4f:14:e2:2b:46:e7:98:e2:3d:c8:24:e3:b0:80:21:46:
7e:17:49:b2:ad:44:76:62:f1:f3:2b:35:99:ca:4b:7e:be:63:
29:5f:39:9e:f9:d7:1c:be:08:68:37:5d:91:76:e8:6c:c0:e4:
78:10:7c:bf:26:52:95:5a:eb:01:a3:a6:ec:25:56:b9:af:9d:
43:1c:20:9e:6e:aa:46:81:27:01:69:a1:d7:7d:72:82:28:86:
a8:69:57:df:76:8f:5a:08:f2:d7:01:e5:7d:50:f6:d2:ec:4c:
96:34:1d:6a:97:64:b3:5f:22:8c:6c:fc:15:15:7e:6b:8d:b1:
35:fe:8f:1f:ac:54:ed:22:eb:5d:ce:94:d7:b7:59:eb:15:51:
5d:6b:8a:79:40:4c:cb:a2:1a:83:f5:8b:fa:79:be:69:a8:24:
eb:d4:79:da:1d:9a:ab:ac:d6:f3:2d:6d:d3:c1:37:cd:ae:90:
e4:25:33:44:d5:ec:f1:f9:50:98:92:db:6b:a1:34:51:83:41:
f3:8e:d7:41:4b:df:70:59:cd:83:fd:83:2b:76:f1:fe:7e:67:
6d:51:7c:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYXpMOOERcjGdvaNQhMnAi8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MmFhMzJlYmVjOWNlYTFjOTNjNGJkNTVmODVlZjdlMGE1
ZDRmOTIwHhcNMjMwMTI1MTM0OTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzU3YmJkNGI5YWRjNjI3MzE4ZmNjMmI1YzYxNzFjMTFkODEzNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ589BvIlcyETeRgVNEfyQidddsb
2NyFqHg4gudDaRE+Qe5WCQ1VxoueW470bMdYMbOo0WNNzZCuuETIGU6eUZNkofQA
bPqXzDVK5e5GOqK3UwRli1tc2YUthpJ7WVX5iLeZrz6B39CFRQJ/W6Mny/pllGKM
FpigrcC3j6n7Gqeyu+Urv4nmEi5SwV8iotPg/cyPmUf11abtkF+AhCrYp8wEMCaS
wBHjk69Ep4c7ukGhXs3ywUxAkOz1ZCVffOSjjU3VgRoeWshdGxmGuFl6HZh/sOFU
QNJv9J7Pvuk7uTbUyfKp+fetdANQr6uaZBfkdxSx8JxiY/S73UAxhM+0HQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKxXu9S5rcYnMY/MK1xhccEdgTYRMB8GA1UdIwQY
MBaAFJYqoy6+yc6hyTxL1V+F734KXU+SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGlxakxyN0p6cUhKUEV2Vlg0WHZmZ3BkVDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8yZTM4ZWEtYzlmYS00MDEzLTlmZDMt
ODU4YzZmODgyOWViLzEvckZlNzFMbXR4aWN4ajh3clhHRnh3UjJCTmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8yZTM4ZWEtYzlmYS00MDEzLTlmZDMtODU4YzZmODgyOWVi
LzEvbGlxakxyN0p6cUhKUEV2Vlg0WHZmZ3BkVDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALZNXMA0E
AgACMAcDBQMqEz7AMA0GCSqGSIb3DQEBCwUAA4IBAQAXmP1NEntX+Ql2Hk2HQSsT
UWVGTkuREaaNw14kbDM4LLuYSinTz08U4itG55jiPcgk47CAIUZ+F0myrUR2YvHz
KzWZykt+vmMpXzme+dccvghoN12RduhswOR4EHy/JlKVWusBo6bsJVa5r51DHCCe
bqpGgScBaaHXfXKCKIaoaVffdo9aCPLXAeV9UPbS7EyWNB1ql2SzXyKMbPwVFX5r
jbE1/o8frFTtIutdzpTXt1nrFVFda4p5QEzLohqD9Yv6eb5pqCTr1HnaHZqrrNbz
LW3TwTfNrpDkJTNE1ezx+VCYkttroTRRg0HzjtdBS99wWc2D/YMrdvH+fmdtUXwd
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:24 2025 by rpki-client