Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/f17722-e58b-4452-8135-eaa5acf35fd1/1/P1wS4MkrS2WWM-sOuRvZWPr7D2E.roa
File: P1wS4MkrS2WWM-sOuRvZWPr7D2E.roa (raw, json)
Hash identifier: PN1AVczucLVeljCRaffkRkugFzmUp/5YUs/obQqxzDA=
Subject key identifier: 3F:5C:12:E0:C9:2B:4B:65:96:33:EB:0E:B9:1B:D9:58:FA:FB:0F:61
Certificate issuer: /CN=9cd67d1033ca472b5bb80fd596bb836d12e22261
Certificate serial: 01856DCAF8B65B29DF40AC8EAC4C75A79398
Authority key identifier: 9C:D6:7D:10:33:CA:47:2B:5B:B8:0F:D5:96:BB:83:6D:12:E2:22:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nNZ9EDPKRytbuA_VlruDbRLiImE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/f17722-e58b-4452-8135-eaa5acf35fd1/1/P1wS4MkrS2WWM-sOuRvZWPr7D2E.roa
Signing time: Sun 01 Jan 2023 14:44:56 +0000
ROA not before: Sun 01 Jan 2023 14:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208710
IP address blocks: 45.66.0.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f8:b6:5b:29:df:40:ac:8e:ac:4c:75:a7:93:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cd67d1033ca472b5bb80fd596bb836d12e22261
Validity
Not Before: Jan 1 14:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f5c12e0c92b4b659633eb0eb91bd958fafb0f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0b:89:d5:38:b5:71:58:34:5d:ed:b7:68:64:
21:40:28:52:b5:c0:f2:e8:ca:38:a1:4c:21:33:ed:
df:4d:7d:79:01:31:f4:3b:6c:d5:18:d8:57:2f:86:
e5:1f:a9:4e:b6:19:83:8e:09:0e:1d:b1:f2:20:13:
93:18:40:f2:26:21:0a:99:f9:3f:09:84:bf:fd:39:
95:5c:53:5c:e2:79:9f:a0:13:ad:0a:ab:a5:f2:3c:
6e:d6:f4:96:78:1c:3c:b5:66:89:13:8d:60:91:04:
27:79:e9:68:32:d3:a9:c9:38:e1:a3:96:6b:f8:c8:
f4:5f:61:2c:d3:4b:2f:8f:e8:2f:a2:74:0f:97:39:
53:04:36:57:6d:d7:f3:b8:2e:3e:b9:7d:2f:84:fb:
83:89:3e:b4:19:5c:42:ac:9a:5b:02:4d:ac:53:17:
8c:51:99:d9:08:81:7c:b4:6d:4f:3f:1b:28:25:86:
ea:a8:6b:5f:69:cc:dc:cb:d3:80:02:c7:1b:b7:8a:
8a:1d:bd:d8:7a:81:cc:a3:f6:c4:56:5f:8a:0d:af:
de:ef:2a:79:30:ab:47:9f:09:fa:f0:90:f0:17:92:
95:f3:2a:ed:06:91:79:85:ae:1f:23:7e:24:7d:fa:
29:83:a3:ba:43:2d:16:a5:98:c9:4f:4d:6f:75:aa:
ff:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:5C:12:E0:C9:2B:4B:65:96:33:EB:0E:B9:1B:D9:58:FA:FB:0F:61
X509v3 Authority Key Identifier:
keyid:9C:D6:7D:10:33:CA:47:2B:5B:B8:0F:D5:96:BB:83:6D:12:E2:22:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nNZ9EDPKRytbuA_VlruDbRLiImE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f17722-e58b-4452-8135-eaa5acf35fd1/1/P1wS4MkrS2WWM-sOuRvZWPr7D2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f17722-e58b-4452-8135-eaa5acf35fd1/1/nNZ9EDPKRytbuA_VlruDbRLiImE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.0.0/22
Signature Algorithm: sha256WithRSAEncryption
43:37:be:31:da:d7:3e:39:21:f8:5d:c8:47:31:f8:42:9b:3d:
0f:7a:ab:6c:e6:48:f2:b5:49:c6:ac:b0:f5:cf:6a:d1:95:3b:
6c:8f:66:2b:5b:4a:30:14:5d:74:11:c5:a1:4e:cb:f9:03:56:
6e:1b:32:3b:86:7d:ca:83:a1:0f:29:69:06:76:a3:21:1c:d7:
88:41:c8:1b:47:a2:15:95:ac:6b:e3:44:b3:2d:f4:0c:db:73:
7e:d4:0b:a9:ff:80:69:e7:13:9f:fa:d2:82:cc:6e:e4:5a:87:
5c:f6:4e:5b:24:e4:f3:79:d0:c1:fc:02:95:db:fd:bf:3f:3f:
0e:40:7d:6a:2b:b5:68:f4:78:f1:a3:e3:83:80:8e:aa:d7:97:
30:27:f4:3f:d3:96:00:8e:be:0e:60:40:4d:02:81:4a:24:fd:
75:99:cf:2a:34:f6:35:9f:b9:13:f3:3e:ff:7a:cb:17:fa:30:
68:e2:c5:d4:26:90:43:f9:bf:e1:4c:69:1c:06:84:f9:f8:56:
4a:1a:52:77:af:18:4f:5b:c6:bd:07:98:bd:2d:b6:4c:0e:fa:
9f:31:4c:68:bc:a9:25:7e:53:3f:97:eb:db:1b:42:26:2c:f8:
2b:75:8e:2e:68:48:45:ac:c2:75:c2:c9:cc:f9:0c:f7:d4:60:
bc:f4:bf:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyvi2WynfQKyOrEx1p5OYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZDY3ZDEwMzNjYTQ3MmI1YmI4MGZkNTk2YmI4MzZkMTJl
MjIyNjEwHhcNMjMwMTAxMTQ0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjVjMTJlMGM5MmI0YjY1OTYzM2ViMGViOTFiZDk1OGZhZmIwZjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAuJ1Ti1cVg0Xe23aGQhQChStcDy
6Mo4oUwhM+3fTX15ATH0O2zVGNhXL4blH6lOthmDjgkOHbHyIBOTGEDyJiEKmfk/
CYS//TmVXFNc4nmfoBOtCqul8jxu1vSWeBw8tWaJE41gkQQneeloMtOpyTjho5Zr
+Mj0X2Es00svj+gvonQPlzlTBDZXbdfzuC4+uX0vhPuDiT60GVxCrJpbAk2sUxeM
UZnZCIF8tG1PPxsoJYbqqGtfaczcy9OAAscbt4qKHb3YeoHMo/bEVl+KDa/e7yp5
MKtHnwn68JDwF5KV8yrtBpF5ha4fI34kffopg6O6Qy0WpZjJT01vdar/YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD9cEuDJK0tlljPrDrkb2Vj6+w9hMB8GA1UdIwQY
MBaAFJzWfRAzykcrW7gP1Za7g20S4iJhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk5aOUVEUEtSeXRidUFfVmxydURiUkxpSW1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9mMTc3MjItZTU4Yi00NDUyLTgxMzUt
ZWFhNWFjZjM1ZmQxLzEvUDF3UzRNa3JTMldXTS1zT3VSdlpXUHI3RDJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9mMTc3MjItZTU4Yi00NDUyLTgxMzUtZWFhNWFjZjM1ZmQx
LzEvbk5aOUVEUEtSeXRidUFfVmxydURiUkxpSW1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUIAMA0G
CSqGSIb3DQEBCwUAA4IBAQBDN74x2tc+OSH4XchHMfhCmz0Peqts5kjytUnGrLD1
z2rRlTtsj2YrW0owFF10EcWhTsv5A1ZuGzI7hn3Kg6EPKWkGdqMhHNeIQcgbR6IV
laxr40SzLfQM23N+1Aup/4Bp5xOf+tKCzG7kWodc9k5bJOTzedDB/AKV2/2/Pz8O
QH1qK7Vo9Hjxo+ODgI6q15cwJ/Q/05YAjr4OYEBNAoFKJP11mc8qNPY1n7kT8z7/
essX+jBo4sXUJpBD+b/hTGkcBoT5+FZKGlJ3rxhPW8a9B5i9LbZMDvqfMUxovKkl
flM/l+vbG0ImLPgrdY4uaEhFrMJ1wsnM+Qz31GC89L/c
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:24 2025 by rpki-client