Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/c3daf9-3721-4591-8890-1e7a505864ba/1/J7gpIPvBc5rYS10EPtbnnbAbC7g.roa
File: J7gpIPvBc5rYS10EPtbnnbAbC7g.roa (raw, json)
Hash identifier: cJS+9yHhoxjOp1aUdET7HcLFgwcZ7yn49/ng73Tmx58=
Subject key identifier: 27:B8:29:20:FB:C1:73:9A:D8:4B:5D:04:3E:D6:E7:9D:B0:1B:0B:B8
Certificate issuer: /CN=1ab7a257e2617897749952fe56df1940c9a38659
Certificate serial: 0185700B8BB1B1F878C35256146C36B982DC
Authority key identifier: 1A:B7:A2:57:E2:61:78:97:74:99:52:FE:56:DF:19:40:C9:A3:86:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GreiV-JheJd0mVL-Vt8ZQMmjhlk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/c3daf9-3721-4591-8890-1e7a505864ba/1/J7gpIPvBc5rYS10EPtbnnbAbC7g.roa
Signing time: Mon 02 Jan 2023 01:14:42 +0000
ROA not before: Mon 02 Jan 2023 01:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208457
IP address blocks: 45.135.172.0/22 maxlen: 22
2a0a:36c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:0b:8b:b1:b1:f8:78:c3:52:56:14:6c:36:b9:82:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ab7a257e2617897749952fe56df1940c9a38659
Validity
Not Before: Jan 2 01:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27b82920fbc1739ad84b5d043ed6e79db01b0bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e6:1c:8b:58:a7:3f:62:36:1a:ed:61:c3:df:
9c:54:cd:6c:19:fb:9e:0f:18:fe:41:21:31:63:56:
3b:f2:06:c1:25:59:93:4a:47:73:15:da:bd:80:72:
b7:39:75:59:16:3a:50:0f:43:7b:47:29:dd:2e:96:
26:f9:20:40:d3:77:93:d6:26:48:97:a4:0e:b4:bb:
1c:64:a7:cb:80:cc:5d:56:40:c2:34:24:e5:19:38:
e3:33:1e:28:b2:b4:b0:a7:3f:62:c2:97:97:a1:ed:
ec:a1:a2:2e:d5:cf:57:a9:75:3a:28:c0:39:a3:73:
1e:07:e2:f1:49:5b:e6:57:5a:a8:54:3a:4d:af:7f:
37:88:7e:ea:d4:5b:20:95:dd:23:a6:48:0b:90:2c:
71:a5:d3:af:68:70:23:cf:12:31:7c:ee:b9:30:03:
9f:85:84:23:50:f5:db:d7:69:90:f0:4a:e3:c6:af:
71:97:be:1f:0c:bf:50:d9:cc:66:77:f5:7e:c4:d2:
5d:ec:c5:df:76:0a:08:81:c5:e3:d0:cf:7d:87:99:
db:9b:c4:fd:32:60:ff:33:64:ff:33:b2:8f:13:e9:
5d:41:99:c7:74:d7:ff:4a:d1:14:8c:37:f7:af:38:
8a:39:63:65:ea:cf:f8:65:d0:65:75:69:3e:da:f8:
87:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B8:29:20:FB:C1:73:9A:D8:4B:5D:04:3E:D6:E7:9D:B0:1B:0B:B8
X509v3 Authority Key Identifier:
keyid:1A:B7:A2:57:E2:61:78:97:74:99:52:FE:56:DF:19:40:C9:A3:86:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GreiV-JheJd0mVL-Vt8ZQMmjhlk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c3daf9-3721-4591-8890-1e7a505864ba/1/J7gpIPvBc5rYS10EPtbnnbAbC7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c3daf9-3721-4591-8890-1e7a505864ba/1/GreiV-JheJd0mVL-Vt8ZQMmjhlk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.172.0/22
IPv6:
2a0a:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:79:e6:c6:90:55:c2:47:8f:3c:0b:62:b0:42:bf:9f:fe:5a:
8a:18:60:2a:20:61:39:fd:f4:df:e0:d0:7f:13:48:b2:6d:77:
e1:34:26:44:49:87:ee:91:f4:73:59:91:9b:2f:3b:25:f2:88:
33:96:9b:4f:70:80:51:da:ab:8f:55:cb:20:8a:3e:60:fb:cc:
df:50:ee:74:a1:18:f4:fd:32:2a:0f:aa:97:ce:38:21:1f:24:
38:c6:b6:7f:f6:82:50:91:32:dc:b4:67:3d:d2:40:27:f2:2f:
7d:04:44:14:0b:76:ee:f3:25:44:83:40:ce:2c:c9:48:d5:65:
7b:5c:2c:c3:d2:62:23:7b:25:70:26:aa:ae:e7:7f:65:41:99:
e4:f1:39:c1:80:e4:91:3e:0f:5c:4c:0b:00:78:65:61:14:3f:
20:b0:6b:c4:f4:74:de:e1:d9:5b:83:f7:c3:ab:20:a0:6e:00:
e9:bc:70:90:5c:d2:4d:35:c1:74:2d:8b:c1:aa:81:24:45:2d:
da:f9:ef:45:d2:bb:c7:cc:27:a6:73:86:5e:09:07:75:fe:ac:
ed:fa:c7:b7:01:56:f1:01:89:de:15:15:37:64:e1:e3:2c:e1:
b8:79:d9:d1:10:54:99:2d:97:45:7e:9c:75:0c:54:8e:26:99:
74:88:70:42
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwC4uxsfh4w1JWFGw2uYLcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYjdhMjU3ZTI2MTc4OTc3NDk5NTJmZTU2ZGYxOTQwYzlh
Mzg2NTkwHhcNMjMwMTAyMDExNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2I4MjkyMGZiYzE3MzlhZDg0YjVkMDQzZWQ2ZTc5ZGIwMWIwYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeYci1inP2I2Gu1hw9+cVM1sGfue
Dxj+QSExY1Y78gbBJVmTSkdzFdq9gHK3OXVZFjpQD0N7RyndLpYm+SBA03eT1iZI
l6QOtLscZKfLgMxdVkDCNCTlGTjjMx4osrSwpz9iwpeXoe3soaIu1c9XqXU6KMA5
o3MeB+LxSVvmV1qoVDpNr383iH7q1Fsgld0jpkgLkCxxpdOvaHAjzxIxfO65MAOf
hYQjUPXb12mQ8Erjxq9xl74fDL9Q2cxmd/V+xNJd7MXfdgoIgcXj0M99h5nbm8T9
MmD/M2T/M7KPE+ldQZnHdNf/StEUjDf3rziKOWNl6s/4ZdBldWk+2viHcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCe4KSD7wXOa2EtdBD7W552wGwu4MB8GA1UdIwQY
MBaAFBq3olfiYXiXdJlS/lbfGUDJo4ZZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3JlaVYtSmhlSmQwbVZMLVZ0OFpRTW1qaGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jM2RhZjktMzcyMS00NTkxLTg4OTAt
MWU3YTUwNTg2NGJhLzEvSjdncElQdkJjNXJZUzEwRVB0Ym5uYkFiQzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jM2RhZjktMzcyMS00NTkxLTg4OTAtMWU3YTUwNTg2NGJh
LzEvR3JlaVYtSmhlSmQwbVZMLVZ0OFpRTW1qaGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYesMA0E
AgACMAcDBQMqCjbAMA0GCSqGSIb3DQEBCwUAA4IBAQAOeebGkFXCR488C2KwQr+f
/lqKGGAqIGE5/fTf4NB/E0iybXfhNCZESYfukfRzWZGbLzsl8ogzlptPcIBR2quP
Vcsgij5g+8zfUO50oRj0/TIqD6qXzjghHyQ4xrZ/9oJQkTLctGc90kAn8i99BEQU
C3bu8yVEg0DOLMlI1WV7XCzD0mIjeyVwJqqu539lQZnk8TnBgOSRPg9cTAsAeGVh
FD8gsGvE9HTe4dlbg/fDqyCgbgDpvHCQXNJNNcF0LYvBqoEkRS3a+e9F0rvHzCem
c4ZeCQd1/qzt+se3AVbxAYneFRU3ZOHjLOG4ednREFSZLZdFfpx1DFSOJpl0iHBC
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:48 2025 by rpki-client