Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/oTtYszy5GE_JiPHYOp0CyGzJ7t0.roa
File: oTtYszy5GE_JiPHYOp0CyGzJ7t0.roa (raw, json)
Hash identifier: Qyn6/oB0xAe3iDWK9xNJZMSlCZTM9uT1G8+9dKPNNwE=
Subject key identifier: A1:3B:58:B3:3C:B9:18:4F:C9:88:F1:D8:3A:9D:02:C8:6C:C9:EE:DD
Certificate issuer: /CN=bd19d4535c7e62b921e859e6557b821f278e716a
Certificate serial: 018AFEC2DD836CA12CC7F2659F19DB18359C
Authority key identifier: BD:19:D4:53:5C:7E:62:B9:21:E8:59:E6:55:7B:82:1F:27:8E:71:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/oTtYszy5GE_JiPHYOp0CyGzJ7t0.roa
Signing time: Thu 05 Oct 2023 07:34:58 +0000
ROA not before: Thu 05 Oct 2023 07:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42055
IP address blocks: 45.134.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:c2:dd:83:6c:a1:2c:c7:f2:65:9f:19:db:18:35:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd19d4535c7e62b921e859e6557b821f278e716a
Validity
Not Before: Oct 5 07:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a13b58b33cb9184fc988f1d83a9d02c86cc9eedd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e6:06:73:56:f9:7f:fa:47:5e:8a:e3:f5:ec:
03:18:22:bb:e0:c9:1b:69:11:f7:52:11:bb:68:66:
60:23:ed:23:97:1a:b6:7b:e6:a3:a7:c2:63:39:4e:
13:2e:fb:c9:64:f7:4f:c6:35:63:cd:aa:ab:39:db:
59:32:20:fa:27:fa:c8:13:c1:2f:b0:fa:76:cb:93:
15:76:a7:68:1f:40:07:e9:79:b6:bb:cf:d4:02:3f:
fa:94:09:f8:63:27:be:10:d4:24:1f:df:a9:a9:18:
94:50:2c:b0:f1:10:d6:50:b5:cd:d9:c5:1f:b2:41:
b6:bc:f9:81:95:56:9e:ce:51:67:f4:1b:89:e0:ed:
38:72:18:77:e8:da:49:66:37:32:db:11:dd:14:02:
73:74:3d:be:7c:dd:67:88:c9:43:0a:1f:c1:02:bb:
de:46:09:79:93:f9:92:03:7b:d4:50:9e:a6:74:d6:
70:00:92:99:3b:88:24:79:4f:ed:a2:61:4a:62:74:
e1:aa:d0:f8:8a:92:d0:1e:2e:2d:14:99:7b:1b:79:
e8:90:38:22:11:4c:ec:bb:e3:62:72:58:15:f8:e1:
82:3a:8b:26:f1:9c:fd:de:40:9b:48:b6:82:30:59:
40:07:00:08:f7:7a:e6:02:f6:df:75:58:f0:8b:7d:
03:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:3B:58:B3:3C:B9:18:4F:C9:88:F1:D8:3A:9D:02:C8:6C:C9:EE:DD
X509v3 Authority Key Identifier:
keyid:BD:19:D4:53:5C:7E:62:B9:21:E8:59:E6:55:7B:82:1F:27:8E:71:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/oTtYszy5GE_JiPHYOp0CyGzJ7t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.9.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:4e:cb:d6:87:f5:f4:f3:82:92:6b:97:d3:cc:ab:52:30:12:
59:b8:5c:8e:75:a8:32:a1:b6:fa:4b:f9:bd:ab:d5:48:1c:5f:
2a:60:a5:ca:3d:ea:6e:0d:d9:d2:fb:49:6f:75:b0:8c:e6:ad:
5e:72:55:1a:06:97:4b:a9:b2:af:a1:32:d7:76:30:dd:e2:39:
a1:6b:35:9c:22:a6:94:37:87:34:e6:92:e5:e3:5d:74:91:a7:
87:16:99:47:06:06:40:18:9c:2c:f8:db:a9:ee:2d:f2:2f:ca:
6a:14:da:f4:61:3b:5b:c5:52:fd:63:f4:c6:64:6a:ab:91:08:
b7:71:12:e7:04:b2:1a:cb:8c:bb:b3:ec:05:c6:99:f5:28:5c:
b9:24:8a:63:84:aa:ed:bb:e9:a9:00:de:b9:f1:cd:13:e7:7e:
31:6d:41:f0:44:11:39:56:00:36:5c:69:e4:8e:ef:0a:9a:09:
19:ae:57:1f:f8:ad:63:b3:35:30:79:fa:06:1a:f9:6e:62:e1:
65:5b:8e:3d:82:00:6c:19:e1:e3:eb:1e:cf:02:03:f7:6d:bb:
5c:95:fd:ea:a5:22:25:44:5e:9a:72:76:ea:63:a6:4b:da:68:
ce:b6:62:5d:7d:e1:62:ea:c6:a0:f1:b9:23:c1:3a:bb:92:ec:
1f:5b:85:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr+wt2DbKEsx/JlnxnbGDWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMTlkNDUzNWM3ZTYyYjkyMWU4NTllNjU1N2I4MjFmMjc4
ZTcxNmEwHhcNMjMxMDA1MDczNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTNiNThiMzNjYjkxODRmYzk4OGYxZDgzYTlkMDJjODZjYzllZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeYGc1b5f/pHXorj9ewDGCK74Mkb
aRH3UhG7aGZgI+0jlxq2e+ajp8JjOU4TLvvJZPdPxjVjzaqrOdtZMiD6J/rIE8Ev
sPp2y5MVdqdoH0AH6Xm2u8/UAj/6lAn4Yye+ENQkH9+pqRiUUCyw8RDWULXN2cUf
skG2vPmBlVaezlFn9BuJ4O04chh36NpJZjcy2xHdFAJzdD2+fN1niMlDCh/BArve
Rgl5k/mSA3vUUJ6mdNZwAJKZO4gkeU/tomFKYnThqtD4ipLQHi4tFJl7G3nokDgi
EUzsu+NiclgV+OGCOosm8Zz93kCbSLaCMFlABwAI93rmAvbfdVjwi30DwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKE7WLM8uRhPyYjx2DqdAshsye7dMB8GA1UdIwQY
MBaAFL0Z1FNcfmK5IehZ5lV7gh8njnFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlJuVVUxeC1ZcmtoNkZubVZYdUNIeWVPY1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yNTk5ZjktNmY3Ni00ZGI2LWJjYTct
YzEzMzFmNDlmYzA5LzEvb1R0WXN6eTVHRV9KaVBIWU9wMEN5R3pKN3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8yNTk5ZjktNmY3Ni00ZGI2LWJjYTctYzEzMzFmNDlmYzA5
LzEvdlJuVVUxeC1ZcmtoNkZubVZYdUNIeWVPY1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYYJMA0G
CSqGSIb3DQEBCwUAA4IBAQBMTsvWh/X084KSa5fTzKtSMBJZuFyOdagyobb6S/m9
q9VIHF8qYKXKPepuDdnS+0lvdbCM5q1eclUaBpdLqbKvoTLXdjDd4jmhazWcIqaU
N4c05pLl4110kaeHFplHBgZAGJws+Nup7i3yL8pqFNr0YTtbxVL9Y/TGZGqrkQi3
cRLnBLIay4y7s+wFxpn1KFy5JIpjhKrtu+mpAN658c0T534xbUHwRBE5VgA2XGnk
ju8KmgkZrlcf+K1jszUwefoGGvluYuFlW449ggBsGeHj6x7PAgP3bbtclf3qpSIl
RF6acnbqY6ZL2mjOtmJdfeFi6sag8bkjwTq7kuwfW4UC
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:30 2025 by rpki-client