Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/UTwVbMuESQ4spbWWlqyYyqFcaZY.roa
File: UTwVbMuESQ4spbWWlqyYyqFcaZY.roa (raw, json)
Hash identifier: Dt5Wy56t2aBECbuQ/FThg0+NhsZ23U3+l+lfRBOKPoU=
Subject key identifier: 51:3C:15:6C:CB:84:49:0E:2C:A5:B5:96:96:AC:98:CA:A1:5C:69:96
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018A51614832E78DB91D1CD646DE5782D42B
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/UTwVbMuESQ4spbWWlqyYyqFcaZY.roa
Signing time: Fri 01 Sep 2023 15:34:04 +0000
ROA not before: Fri 01 Sep 2023 15:34:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208949
IP address blocks: 45.142.1.0/24 maxlen: 24
45.142.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:51:61:48:32:e7:8d:b9:1d:1c:d6:46:de:57:82:d4:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Sep 1 15:34:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=513c156ccb84490e2ca5b59696ac98caa15c6996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:13:d4:c0:3e:53:a7:fd:93:2f:4a:ff:97:c6:
24:3b:48:b7:13:d0:f1:3b:1e:5d:eb:8f:5f:37:2a:
bc:47:a8:68:b2:3a:95:2b:f5:a4:4b:91:9e:78:ea:
68:a2:c8:fd:7d:6f:f7:7a:c4:a5:f4:a1:f1:39:21:
06:70:b3:16:41:5b:91:ce:36:ce:4f:e8:f4:61:92:
9a:46:0c:ca:06:eb:27:ce:d8:f8:ef:39:60:a1:c3:
98:52:4e:0e:5b:13:3e:1d:0a:6a:d1:99:57:a9:88:
a2:36:0b:cc:b5:3e:15:a8:f1:16:d8:9b:7d:45:ec:
ec:ec:4e:7b:9a:6e:0a:2e:78:3d:5e:66:0b:40:a0:
04:42:f6:03:17:3e:ac:73:e0:29:c7:5e:81:96:e5:
7c:ba:c6:56:57:66:06:c9:c8:d3:ec:41:2e:e0:04:
0a:15:73:02:bb:a3:2f:33:f0:05:68:91:4c:a0:0d:
81:9b:76:7f:30:8f:43:28:f8:b3:52:b9:c9:16:51:
71:b9:87:f6:e1:ab:09:1d:75:be:ce:ec:c4:a2:58:
c6:ec:22:5d:de:07:1f:0c:6b:71:79:8b:67:30:8b:
ea:6e:da:3a:68:4d:cd:61:2f:21:58:c5:45:5c:c3:
24:c9:53:e5:08:a2:7d:9b:30:6b:18:f9:8b:6a:41:
f6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:3C:15:6C:CB:84:49:0E:2C:A5:B5:96:96:AC:98:CA:A1:5C:69:96
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/UTwVbMuESQ4spbWWlqyYyqFcaZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.1.0-45.142.2.255
Signature Algorithm: sha256WithRSAEncryption
a8:c2:1c:ea:d2:fe:70:8c:81:bc:a2:96:24:28:a2:37:5c:40:
33:7c:c5:1e:dd:46:aa:a4:2a:54:96:13:da:5f:e9:62:cc:c2:
9d:fb:8b:a2:d0:85:6e:77:95:ec:78:81:8a:4d:02:09:43:3d:
af:95:55:54:04:a5:e7:0a:3a:d1:f9:6a:77:d5:57:c6:7e:f5:
b3:13:55:61:a0:f6:29:0c:24:6d:8d:9f:70:b6:26:fb:24:0f:
fe:e2:a2:a8:57:55:de:e5:9b:5a:22:f4:93:9a:3e:58:27:20:
14:58:6b:e3:f3:d6:46:48:27:ef:32:03:f2:c7:bc:43:a5:31:
71:b8:68:c7:b0:5a:32:ef:a0:00:18:38:38:a8:3e:42:80:b2:
5d:76:8c:0a:4a:49:d8:9f:65:19:be:7f:65:43:07:b7:7a:ed:
5a:c3:d0:b6:da:ae:aa:04:ad:bc:d2:75:c4:a4:7e:4a:1d:64:
8a:ad:3a:33:f5:9c:62:f2:0c:1b:76:6e:34:6e:25:20:5a:e3:
15:b9:86:1d:ed:67:34:f3:ea:0e:db:1b:51:72:c5:78:28:2e:
47:d3:06:f0:69:1e:a1:aa:e4:2c:a4:d3:99:a3:ea:67:4e:b9:
d3:84:bd:b7:02:d6:96:c3:56:cc:6c:b7:32:fb:60:94:dd:65:
49:64:8e:95
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYpRYUgy5425HRzWRt5XgtQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwOTAxMTUzNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTNjMTU2Y2NiODQ0OTBlMmNhNWI1OTY5NmFjOThjYWExNWM2OTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBPUwD5Tp/2TL0r/l8YkO0i3E9Dx
Ox5d649fNyq8R6hosjqVK/WkS5GeeOpoosj9fW/3esSl9KHxOSEGcLMWQVuRzjbO
T+j0YZKaRgzKBusnztj47zlgocOYUk4OWxM+HQpq0ZlXqYiiNgvMtT4VqPEW2Jt9
Rezs7E57mm4KLng9XmYLQKAEQvYDFz6sc+Apx16BluV8usZWV2YGycjT7EEu4AQK
FXMCu6MvM/AFaJFMoA2Bm3Z/MI9DKPizUrnJFlFxuYf24asJHXW+zuzEoljG7CJd
3gcfDGtxeYtnMIvqbto6aE3NYS8hWMVFXMMkyVPlCKJ9mzBrGPmLakH2ywIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFE8FWzLhEkOLKW1lpasmMqhXGmWMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvVVR3VmJNdUVTUTRzcGJXV2xxeVl5cUZjYVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtjgED
BAAtjgIwDQYJKoZIhvcNAQELBQADggEBAKjCHOrS/nCMgbyiliQoojdcQDN8xR7d
RqqkKlSWE9pf6WLMwp37i6LQhW53lex4gYpNAglDPa+VVVQEpecKOtH5anfVV8Z+
9bMTVWGg9ikMJG2Nn3C2JvskD/7ioqhXVd7lm1oi9JOaPlgnIBRYa+Pz1kZIJ+8y
A/LHvEOlMXG4aMewWjLvoAAYODioPkKAsl12jApKSdifZRm+f2VDB7d67VrD0Lba
rqoErbzSdcSkfkodZIqtOjP1nGLyDBt2bjRuJSBa4xW5hh3tZzTz6g7bG1FyxXgo
LkfTBvBpHqGq5Cyk05mj6mdOudOEvbcC1pbDVsxstzL7YJTdZUlkjpU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:08:42 2025 by rpki-client