Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/98571d-398f-41db-85b0-8c3b3f30d215/1/CYMoDPANv0puTV1l6NTrtjcOUmM.roa
File: CYMoDPANv0puTV1l6NTrtjcOUmM.roa (raw, json)
Hash identifier: L5rgTbvUHBqeRyPHCBeWiYRT3ovuq/7DoiIjv4YdCd4=
Subject key identifier: 09:83:28:0C:F0:0D:BF:4A:6E:4D:5D:65:E8:D4:EB:B6:37:0E:52:63
Certificate issuer: /CN=be9c528961b10b320f47e8b70654eeaed2f244d3
Certificate serial: 01857155301C94D315AB01318528C4C359D7
Authority key identifier: BE:9C:52:89:61:B1:0B:32:0F:47:E8:B7:06:54:EE:AE:D2:F2:44:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vpxSiWGxCzIPR-i3BlTurtLyRNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/98571d-398f-41db-85b0-8c3b3f30d215/1/CYMoDPANv0puTV1l6NTrtjcOUmM.roa
Signing time: Mon 02 Jan 2023 07:14:46 +0000
ROA not before: Mon 02 Jan 2023 07:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208899
IP address blocks: 45.15.228.0/24 maxlen: 24
45.15.229.0/24 maxlen: 24
45.15.230.0/24 maxlen: 24
45.15.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:30:1c:94:d3:15:ab:01:31:85:28:c4:c3:59:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be9c528961b10b320f47e8b70654eeaed2f244d3
Validity
Not Before: Jan 2 07:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0983280cf00dbf4a6e4d5d65e8d4ebb6370e5263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:70:4e:6c:67:6f:04:a5:49:28:99:cd:e6:1b:
bf:74:42:fa:0c:1a:9e:bd:a5:6e:b1:09:48:35:ed:
cd:bb:ce:b1:ea:e5:6d:9a:04:5a:f4:b9:1c:5e:28:
46:c4:22:d8:7a:05:a8:7f:b0:da:7e:69:95:ab:be:
be:02:9d:a5:ab:3e:7f:e1:8c:ac:74:36:68:9d:3d:
b9:64:d2:2a:50:c2:61:36:4d:57:33:be:db:ee:93:
b1:f5:ae:e1:d5:70:14:8a:ca:1a:1c:22:54:a1:f2:
b5:b6:46:1b:a5:57:7d:81:d9:ab:3e:79:ab:12:23:
75:7b:bf:3a:ed:1b:6a:c8:30:c3:a0:a8:2d:4e:a6:
78:a2:08:71:ce:a1:5b:c0:ff:11:d5:42:c4:6a:e0:
51:c5:71:db:3c:cb:f0:43:eb:10:0b:2a:c5:65:34:
7f:89:64:d0:b2:79:ba:2a:d5:0e:49:d9:f8:be:de:
60:ac:9f:db:d6:66:97:83:2e:4b:e9:e2:79:71:bc:
68:e8:45:75:a7:79:11:bf:70:4a:34:4d:ce:9c:3d:
d8:fd:85:dd:e2:3f:5f:7b:8e:d0:9c:67:44:d2:40:
7d:6e:de:ac:7b:8b:ac:64:06:17:76:ca:7a:64:02:
7b:60:af:07:dd:6f:7a:bc:43:83:f2:37:f3:ad:20:
59:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:83:28:0C:F0:0D:BF:4A:6E:4D:5D:65:E8:D4:EB:B6:37:0E:52:63
X509v3 Authority Key Identifier:
keyid:BE:9C:52:89:61:B1:0B:32:0F:47:E8:B7:06:54:EE:AE:D2:F2:44:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vpxSiWGxCzIPR-i3BlTurtLyRNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/98571d-398f-41db-85b0-8c3b3f30d215/1/CYMoDPANv0puTV1l6NTrtjcOUmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/98571d-398f-41db-85b0-8c3b3f30d215/1/vpxSiWGxCzIPR-i3BlTurtLyRNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.228.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:2e:90:55:c1:6e:25:b1:24:f0:78:0b:e2:aa:be:25:c9:17:
0c:ed:53:8e:a2:0b:27:57:95:ff:71:f0:f6:1d:8a:5d:5e:24:
d4:9e:4e:b6:ee:57:93:8c:23:1b:c9:f6:0e:45:98:6f:ad:ad:
02:14:73:87:75:92:f5:3c:67:27:8d:4a:67:c1:84:56:e6:11:
12:e3:ad:83:d5:f2:c3:3d:df:f9:de:8d:b1:b3:d8:0c:24:54:
5c:e5:43:43:6d:d9:4e:54:f2:1f:df:54:fe:0b:2f:a3:41:51:
e9:7c:a5:bf:e8:23:35:99:57:09:f9:b4:69:09:63:61:42:20:
a0:ed:ad:c5:ab:b3:58:bb:5b:1c:6c:1d:e1:fe:27:b5:3a:4b:
7b:64:b7:6f:cb:21:fd:36:cc:5a:2b:98:bd:b8:be:56:13:66:
27:c7:65:c1:00:c6:90:b2:e4:e7:60:03:98:67:56:fd:06:46:
0a:6d:bd:d1:c7:74:04:13:51:a3:1a:6c:b0:63:e0:ae:34:d5:
1a:36:e8:5d:25:b9:e2:db:d6:f9:2a:2f:8d:af:1a:ba:e9:f7:
a6:29:02:30:04:38:de:fd:db:73:e0:42:a4:73:ce:80:4b:3f:
4f:d3:ad:5d:e9:96:87:97:1c:c4:87:ed:79:14:93:59:c6:3b:
ec:e3:6f:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVTAclNMVqwExhSjEw1nXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOWM1Mjg5NjFiMTBiMzIwZjQ3ZThiNzA2NTRlZWFlZDJm
MjQ0ZDMwHhcNMjMwMTAyMDcxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTgzMjgwY2YwMGRiZjRhNmU0ZDVkNjVlOGQ0ZWJiNjM3MGU1MjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3BObGdvBKVJKJnN5hu/dEL6DBqe
vaVusQlINe3Nu86x6uVtmgRa9LkcXihGxCLYegWof7DafmmVq76+Ap2lqz5/4Yys
dDZonT25ZNIqUMJhNk1XM77b7pOx9a7h1XAUisoaHCJUofK1tkYbpVd9gdmrPnmr
EiN1e7867RtqyDDDoKgtTqZ4oghxzqFbwP8R1ULEauBRxXHbPMvwQ+sQCyrFZTR/
iWTQsnm6KtUOSdn4vt5grJ/b1maXgy5L6eJ5cbxo6EV1p3kRv3BKNE3OnD3Y/YXd
4j9fe47QnGdE0kB9bt6se4usZAYXdsp6ZAJ7YK8H3W96vEOD8jfzrSBZNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmDKAzwDb9Kbk1dZejU67Y3DlJjMB8GA1UdIwQY
MBaAFL6cUolhsQsyD0fotwZU7q7S8kTTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnB4U2lXR3hDeklQUi1pM0JsVHVydEx5Uk5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS85ODU3MWQtMzk4Zi00MWRiLTg1YjAt
OGMzYjNmMzBkMjE1LzEvQ1lNb0RQQU52MHB1VFYxbDZOVHJ0amNPVW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS85ODU3MWQtMzk4Zi00MWRiLTg1YjAtOGMzYjNmMzBkMjE1
LzEvdnB4U2lXR3hDeklQUi1pM0JsVHVydEx5Uk5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ/kMA0G
CSqGSIb3DQEBCwUAA4IBAQArLpBVwW4lsSTweAviqr4lyRcM7VOOogsnV5X/cfD2
HYpdXiTUnk627leTjCMbyfYORZhvra0CFHOHdZL1PGcnjUpnwYRW5hES462D1fLD
Pd/53o2xs9gMJFRc5UNDbdlOVPIf31T+Cy+jQVHpfKW/6CM1mVcJ+bRpCWNhQiCg
7a3Fq7NYu1scbB3h/ie1Okt7ZLdvyyH9NsxaK5i9uL5WE2Ynx2XBAMaQsuTnYAOY
Z1b9BkYKbb3Rx3QEE1GjGmywY+CuNNUaNuhdJbni29b5Ki+Nrxq66femKQIwBDje
/dtz4EKkc86ASz9P061d6ZaHlxzEh+15FJNZxjvs429N
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:31 2025 by rpki-client