Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/IkEMj-YBQ4yF0cdHEeN3cNTxito.roa
File: IkEMj-YBQ4yF0cdHEeN3cNTxito.roa (raw, json)
Hash identifier: aCzVmF3o9oWOL9A7D4VzXcggKrqeluc6r+Px/K7ZOHk=
Subject key identifier: 22:41:0C:8F:E6:01:43:8C:85:D1:C7:47:11:E3:77:70:D4:F1:8A:DA
Certificate issuer: /CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Certificate serial: 01856C7838E5EB3C5BAC90E3D5BC743B64F2
Authority key identifier: BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/IkEMj-YBQ4yF0cdHEeN3cNTxito.roa
Signing time: Sun 01 Jan 2023 08:34:55 +0000
ROA not before: Sun 01 Jan 2023 08:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3215
IP address blocks: 45.129.90.0/24 maxlen: 24
45.129.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:38:e5:eb:3c:5b:ac:90:e3:d5:bc:74:3b:64:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Validity
Not Before: Jan 1 08:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22410c8fe601438c85d1c74711e37770d4f18ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:79:d7:fe:48:07:3a:9a:95:e7:7c:49:92:79:
b7:62:94:e1:19:dd:a1:c1:83:26:4a:0d:3e:a0:f4:
a5:43:f8:f1:68:5c:6d:c9:9a:dc:ce:1f:c2:28:72:
fd:09:04:1e:c7:c9:c7:7b:d2:ae:a9:37:ad:83:8f:
59:1f:89:ea:ee:f2:a8:9d:0d:a9:a3:35:2c:24:d4:
63:21:80:d9:c6:2c:71:96:df:ba:33:6d:54:1d:b2:
a1:84:71:f6:1b:d1:d4:3a:6b:a3:26:f9:84:c2:91:
a2:0e:1c:8b:a9:5b:31:31:4d:67:08:9f:fa:31:90:
2a:19:e9:33:5f:ed:61:e0:71:35:a8:41:d3:9c:ec:
32:a5:96:c9:84:87:31:5d:89:a1:00:73:99:e6:ae:
90:0e:9b:df:6d:f2:99:74:3c:d8:91:fc:2a:63:64:
5d:98:66:71:af:ce:11:19:98:58:90:15:59:ee:44:
ad:da:72:3d:23:d0:90:16:8a:0c:a6:96:53:e9:e7:
1a:1e:e1:2d:cb:a4:41:4f:1f:e8:29:7a:9f:f2:d1:
2a:81:11:d1:42:d9:9f:45:5d:e7:59:58:9d:f1:4c:
3a:a3:81:92:9f:35:5f:f2:5a:e5:0b:57:bd:69:64:
9e:95:41:a0:90:e2:0e:93:82:64:30:e9:c8:83:37:
16:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:41:0C:8F:E6:01:43:8C:85:D1:C7:47:11:E3:77:70:D4:F1:8A:DA
X509v3 Authority Key Identifier:
keyid:BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/IkEMj-YBQ4yF0cdHEeN3cNTxito.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.88.0/24
45.129.90.0/24
Signature Algorithm: sha256WithRSAEncryption
95:58:8d:e2:23:2d:e3:3c:78:80:38:25:6f:26:49:3f:bf:2d:
91:5b:93:7f:4e:6e:2b:b5:22:f5:1e:be:cd:f7:aa:f8:80:24:
61:34:4c:f1:a0:46:b0:b8:31:3f:e1:59:34:2b:bd:3b:eb:17:
4d:fe:01:76:6c:5a:e9:5f:42:66:8c:f2:79:1f:06:7a:9f:26:
84:f5:6a:66:c7:77:8b:9a:09:96:30:b2:37:db:30:35:77:1e:
ef:9a:01:0b:13:68:63:a9:44:21:3a:c4:df:67:2a:44:0f:ee:
fb:40:e5:f6:fa:93:cb:16:6e:51:6d:96:4b:d4:67:04:39:0a:
74:26:92:57:b5:b1:7e:58:db:d5:62:f6:35:06:4d:33:db:ff:
31:89:7d:40:e8:40:ba:e8:e7:c2:4e:35:32:7f:08:af:f6:68:
e3:9d:be:f4:bc:f1:72:db:1c:6f:cf:45:f7:55:8d:61:9d:ed:
9f:72:d2:ab:fd:e7:4c:a9:a2:d6:29:9d:87:8a:a1:5b:e4:ff:
f0:49:26:85:db:3b:6d:b6:ea:1f:47:40:70:b5:40:51:ac:88:
6e:8a:70:22:dc:b2:de:b1:84:1f:62:9a:57:2e:c1:f3:5b:de:
e6:e0:7a:0b:6c:1d:e2:a6:08:d5:5e:a5:d8:5a:1c:5a:9c:b8:
3e:73:83:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVseDjl6zxbrJDj1bx0O2TyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3YjRjMDFlOTI5YzM4OTIzOTgxYWI1MWM5NzI3YTFm
OWYwN2UwHhcNMjMwMTAxMDgzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjQxMGM4ZmU2MDE0MzhjODVkMWM3NDcxMWUzNzc3MGQ0ZjE4YWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnnX/kgHOpqV53xJknm3YpThGd2h
wYMmSg0+oPSlQ/jxaFxtyZrczh/CKHL9CQQex8nHe9KuqTetg49ZH4nq7vKonQ2p
ozUsJNRjIYDZxixxlt+6M21UHbKhhHH2G9HUOmujJvmEwpGiDhyLqVsxMU1nCJ/6
MZAqGekzX+1h4HE1qEHTnOwypZbJhIcxXYmhAHOZ5q6QDpvfbfKZdDzYkfwqY2Rd
mGZxr84RGZhYkBVZ7kSt2nI9I9CQFooMppZT6ecaHuEty6RBTx/oKXqf8tEqgRHR
QtmfRV3nWVid8Uw6o4GSnzVf8lrlC1e9aWSelUGgkOIOk4JkMOnIgzcWdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCJBDI/mAUOMhdHHRxHjd3DU8YraMB8GA1UdIwQY
MBaAFLqqe0wB6SnDiSOYGrUclyeh+fB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUt
ZTY4ZjZjZjJjMGQyLzEvSWtFTWotWUJRNHlGMGNkSEVlTjNjTlR4aXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUtZTY4ZjZjZjJjMGQy
LzEvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYFYAwQA
LYFaMA0GCSqGSIb3DQEBCwUAA4IBAQCVWI3iIy3jPHiAOCVvJkk/vy2RW5N/Tm4r
tSL1Hr7N96r4gCRhNEzxoEawuDE/4Vk0K7076xdN/gF2bFrpX0JmjPJ5HwZ6nyaE
9Wpmx3eLmgmWMLI32zA1dx7vmgELE2hjqUQhOsTfZypED+77QOX2+pPLFm5RbZZL
1GcEOQp0JpJXtbF+WNvVYvY1Bk0z2/8xiX1A6EC66OfCTjUyfwiv9mjjnb70vPFy
2xxvz0X3VY1hne2fctKr/edMqaLWKZ2HiqFb5P/wSSaF2ztttuofR0BwtUBRrIhu
inAi3LLesYQfYppXLsHzW97m4HoLbB3ipgjVXqXYWhxanLg+c4OI
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:33 2025 by rpki-client