Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/Xlb9YXpuPezBLlwCROAoUoWHmN4.roa
File: Xlb9YXpuPezBLlwCROAoUoWHmN4.roa (raw, json)
Hash identifier: uyOYdABnJ3r0u4bs29Yc4+yztDeXDLYT1/hSEdcvqvM=
Subject key identifier: 5E:56:FD:61:7A:6E:3D:EC:C1:2E:5C:02:44:E0:28:52:85:87:98:DE
Certificate issuer: /CN=706d64134faa746293c0384edac0371950f3b224
Certificate serial: 113F1B73
Authority key identifier: 70:6D:64:13:4F:AA:74:62:93:C0:38:4E:DA:C0:37:19:50:F3:B2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/Xlb9YXpuPezBLlwCROAoUoWHmN4.roa
Signing time: Sat 01 Jan 2022 09:56:25 +0000
ROA not before: Sat 01 Jan 2022 09:56:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5089
IP address blocks: 45.90.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 289348467 (0x113f1b73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d64134faa746293c0384edac0371950f3b224
Validity
Not Before: Jan 1 09:56:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e56fd617a6e3decc12e5c0244e02852858798de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a8:8e:1a:fb:6c:61:9a:7a:80:36:d6:79:95:
3f:2f:e6:4e:7f:71:83:f8:88:10:3e:d1:27:87:2e:
d5:a7:50:c0:55:0a:eb:56:f3:92:6a:49:96:e9:57:
a1:30:2c:5c:64:63:7c:62:57:75:d5:5d:da:22:76:
cf:91:3b:45:a5:ee:d0:47:22:ee:56:77:09:bd:09:
f5:5b:d2:b5:6a:a4:f2:ab:f9:4a:8a:be:fd:c8:ff:
d7:f2:3e:d5:a6:ad:a7:ea:ff:e5:14:57:54:ac:b1:
9b:c9:27:be:bf:4c:f3:9e:48:a3:20:b8:f0:58:97:
a6:fa:0d:49:19:9d:20:ef:bb:34:26:81:90:6c:fa:
00:96:d5:a3:16:f6:e5:ec:b3:75:e8:4d:15:b6:06:
50:ca:1d:b6:60:5c:ea:38:09:a9:8c:08:6f:f9:da:
2a:59:68:f4:29:d8:eb:b9:1f:e1:4a:26:00:f6:c1:
bc:ea:df:aa:2d:29:bf:12:32:d6:6d:ae:ef:b3:2d:
26:07:6c:14:1f:ab:d7:9c:94:6d:e1:3f:b4:d9:62:
f3:19:ce:a1:c8:07:0d:09:0f:bd:f4:d2:e7:b0:f9:
19:d5:9c:e9:75:d6:75:e3:d8:c0:bc:7c:c5:a4:cf:
cc:fe:72:36:aa:f0:2e:e0:e7:f9:39:56:31:35:1f:
0e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:56:FD:61:7A:6E:3D:EC:C1:2E:5C:02:44:E0:28:52:85:87:98:DE
X509v3 Authority Key Identifier:
keyid:70:6D:64:13:4F:AA:74:62:93:C0:38:4E:DA:C0:37:19:50:F3:B2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/Xlb9YXpuPezBLlwCROAoUoWHmN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.41.0/24
Signature Algorithm: sha256WithRSAEncryption
af:06:5f:ae:1f:db:90:3d:d0:3c:a1:23:44:f0:6b:95:aa:33:
c5:2b:fd:b6:5c:47:3c:3f:09:cf:08:6c:04:36:0a:77:22:71:
a5:1a:cf:5b:4b:6f:66:28:0d:02:8c:93:f9:61:55:2e:a4:2c:
9d:98:d7:31:01:95:00:bf:35:25:7b:43:f8:4b:7d:06:05:6d:
84:98:b9:a3:59:b7:f7:0f:ea:92:1a:51:7b:29:21:d9:53:7c:
71:28:01:6f:a8:06:74:d8:14:f2:36:f3:1f:c3:1a:e8:3b:77:
53:8b:e8:f6:c7:32:67:68:0b:d0:c7:2a:9c:8f:4b:10:36:ba:
a1:f4:c6:18:24:d9:fb:3f:38:2e:81:0c:3f:14:c3:39:5a:d8:
7c:de:ab:22:d7:98:ca:93:1f:b1:75:17:ae:67:09:44:d0:dd:
87:fd:78:d9:74:2a:70:40:a3:3b:08:c0:2e:3e:06:b0:66:38:
51:04:44:7e:ab:e0:d3:dd:e7:e0:50:50:60:aa:92:ac:eb:56:
fa:66:61:bb:ec:61:89:89:4f:81:e4:c0:0a:05:4c:65:d2:fa:
5d:00:74:b4:54:5c:ba:fa:d4:68:7b:24:9b:63:09:e9:bc:55:
df:cc:14:ed:d8:db:55:87:b2:b7:5b:56:59:8b:9b:d6:08:3d:
49:c2:17:17
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEET8bczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDZkNjQxMzRmYWE3NDYyOTNjMDM4NGVkYWMwMzcxOTUwZjNiMjI0MB4XDTIyMDEw
MTA5NTYyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWU1NmZkNjE3YTZl
M2RlY2MxMmU1YzAyNDRlMDI4NTI4NTg3OThkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaojhr7bGGaeoA21nmVPy/mTn9xg/iIED7RJ4cu1adQwFUK
61bzkmpJlulXoTAsXGRjfGJXddVd2iJ2z5E7RaXu0Eci7lZ3Cb0J9VvStWqk8qv5
Soq+/cj/1/I+1aatp+r/5RRXVKyxm8knvr9M855IoyC48FiXpvoNSRmdIO+7NCaB
kGz6AJbVoxb25eyzdehNFbYGUModtmBc6jgJqYwIb/naKllo9CnY67kf4UomAPbB
vOrfqi0pvxIy1m2u77MtJgdsFB+r15yUbeE/tNli8xnOocgHDQkPvfTS57D5GdWc
6XXWdePYwLx8xaTPzP5yNqrwLuDn+TlWMTUfDtsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBReVv1hem497MEuXAJE4ChShYeY3jAfBgNVHSMEGDAWgBRwbWQTT6p0YpPA
OE7awDcZUPOyJDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NHMWtFMC1xZEdLVHdEaE8yc0EzR1ZEenNpUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvMzI5OGUzLTlhNTAtNGNmYi04NGU2LWQxMzdhZGUxNjZkMS8x
L1hsYjlZWHB1UGV6Qkxsd0NST0FvVW9XSG1ONC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
MzI5OGUzLTlhNTAtNGNmYi04NGU2LWQxMzdhZGUxNjZkMS8xL2NHMWtFMC1xZEdL
VHdEaE8yc0EzR1ZEenNpUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1aKTANBgkqhkiG9w0BAQsFAAOC
AQEArwZfrh/bkD3QPKEjRPBrlaozxSv9tlxHPD8JzwhsBDYKdyJxpRrPW0tvZigN
AoyT+WFVLqQsnZjXMQGVAL81JXtD+Et9BgVthJi5o1m39w/qkhpReykh2VN8cSgB
b6gGdNgU8jbzH8Ma6Dt3U4vo9scyZ2gL0McqnI9LEDa6ofTGGCTZ+z84LoEMPxTD
OVrYfN6rIteYypMfsXUXrmcJRNDdh/142XQqcECjOwjALj4GsGY4UQREfqvg093n
4FBQYKqSrOtW+mZhu+xhiYlPgeTACgVMZdL6XQB0tFRcuvrUaHskm2MJ6bxV38wU
7djbVYeyt1tWWYub1gg9ScIXFw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:46 2025 by rpki-client