Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/auxeCy5EiKMCXhq9h_LgoqMcQdc.roa
File: auxeCy5EiKMCXhq9h_LgoqMcQdc.roa (raw, json)
Hash identifier: TTtRG8+skGqPo06lwldVWAfXrJoxHZIpH4a4fgSGCJs=
Subject key identifier: 6A:EC:5E:0B:2E:44:88:A3:02:5E:1A:BD:87:F2:E0:A2:A3:1C:41:D7
Certificate issuer: /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Certificate serial: 018571BA0CEA9AAF3216CD26AA55FAAFBA57
Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/auxeCy5EiKMCXhq9h_LgoqMcQdc.roa
Signing time: Mon 02 Jan 2023 09:04:56 +0000
ROA not before: Mon 02 Jan 2023 09:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51185
IP address blocks: 45.157.67.0/24 maxlen: 24
45.157.65.0/27 maxlen: 27
45.157.65.0/24 maxlen: 24
45.157.65.128/27 maxlen: 27
45.157.66.0/24 maxlen: 24
45.157.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:0c:ea:9a:af:32:16:cd:26:aa:55:fa:af:ba:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Validity
Not Before: Jan 2 09:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aec5e0b2e4488a3025e1abd87f2e0a2a31c41d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:dd:e1:0d:7a:54:cc:15:2c:26:71:9a:3a:31:
9e:29:e4:ed:4e:e0:79:ed:37:fe:79:d5:ad:8e:fa:
69:2f:88:64:53:d7:a5:3c:bd:fd:49:cb:dc:38:ef:
dc:2d:99:6e:03:8a:1b:81:a0:e8:b7:66:b3:71:2f:
f9:d0:fa:0f:f3:ae:32:c1:68:63:e8:ba:34:8a:f1:
7e:45:e6:a8:02:9c:46:dd:a7:66:8a:6e:1d:96:4c:
07:77:e9:c7:7d:8e:08:ca:c4:60:77:4c:fb:6b:f9:
fd:df:3b:d6:93:71:07:b3:f6:28:e8:d0:e5:0a:26:
78:e2:47:5f:d7:2e:9a:f3:88:2d:f5:77:6a:5c:d8:
12:97:23:5b:97:47:0e:ff:8a:8c:14:ea:c2:90:02:
4c:48:67:bd:76:64:90:5d:72:e7:3f:32:93:bd:48:
78:3d:db:a6:8f:ea:ca:60:5e:f6:60:fc:e8:03:6a:
fc:24:11:5d:94:83:29:ef:1b:e2:58:9f:26:f9:b9:
d0:d1:83:07:33:48:e0:f7:da:5f:29:35:24:6a:71:
fd:a5:f6:38:dc:f6:89:a7:f7:b7:9e:5b:59:b3:57:
38:88:27:6b:59:1c:73:61:01:f6:bb:59:5b:b1:52:
c4:88:97:f6:a5:74:a7:00:33:f4:63:d0:75:2b:42:
68:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:EC:5E:0B:2E:44:88:A3:02:5E:1A:BD:87:F2:E0:A2:A3:1C:41:D7
X509v3 Authority Key Identifier:
keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/auxeCy5EiKMCXhq9h_LgoqMcQdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.64.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:aa:b3:55:f1:2b:ce:52:21:03:ab:f6:a7:ba:8d:cd:98:3b:
45:24:43:c3:b5:d1:df:01:0d:9b:53:de:b8:9f:66:19:b4:4b:
48:52:21:7c:30:75:e7:ab:9d:18:bb:12:f7:7b:af:2c:9c:93:
bc:ad:b5:8c:c1:42:be:f2:ea:ab:78:af:ac:e1:52:15:9a:37:
a9:df:91:2b:5e:01:fc:43:d9:8e:68:fd:5c:d5:e0:82:92:f8:
bc:9b:ca:73:22:95:8a:31:3f:cd:91:4c:2e:fb:33:23:4f:c2:
fc:7a:87:ad:e5:87:15:1a:95:40:16:26:ba:13:15:1d:46:59:
f0:e9:87:87:95:84:56:97:00:c2:ba:58:a4:34:3e:d8:cf:a5:
3f:a7:f9:08:95:de:71:79:b4:e3:12:a6:dc:b8:9b:66:e3:0f:
9c:62:ad:67:bd:80:6a:fe:cf:52:22:71:eb:a2:08:31:74:bc:
8a:3f:3a:c1:d3:cd:fb:8e:15:2c:b0:47:7f:6a:ec:1e:50:12:
7b:76:3d:53:83:75:08:33:71:2c:40:ad:a6:da:d0:3d:87:bf:
00:f9:4e:7e:a2:5e:a4:7e:0e:ff:70:63:6a:f0:26:09:fc:4c:
63:7f:8e:3e:76:29:89:29:dd:38:d9:31:57:de:65:46:3a:37:
a7:3f:fc:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxugzqmq8yFs0mqlX6r7pXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl
ODU0NDQwHhcNMjMwMTAyMDkwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWVjNWUwYjJlNDQ4OGEzMDI1ZTFhYmQ4N2YyZTBhMmEzMWM0MWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjd3hDXpUzBUsJnGaOjGeKeTtTuB5
7Tf+edWtjvppL4hkU9elPL39ScvcOO/cLZluA4obgaDot2azcS/50PoP864ywWhj
6Lo0ivF+ReaoApxG3admim4dlkwHd+nHfY4IysRgd0z7a/n93zvWk3EHs/Yo6NDl
CiZ44kdf1y6a84gt9XdqXNgSlyNbl0cO/4qMFOrCkAJMSGe9dmSQXXLnPzKTvUh4
Pdumj+rKYF72YPzoA2r8JBFdlIMp7xviWJ8m+bnQ0YMHM0jg99pfKTUkanH9pfY4
3PaJp/e3nltZs1c4iCdrWRxzYQH2u1lbsVLEiJf2pXSnADP0Y9B1K0JoawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGrsXgsuRIijAl4avYfy4KKjHEHXMB8GA1UdIwQY
MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et
NDUxNDM3NGU2ZmZhLzEvYXV4ZUN5NUVpS01DWGhxOWhfTGdvcU1jUWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh
LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ1AMA0G
CSqGSIb3DQEBCwUAA4IBAQCoqrNV8SvOUiEDq/anuo3NmDtFJEPDtdHfAQ2bU964
n2YZtEtIUiF8MHXnq50YuxL3e68snJO8rbWMwUK+8uqreK+s4VIVmjep35ErXgH8
Q9mOaP1c1eCCkvi8m8pzIpWKMT/NkUwu+zMjT8L8eoet5YcVGpVAFia6ExUdRlnw
6YeHlYRWlwDCulikND7Yz6U/p/kIld5xebTjEqbcuJtm4w+cYq1nvYBq/s9SInHr
oggxdLyKPzrB0837jhUssEd/auweUBJ7dj1Tg3UIM3EsQK2m2tA9h78A+U5+ol6k
fg7/cGNq8CYJ/Exjf44+dimJKd042TFX3mVGOjenP/z3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:01 2025 by rpki-client