Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/5aR38UgjY5MN8PWr1VRDwKijC84.roa
File: 5aR38UgjY5MN8PWr1VRDwKijC84.roa (raw, json)
Hash identifier: bthQawwI1IADEuzqcOG56qckfjsvwqtZ7ge19sGgzpo=
Subject key identifier: E5:A4:77:F1:48:23:63:93:0D:F0:F5:AB:D5:54:43:C0:A8:A3:0B:CE
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 01865435BB6D812311CB19D075DB05E1505D
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/5aR38UgjY5MN8PWr1VRDwKijC84.roa
Signing time: Wed 15 Feb 2023 08:34:12 +0000
ROA not before: Wed 15 Feb 2023 08:34:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 45.158.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:54:35:bb:6d:81:23:11:cb:19:d0:75:db:05:e1:50:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Feb 15 08:34:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5a477f1482363930df0f5abd55443c0a8a30bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b8:38:89:68:ab:8e:15:00:f7:56:37:ee:a6:
5a:7f:14:84:99:6b:93:b2:28:17:0b:e0:c7:7e:ba:
1a:29:ce:ab:e6:8f:cc:7b:b6:40:52:74:27:3b:b3:
5c:ad:2f:85:2b:f8:63:db:71:fe:2e:1b:b2:a2:9f:
b4:0f:ff:0f:da:6a:d9:cd:65:94:e5:6b:c9:00:ab:
37:10:04:39:86:62:eb:b9:9b:8b:b2:3a:47:ea:7b:
e4:80:77:0e:7b:23:ce:2d:ae:9c:9e:aa:72:64:11:
91:ae:fe:51:aa:01:1b:b9:93:40:eb:82:85:cc:cb:
80:35:95:e8:57:f9:85:42:d9:78:3c:6c:a1:b8:1b:
cf:3b:0d:37:34:9a:e4:74:ca:03:21:88:bf:32:c9:
fa:b1:ca:f3:df:49:40:c4:c2:67:22:3d:46:e0:2d:
3e:42:3d:7b:5f:fe:5e:39:30:e5:51:a0:09:34:cc:
03:07:a2:ef:c1:77:e4:2f:a6:38:53:d7:ea:fc:5a:
ab:be:f8:26:bf:be:12:45:ef:86:85:3c:e3:dd:3c:
41:7b:4e:9a:32:89:d4:04:16:f9:f3:ff:f3:dd:74:
d2:eb:23:3d:0b:f1:e7:ea:67:a2:bf:0d:08:bf:6c:
74:65:a3:d2:3b:2f:f5:eb:c4:3c:50:f1:25:f8:0d:
75:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A4:77:F1:48:23:63:93:0D:F0:F5:AB:D5:54:43:C0:A8:A3:0B:CE
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/5aR38UgjY5MN8PWr1VRDwKijC84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.255.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:8e:33:a1:63:da:16:65:86:9c:03:74:18:f6:de:13:c7:7b:
ad:00:52:b4:f8:e7:9e:8a:20:61:1a:fa:27:27:22:c8:67:19:
82:99:9f:27:7d:c3:27:1a:44:8a:c6:69:c5:a6:a7:4b:6c:5d:
70:e9:84:ce:f8:77:43:c0:74:c6:4f:09:cd:44:3d:03:44:71:
5c:cc:b4:cd:58:17:54:97:2c:e8:7b:96:81:bc:c8:6f:7d:94:
1b:64:20:89:28:c3:0a:5c:a1:07:fe:d4:3b:60:e7:ca:2e:17:
c5:30:94:7e:33:ff:29:84:0e:61:b1:79:a4:94:87:3a:11:8a:
f9:b0:7f:0f:c8:a1:ce:b1:5a:00:ce:6f:bf:41:ca:5d:8e:83:
8d:fd:23:71:1f:db:b4:47:51:b4:2f:11:2c:0b:a7:41:45:52:
79:01:34:33:71:b7:da:9d:a0:98:2c:5c:68:7f:4d:68:fc:15:
12:29:de:40:d9:2f:b2:b2:c6:b9:bf:26:53:4e:d8:a3:83:43:
da:41:8d:96:88:ca:9d:41:e0:cb:b6:81:a9:81:c0:40:53:d8:
ae:f0:9f:60:88:1e:ce:ed:48:f2:01:e0:35:00:ac:db:3a:d5:
28:5d:54:eb:1d:b2:f6:67:9b:83:26:b5:75:ca:24:f2:d7:7a:
22:76:d7:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZUNbttgSMRyxnQddsF4VBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMwMjE1MDgzNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWE0NzdmMTQ4MjM2MzkzMGRmMGY1YWJkNTU0NDNjMGE4YTMwYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7g4iWirjhUA91Y37qZafxSEmWuT
sigXC+DHfroaKc6r5o/Me7ZAUnQnO7NcrS+FK/hj23H+Lhuyop+0D/8P2mrZzWWU
5WvJAKs3EAQ5hmLruZuLsjpH6nvkgHcOeyPOLa6cnqpyZBGRrv5RqgEbuZNA64KF
zMuANZXoV/mFQtl4PGyhuBvPOw03NJrkdMoDIYi/Msn6scrz30lAxMJnIj1G4C0+
Qj17X/5eOTDlUaAJNMwDB6LvwXfkL6Y4U9fq/Fqrvvgmv74SRe+GhTzj3TxBe06a
MonUBBb58//z3XTS6yM9C/Hn6meivw0Iv2x0ZaPSOy/168Q8UPEl+A11jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOWkd/FII2OTDfD1q9VUQ8CoowvOMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvNWFSMzhVZ2pZNU1OOFBXcjFWUkR3S2lqQzg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ7/MA0G
CSqGSIb3DQEBCwUAA4IBAQA9jjOhY9oWZYacA3QY9t4Tx3utAFK0+OeeiiBhGvon
JyLIZxmCmZ8nfcMnGkSKxmnFpqdLbF1w6YTO+HdDwHTGTwnNRD0DRHFczLTNWBdU
lyzoe5aBvMhvfZQbZCCJKMMKXKEH/tQ7YOfKLhfFMJR+M/8phA5hsXmklIc6EYr5
sH8PyKHOsVoAzm+/QcpdjoON/SNxH9u0R1G0LxEsC6dBRVJ5ATQzcbfanaCYLFxo
f01o/BUSKd5A2S+yssa5vyZTTtijg0PaQY2WiMqdQeDLtoGpgcBAU9iu8J9giB7O
7UjyAeA1AKzbOtUoXVTrHbL2Z5uDJrV1yiTy13oidte4
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:06 2025 by rpki-client