Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Ks5lj9NKNQ3gylocurIMAmOD05k.roa
File: Ks5lj9NKNQ3gylocurIMAmOD05k.roa (raw, json)
Hash identifier: gQ89ltGpn5+QGfo68vDTG6LvmMusbRNWj7rulMpcMl0=
Subject key identifier: 2A:CE:65:8F:D3:4A:35:0D:E0:CA:5A:1C:BA:B2:0C:02:63:83:D3:99
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 0189DEF04EAFF06C21938D7BF542E25413A3
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Ks5lj9NKNQ3gylocurIMAmOD05k.roa
Signing time: Thu 10 Aug 2023 10:13:57 +0000
ROA not before: Thu 10 Aug 2023 10:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55154
IP address blocks: 45.135.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:f0:4e:af:f0:6c:21:93:8d:7b:f5:42:e2:54:13:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Aug 10 10:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ace658fd34a350de0ca5a1cbab20c026383d399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4d:29:41:f3:f2:64:2f:73:89:70:cb:14:71:
7e:c1:f5:03:f0:da:68:b5:08:16:f3:71:99:79:2f:
2c:a3:ae:53:2a:cb:59:9a:eb:f5:3f:00:bf:78:ca:
78:66:83:a4:e7:50:65:b8:12:c5:73:0e:74:1c:1b:
56:75:5b:94:fe:d7:8c:a5:2d:bd:0a:26:39:97:50:
01:c8:61:b3:a6:63:e4:eb:b3:4e:fc:c2:50:29:8d:
a2:0f:b5:c7:34:e8:88:f2:a5:a6:3b:ee:06:ed:fe:
11:6e:2b:ad:ca:49:7b:c9:8c:7b:89:ae:15:38:f1:
c6:f5:d3:bf:88:c2:c6:1f:27:f5:3d:19:13:0c:15:
c9:c4:a8:5a:65:2a:d8:82:ad:30:8d:c1:ea:8c:cc:
52:14:c0:f4:3c:3e:ee:cd:e5:31:d5:7b:4d:b0:34:
19:40:b5:91:3e:72:cc:a9:06:cd:6f:b0:e2:c9:66:
1a:c7:fc:c8:ea:01:a5:c4:d1:d6:b0:1f:de:03:ee:
72:68:59:36:91:08:b7:8d:83:5f:e2:d7:63:bc:90:
0e:9d:ec:41:cc:dd:9e:4a:8c:31:76:aa:b1:a6:5f:
83:ac:a8:20:21:fa:1a:f3:ca:c0:c4:48:a9:37:da:
6e:5d:6e:46:82:be:a1:c1:4a:46:fb:f0:ca:7a:12:
e9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CE:65:8F:D3:4A:35:0D:E0:CA:5A:1C:BA:B2:0C:02:63:83:D3:99
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Ks5lj9NKNQ3gylocurIMAmOD05k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.236.0/24
Signature Algorithm: sha256WithRSAEncryption
40:79:c7:e0:7f:85:34:54:09:1e:f6:30:7a:dc:30:9c:90:6d:
af:ed:7c:9d:2d:8a:6d:de:23:8d:cd:4a:f5:4d:6a:f9:01:b2:
cf:10:10:f5:51:b8:0f:ac:fe:d7:a8:d4:d6:65:85:fc:0b:9c:
42:4c:85:70:10:73:ab:d6:89:4f:18:78:d3:93:45:d0:d3:4e:
1a:5a:1f:bb:d5:26:e3:0b:e1:15:33:2e:9d:ad:12:f6:3b:16:
51:9a:59:00:38:bb:ae:fc:84:51:c5:a8:d9:54:a5:ed:a3:fd:
83:84:59:6a:d5:d5:01:0e:8b:56:f6:01:17:ef:b7:89:7f:37:
ea:71:1e:85:b1:be:66:ba:04:ae:bb:ea:c2:3e:01:a6:14:d3:
9e:60:3e:32:8d:4d:5e:ee:ec:6d:4a:06:96:a7:8b:5f:4b:d7:
bb:79:6c:b8:b6:f6:e4:2e:73:fa:29:91:fa:d4:b1:12:85:5b:
1c:69:9d:a3:4b:30:80:67:f3:df:23:8d:66:66:04:a7:a0:7b:
0e:35:6f:ba:b4:66:bf:d1:07:c7:21:1c:1c:b2:81:d7:d1:4f:
5e:81:fe:21:56:17:6a:99:bf:8e:0b:4e:74:46:7a:4b:f2:e2:
c1:25:44:0b:b2:6a:b9:5d:a8:b1:4c:c6:aa:a5:b9:3a:ad:ab:
02:ea:0b:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYne8E6v8Gwhk4179ULiVBOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMwODEwMTAxMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWNlNjU4ZmQzNGEzNTBkZTBjYTVhMWNiYWIyMGMwMjYzODNkMzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwU0pQfPyZC9ziXDLFHF+wfUD8Npo
tQgW83GZeS8so65TKstZmuv1PwC/eMp4ZoOk51BluBLFcw50HBtWdVuU/teMpS29
CiY5l1AByGGzpmPk67NO/MJQKY2iD7XHNOiI8qWmO+4G7f4Rbiutykl7yYx7ia4V
OPHG9dO/iMLGHyf1PRkTDBXJxKhaZSrYgq0wjcHqjMxSFMD0PD7uzeUx1XtNsDQZ
QLWRPnLMqQbNb7DiyWYax/zI6gGlxNHWsB/eA+5yaFk2kQi3jYNf4tdjvJAOnexB
zN2eSowxdqqxpl+DrKggIfoa88rAxEipN9puXW5Ggr6hwUpG+/DKehLprwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCrOZY/TSjUN4MpaHLqyDAJjg9OZMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvS3M1bGo5TktOUTNneWxvY3VySU1BbU9EMDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYfsMA0G
CSqGSIb3DQEBCwUAA4IBAQBAecfgf4U0VAke9jB63DCckG2v7XydLYpt3iONzUr1
TWr5AbLPEBD1UbgPrP7XqNTWZYX8C5xCTIVwEHOr1olPGHjTk0XQ004aWh+71Sbj
C+EVMy6drRL2OxZRmlkAOLuu/IRRxajZVKXto/2DhFlq1dUBDotW9gEX77eJfzfq
cR6Fsb5mugSuu+rCPgGmFNOeYD4yjU1e7uxtSgaWp4tfS9e7eWy4tvbkLnP6KZH6
1LEShVscaZ2jSzCAZ/PfI41mZgSnoHsONW+6tGa/0QfHIRwcsoHX0U9egf4hVhdq
mb+OC050RnpL8uLBJUQLsmq5XaixTMaqpbk6rasC6gsO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:19 2025 by rpki-client