Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/h5apmtHXOOZp7ZSebUmlvlplvOg.roa
File: h5apmtHXOOZp7ZSebUmlvlplvOg.roa (raw, json)
Hash identifier: uCaD513MZyPUg59e6x0mZshXNOM1JchmhOCVhurSpFA=
Subject key identifier: 87:96:A9:9A:D1:D7:38:E6:69:ED:94:9E:6D:49:A5:BE:5A:65:BC:E8
Certificate issuer: /CN=234b54b119a7b3eff153085b7315507cd8513a0f
Certificate serial: 0182CA9A72BAE29B88AC8C30D99BF4F6FB32
Authority key identifier: 23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/h5apmtHXOOZp7ZSebUmlvlplvOg.roa
Signing time: Tue 23 Aug 2022 12:08:15 +0000
ROA not before: Tue 23 Aug 2022 12:08:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 45.87.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ca:9a:72:ba:e2:9b:88:ac:8c:30:d9:9b:f4:f6:fb:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234b54b119a7b3eff153085b7315507cd8513a0f
Validity
Not Before: Aug 23 12:08:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8796a99ad1d738e669ed949e6d49a5be5a65bce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bd:48:b5:40:47:ff:9e:8c:40:86:31:f2:d8:
45:df:94:71:95:19:fb:7c:c2:17:3d:ab:9a:aa:65:
e0:83:e0:5a:54:9f:b2:41:0d:dd:12:d5:c6:a1:f9:
a6:45:03:b3:3c:90:1f:b7:8a:be:21:ac:14:e2:16:
71:d0:b3:4a:5e:b0:87:47:1d:55:b9:a8:9c:f3:97:
7c:a0:a3:39:c2:d4:8a:c4:70:85:fe:0a:48:89:f7:
27:13:8f:fd:21:1b:ce:2c:2b:f6:df:bb:49:d6:8f:
4e:de:49:74:e7:89:3e:2e:05:64:af:36:fd:43:c2:
14:45:3e:e7:f4:51:ee:7d:21:27:da:f4:d4:4d:1a:
9c:cb:ae:44:8f:24:6a:94:9a:2e:ca:ba:94:7e:82:
36:49:65:8a:2c:da:8e:89:9d:68:89:3c:13:a9:3c:
44:cd:69:5a:2d:9b:65:96:d4:5e:5e:02:bc:d4:75:
f7:26:a2:d9:b6:b6:d9:ab:e9:0b:45:f2:ed:9e:ac:
ba:bf:84:b1:94:a1:07:56:f9:aa:37:ba:ff:47:a4:
3c:65:43:07:e1:71:b6:a6:5f:36:ba:6f:4e:e7:23:
5a:64:e8:a1:9e:b6:c2:2a:64:c5:c2:a3:07:ed:f1:
a5:33:0a:92:8f:db:7b:8d:6e:49:b9:13:95:3c:ec:
ab:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:96:A9:9A:D1:D7:38:E6:69:ED:94:9E:6D:49:A5:BE:5A:65:BC:E8
X509v3 Authority Key Identifier:
keyid:23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/h5apmtHXOOZp7ZSebUmlvlplvOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.162.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:f6:2f:94:c0:bc:24:5d:f8:23:e8:ed:4e:bb:52:6f:dc:c6:
2b:f8:63:62:c6:d1:5d:c4:a3:e1:27:cf:94:7e:06:13:6d:ec:
86:b4:a9:d6:24:30:33:64:69:fb:8d:58:2d:db:68:ac:d0:b3:
ed:0b:17:f5:d8:e5:c0:82:11:28:3c:f6:27:3d:b6:43:c3:89:
bf:c2:5d:04:0e:cc:9b:31:ed:5c:ed:00:89:7c:a1:06:80:21:
fb:87:fa:67:c3:11:8e:04:06:50:f1:ea:87:9a:26:4e:99:58:
85:0b:73:e5:27:98:be:50:8c:8e:80:a1:c9:69:f5:5c:1c:8a:
0d:e1:ae:48:66:27:b4:ab:4c:4b:75:bd:5e:11:74:4d:64:38:
6f:59:03:e9:b8:db:67:49:76:b9:b3:8e:54:9e:ba:f3:2d:21:
50:b6:24:7a:c7:42:ff:96:d1:fa:59:05:4b:8f:bc:8c:4e:57:
e9:f7:2c:87:6a:0c:1b:51:06:96:ae:0a:1b:61:a8:42:79:b0:
24:de:e3:f7:7b:7d:cb:8d:93:66:80:c7:28:67:5b:e6:3a:01:
e1:00:eb:9f:3e:b8:95:2b:3b:0b:02:79:ec:de:d7:c9:d1:45:
d7:96:3b:69:9a:20:21:c8:aa:f1:b4:3a:bb:20:45:5f:29:31:
ce:9a:9c:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLKmnK64puIrIww2Zv09vsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGI1NGIxMTlhN2IzZWZmMTUzMDg1YjczMTU1MDdjZDg1
MTNhMGYwHhcNMjIwODIzMTIwODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzk2YTk5YWQxZDczOGU2NjllZDk0OWU2ZDQ5YTViZTVhNjViY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhr1ItUBH/56MQIYx8thF35RxlRn7
fMIXPauaqmXgg+BaVJ+yQQ3dEtXGofmmRQOzPJAft4q+IawU4hZx0LNKXrCHRx1V
uaic85d8oKM5wtSKxHCF/gpIifcnE4/9IRvOLCv237tJ1o9O3kl054k+LgVkrzb9
Q8IURT7n9FHufSEn2vTUTRqcy65EjyRqlJouyrqUfoI2SWWKLNqOiZ1oiTwTqTxE
zWlaLZtlltReXgK81HX3JqLZtrbZq+kLRfLtnqy6v4SxlKEHVvmqN7r/R6Q8ZUMH
4XG2pl82um9O5yNaZOihnrbCKmTFwqMH7fGlMwqSj9t7jW5JuROVPOyrjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIeWqZrR1zjmae2Unm1Jpb5aZbzoMB8GA1UdIwQY
MBaAFCNLVLEZp7Pv8VMIW3MVUHzYUToPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQt
MWQyMWQxYmNlM2ZlLzEvaDVhcG10SFhPT1pwN1pTZWJVbWx2bHBsdk9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQtMWQyMWQxYmNlM2Zl
LzEvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVeiMA0G
CSqGSIb3DQEBCwUAA4IBAQCM9i+UwLwkXfgj6O1Ou1Jv3MYr+GNixtFdxKPhJ8+U
fgYTbeyGtKnWJDAzZGn7jVgt22is0LPtCxf12OXAghEoPPYnPbZDw4m/wl0EDsyb
Me1c7QCJfKEGgCH7h/pnwxGOBAZQ8eqHmiZOmViFC3PlJ5i+UIyOgKHJafVcHIoN
4a5IZie0q0xLdb1eEXRNZDhvWQPpuNtnSXa5s45UnrrzLSFQtiR6x0L/ltH6WQVL
j7yMTlfp9yyHagwbUQaWrgobYahCebAk3uP3e33LjZNmgMcoZ1vmOgHhAOufPriV
KzsLAnns3tfJ0UXXljtpmiAhyKrxtDq7IEVfKTHOmpyQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:46 2025 by rpki-client