Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/ee2793-a0c9-42dc-a6a2-329ba388b7cf/1/yeR4wDMglpLVBPcHHDhQ6PN3rUQ.roa
File: yeR4wDMglpLVBPcHHDhQ6PN3rUQ.roa (raw, json)
Hash identifier: 5XaiMfR89PrDJ71UpJQEWdWXFwO8DrX6lFseX7bayd8=
Subject key identifier: C9:E4:78:C0:33:20:96:92:D5:04:F7:07:1C:38:50:E8:F3:77:AD:44
Certificate issuer: /CN=9e42ca46688a837b575234ce6a1a326587d6c204
Certificate serial: 0185069AE9BF0F4F5F2B7DBBE604EB70EFFD
Authority key identifier: 9E:42:CA:46:68:8A:83:7B:57:52:34:CE:6A:1A:32:65:87:D6:C2:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkLKRmiKg3tXUjTOahoyZYfWwgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/ee2793-a0c9-42dc-a6a2-329ba388b7cf/1/yeR4wDMglpLVBPcHHDhQ6PN3rUQ.roa
Signing time: Mon 12 Dec 2022 13:51:33 +0000
ROA not before: Mon 12 Dec 2022 13:51:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207790
IP address blocks: 45.13.12.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:9a:e9:bf:0f:4f:5f:2b:7d:bb:e6:04:eb:70:ef:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e42ca46688a837b575234ce6a1a326587d6c204
Validity
Not Before: Dec 12 13:51:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9e478c033209692d504f7071c3850e8f377ad44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d3:d9:fa:72:83:66:f8:68:36:63:8b:84:38:
da:37:5a:68:d8:dd:b5:01:36:00:08:81:4c:70:36:
63:c7:7b:a2:73:31:f1:ee:ca:f4:8c:76:31:cd:cb:
15:03:f6:cf:2b:cc:ca:7c:1c:73:49:e9:b0:b5:25:
d6:b7:01:6a:0d:cc:73:64:8c:b5:c0:fc:a8:65:ae:
6e:d1:61:52:1f:b9:3b:7e:b0:72:73:66:14:df:6c:
1e:73:c2:22:9c:0f:11:53:c9:d0:e0:3e:34:04:af:
0a:bd:3a:ee:72:71:8a:e1:da:61:ad:38:75:60:43:
11:d9:e3:e8:60:8a:0e:45:12:4e:fc:fb:b4:13:55:
a6:f7:34:cb:71:d9:c6:a8:a5:97:e7:a4:b1:59:46:
f9:03:bb:0d:24:db:37:8b:c6:e9:d1:f1:3b:48:07:
6a:5c:bf:86:70:cf:85:e8:92:2a:55:81:a6:5d:cb:
83:25:62:ec:eb:ce:71:37:d2:de:1d:a9:80:7a:5f:
d6:40:1c:b9:65:00:63:60:51:38:e0:4b:0b:91:e4:
eb:c1:1b:2d:bf:cb:2f:d3:c0:77:10:a3:bc:fd:13:
30:91:64:94:70:83:99:30:32:aa:fc:ee:43:c0:9a:
e0:3e:43:cc:ef:42:f1:5d:98:46:bd:b9:de:ff:18:
dc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E4:78:C0:33:20:96:92:D5:04:F7:07:1C:38:50:E8:F3:77:AD:44
X509v3 Authority Key Identifier:
keyid:9E:42:CA:46:68:8A:83:7B:57:52:34:CE:6A:1A:32:65:87:D6:C2:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkLKRmiKg3tXUjTOahoyZYfWwgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ee2793-a0c9-42dc-a6a2-329ba388b7cf/1/yeR4wDMglpLVBPcHHDhQ6PN3rUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ee2793-a0c9-42dc-a6a2-329ba388b7cf/1/nkLKRmiKg3tXUjTOahoyZYfWwgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.12.0/22
Signature Algorithm: sha256WithRSAEncryption
45:d2:60:ed:d5:6d:01:b4:32:c5:8c:58:cd:89:01:ee:c0:ee:
74:e9:a5:90:c6:4d:01:cf:b3:19:07:49:f2:cc:c4:39:a1:0e:
53:c1:81:b8:be:b8:d3:6a:1f:a4:2c:b0:da:ac:38:18:4f:97:
eb:b6:48:4e:c6:98:28:1c:b7:49:59:1c:b9:dc:be:e6:87:34:
4e:6c:ae:ec:0f:5a:5b:e9:a3:cb:cb:6a:80:16:2c:fd:ec:09:
91:7e:d1:11:a5:f7:b0:8b:5a:78:0e:0e:8a:f3:22:40:79:e2:
e7:11:c4:d3:3a:7b:a6:99:95:20:c3:90:83:97:21:06:6a:c9:
1f:48:51:18:40:b2:8b:d1:1c:2a:7d:c5:30:f6:6e:2c:0a:cc:
eb:9d:f2:c9:97:75:7d:38:80:ad:ee:02:d7:1f:55:14:25:b1:
a3:3d:b7:32:74:e0:ab:8e:80:2c:78:75:81:de:d6:a7:bf:81:
1d:ac:43:46:d2:b8:83:fc:c6:8d:eb:6b:ee:78:39:36:e1:f7:
7e:00:6d:93:2a:8d:9a:b7:bd:88:92:c8:fb:ce:bf:04:7c:1f:
48:31:91:a9:48:95:15:37:01:a7:94:b9:7f:0c:1e:dd:c9:77:
9a:ec:6e:3d:27:55:0a:d5:33:d1:e6:80:68:5d:e6:18:8c:b3:
e4:67:95:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUGmum/D09fK3275gTrcO/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDJjYTQ2Njg4YTgzN2I1NzUyMzRjZTZhMWEzMjY1ODdk
NmMyMDQwHhcNMjIxMjEyMTM1MTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWU0NzhjMDMzMjA5NjkyZDUwNGY3MDcxYzM4NTBlOGYzNzdhZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNPZ+nKDZvhoNmOLhDjaN1po2N21
ATYACIFMcDZjx3uiczHx7sr0jHYxzcsVA/bPK8zKfBxzSemwtSXWtwFqDcxzZIy1
wPyoZa5u0WFSH7k7frByc2YU32wec8IinA8RU8nQ4D40BK8KvTrucnGK4dphrTh1
YEMR2ePoYIoORRJO/Pu0E1Wm9zTLcdnGqKWX56SxWUb5A7sNJNs3i8bp0fE7SAdq
XL+GcM+F6JIqVYGmXcuDJWLs685xN9LeHamAel/WQBy5ZQBjYFE44EsLkeTrwRst
v8sv08B3EKO8/RMwkWSUcIOZMDKq/O5DwJrgPkPM70LxXZhGvbne/xjcaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnkeMAzIJaS1QT3Bxw4UOjzd61EMB8GA1UdIwQY
MBaAFJ5CykZoioN7V1I0zmoaMmWH1sIEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtMS1JtaUtnM3RYVWpUT2Fob3laWWZXd2dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9lZTI3OTMtYTBjOS00MmRjLWE2YTIt
MzI5YmEzODhiN2NmLzEveWVSNHdETWdscExWQlBjSEhEaFE2UE4zclVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9lZTI3OTMtYTBjOS00MmRjLWE2YTItMzI5YmEzODhiN2Nm
LzEvbmtMS1JtaUtnM3RYVWpUT2Fob3laWWZXd2dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ0MMA0G
CSqGSIb3DQEBCwUAA4IBAQBF0mDt1W0BtDLFjFjNiQHuwO506aWQxk0Bz7MZB0ny
zMQ5oQ5TwYG4vrjTah+kLLDarDgYT5frtkhOxpgoHLdJWRy53L7mhzRObK7sD1pb
6aPLy2qAFiz97AmRftERpfewi1p4Dg6K8yJAeeLnEcTTOnummZUgw5CDlyEGaskf
SFEYQLKL0RwqfcUw9m4sCszrnfLJl3V9OICt7gLXH1UUJbGjPbcydOCrjoAseHWB
3tanv4EdrENG0riD/MaN62vueDk24fd+AG2TKo2at72Iksj7zr8EfB9IMZGpSJUV
NwGnlLl/DB7dyXea7G49J1UK1TPR5oBoXeYYjLPkZ5W9
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:45 2025 by rpki-client