Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/pih1LhK24hlLIEVK06xmjnRV_rY.roa
File: pih1LhK24hlLIEVK06xmjnRV_rY.roa (raw, json)
Hash identifier: IktgizA9sm6DSJwLLoJD4T5GNgozXLqRcVrT1ngqSQ0=
Subject key identifier: A6:28:75:2E:12:B6:E2:19:4B:20:45:4A:D3:AC:66:8E:74:55:FE:B6
Certificate issuer: /CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Certificate serial: 018C6DB93FF35210A690E498A78655A09F46
Authority key identifier: 91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/pih1LhK24hlLIEVK06xmjnRV_rY.roa
Signing time: Fri 15 Dec 2023 13:45:06 +0000
ROA not before: Fri 15 Dec 2023 13:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35197
IP address blocks: 45.142.137.0/24 maxlen: 24
185.187.130.0/24 maxlen: 24
185.187.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:b9:3f:f3:52:10:a6:90:e4:98:a7:86:55:a0:9f:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Validity
Not Before: Dec 15 13:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a628752e12b6e2194b20454ad3ac668e7455feb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d5:42:56:28:96:ce:c5:f0:4c:9b:59:44:9d:
63:4c:f5:52:97:b8:c5:99:ab:5b:10:5f:3b:83:71:
31:a9:d3:dd:f9:81:30:e0:a6:d3:8e:59:9f:10:3d:
cd:69:51:bd:e2:79:fa:b0:f5:6b:ae:5c:57:43:79:
94:09:d4:71:1f:58:5e:47:bb:83:b6:95:77:46:c9:
2b:be:96:7b:65:d2:5d:1b:b0:c8:07:a3:ba:64:96:
e7:de:3c:7e:5c:a8:9d:7a:2c:68:d9:fe:e6:8b:7e:
d4:09:19:82:11:5f:6c:ea:0f:f4:dc:68:c2:f0:ff:
3e:3b:d0:92:25:bd:a8:ac:7a:ff:ae:b2:78:72:37:
49:eb:40:eb:17:ee:85:ba:54:ba:4d:40:59:b5:a2:
7c:33:ac:a8:be:7d:8a:ef:10:aa:f5:f4:a1:62:e9:
28:5b:ac:5b:01:c4:85:65:4a:90:00:c0:d3:7e:66:
63:c7:75:44:20:91:78:57:de:3f:fc:f2:78:d2:75:
91:11:d5:b9:78:7d:e3:bc:62:99:4c:1c:ba:5e:34:
26:57:47:5f:7c:e4:f2:51:23:4d:1a:e6:c6:4e:75:
6c:07:98:07:79:0d:fb:7f:cf:02:7b:c9:fe:d5:45:
8b:82:9a:40:16:00:0c:aa:17:f0:09:c9:e1:ad:c9:
07:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:28:75:2E:12:B6:E2:19:4B:20:45:4A:D3:AC:66:8E:74:55:FE:B6
X509v3 Authority Key Identifier:
keyid:91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/pih1LhK24hlLIEVK06xmjnRV_rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.137.0/24
185.187.129.0-185.187.130.255
Signature Algorithm: sha256WithRSAEncryption
3a:ca:40:8d:78:09:a2:76:be:d1:06:e2:1d:7b:06:95:a0:07:
e8:03:20:c5:95:53:06:34:62:23:ff:cc:87:32:33:ed:34:61:
0e:b1:40:a6:8a:e8:72:e0:de:65:4a:12:71:ee:1b:33:6f:34:
ed:ff:23:02:7c:78:39:07:b9:9f:c4:eb:a3:57:74:cb:24:b4:
6f:1b:62:0a:76:d4:7a:fe:95:43:60:5d:0f:89:6d:2f:c4:0e:
49:7a:da:f8:3c:0a:ac:3d:ff:cd:29:23:95:1a:6c:30:3b:f8:
f7:cc:f2:24:47:86:a6:53:b4:bb:02:8d:5e:be:60:1b:5f:2c:
3a:9d:52:0f:ee:81:b7:66:72:a2:44:38:bb:d0:db:7e:6b:79:
ad:57:85:94:6c:08:73:3e:9d:fd:ea:61:cd:09:96:f1:a4:a9:
a1:14:93:73:e9:29:4b:a1:ba:4f:2a:98:8f:e0:5d:78:66:de:
b4:33:c5:90:c3:ec:e0:44:0d:cc:d1:9e:5e:29:da:8b:b4:d3:
90:32:2d:29:0a:57:9f:f5:5a:e6:13:97:dc:ca:a0:30:75:cc:
25:5c:70:f0:d0:cd:ef:4e:8a:54:3c:cc:6a:38:1f:d0:83:80:
9b:9b:78:86:6c:8e:b7:fd:b1:bf:b2:fe:1f:88:f6:9b:f7:ba:
dd:fc:5d:cd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYxtuT/zUhCmkOSYp4ZVoJ9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODkwMTY2MmE4ZWM1ZmY0ZDNmNDhkMjkwOTkyMzBhMDU3
NWVjOGEwHhcNMjMxMjE1MTM0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjI4NzUyZTEyYjZlMjE5NGIyMDQ1NGFkM2FjNjY4ZTc0NTVmZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntVCViiWzsXwTJtZRJ1jTPVSl7jF
matbEF87g3ExqdPd+YEw4KbTjlmfED3NaVG94nn6sPVrrlxXQ3mUCdRxH1heR7uD
tpV3RskrvpZ7ZdJdG7DIB6O6ZJbn3jx+XKideixo2f7mi37UCRmCEV9s6g/03GjC
8P8+O9CSJb2orHr/rrJ4cjdJ60DrF+6FulS6TUBZtaJ8M6yovn2K7xCq9fShYuko
W6xbAcSFZUqQAMDTfmZjx3VEIJF4V94//PJ40nWREdW5eH3jvGKZTBy6XjQmV0df
fOTyUSNNGubGTnVsB5gHeQ37f88Ce8n+1UWLgppAFgAMqhfwCcnhrckHUwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKYodS4StuIZSyBFStOsZo50Vf62MB8GA1UdIwQY
MBaAFJGJAWYqjsX/TT9I0pCZIwoFdeyKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lrQlppcU94ZjlOUDBqU2tKa2pDZ1YxN0lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC81YjkyYTctMjgzNy00NjllLTgyMTQt
ZTgxMWUyM2MxODA0LzEvcGloMUxoSzI0aGxMSUVWSzA2eG1qblJWX3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC81YjkyYTctMjgzNy00NjllLTgyMTQtZTgxMWUyM2MxODA0
LzEva1lrQlppcU94ZjlOUDBqU2tKa2pDZ1YxN0lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALY6JMAwD
BAC5u4EDBAC5u4IwDQYJKoZIhvcNAQELBQADggEBADrKQI14CaJ2vtEG4h17BpWg
B+gDIMWVUwY0YiP/zIcyM+00YQ6xQKaK6HLg3mVKEnHuGzNvNO3/IwJ8eDkHuZ/E
66NXdMsktG8bYgp21Hr+lUNgXQ+JbS/EDkl62vg8Cqw9/80pI5UabDA7+PfM8iRH
hqZTtLsCjV6+YBtfLDqdUg/ugbdmcqJEOLvQ235rea1XhZRsCHM+nf3qYc0JlvGk
qaEUk3PpKUuhuk8qmI/gXXhm3rQzxZDD7OBEDczRnl4p2ou005AyLSkKV5/1WuYT
l9zKoDB1zCVccPDQze9OilQ8zGo4H9CDgJubeIZsjrf9sb+y/h+I9pv3ut38Xc0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:48 2025 by rpki-client