Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/PK7Th2MeoA4bW8giEP9q6QEp-JA.roa
File: PK7Th2MeoA4bW8giEP9q6QEp-JA.roa (raw, json)
Hash identifier: oVEVsPJCBv+MYeauT9P8sFWsmfy+pTXGlrNyUKMqp2U=
Subject key identifier: 3C:AE:D3:87:63:1E:A0:0E:1B:5B:C8:22:10:FF:6A:E9:01:29:F8:90
Certificate issuer: /CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
Certificate serial: 018570675CA7DC5DA4BC01F2F5F92552186C
Authority key identifier: 4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/PK7Th2MeoA4bW8giEP9q6QEp-JA.roa
Signing time: Mon 02 Jan 2023 02:55:00 +0000
ROA not before: Mon 02 Jan 2023 02:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 45.133.144.0/24 maxlen: 24
45.133.144.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:5c:a7:dc:5d:a4:bc:01:f2:f5:f9:25:52:18:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
Validity
Not Before: Jan 2 02:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3caed387631ea00e1b5bc82210ff6ae90129f890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2a:c3:e5:b6:38:9b:64:80:71:b6:90:98:66:
ba:c9:b6:dc:5e:22:b2:f3:0f:e3:b4:b9:e6:01:12:
46:65:3b:31:e3:78:14:54:12:ba:ea:48:0b:58:33:
b9:ac:92:bd:e1:91:24:98:ca:57:67:56:e4:f9:e9:
f6:ff:70:99:90:26:67:c0:b4:83:c1:29:ed:68:d6:
93:98:6e:e3:11:50:32:6a:2e:91:a7:7c:4c:79:70:
d7:a9:a0:cd:d9:40:da:d6:ea:08:73:bd:e0:12:42:
5c:e2:af:78:66:62:32:73:af:93:0d:d6:6c:88:7a:
5a:2a:2e:e1:92:a5:a5:ec:d6:f5:c5:31:7d:f8:f2:
99:97:5b:1e:27:79:11:63:ac:3c:e3:f0:21:74:d9:
d4:7b:12:7d:ba:59:38:32:ad:08:4f:2a:ae:51:00:
8e:5d:de:ee:1c:6c:da:81:5b:d2:f9:a7:8c:3a:19:
8c:53:99:88:26:54:47:19:72:cc:5a:3a:86:ed:96:
bf:a9:2f:76:1e:db:dc:c1:fb:b4:82:0b:7d:0a:31:
93:88:dd:71:ba:cd:71:cc:71:8e:a4:3c:3f:35:07:
e2:7e:bd:4f:00:50:c8:a6:ea:ad:f2:7b:d8:5e:34:
3d:c9:59:02:0f:10:82:9a:15:1e:c1:45:3f:6b:5b:
81:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:AE:D3:87:63:1E:A0:0E:1B:5B:C8:22:10:FF:6A:E9:01:29:F8:90
X509v3 Authority Key Identifier:
keyid:4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/PK7Th2MeoA4bW8giEP9q6QEp-JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.144.0/22
Signature Algorithm: sha256WithRSAEncryption
32:70:c0:11:48:fe:3b:13:11:52:5f:1a:60:78:c5:ff:01:c6:
05:4f:89:14:74:d5:f7:51:d5:d8:1d:4a:e9:c3:30:32:45:4b:
be:10:85:b8:74:35:71:30:cc:be:44:a1:49:41:ef:6a:62:f0:
69:3a:b6:0b:52:45:a2:20:4c:d8:d6:4f:84:0d:c3:01:14:a0:
a2:d4:55:39:00:81:a6:7e:91:54:40:95:a2:6e:3b:1c:3b:c3:
24:56:9f:55:ae:f5:b5:31:db:be:7f:0c:7b:63:60:7d:9e:89:
23:49:68:c3:35:00:b8:ec:11:b9:18:67:e0:3a:13:27:b3:46:
e9:ca:98:1b:47:5e:e3:64:77:72:c9:60:e7:08:54:0f:c0:14:
ea:94:ad:fd:4f:80:eb:e0:86:cf:83:a1:73:9d:60:be:44:9e:
51:85:33:8b:5f:a9:f1:ed:b4:a8:38:03:f8:52:a2:94:f8:32:
b2:e4:44:3c:30:03:ec:be:dd:2e:07:d6:51:ca:5c:a1:2b:06:
17:57:ac:00:da:03:63:2f:7b:a5:26:03:f6:c5:97:8c:9b:c5:
7b:35:3a:0a:4c:f2:2f:14:64:0b:b6:48:15:5a:45:e7:d1:e8:
9a:4a:de:1f:80:4c:fa:b1:55:ba:d3:86:57:83:ae:c7:d5:33:
a3:da:d8:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ1yn3F2kvAHy9fklUhhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMDAwNmUwNTg5NmY2ZmZiMzAxNjFlN2M4ZGRhMmY5YWQw
NWI1NjEwHhcNMjMwMTAyMDI1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2FlZDM4NzYzMWVhMDBlMWI1YmM4MjIxMGZmNmFlOTAxMjlmODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoirD5bY4m2SAcbaQmGa6ybbcXiKy
8w/jtLnmARJGZTsx43gUVBK66kgLWDO5rJK94ZEkmMpXZ1bk+en2/3CZkCZnwLSD
wSntaNaTmG7jEVAyai6Rp3xMeXDXqaDN2UDa1uoIc73gEkJc4q94ZmIyc6+TDdZs
iHpaKi7hkqWl7Nb1xTF9+PKZl1seJ3kRY6w84/AhdNnUexJ9ulk4Mq0ITyquUQCO
Xd7uHGzagVvS+aeMOhmMU5mIJlRHGXLMWjqG7Za/qS92Htvcwfu0ggt9CjGTiN1x
us1xzHGOpDw/NQfifr1PAFDIpuqt8nvYXjQ9yVkCDxCCmhUewUU/a1uBrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyu04djHqAOG1vIIhD/aukBKfiQMB8GA1UdIwQY
MBaAFEwABuBYlvb/swFh58jdovmtBbVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9iN2Y4MzktYzY4MC00NWVhLWE4ZWUt
MTMwODdiZWJkMWU0LzEvUEs3VGgyTWVvQTRiVzhnaUVQOXE2UUVwLUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9iN2Y4MzktYzY4MC00NWVhLWE4ZWUtMTMwODdiZWJkMWU0
LzEvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYWQMA0G
CSqGSIb3DQEBCwUAA4IBAQAycMARSP47ExFSXxpgeMX/AcYFT4kUdNX3UdXYHUrp
wzAyRUu+EIW4dDVxMMy+RKFJQe9qYvBpOrYLUkWiIEzY1k+EDcMBFKCi1FU5AIGm
fpFUQJWibjscO8MkVp9VrvW1Mdu+fwx7Y2B9nokjSWjDNQC47BG5GGfgOhMns0bp
ypgbR17jZHdyyWDnCFQPwBTqlK39T4Dr4IbPg6FznWC+RJ5RhTOLX6nx7bSoOAP4
UqKU+DKy5EQ8MAPsvt0uB9ZRylyhKwYXV6wA2gNjL3ulJgP2xZeMm8V7NToKTPIv
FGQLtkgVWkXn0eiaSt4fgEz6sVW604ZXg67H1TOj2tjl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:32 2025 by rpki-client