Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/68772c-b11a-49c9-907f-4ed1d075b637/1/cXlgT1XjyifA5SAqGTERq7XJRHM.roa
File: cXlgT1XjyifA5SAqGTERq7XJRHM.roa (raw, json)
Hash identifier: w1Y6h8wijEhXp2lxk/mXbmxNC2+wA0c1S6ncQobgyi4=
Subject key identifier: 71:79:60:4F:55:E3:CA:27:C0:E5:20:2A:19:31:11:AB:B5:C9:44:73
Certificate issuer: /CN=85db397dc7648f0fd33c631f35cc2074e4ee332e
Certificate serial: 0189FC5668B5979564077CF81B679DC02BF0
Authority key identifier: 85:DB:39:7D:C7:64:8F:0F:D3:3C:63:1F:35:CC:20:74:E4:EE:33:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hds5fcdkjw_TPGMfNcwgdOTuMy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/68772c-b11a-49c9-907f-4ed1d075b637/1/cXlgT1XjyifA5SAqGTERq7XJRHM.roa
Signing time: Wed 16 Aug 2023 03:14:28 +0000
ROA not before: Wed 16 Aug 2023 03:14:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59692
IP address blocks: 45.183.4.0/22 maxlen: 32
190.115.16.0/20 maxlen: 32
186.2.160.0/20 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fc:56:68:b5:97:95:64:07:7c:f8:1b:67:9d:c0:2b:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85db397dc7648f0fd33c631f35cc2074e4ee332e
Validity
Not Before: Aug 16 03:14:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7179604f55e3ca27c0e5202a193111abb5c94473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:61:c0:38:f6:35:0b:33:b1:a0:28:0b:7e:92:
57:12:ca:30:8b:94:84:b3:61:79:01:09:1e:9c:a3:
a6:c7:92:c9:45:37:b2:6f:cb:6b:dc:9b:d1:b3:ec:
05:11:86:bf:84:4a:3b:54:4b:0d:05:4c:32:9b:b7:
af:6f:0a:f1:5f:ed:3b:0b:0d:79:06:c9:c1:7e:80:
ff:9c:de:3a:18:e3:9e:18:91:e0:f1:19:e8:7e:79:
71:6a:9b:90:0f:4c:39:59:34:fa:26:3f:9e:22:5f:
49:2b:9a:5c:f6:b9:b3:3b:dc:82:1f:50:de:5b:26:
f3:a3:01:c6:e3:3a:cd:b0:83:08:d2:c4:38:d2:e9:
6e:43:0e:0b:55:81:2f:2a:3f:31:11:13:c3:08:1b:
ec:3c:31:9c:fb:9d:ad:80:0b:2a:5c:28:91:01:05:
e8:8b:e6:00:aa:fb:fb:21:17:e5:54:00:3b:db:44:
92:f1:7d:19:d6:16:8b:8a:d5:f9:26:69:52:77:28:
7b:76:af:8e:7b:e7:00:0d:c2:47:54:02:64:9e:38:
08:98:0f:e5:78:23:dc:b8:a8:10:9c:cc:73:21:ca:
c4:a2:16:36:d7:f2:d5:f3:8b:a2:8b:11:18:8b:55:
18:60:fd:90:86:ab:23:b1:7d:fc:36:48:0d:64:b9:
b8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:79:60:4F:55:E3:CA:27:C0:E5:20:2A:19:31:11:AB:B5:C9:44:73
X509v3 Authority Key Identifier:
keyid:85:DB:39:7D:C7:64:8F:0F:D3:3C:63:1F:35:CC:20:74:E4:EE:33:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hds5fcdkjw_TPGMfNcwgdOTuMy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/68772c-b11a-49c9-907f-4ed1d075b637/1/cXlgT1XjyifA5SAqGTERq7XJRHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/68772c-b11a-49c9-907f-4ed1d075b637/1/hds5fcdkjw_TPGMfNcwgdOTuMy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.183.4.0/22
186.2.160.0/20
190.115.16.0/20
Signature Algorithm: sha256WithRSAEncryption
87:8d:5f:b8:52:c5:6b:66:a1:e8:34:79:a0:ac:92:1e:f9:c8:
42:d0:72:0f:ea:92:92:b9:5e:65:c8:63:09:0f:16:01:0f:10:
87:8f:6a:f8:72:01:97:38:1a:70:6d:31:45:66:84:5c:56:55:
79:11:be:01:57:a6:05:67:29:bc:a7:c2:01:04:5b:28:4c:2d:
04:c1:a8:90:c0:2e:eb:00:e7:78:9d:b7:af:b1:c3:47:cf:eb:
4d:3f:c3:be:25:00:05:0d:f0:97:b9:df:b4:03:88:8b:c1:34:
6b:54:0c:94:cb:27:61:d7:37:86:92:fd:c7:28:70:d6:b5:28:
39:0a:bd:e8:14:e7:af:a7:72:6f:b9:95:ea:aa:47:d3:e6:0a:
cc:2a:65:37:8c:54:5e:e3:6b:07:a8:85:2a:af:97:68:eb:ed:
55:1c:14:16:a7:a9:24:c3:0a:2a:b8:bd:6b:a3:08:71:f9:0d:
c0:32:55:95:a2:b3:14:a8:35:4f:1d:ef:f9:87:de:7c:32:97:
21:7c:72:a9:3b:06:02:1f:17:c0:6b:3b:07:79:f9:6d:29:be:
c1:26:6b:37:dd:be:7e:39:4c:7b:6a:03:19:aa:47:04:91:b0:
e0:e1:f5:8b:7d:70:6f:d7:19:6c:96:6b:47:e0:b1:78:80:db:
09:a2:35:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYn8Vmi1l5VkB3z4G2edwCvwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGIzOTdkYzc2NDhmMGZkMzNjNjMxZjM1Y2MyMDc0ZTRl
ZTMzMmUwHhcNMjMwODE2MDMxNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTc5NjA0ZjU1ZTNjYTI3YzBlNTIwMmExOTMxMTFhYmI1Yzk0NDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWHAOPY1CzOxoCgLfpJXEsowi5SE
s2F5AQkenKOmx5LJRTeyb8tr3JvRs+wFEYa/hEo7VEsNBUwym7evbwrxX+07Cw15
BsnBfoD/nN46GOOeGJHg8RnofnlxapuQD0w5WTT6Jj+eIl9JK5pc9rmzO9yCH1De
WybzowHG4zrNsIMI0sQ40uluQw4LVYEvKj8xERPDCBvsPDGc+52tgAsqXCiRAQXo
i+YAqvv7IRflVAA720SS8X0Z1haLitX5JmlSdyh7dq+Oe+cADcJHVAJknjgImA/l
eCPcuKgQnMxzIcrEohY21/LV84uiixEYi1UYYP2QhqsjsX38NkgNZLm4kQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHF5YE9V48onwOUgKhkxEau1yURzMB8GA1UdIwQY
MBaAFIXbOX3HZI8P0zxjHzXMIHTk7jMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGRzNWZjZGtqd19UUEdNZk5jd2dkT1R1TXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82ODc3MmMtYjExYS00OWM5LTkwN2Yt
NGVkMWQwNzViNjM3LzEvY1hsZ1QxWGp5aWZBNVNBcUdURVJxN1hKUkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82ODc3MmMtYjExYS00OWM5LTkwN2YtNGVkMWQwNzViNjM3
LzEvaGRzNWZjZGtqd19UUEdNZk5jd2dkT1R1TXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLbcEAwQE
ugKgAwQEvnMQMA0GCSqGSIb3DQEBCwUAA4IBAQCHjV+4UsVrZqHoNHmgrJIe+chC
0HIP6pKSuV5lyGMJDxYBDxCHj2r4cgGXOBpwbTFFZoRcVlV5Eb4BV6YFZym8p8IB
BFsoTC0EwaiQwC7rAOd4nbevscNHz+tNP8O+JQAFDfCXud+0A4iLwTRrVAyUyydh
1zeGkv3HKHDWtSg5Cr3oFOevp3JvuZXqqkfT5grMKmU3jFRe42sHqIUqr5do6+1V
HBQWp6kkwwoquL1rowhx+Q3AMlWVorMUqDVPHe/5h958MpchfHKpOwYCHxfAazsH
efltKb7BJms33b5+OUx7agMZqkcEkbDg4fWLfXBv1xlslmtH4LF4gNsJojUx
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:09 2025 by rpki-client