Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/ePkNTpm1XPxDdX_bZNEAmF2AMJA.roa
File: ePkNTpm1XPxDdX_bZNEAmF2AMJA.roa (raw, json)
Hash identifier: s1ChipNyQI0XhstuWraXWKpK055DQNV+rXBF+Y4fM4I=
Subject key identifier: 78:F9:0D:4E:99:B5:5C:FC:43:75:7F:DB:64:D1:00:98:5D:80:30:90
Certificate issuer: /CN=a39b4943e7d6b4b0e1de85c9bc38b857554dd47d
Certificate serial: 018248A9A18D2DD913DDDD9EE58F69ADFCB0
Authority key identifier: A3:9B:49:43:E7:D6:B4:B0:E1:DE:85:C9:BC:38:B8:57:55:4D:D4:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/ePkNTpm1XPxDdX_bZNEAmF2AMJA.roa
Signing time: Fri 29 Jul 2022 06:34:12 +0000
ROA not before: Fri 29 Jul 2022 06:34:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25540
IP address blocks: 45.67.254.0/24 maxlen: 24
45.67.252.0/24 maxlen: 24
45.67.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:48:a9:a1:8d:2d:d9:13:dd:dd:9e:e5:8f:69:ad:fc:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a39b4943e7d6b4b0e1de85c9bc38b857554dd47d
Validity
Not Before: Jul 29 06:34:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78f90d4e99b55cfc43757fdb64d100985d803090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ac:ae:e6:0b:7e:e8:69:b0:f6:36:3a:96:07:
8e:50:95:1e:bc:76:d0:33:41:d4:8a:8d:4e:bf:23:
e7:cf:1a:93:34:20:f7:92:21:99:bf:c2:bd:d8:e2:
a2:f6:68:fc:2a:6f:b9:3a:65:a3:40:b4:b3:b5:fb:
ff:13:43:a9:f8:59:27:ab:2e:49:4c:50:2b:cc:68:
4e:ff:69:5d:58:de:18:79:b9:c7:26:46:3b:2b:7b:
0f:bb:ed:8a:b6:b2:fa:57:da:00:e3:c6:32:a5:dc:
92:1b:a4:77:a0:ce:6f:a9:dc:38:06:20:9f:c3:ed:
9b:c0:c4:38:96:5a:d7:87:95:34:28:38:cb:e5:60:
58:40:55:d4:a8:01:2b:f3:d0:21:88:e5:f3:0d:78:
4e:8a:31:51:7d:28:cc:44:4c:c9:cf:df:dc:ac:f2:
19:d9:f1:6a:b8:b2:7f:66:6f:44:20:ff:d5:13:85:
f0:db:78:46:46:f3:76:ce:f7:cc:a1:ca:a5:80:96:
3f:83:cf:ca:ec:a8:c0:17:5a:91:82:3b:80:32:ce:
95:96:88:cf:ec:96:a8:22:22:84:18:2e:09:cb:3c:
24:7e:79:a1:99:4c:32:f1:de:1b:3c:84:13:a6:67:
30:bb:a7:0e:b0:09:ba:ee:6c:9b:2e:37:b9:65:5d:
b4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:F9:0D:4E:99:B5:5C:FC:43:75:7F:DB:64:D1:00:98:5D:80:30:90
X509v3 Authority Key Identifier:
keyid:A3:9B:49:43:E7:D6:B4:B0:E1:DE:85:C9:BC:38:B8:57:55:4D:D4:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/ePkNTpm1XPxDdX_bZNEAmF2AMJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.252.0-45.67.254.255
Signature Algorithm: sha256WithRSAEncryption
09:8b:0c:d2:a5:8e:86:50:de:8d:45:d4:cf:96:39:71:03:73:
14:1c:95:85:53:dc:ad:8a:62:02:cd:78:a9:fb:a4:2d:94:63:
e6:bc:04:1e:5a:46:58:de:0a:1b:df:80:e1:7a:60:f4:ff:4c:
15:90:9b:0b:74:0d:f7:72:b6:d2:1a:f4:d7:76:0d:0e:7d:6b:
e1:bc:c6:51:f0:a3:b0:d2:21:e6:ca:b2:e8:55:ff:55:4b:65:
61:2a:d0:77:a3:6e:86:8f:b7:da:c4:37:1e:ed:8c:c6:63:49:
2d:95:ae:f5:d0:e8:fc:9c:bd:a7:ab:9d:6c:53:c8:75:a3:04:
6b:5c:5b:6d:3d:d0:63:30:be:72:43:03:52:e4:11:c4:12:af:
98:a8:6d:72:7d:f1:11:75:d6:ee:87:dc:7a:11:be:23:e2:6d:
50:01:73:c5:e4:9b:5f:a0:39:22:ca:c9:5e:db:cf:e2:82:65:
b6:b4:9f:5e:cd:25:43:f1:da:61:a7:aa:84:79:4e:a8:66:4a:
95:09:53:5e:b4:50:e9:1f:43:ae:b7:7c:f2:df:95:8f:f3:9f:
40:24:66:85:07:9a:97:bc:f9:b2:93:8a:0d:8f:6a:68:f4:3f:
34:ef:58:99:a4:d9:86:34:33:da:9f:bc:9d:76:e6:81:0c:85:
84:a8:09:4f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYJIqaGNLdkT3d2e5Y9prfywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzOWI0OTQzZTdkNmI0YjBlMWRlODVjOWJjMzhiODU3NTU0
ZGQ0N2QwHhcNMjIwNzI5MDYzNDEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGY5MGQ0ZTk5YjU1Y2ZjNDM3NTdmZGI2NGQxMDA5ODVkODAzMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArayu5gt+6Gmw9jY6lgeOUJUevHbQ
M0HUio1OvyPnzxqTNCD3kiGZv8K92OKi9mj8Km+5OmWjQLSztfv/E0Op+Fknqy5J
TFArzGhO/2ldWN4YebnHJkY7K3sPu+2KtrL6V9oA48YypdySG6R3oM5vqdw4BiCf
w+2bwMQ4llrXh5U0KDjL5WBYQFXUqAEr89AhiOXzDXhOijFRfSjMREzJz9/crPIZ
2fFquLJ/Zm9EIP/VE4Xw23hGRvN2zvfMocqlgJY/g8/K7KjAF1qRgjuAMs6VlojP
7JaoIiKEGC4JyzwkfnmhmUwy8d4bPIQTpmcwu6cOsAm67mybLje5ZV20cwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHj5DU6ZtVz8Q3V/22TRAJhdgDCQMB8GA1UdIwQY
MBaAFKObSUPn1rSw4d6Fybw4uFdVTdR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzV0SlEtZld0TERoM29YSnZEaTRWMVZOMUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS82Y2Y3MTItZGQwYi00YTkwLTk1OGUt
NjkzYmY2N2U2MWYzLzEvZVBrTlRwbTFYUHhEZFhfYlpORUFtRjJBTUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS82Y2Y3MTItZGQwYi00YTkwLTk1OGUtNjkzYmY2N2U2MWYz
LzEvbzV0SlEtZld0TERoM29YSnZEaTRWMVZOMUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAItQ/wD
BAAtQ/4wDQYJKoZIhvcNAQELBQADggEBAAmLDNKljoZQ3o1F1M+WOXEDcxQclYVT
3K2KYgLNeKn7pC2UY+a8BB5aRljeChvfgOF6YPT/TBWQmwt0DfdyttIa9Nd2DQ59
a+G8xlHwo7DSIebKsuhV/1VLZWEq0HejboaPt9rENx7tjMZjSS2VrvXQ6Pycvaer
nWxTyHWjBGtcW2090GMwvnJDA1LkEcQSr5iobXJ98RF11u6H3HoRviPibVABc8Xk
m1+gOSLKyV7bz+KCZba0n17NJUPx2mGnqoR5TqhmSpUJU160UOkfQ663fPLflY/z
n0AkZoUHmpe8+bKTig2Pamj0PzTvWJmk2YY0M9qfvJ125oEMhYSoCU8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:02 2025 by rpki-client