Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/sQ094VEgQMvc3kCo-_OqNVbhUOQ.roa
File: sQ094VEgQMvc3kCo-_OqNVbhUOQ.roa (raw, json)
Hash identifier: kAttpLAn1Nj5QSqOwifu+veovPoTnnKl9Pm3wqUx8y0=
Subject key identifier: B1:0D:3D:E1:51:20:40:CB:DC:DE:40:A8:FB:F3:AA:35:56:E1:50:E4
Certificate issuer: /CN=5da5ac3bba260538c333e6c860f236012c98675d
Certificate serial: 01857067322C128791CD318151A175AA0A4A
Authority key identifier: 5D:A5:AC:3B:BA:26:05:38:C3:33:E6:C8:60:F2:36:01:2C:98:67:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/sQ094VEgQMvc3kCo-_OqNVbhUOQ.roa
Signing time: Mon 02 Jan 2023 02:54:49 +0000
ROA not before: Mon 02 Jan 2023 02:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30081
IP address blocks: 45.88.132.0/22 maxlen: 24
2a07:9a40::/29 maxlen: 48
2a07:9a40:dca::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:32:2c:12:87:91:cd:31:81:51:a1:75:aa:0a:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da5ac3bba260538c333e6c860f236012c98675d
Validity
Not Before: Jan 2 02:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b10d3de1512040cbdcde40a8fbf3aa3556e150e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ba:68:6b:ef:54:a1:00:21:50:8e:3d:87:ec:
db:47:10:bb:13:64:c2:1a:7e:87:0f:ea:87:ee:1d:
e0:60:7e:3e:f0:1c:7c:ae:7f:a8:26:44:2a:fd:ac:
40:e6:82:7e:84:44:9b:7d:b6:da:f3:60:8b:cd:a5:
83:1d:eb:26:7a:5b:4c:fb:4c:8c:bb:6f:73:06:76:
33:44:cc:ce:04:95:6e:c1:58:9a:27:dd:a9:ba:85:
0c:5b:2c:d9:0b:50:c8:f0:19:9c:a3:bc:f4:cd:ab:
c5:9e:04:0d:3d:00:83:05:b4:28:eb:c0:3b:25:dd:
5b:43:39:92:8f:80:e6:29:f1:49:fe:ef:8c:a5:34:
00:53:04:ae:b1:66:85:03:20:cd:dc:19:54:0f:11:
50:68:43:2d:bb:15:8e:a5:29:76:0f:f0:b6:f1:f6:
e5:67:4b:44:2a:27:f1:49:59:65:ef:0c:a6:f7:b4:
ff:6d:bd:9d:e8:c3:80:59:eb:06:cb:15:51:1c:32:
b3:f8:e2:27:1b:0b:7a:c3:d6:24:93:33:ee:c5:98:
7a:f9:ce:00:49:79:bc:0d:1a:6b:48:ae:47:cf:db:
86:6f:90:a0:f3:1e:cd:f3:47:a0:02:3e:fb:ff:fe:
73:2c:bb:d9:44:99:83:54:3c:80:59:6e:45:16:a4:
78:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:0D:3D:E1:51:20:40:CB:DC:DE:40:A8:FB:F3:AA:35:56:E1:50:E4
X509v3 Authority Key Identifier:
keyid:5D:A5:AC:3B:BA:26:05:38:C3:33:E6:C8:60:F2:36:01:2C:98:67:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/sQ094VEgQMvc3kCo-_OqNVbhUOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.132.0/22
IPv6:
2a07:9a40::/29
Signature Algorithm: sha256WithRSAEncryption
a3:7b:aa:bb:8f:99:36:dc:1f:5c:56:db:67:14:44:c4:1a:50:
ee:58:ad:21:34:2d:b4:92:21:f7:70:77:31:d0:fe:22:58:56:
66:28:61:f0:ba:0b:99:c1:25:80:9e:70:59:71:8e:a2:c4:4e:
d7:57:bb:1c:af:ce:be:70:d2:7f:8d:82:3b:4c:84:32:02:62:
fc:6e:d5:b5:c3:ba:d4:be:0a:4e:2f:a6:07:1f:4c:b9:82:1b:
69:2e:67:59:94:28:1d:21:83:fd:b0:f8:2b:aa:13:6b:ab:48:
80:81:2c:43:17:58:19:c5:0e:e7:0c:1d:34:a9:cc:98:da:04:
04:2f:70:fe:7a:bb:29:e1:79:3d:04:8b:4f:f4:0b:89:dd:90:
25:ed:48:e4:7c:d3:69:a3:28:8e:23:11:46:e1:47:59:f0:9b:
77:88:64:78:56:f7:db:2a:49:ff:49:24:81:0a:07:60:5c:61:
9b:a0:0e:09:8c:cd:48:8e:41:ba:58:12:65:e6:d1:5a:fe:86:
6a:3c:1a:cf:10:2d:13:aa:50:1b:16:0a:84:1f:29:b8:32:7d:
a9:78:b0:49:dc:7b:1f:66:be:8a:ce:96:f6:ae:ce:d7:32:39:
21:76:a9:c7:dd:9a:f5:cf:4e:25:1f:3e:24:05:b4:b7:f4:19:
bd:1a:92:08
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwZzIsEoeRzTGBUaF1qgpKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTVhYzNiYmEyNjA1MzhjMzMzZTZjODYwZjIzNjAxMmM5
ODY3NWQwHhcNMjMwMTAyMDI1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTBkM2RlMTUxMjA0MGNiZGNkZTQwYThmYmYzYWEzNTU2ZTE1MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLpoa+9UoQAhUI49h+zbRxC7E2TC
Gn6HD+qH7h3gYH4+8Bx8rn+oJkQq/axA5oJ+hESbfbba82CLzaWDHesmeltM+0yM
u29zBnYzRMzOBJVuwViaJ92puoUMWyzZC1DI8Bmco7z0zavFngQNPQCDBbQo68A7
Jd1bQzmSj4DmKfFJ/u+MpTQAUwSusWaFAyDN3BlUDxFQaEMtuxWOpSl2D/C28fbl
Z0tEKifxSVll7wym97T/bb2d6MOAWesGyxVRHDKz+OInGwt6w9YkkzPuxZh6+c4A
SXm8DRprSK5Hz9uGb5Cg8x7N80egAj77//5zLLvZRJmDVDyAWW5FFqR4iQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLENPeFRIEDL3N5AqPvzqjVW4VDkMB8GA1UdIwQY
MBaAFF2lrDu6JgU4wzPmyGDyNgEsmGddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFXc083b21CVGpETS1iSVlQSTJBU3lZWjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9kYWZlZjgtZTIyNy00MmQzLTgwN2Yt
YmU4MTBhMDUwOTQ0LzEvc1EwOTRWRWdRTXZjM2tDby1fT3FOVmJoVU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9kYWZlZjgtZTIyNy00MmQzLTgwN2YtYmU4MTBhMDUwOTQ0
LzEvWGFXc083b21CVGpETS1iSVlQSTJBU3lZWjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLViEMA0E
AgACMAcDBQMqB5pAMA0GCSqGSIb3DQEBCwUAA4IBAQCje6q7j5k23B9cVttnFETE
GlDuWK0hNC20kiH3cHcx0P4iWFZmKGHwuguZwSWAnnBZcY6ixE7XV7scr86+cNJ/
jYI7TIQyAmL8btW1w7rUvgpOL6YHH0y5ghtpLmdZlCgdIYP9sPgrqhNrq0iAgSxD
F1gZxQ7nDB00qcyY2gQEL3D+ersp4Xk9BItP9AuJ3ZAl7UjkfNNpoyiOIxFG4UdZ
8Jt3iGR4VvfbKkn/SSSBCgdgXGGboA4JjM1IjkG6WBJl5tFa/oZqPBrPEC0TqlAb
FgqEHym4Mn2peLBJ3HsfZr6Kzpb2rs7XMjkhdqnH3Zr1z04lHz4kBbS39Bm9GpII
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:01 2025 by rpki-client