Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/bffa03-1cd6-4034-a7bd-857599683c3e/1/taZAAcZErvr5xKj4bcW7cKASLqU.roa
File: taZAAcZErvr5xKj4bcW7cKASLqU.roa (raw, json)
Hash identifier: 3wPWmr2O3zreeNNUJ+L0WMOjJ/bfM53uYj9HxIL9gF8=
Subject key identifier: B5:A6:40:01:C6:44:AE:FA:F9:C4:A8:F8:6D:C5:BB:70:A0:12:2E:A5
Certificate issuer: /CN=5fc065098574629d4a7e2d2b2055aa7bf2302fee
Certificate serial: 0185708CB12309B93B2C771E20A698B49CD7
Authority key identifier: 5F:C0:65:09:85:74:62:9D:4A:7E:2D:2B:20:55:AA:7B:F2:30:2F:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X8BlCYV0Yp1Kfi0rIFWqe_IwL-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/bffa03-1cd6-4034-a7bd-857599683c3e/1/taZAAcZErvr5xKj4bcW7cKASLqU.roa
Signing time: Mon 02 Jan 2023 03:35:46 +0000
ROA not before: Mon 02 Jan 2023 03:35:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59645
IP address blocks: 45.91.12.0/22 maxlen: 24
2a0e:a40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:b1:23:09:b9:3b:2c:77:1e:20:a6:98:b4:9c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fc065098574629d4a7e2d2b2055aa7bf2302fee
Validity
Not Before: Jan 2 03:35:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5a64001c644aefaf9c4a8f86dc5bb70a0122ea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9b:9b:e2:3b:9f:d1:63:87:de:22:fc:28:83:
28:06:5b:13:b8:f5:46:3a:dc:cf:9d:e2:e8:e7:46:
e6:9a:8c:40:44:ae:91:97:bb:7a:08:78:1f:00:31:
e1:4e:79:ef:2d:96:c2:ba:d6:5c:47:38:a1:a0:3c:
9d:eb:d1:4e:a7:30:30:91:a0:5e:77:5a:f1:46:03:
2a:9b:39:c1:8a:cc:98:88:d7:41:80:73:23:4b:94:
bf:0c:39:8d:00:31:77:98:91:3b:d8:f7:8f:56:a0:
1f:a7:98:b1:b5:36:fd:af:85:8b:e8:42:6d:f9:5b:
6c:0d:dc:25:ca:f3:0d:30:a4:31:c9:5e:d8:74:7e:
37:c5:42:bf:24:c1:98:74:4b:0a:16:07:bf:86:96:
06:ce:66:bc:e1:cf:62:c4:e6:f9:cc:a6:e6:59:8a:
a7:04:46:85:94:9c:91:4f:62:bc:78:3d:e2:bf:91:
32:c7:b1:86:a7:ca:bd:18:aa:3d:03:cb:a4:b5:e1:
2d:5a:5f:13:69:12:72:4d:a1:1c:ba:69:dd:de:a2:
b2:4a:24:e6:05:0e:30:cf:81:03:b4:3a:7b:e0:79:
c2:5e:b0:89:6b:3a:7b:48:3e:a8:3c:eb:e4:e1:8e:
a1:e7:45:c0:e3:2b:12:35:66:74:1d:b7:fc:a6:b2:
35:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A6:40:01:C6:44:AE:FA:F9:C4:A8:F8:6D:C5:BB:70:A0:12:2E:A5
X509v3 Authority Key Identifier:
keyid:5F:C0:65:09:85:74:62:9D:4A:7E:2D:2B:20:55:AA:7B:F2:30:2F:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X8BlCYV0Yp1Kfi0rIFWqe_IwL-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bffa03-1cd6-4034-a7bd-857599683c3e/1/taZAAcZErvr5xKj4bcW7cKASLqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bffa03-1cd6-4034-a7bd-857599683c3e/1/X8BlCYV0Yp1Kfi0rIFWqe_IwL-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.12.0/22
IPv6:
2a0e:a40::/29
Signature Algorithm: sha256WithRSAEncryption
24:d2:5c:37:a0:35:12:a0:41:e6:9e:92:fe:5d:6b:f0:8b:8c:
8f:3d:15:f6:f9:e7:17:c5:73:77:62:4a:36:d6:90:8f:b7:61:
80:68:52:b9:13:2f:61:9d:a6:d1:07:bd:3f:41:99:8c:6f:31:
e9:0e:b3:96:e3:2d:42:8b:e3:a0:66:15:43:8a:40:84:58:23:
a1:48:d5:6e:e8:59:32:86:65:d5:7e:6a:9c:80:58:13:2b:a3:
51:62:74:14:5a:e9:03:c5:03:ac:41:5e:2b:cd:1b:84:20:11:
57:a5:8b:14:31:33:83:87:a6:29:d9:62:af:ea:f6:0b:3a:d1:
f1:9e:a4:c6:3f:03:78:5c:04:31:5d:df:5f:56:41:9b:40:58:
ed:df:40:34:77:9d:45:d4:7f:26:f3:e6:71:8c:84:5d:59:bb:
e4:3e:e5:f3:5b:79:94:fc:44:20:14:1d:13:46:aa:62:f8:c8:
ec:72:b7:10:1d:03:f0:98:fb:7a:20:95:7e:56:64:f6:69:20:
7b:d7:54:ac:15:08:f9:58:97:02:be:a4:e3:68:0b:5f:dd:9a:
a6:f8:c3:6e:4a:cc:be:93:38:7e:40:a6:40:ec:a6:07:c4:a8:
2b:b7:b3:69:ab:34:bf:91:61:fe:ba:c5:a4:01:b4:68:60:78:
e6:5b:df:02
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwjLEjCbk7LHceIKaYtJzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYzA2NTA5ODU3NDYyOWQ0YTdlMmQyYjIwNTVhYTdiZjIz
MDJmZWUwHhcNMjMwMTAyMDMzNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWE2NDAwMWM2NDRhZWZhZjljNGE4Zjg2ZGM1YmI3MGEwMTIyZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpub4juf0WOH3iL8KIMoBlsTuPVG
OtzPneLo50bmmoxARK6Rl7t6CHgfADHhTnnvLZbCutZcRzihoDyd69FOpzAwkaBe
d1rxRgMqmznBisyYiNdBgHMjS5S/DDmNADF3mJE72PePVqAfp5ixtTb9r4WL6EJt
+VtsDdwlyvMNMKQxyV7YdH43xUK/JMGYdEsKFge/hpYGzma84c9ixOb5zKbmWYqn
BEaFlJyRT2K8eD3iv5Eyx7GGp8q9GKo9A8ukteEtWl8TaRJyTaEcumnd3qKySiTm
BQ4wz4EDtDp74HnCXrCJazp7SD6oPOvk4Y6h50XA4ysSNWZ0Hbf8prI1cwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLWmQAHGRK76+cSo+G3Fu3CgEi6lMB8GA1UdIwQY
MBaAFF/AZQmFdGKdSn4tKyBVqnvyMC/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDhCbENZVjBZcDFLZmkwcklGV3FlX0l3TC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iZmZhMDMtMWNkNi00MDM0LWE3YmQt
ODU3NTk5NjgzYzNlLzEvdGFaQUFjWkVydnI1eEtqNGJjVzdjS0FTTHFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9iZmZhMDMtMWNkNi00MDM0LWE3YmQtODU3NTk5NjgzYzNl
LzEvWDhCbENZVjBZcDFLZmkwcklGV3FlX0l3TC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVsMMA0E
AgACMAcDBQMqDgpAMA0GCSqGSIb3DQEBCwUAA4IBAQAk0lw3oDUSoEHmnpL+XWvw
i4yPPRX2+ecXxXN3Yko21pCPt2GAaFK5Ey9hnabRB70/QZmMbzHpDrOW4y1Ci+Og
ZhVDikCEWCOhSNVu6FkyhmXVfmqcgFgTK6NRYnQUWukDxQOsQV4rzRuEIBFXpYsU
MTODh6Yp2WKv6vYLOtHxnqTGPwN4XAQxXd9fVkGbQFjt30A0d51F1H8m8+ZxjIRd
WbvkPuXzW3mU/EQgFB0TRqpi+MjscrcQHQPwmPt6IJV+VmT2aSB711SsFQj5WJcC
vqTjaAtf3Zqm+MNuSsy+kzh+QKZA7KYHxKgrt7NpqzS/kWH+usWkAbRoYHjmW98C
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:02 2025 by rpki-client