Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/wtlpKZyth16n3h5UfxY9070fbfU.roa
File: wtlpKZyth16n3h5UfxY9070fbfU.roa (raw, json)
Hash identifier: jw2LWT3fUBlqBV5xkI/R3bzeJTlmFCc+eOrdVtt/hEQ=
Subject key identifier: C2:D9:69:29:9C:AD:87:5E:A7:DE:1E:54:7F:16:3D:D3:BD:1F:6D:F5
Certificate issuer: /CN=52e400eba3790a245cdab4b4e67bb4d60bbe7b40
Certificate serial: 168426
Authority key identifier: 52:E4:00:EB:A3:79:0A:24:5C:DA:B4:B4:E6:7B:B4:D6:0B:BE:7B:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UuQA66N5CiRc2rS05nu01gu-e0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/wtlpKZyth16n3h5UfxY9070fbfU.roa
Signing time: Sat 01 Jan 2022 01:58:40 +0000
ROA not before: Sat 01 Jan 2022 01:58:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209023
IP address blocks: 45.9.38.0/24 maxlen: 24
45.9.37.0/24 maxlen: 24
45.9.36.0/22 maxlen: 22
45.9.36.0/24 maxlen: 24
45.9.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1475622 (0x168426)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52e400eba3790a245cdab4b4e67bb4d60bbe7b40
Validity
Not Before: Jan 1 01:58:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c2d969299cad875ea7de1e547f163dd3bd1f6df5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4f:c7:8a:df:20:74:93:ad:11:b3:57:ce:ab:
f8:f2:b2:18:a6:d2:e5:eb:6b:b9:89:45:8b:0d:42:
c0:ad:d5:6f:fe:19:ec:fb:09:8d:d0:bb:4c:77:fd:
d6:fb:84:e8:ed:b3:10:66:27:2b:97:b6:6d:ad:d0:
f4:66:8a:7e:ed:9f:75:bb:8f:99:95:aa:d0:35:8a:
c6:60:a3:02:bf:45:e2:50:e7:32:49:cd:4c:c6:8e:
e5:40:d3:92:e3:49:83:00:7a:88:91:6c:ee:51:9f:
06:11:2c:82:a8:ab:67:b9:cd:a2:9f:29:b6:f0:43:
7f:fa:dc:3a:0f:39:99:68:7b:9f:57:34:ef:3a:1e:
32:18:f9:c5:b1:d5:de:20:16:c6:2d:25:4f:a4:84:
04:7a:cd:71:82:63:d3:95:37:bf:4d:dc:12:11:ce:
25:03:69:ac:d4:47:ed:e9:d3:db:8f:08:dc:71:b5:
48:33:46:c2:00:9d:40:7e:06:e1:7e:f3:ae:e7:bb:
a5:b2:cd:7a:c8:57:90:f6:f4:87:92:fe:78:d3:5f:
bd:51:53:c6:2a:f0:9b:84:6d:0d:0a:bc:a5:c3:7f:
b6:9d:ad:cb:4a:9d:a4:15:5a:84:84:15:68:63:1e:
af:fa:6d:3c:d0:7a:c2:fc:33:12:5b:82:50:28:93:
5b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D9:69:29:9C:AD:87:5E:A7:DE:1E:54:7F:16:3D:D3:BD:1F:6D:F5
X509v3 Authority Key Identifier:
keyid:52:E4:00:EB:A3:79:0A:24:5C:DA:B4:B4:E6:7B:B4:D6:0B:BE:7B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UuQA66N5CiRc2rS05nu01gu-e0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/wtlpKZyth16n3h5UfxY9070fbfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/UuQA66N5CiRc2rS05nu01gu-e0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.36.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:d0:00:61:0b:da:df:9a:a6:32:f7:29:55:76:9e:85:3d:61:
08:c3:25:22:2c:cf:23:86:42:80:c5:e1:f2:a4:90:cc:0d:15:
04:21:ef:dd:7c:92:b3:19:b9:3b:b6:16:f6:d8:98:34:a3:c8:
d9:72:08:ca:49:8a:46:15:0c:5d:3b:3d:ca:b7:04:f2:21:7d:
a9:00:29:81:e4:cb:f8:ba:37:47:31:28:4d:2d:73:8c:c7:55:
7a:23:c2:75:62:9a:f5:13:0b:dc:c0:44:38:e0:42:fe:42:f8:
60:53:9e:47:f8:e9:31:0b:5d:d7:55:88:ad:1a:57:cc:4b:b4:
9c:36:99:b6:63:0e:26:ae:dd:38:92:ae:0b:e1:06:33:65:6d:
99:de:28:75:da:48:85:40:ab:ae:5a:93:9b:cf:36:10:60:91:
fa:aa:cf:00:5a:7e:3d:91:96:25:2e:92:c6:53:d2:3e:d4:a6:
ff:b9:76:b9:b5:35:2c:2c:9e:7d:aa:d4:00:da:66:53:77:b6:
ad:62:07:97:db:dd:58:b1:32:88:ec:a4:e4:f8:e4:a5:41:43:
b1:7c:67:9a:1b:94:da:67:bf:c6:ee:40:83:0b:1e:64:0d:ad:
be:92:bb:c4:b1:eb:2f:93:7d:37:e9:f1:e4:1c:2c:d0:4e:37:
d6:b4:23:fb
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDFoQmMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUy
ZTQwMGViYTM3OTBhMjQ1Y2RhYjRiNGU2N2JiNGQ2MGJiZTdiNDAwHhcNMjIwMTAx
MDE1ODQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjMmQ5NjkyOTljYWQ4
NzVlYTdkZTFlNTQ3ZjE2M2RkM2JkMWY2ZGY1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0U/Hit8gdJOtEbNXzqv48rIYptLl62u5iUWLDULArdVv/hns
+wmN0LtMd/3W+4To7bMQZicrl7ZtrdD0Zop+7Z91u4+ZlarQNYrGYKMCv0XiUOcy
Sc1Mxo7lQNOS40mDAHqIkWzuUZ8GESyCqKtnuc2inym28EN/+tw6DzmZaHufVzTv
Oh4yGPnFsdXeIBbGLSVPpIQEes1xgmPTlTe/TdwSEc4lA2ms1Eft6dPbjwjccbVI
M0bCAJ1AfgbhfvOu57ulss16yFeQ9vSHkv5401+9UVPGKvCbhG0NCrylw3+2na3L
Sp2kFVqEhBVoYx6v+m080HrC/DMSW4JQKJNb1QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMLZaSmcrYdep94eVH8WPdO9H231MB8GA1UdIwQYMBaAFFLkAOujeQokXNq0
tOZ7tNYLvntAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VXVRQTY2TjVDaVJjMnJTMDVudTAxZ3UtZTBBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83NC9lM2QxOWYtMjhmYi00NWNiLWFmZTAtZjk3YWQzMDQ0ZTAyLzEv
d3RscEtaeXRoMTZuM2g1VWZ4WTkwNzBmYmZVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9l
M2QxOWYtMjhmYi00NWNiLWFmZTAtZjk3YWQzMDQ0ZTAyLzEvVXVRQTY2TjVDaVJj
MnJTMDVudTAxZ3UtZTBBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQkkMA0GCSqGSIb3DQEBCwUAA4IB
AQAb0ABhC9rfmqYy9ylVdp6FPWEIwyUiLM8jhkKAxeHypJDMDRUEIe/dfJKzGbk7
thb22Jg0o8jZcgjKSYpGFQxdOz3KtwTyIX2pACmB5Mv4ujdHMShNLXOMx1V6I8J1
Ypr1EwvcwEQ44EL+QvhgU55H+OkxC13XVYitGlfMS7ScNpm2Yw4mrt04kq4L4QYz
ZW2Z3ih12kiFQKuuWpObzzYQYJH6qs8AWn49kZYlLpLGU9I+1Kb/uXa5tTUsLJ59
qtQA2mZTd7atYgeX291YsTKI7KTk+OSlQUOxfGeaG5TaZ7/G7kCDCx5kDa2+krvE
sesvk3036fHkHCzQTjfWtCP7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:56 2025 by rpki-client