Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/12ac0e-5474-45d5-8def-6a414f184706/1/Re876S4yZpTVS3_S-e3Qh3MLMQk.roa
File: Re876S4yZpTVS3_S-e3Qh3MLMQk.roa (raw, json)
Hash identifier: ujH1iymXOTJDKBNkhlDZ05JcwYK+jjHWkPEKweI+0l0=
Subject key identifier: 45:EF:3B:E9:2E:32:66:94:D5:4B:7F:D2:F9:ED:D0:87:73:0B:31:09
Certificate issuer: /CN=72ca1a5cff52ebe2f22b669dcc2c9027cea0b81c
Certificate serial: 01857255947F3ADC975D68AFB848D3A3E1F0
Authority key identifier: 72:CA:1A:5C:FF:52:EB:E2:F2:2B:66:9D:CC:2C:90:27:CE:A0:B8:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csoaXP9S6-LyK2adzCyQJ86guBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/12ac0e-5474-45d5-8def-6a414f184706/1/Re876S4yZpTVS3_S-e3Qh3MLMQk.roa
Signing time: Mon 02 Jan 2023 11:54:49 +0000
ROA not before: Mon 02 Jan 2023 11:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2119
IP address blocks: 45.8.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:94:7f:3a:dc:97:5d:68:af:b8:48:d3:a3:e1:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ca1a5cff52ebe2f22b669dcc2c9027cea0b81c
Validity
Not Before: Jan 2 11:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45ef3be92e326694d54b7fd2f9edd087730b3109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:68:d0:e4:d1:78:c3:21:37:00:b4:76:86:5b:
c1:f5:92:a8:e7:02:da:32:0a:67:a2:6a:5f:ab:f5:
07:e5:36:6b:87:1e:4c:38:fc:f1:5c:ed:a1:8c:7d:
ec:f2:fb:87:97:91:e9:a8:29:58:12:7d:59:29:4b:
88:c1:66:7c:e7:4e:1e:34:b1:aa:ea:91:1c:83:22:
43:69:97:35:cb:88:28:cd:0d:89:70:43:b3:77:41:
46:4e:58:da:55:9f:e1:0e:48:57:54:d7:1e:0d:66:
be:61:fb:f1:9e:88:dd:85:43:12:90:80:73:34:57:
80:0b:1a:b8:b7:89:15:c5:22:1d:3f:67:1f:94:ce:
35:4b:56:42:70:c4:80:0e:39:9e:29:58:66:fe:ef:
20:d0:d9:42:17:a1:c0:f4:53:05:9f:41:e9:49:fa:
47:db:e2:18:a8:ba:66:a1:a0:4f:bf:1a:1d:c3:4b:
2b:45:e1:e3:c6:f8:40:60:91:76:a5:cf:f8:12:b9:
33:e4:e5:82:fa:ef:24:49:2e:39:95:a8:05:ff:a1:
db:28:a8:49:05:f7:9a:0a:ff:67:b1:3d:42:63:3f:
dd:da:bb:9b:e5:8e:71:c5:41:ef:97:f7:df:72:66:
c9:7f:ea:fd:36:d2:ad:d0:32:66:13:4e:7a:3b:9b:
6d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:EF:3B:E9:2E:32:66:94:D5:4B:7F:D2:F9:ED:D0:87:73:0B:31:09
X509v3 Authority Key Identifier:
keyid:72:CA:1A:5C:FF:52:EB:E2:F2:2B:66:9D:CC:2C:90:27:CE:A0:B8:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csoaXP9S6-LyK2adzCyQJ86guBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/12ac0e-5474-45d5-8def-6a414f184706/1/Re876S4yZpTVS3_S-e3Qh3MLMQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/12ac0e-5474-45d5-8def-6a414f184706/1/csoaXP9S6-LyK2adzCyQJ86guBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.9.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:b5:8a:d5:c4:f9:ba:ab:37:db:20:85:e5:c6:43:7d:cc:82:
97:46:f7:4c:28:79:2b:61:ec:36:7d:6c:b3:72:5f:f1:12:04:
23:f0:21:ca:33:61:27:3e:b7:7b:0b:3a:0f:8d:e2:82:51:89:
6a:38:98:94:73:e3:e6:38:d0:d6:33:9f:47:41:c2:b4:5e:f0:
43:96:02:78:fd:1f:1e:b7:30:bc:a7:90:66:14:77:3e:af:59:
04:dd:39:e5:f7:75:74:df:2a:93:ef:5b:a4:1b:5d:fb:11:ec:
c2:37:40:ba:d5:77:de:c1:58:ec:c6:36:99:05:f0:8b:66:3e:
77:dc:be:cf:da:84:41:b6:73:78:bb:22:72:28:e9:b8:a4:08:
46:3b:1f:f8:70:cb:56:be:78:a2:6e:fe:a1:87:eb:44:72:04:
e6:6e:d6:f1:62:77:4a:44:cb:f9:59:2a:76:85:40:5c:b4:8c:
8b:42:67:53:ee:4b:1c:6f:1d:06:e2:d1:65:ae:fa:c5:ab:53:
6e:ee:d0:15:57:c5:a0:30:31:db:18:04:5d:f7:aa:71:59:6e:
80:41:e6:fa:24:b4:86:ae:e0:59:16:06:98:90:7e:04:99:33:
40:4d:b4:5c:ca:d1:ac:c3:c6:21:fb:b3:29:58:5d:c0:a3:b6:
90:0b:f7:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVZR/OtyXXWivuEjTo+HwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyY2ExYTVjZmY1MmViZTJmMjJiNjY5ZGNjMmM5MDI3Y2Vh
MGI4MWMwHhcNMjMwMTAyMTE1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWVmM2JlOTJlMzI2Njk0ZDU0YjdmZDJmOWVkZDA4NzczMGIzMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2jQ5NF4wyE3ALR2hlvB9ZKo5wLa
Mgpnompfq/UH5TZrhx5MOPzxXO2hjH3s8vuHl5HpqClYEn1ZKUuIwWZ8504eNLGq
6pEcgyJDaZc1y4gozQ2JcEOzd0FGTljaVZ/hDkhXVNceDWa+YfvxnojdhUMSkIBz
NFeACxq4t4kVxSIdP2cflM41S1ZCcMSADjmeKVhm/u8g0NlCF6HA9FMFn0HpSfpH
2+IYqLpmoaBPvxodw0srReHjxvhAYJF2pc/4Erkz5OWC+u8kSS45lagF/6HbKKhJ
BfeaCv9nsT1CYz/d2rub5Y5xxUHvl/ffcmbJf+r9NtKt0DJmE056O5tt1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEXvO+kuMmaU1Ut/0vnt0IdzCzEJMB8GA1UdIwQY
MBaAFHLKGlz/Uuvi8itmncwskCfOoLgcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NvYVhQOVM2LUx5SzJhZHpDeVFKODZndUJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8xMmFjMGUtNTQ3NC00NWQ1LThkZWYt
NmE0MTRmMTg0NzA2LzEvUmU4NzZTNHlacFRWUzNfUy1lM1FoM01MTVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8xMmFjMGUtNTQ3NC00NWQ1LThkZWYtNmE0MTRmMTg0NzA2
LzEvY3NvYVhQOVM2LUx5SzJhZHpDeVFKODZndUJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQgJMA0G
CSqGSIb3DQEBCwUAA4IBAQAPtYrVxPm6qzfbIIXlxkN9zIKXRvdMKHkrYew2fWyz
cl/xEgQj8CHKM2EnPrd7CzoPjeKCUYlqOJiUc+PmONDWM59HQcK0XvBDlgJ4/R8e
tzC8p5BmFHc+r1kE3Tnl93V03yqT71ukG137EezCN0C61XfewVjsxjaZBfCLZj53
3L7P2oRBtnN4uyJyKOm4pAhGOx/4cMtWvniibv6hh+tEcgTmbtbxYndKRMv5WSp2
hUBctIyLQmdT7kscbx0G4tFlrvrFq1Nu7tAVV8WgMDHbGARd96pxWW6AQeb6JLSG
ruBZFgaYkH4EmTNATbRcytGsw8Yh+7MpWF3Ao7aQC/cO
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:32:55 2025 by rpki-client