Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/pEss8ey3HyRA-Tbxf6UkEq3H-MM.roa
File: pEss8ey3HyRA-Tbxf6UkEq3H-MM.roa (raw, json)
Hash identifier: xQAEjarEsnkBIKAYeZLktOAZpL/XgRolpNNZPFfORoQ=
Subject key identifier: A4:4B:2C:F1:EC:B7:1F:24:40:F9:36:F1:7F:A5:24:12:AD:C7:F8:C3
Certificate issuer: /CN=54404da602dab0625be7223d09320b1cd7aafced
Certificate serial: 075F2129
Authority key identifier: 54:40:4D:A6:02:DA:B0:62:5B:E7:22:3D:09:32:0B:1C:D7:AA:FC:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VEBNpgLasGJb5yI9CTILHNeq_O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/pEss8ey3HyRA-Tbxf6UkEq3H-MM.roa
Signing time: Sat 01 Jan 2022 06:59:07 +0000
ROA not before: Sat 01 Jan 2022 06:59:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45040
IP address blocks: 45.152.76.0/24 maxlen: 24
45.152.78.0/24 maxlen: 24
45.152.77.0/24 maxlen: 24
45.152.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123674921 (0x75f2129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54404da602dab0625be7223d09320b1cd7aafced
Validity
Not Before: Jan 1 06:59:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a44b2cf1ecb71f2440f936f17fa52412adc7f8c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d4:b6:b2:7d:10:90:95:88:5b:75:f0:0d:fe:
9d:0c:67:6b:50:08:af:7f:c3:f1:73:73:f0:40:94:
ac:6f:51:13:04:04:ce:2f:83:b0:ea:e2:10:31:28:
88:93:42:62:28:50:e8:fe:ff:21:ac:95:91:d9:0b:
ec:d0:f0:05:f1:e3:30:ca:10:c7:30:12:c6:c4:03:
99:25:bf:5b:da:e0:49:88:16:ea:8a:44:aa:a4:1f:
3e:95:ef:6e:96:77:64:da:d2:51:29:8a:97:35:9a:
e1:f5:4e:7a:1d:c4:a3:a8:1f:a3:1f:da:4a:1e:78:
75:d1:01:92:9b:12:0f:a7:0e:14:07:19:d7:90:08:
fe:c2:62:96:f9:a3:7f:cd:d0:3d:d8:8c:12:cb:c3:
a9:7d:3e:d3:9b:16:8b:3c:6d:b5:c3:12:b5:91:34:
e1:fa:d8:0a:e2:5d:2a:73:70:64:14:cb:28:e6:ee:
fb:0c:ff:47:71:b7:cc:23:ad:31:11:0e:8f:df:d3:
fc:99:5d:5d:bc:8a:67:57:11:55:2b:f9:43:9d:94:
2c:b1:1c:d0:bf:01:11:0f:04:d2:e1:9a:f5:23:0f:
38:9f:34:41:9c:39:79:e7:9f:a2:6f:7f:46:11:89:
fc:00:e2:1c:52:fc:74:9e:a0:50:bb:85:1c:ca:22:
08:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:4B:2C:F1:EC:B7:1F:24:40:F9:36:F1:7F:A5:24:12:AD:C7:F8:C3
X509v3 Authority Key Identifier:
keyid:54:40:4D:A6:02:DA:B0:62:5B:E7:22:3D:09:32:0B:1C:D7:AA:FC:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VEBNpgLasGJb5yI9CTILHNeq_O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/pEss8ey3HyRA-Tbxf6UkEq3H-MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/VEBNpgLasGJb5yI9CTILHNeq_O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.76.0/22
Signature Algorithm: sha256WithRSAEncryption
93:6e:81:1b:e1:27:80:5b:51:c7:69:28:07:05:39:59:a0:2e:
d1:29:12:dd:18:ab:94:04:c7:73:fa:49:2f:99:55:e4:ba:38:
06:50:ad:c2:d8:f6:a0:3f:e0:d9:38:44:09:59:a4:14:06:7e:
26:12:cc:bc:76:ec:3a:4a:24:16:cf:f4:a5:c7:c8:3f:d9:ca:
47:dd:6e:3c:4c:33:44:9b:fb:be:7c:82:ab:0f:5f:98:d0:fe:
f6:75:da:e0:4a:c4:af:50:99:09:65:ff:0b:e9:dc:c1:42:b7:
ef:28:19:f6:b2:10:de:87:71:df:33:2a:e8:02:16:f2:6f:c8:
54:47:81:6b:26:63:c5:47:66:84:68:f4:de:9f:da:b9:3f:b5:
e1:53:f3:d1:1d:f0:ce:d7:db:76:f1:9c:c3:be:2e:05:75:a9:
26:9e:2d:71:aa:3a:de:46:aa:90:3a:e3:1e:7f:c2:c7:35:16:
f2:95:4e:2c:71:cc:1a:af:d0:27:59:50:c2:16:20:23:db:74:
cf:28:11:ae:14:ce:61:cf:d6:26:f5:e6:36:42:cb:66:46:f3:
e8:b5:9c:dd:f0:ce:a4:af:b4:8e:d5:5d:3a:c8:7d:60:dc:47:
37:a1:15:7d:ea:f3:c7:39:d4:63:41:92:dd:98:23:0f:4d:76:
76:24:0d:55
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB18hKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDQwNGRhNjAyZGFiMDYyNWJlNzIyM2QwOTMyMGIxY2Q3YWFmY2VkMB4XDTIyMDEw
MTA2NTkwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ0YjJjZjFlY2I3
MWYyNDQwZjkzNmYxN2ZhNTI0MTJhZGM3ZjhjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDUtrJ9EJCViFt18A3+nQxna1AIr3/D8XNz8ECUrG9REwQE
zi+DsOriEDEoiJNCYihQ6P7/IayVkdkL7NDwBfHjMMoQxzASxsQDmSW/W9rgSYgW
6opEqqQfPpXvbpZ3ZNrSUSmKlzWa4fVOeh3Eo6gfox/aSh54ddEBkpsSD6cOFAcZ
15AI/sJilvmjf83QPdiMEsvDqX0+05sWizxttcMStZE04frYCuJdKnNwZBTLKObu
+wz/R3G3zCOtMREOj9/T/JldXbyKZ1cRVSv5Q52ULLEc0L8BEQ8E0uGa9SMPOJ80
QZw5eeefom9/RhGJ/ADiHFL8dJ6gULuFHMoiCBkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSkSyzx7LcfJED5NvF/pSQSrcf4wzAfBgNVHSMEGDAWgBRUQE2mAtqwYlvn
Ij0JMgsc16r87TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZFQk5wZ0xhc0dKYjV5STlDVElMSE5lcV9PMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvN2QyY2I1LWJkZGYtNDIwMS1iYWY4LTFiMjQ0ODRlNTVlYy8x
L3BFc3M4ZXkzSHlSQS1UYnhmNlVrRXEzSC1NTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
N2QyY2I1LWJkZGYtNDIwMS1iYWY4LTFiMjQ0ODRlNTVlYy8xL1ZFQk5wZ0xhc0dK
YjV5STlDVElMSE5lcV9PMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2YTDANBgkqhkiG9w0BAQsFAAOC
AQEAk26BG+EngFtRx2koBwU5WaAu0SkS3RirlATHc/pJL5lV5Lo4BlCtwtj2oD/g
2ThECVmkFAZ+JhLMvHbsOkokFs/0pcfIP9nKR91uPEwzRJv7vnyCqw9fmND+9nXa
4ErEr1CZCWX/C+ncwUK37ygZ9rIQ3odx3zMq6AIW8m/IVEeBayZjxUdmhGj03p/a
uT+14VPz0R3wztfbdvGcw74uBXWpJp4tcao63kaqkDrjHn/CxzUW8pVOLHHMGq/Q
J1lQwhYgI9t0zygRrhTOYc/WJvXmNkLLZkbz6LWc3fDOpK+0jtVdOsh9YNxHN6EV
ferzxznUY0GS3ZgjD012diQNVQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:40 2025 by rpki-client