Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/a6b613-66bd-4312-8f0c-36b5dda9fbe8/1/dVfAY4D79DG4Lt4FHVwzC_rkGSY.roa
File: dVfAY4D79DG4Lt4FHVwzC_rkGSY.roa (raw, json)
Hash identifier: Xhu6bFyW+evtceXBiGgXXQ9pZI8XqgPy7pCDGab/6oU=
Subject key identifier: 75:57:C0:63:80:FB:F4:31:B8:2E:DE:05:1D:5C:33:0B:FA:E4:19:26
Certificate issuer: /CN=2e19966c0ea5df3a987f8365524b5128cba7fc90
Certificate serial: 07A9C2E7
Authority key identifier: 2E:19:96:6C:0E:A5:DF:3A:98:7F:83:65:52:4B:51:28:CB:A7:FC:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhmWbA6l3zqYf4NlUktRKMun_JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/a6b613-66bd-4312-8f0c-36b5dda9fbe8/1/dVfAY4D79DG4Lt4FHVwzC_rkGSY.roa
Signing time: Sat 01 Jan 2022 10:55:00 +0000
ROA not before: Sat 01 Jan 2022 10:55:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57743
IP address blocks: 45.136.53.0/24 maxlen: 24
45.136.52.0/24 maxlen: 24
45.136.55.0/24 maxlen: 24
45.136.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128565991 (0x7a9c2e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e19966c0ea5df3a987f8365524b5128cba7fc90
Validity
Not Before: Jan 1 10:55:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7557c06380fbf431b82ede051d5c330bfae41926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:59:22:41:39:83:29:4d:af:de:20:90:c1:39:
db:8e:49:2a:be:f3:f3:fb:61:10:48:67:d1:6d:db:
3e:13:d9:bc:b1:7d:11:1f:42:04:a9:2e:40:ae:68:
08:f8:45:fe:87:a3:ae:e2:37:70:74:1c:a6:6e:27:
19:9a:5f:82:ea:0b:d3:64:07:ea:cb:33:65:08:9d:
fc:28:6a:37:29:dc:8b:85:4c:ca:b6:be:f8:9c:c0:
a1:a9:91:4d:66:0e:5b:7e:7d:e4:cd:8f:e0:8e:9d:
87:9d:b6:04:55:47:a3:b7:30:1d:33:f5:e7:f5:0f:
8d:87:ec:76:e5:81:c2:c4:84:43:fd:85:f8:17:79:
0c:91:27:14:e0:78:40:c5:2c:cb:55:fc:c1:01:7f:
a1:8f:bc:e8:75:0d:a9:e5:d6:f6:4a:3b:96:de:fb:
7e:d6:fa:0d:c4:0d:dd:2b:9d:7a:8b:76:8f:bd:9a:
cf:4f:df:b9:78:21:ca:55:0d:a2:4c:73:32:58:00:
80:d3:8f:ee:f8:af:9f:6f:d6:e7:a3:ed:7d:f1:48:
ea:cb:ee:fb:c5:da:b7:7b:06:6b:ed:d1:a8:dc:6a:
48:1e:0f:9e:92:a8:97:65:22:75:72:06:af:da:14:
75:75:62:ac:e0:b5:91:5d:7f:ec:11:e3:02:be:58:
ce:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:57:C0:63:80:FB:F4:31:B8:2E:DE:05:1D:5C:33:0B:FA:E4:19:26
X509v3 Authority Key Identifier:
keyid:2E:19:96:6C:0E:A5:DF:3A:98:7F:83:65:52:4B:51:28:CB:A7:FC:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhmWbA6l3zqYf4NlUktRKMun_JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/a6b613-66bd-4312-8f0c-36b5dda9fbe8/1/dVfAY4D79DG4Lt4FHVwzC_rkGSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/a6b613-66bd-4312-8f0c-36b5dda9fbe8/1/LhmWbA6l3zqYf4NlUktRKMun_JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.52.0/22
Signature Algorithm: sha256WithRSAEncryption
08:54:fe:dc:8b:51:57:60:19:7f:44:99:10:69:1b:f4:f6:5a:
45:0e:72:95:5d:2f:bd:ae:ea:7a:9e:02:b5:70:81:7a:7c:97:
06:96:79:ef:5a:3d:ee:0b:61:d9:ef:d1:a6:25:d1:35:7c:56:
36:71:63:28:39:31:70:42:c0:a1:7d:6f:50:d5:de:05:e1:d6:
46:e6:f5:65:bf:b9:f5:36:fc:a7:04:30:81:65:8c:65:ea:ac:
4d:e9:6d:83:e9:e8:06:dd:e3:a7:cc:7a:fe:b6:52:49:4f:4c:
54:a6:01:43:09:b2:8c:99:1b:45:59:36:7f:d7:d9:63:a1:03:
c2:be:65:56:2a:d1:e5:cb:17:fd:f1:4c:1e:93:b9:89:73:17:
a0:4a:1e:35:ad:cc:10:34:9c:22:1b:30:c0:19:9b:ee:1d:09:
cd:f1:3c:db:3f:28:56:1a:43:1e:ca:e2:e3:68:b2:cb:b6:e6:
d8:12:73:4e:3c:bc:40:f2:b8:b4:f2:f0:20:24:81:da:8d:30:
b9:a9:58:9c:bd:1c:de:b9:64:9e:9a:48:ce:94:a3:f3:4a:1c:
86:b3:9e:35:d5:97:df:09:54:71:45:7a:ba:66:c3:f9:3a:75:
b2:69:45:b1:36:fc:9b:25:f5:dd:87:44:1f:df:24:54:56:67:
9a:15:51:ad
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB6nC5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTE5OTY2YzBlYTVkZjNhOTg3ZjgzNjU1MjRiNTEyOGNiYTdmYzkwMB4XDTIyMDEw
MTEwNTUwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzU1N2MwNjM4MGZi
ZjQzMWI4MmVkZTA1MWQ1YzMzMGJmYWU0MTkyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO5ZIkE5gylNr94gkME5245JKr7z8/thEEhn0W3bPhPZvLF9
ER9CBKkuQK5oCPhF/oejruI3cHQcpm4nGZpfguoL02QH6sszZQid/ChqNynci4VM
yra++JzAoamRTWYOW3595M2P4I6dh522BFVHo7cwHTP15/UPjYfsduWBwsSEQ/2F
+Bd5DJEnFOB4QMUsy1X8wQF/oY+86HUNqeXW9ko7lt77ftb6DcQN3Sudeot2j72a
z0/fuXghylUNokxzMlgAgNOP7vivn2/W56PtffFI6svu+8Xat3sGa+3RqNxqSB4P
npKol2UidXIGr9oUdXVirOC1kV1/7BHjAr5Yzt8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR1V8BjgPv0Mbgu3gUdXDML+uQZJjAfBgNVHSMEGDAWgBQuGZZsDqXfOph/
g2VSS1Eoy6f8kDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xobVdiQTZsM3pxWWY0TmxVa3RSS011bl9KQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvYTZiNjEzLTY2YmQtNDMxMi04ZjBjLTM2YjVkZGE5ZmJlOC8x
L2RWZkFZNEQ3OURHNEx0NEZIVnd6Q19ya0dTWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
YTZiNjEzLTY2YmQtNDMxMi04ZjBjLTM2YjVkZGE5ZmJlOC8xL0xobVdiQTZsM3px
WWY0TmxVa3RSS011bl9KQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2INDANBgkqhkiG9w0BAQsFAAOC
AQEACFT+3ItRV2AZf0SZEGkb9PZaRQ5ylV0vva7qep4CtXCBenyXBpZ571o97gth
2e/RpiXRNXxWNnFjKDkxcELAoX1vUNXeBeHWRub1Zb+59Tb8pwQwgWWMZeqsTelt
g+noBt3jp8x6/rZSSU9MVKYBQwmyjJkbRVk2f9fZY6EDwr5lVirR5csX/fFMHpO5
iXMXoEoeNa3MEDScIhswwBmb7h0JzfE82z8oVhpDHsri42iyy7bm2BJzTjy8QPK4
tPLwICSB2o0wualYnL0c3rlknppIzpSj80ochrOeNdWX3wlUcUV6umbD+Tp1smlF
sTb8myX13YdEH98kVFZnmhVRrQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:27 2025 by rpki-client