Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/a6b613-66bd-4312-8f0c-36b5dda9fbe8/1/k91m1K1GSrcsALSa0kfAZcKzHBo.roa
File: k91m1K1GSrcsALSa0kfAZcKzHBo.roa (raw, json)
Hash identifier: GHBqusdcTUvuQEEddWrGKTk7PzZVETspFSg/s3sBdvI=
Subject key identifier: 93:DD:66:D4:AD:46:4A:B7:2C:00:B4:9A:D2:47:C0:65:C2:B3:1C:1A
Certificate issuer: /CN=2e19966c0ea5df3a987f8365524b5128cba7fc90
Certificate serial: 01856F14BFF5C21F2125318F2483485F8381
Authority key identifier: 2E:19:96:6C:0E:A5:DF:3A:98:7F:83:65:52:4B:51:28:CB:A7:FC:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhmWbA6l3zqYf4NlUktRKMun_JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/a6b613-66bd-4312-8f0c-36b5dda9fbe8/1/k91m1K1GSrcsALSa0kfAZcKzHBo.roa
Signing time: Sun 01 Jan 2023 20:45:08 +0000
ROA not before: Sun 01 Jan 2023 20:45:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57743
IP address blocks: 45.136.53.0/24 maxlen: 24
45.136.52.0/24 maxlen: 24
45.136.55.0/24 maxlen: 24
45.136.54.0/24 maxlen: 24
2a07:df40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:bf:f5:c2:1f:21:25:31:8f:24:83:48:5f:83:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e19966c0ea5df3a987f8365524b5128cba7fc90
Validity
Not Before: Jan 1 20:45:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93dd66d4ad464ab72c00b49ad247c065c2b31c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:5a:95:79:e4:3d:8f:8f:46:45:a2:a3:2c:ea:
46:a8:32:d0:82:0c:96:78:fa:f3:d9:33:e3:e5:4d:
70:f5:bb:76:f5:f1:c3:ef:4f:c1:49:36:9e:ee:e4:
f8:95:f9:3c:13:9c:c6:af:b3:30:02:29:77:6a:be:
cd:10:93:5c:c9:76:a3:ec:2d:a7:d9:00:bf:c6:9a:
68:fc:be:0f:b2:85:4e:f7:8e:0b:b4:0a:b4:02:5a:
8c:a9:3e:1d:f3:b6:67:28:83:bd:03:ac:de:3c:f5:
5f:e2:33:66:1b:92:71:13:3c:48:f2:71:4b:b9:f5:
4f:de:6a:0d:72:6c:4f:bf:6a:89:d7:ba:06:7e:50:
bd:38:11:9c:60:b2:3c:ea:6e:f1:7c:97:f9:a8:21:
7c:32:8f:7a:c6:e9:c4:7a:28:80:53:1c:a2:c1:3e:
55:22:ee:2f:ef:33:ec:f7:26:9f:0a:52:cb:47:d8:
82:73:8e:a9:d4:36:be:8e:6a:c4:9d:7c:c6:5e:aa:
ec:c4:6d:fd:c9:45:ce:22:7c:a8:b3:a5:aa:48:f7:
96:45:75:9d:85:90:dc:dc:a3:00:1c:10:f2:90:95:
c9:02:5c:f8:6f:51:4c:f5:27:a9:1f:e7:d7:a9:d7:
fe:97:d6:a0:82:3d:71:9c:2d:c8:e5:0b:61:11:9e:
19:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DD:66:D4:AD:46:4A:B7:2C:00:B4:9A:D2:47:C0:65:C2:B3:1C:1A
X509v3 Authority Key Identifier:
keyid:2E:19:96:6C:0E:A5:DF:3A:98:7F:83:65:52:4B:51:28:CB:A7:FC:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhmWbA6l3zqYf4NlUktRKMun_JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/a6b613-66bd-4312-8f0c-36b5dda9fbe8/1/k91m1K1GSrcsALSa0kfAZcKzHBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/a6b613-66bd-4312-8f0c-36b5dda9fbe8/1/LhmWbA6l3zqYf4NlUktRKMun_JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.52.0/22
IPv6:
2a07:df40::/29
Signature Algorithm: sha256WithRSAEncryption
9d:a0:33:43:3e:a1:64:b3:5d:c1:b2:ac:46:50:90:b9:7c:b7:
10:d8:df:3d:a4:b8:39:4c:f7:33:a4:ac:ae:d7:6e:f0:f3:00:
eb:12:fc:4c:51:f1:2f:3f:ab:e6:37:7d:02:f8:8d:bf:fd:d6:
b1:72:34:72:58:e7:0f:55:61:f7:ab:46:9a:ea:fd:3f:70:56:
32:fa:02:2e:ac:af:f0:7d:aa:1d:99:fc:ca:a1:3e:65:30:ad:
79:09:2e:8e:eb:f0:8b:e5:23:94:6e:91:60:85:77:73:9a:05:
14:cb:d0:d8:50:96:0a:52:ee:15:64:cb:cd:6a:fd:19:4a:a7:
f9:f8:14:dc:a3:d7:61:6a:61:82:02:00:14:57:d7:bb:14:65:
ea:46:50:a0:3c:98:3f:f6:a1:ee:d3:7e:fc:07:f4:ce:91:d5:
06:ff:8b:59:99:38:66:db:c8:79:56:f2:43:30:56:3e:4a:29:
5c:64:da:4c:68:d4:85:6b:59:84:35:54:59:6c:93:3e:9f:e9:
b4:2a:76:d7:30:4d:6c:91:fd:36:40:36:12:4b:57:9f:ac:98:
07:8b:d2:29:07:d4:d7:dc:98:6a:7b:3b:ca:33:7a:d5:eb:18:
13:d5:8e:c4:5e:26:c9:52:57:2c:25:3a:2f:8e:8e:a1:02:b1:
38:ba:a0:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFL/1wh8hJTGPJINIX4OBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTk5NjZjMGVhNWRmM2E5ODdmODM2NTUyNGI1MTI4Y2Jh
N2ZjOTAwHhcNMjMwMTAxMjA0NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RkNjZkNGFkNDY0YWI3MmMwMGI0OWFkMjQ3YzA2NWMyYjMxYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVqVeeQ9j49GRaKjLOpGqDLQggyW
ePrz2TPj5U1w9bt29fHD70/BSTae7uT4lfk8E5zGr7MwAil3ar7NEJNcyXaj7C2n
2QC/xppo/L4PsoVO944LtAq0AlqMqT4d87ZnKIO9A6zePPVf4jNmG5JxEzxI8nFL
ufVP3moNcmxPv2qJ17oGflC9OBGcYLI86m7xfJf5qCF8Mo96xunEeiiAUxyiwT5V
Iu4v7zPs9yafClLLR9iCc46p1Da+jmrEnXzGXqrsxG39yUXOInyos6WqSPeWRXWd
hZDc3KMAHBDykJXJAlz4b1FM9SepH+fXqdf+l9aggj1xnC3I5QthEZ4ZUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJPdZtStRkq3LAC0mtJHwGXCsxwaMB8GA1UdIwQY
MBaAFC4ZlmwOpd86mH+DZVJLUSjLp/yQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhtV2JBNmwzenFZZjRObFVrdFJLTXVuX0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hNmI2MTMtNjZiZC00MzEyLThmMGMt
MzZiNWRkYTlmYmU4LzEvazkxbTFLMUdTcmNzQUxTYTBrZkFaY0t6SEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hNmI2MTMtNjZiZC00MzEyLThmMGMtMzZiNWRkYTlmYmU4
LzEvTGhtV2JBNmwzenFZZjRObFVrdFJLTXVuX0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYg0MA0E
AgACMAcDBQMqB99AMA0GCSqGSIb3DQEBCwUAA4IBAQCdoDNDPqFks13BsqxGUJC5
fLcQ2N89pLg5TPczpKyu127w8wDrEvxMUfEvP6vmN30C+I2//daxcjRyWOcPVWH3
q0aa6v0/cFYy+gIurK/wfaodmfzKoT5lMK15CS6O6/CL5SOUbpFghXdzmgUUy9DY
UJYKUu4VZMvNav0ZSqf5+BTco9dhamGCAgAUV9e7FGXqRlCgPJg/9qHu0378B/TO
kdUG/4tZmThm28h5VvJDMFY+SilcZNpMaNSFa1mENVRZbJM+n+m0KnbXME1skf02
QDYSS1efrJgHi9IpB9TX3JhqezvKM3rV6xgT1Y7EXibJUlcsJTovjo6hArE4uqCP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:21 2025 by rpki-client