Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/3b9215-9807-481e-9a1e-732272023ec2/1/0EP8TmijaW-BTePiUwMdD6wIWhY.roa
File: 0EP8TmijaW-BTePiUwMdD6wIWhY.roa (raw, json)
Hash identifier: JIpDkquPGnTdEEnQBxhIN96loss8PGCGPHw0gVC12VE=
Subject key identifier: D0:43:FC:4E:68:A3:69:6F:81:4D:E3:E2:53:03:1D:0F:AC:08:5A:16
Certificate issuer: /CN=62d18b312e353e78fa8ee5f80d36f741cdcde3aa
Certificate serial: 018571830F02B79059DBEDBDCED7C7FB50B4
Authority key identifier: 62:D1:8B:31:2E:35:3E:78:FA:8E:E5:F8:0D:36:F7:41:CD:CD:E3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YtGLMS41Pnj6juX4DTb3Qc3N46o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/3b9215-9807-481e-9a1e-732272023ec2/1/0EP8TmijaW-BTePiUwMdD6wIWhY.roa
Signing time: Mon 02 Jan 2023 08:04:52 +0000
ROA not before: Mon 02 Jan 2023 08:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 45.94.134.0/24 maxlen: 24
45.94.133.0/24 maxlen: 24
45.94.135.0/24 maxlen: 24
45.94.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:0f:02:b7:90:59:db:ed:bd:ce:d7:c7:fb:50:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62d18b312e353e78fa8ee5f80d36f741cdcde3aa
Validity
Not Before: Jan 2 08:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d043fc4e68a3696f814de3e253031d0fac085a16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:91:74:c1:d9:33:02:d6:64:4f:ac:cb:41:0c:
87:50:46:21:26:95:ea:ca:35:37:43:ea:d3:0e:91:
1d:0e:91:c9:43:ce:91:74:a9:a0:e3:ff:3e:b4:75:
63:d5:4e:d5:ef:26:a6:cb:e7:8d:50:cd:0f:ed:93:
b2:68:76:55:53:f5:1a:2d:51:78:2a:5a:3c:05:38:
7d:3a:f0:ac:66:c3:c8:4a:ea:54:cf:1a:b9:92:d4:
f1:f9:bd:eb:3c:a9:a0:8f:56:1d:48:da:c5:f3:99:
49:ae:ee:78:8c:ba:6f:22:53:aa:87:be:9e:e5:ea:
18:69:2a:36:53:9a:da:ab:e8:ec:4d:07:28:3f:7a:
2f:70:10:11:7d:5f:2d:be:ff:9c:9f:f5:51:9b:05:
29:83:b9:12:6b:ec:1e:dd:37:65:d0:26:e5:24:49:
8a:83:14:92:f8:b5:cf:55:ee:ef:2f:a1:4f:85:38:
15:88:cf:dd:43:01:6f:3e:95:e3:8b:e2:85:46:30:
72:3d:27:c3:ec:b5:a7:6d:f6:60:66:d8:83:59:06:
25:97:1d:9e:17:65:c1:0d:20:7f:ce:29:59:a7:09:
52:10:b1:62:88:59:00:e2:6e:78:91:93:47:e6:27:
04:c0:e5:af:82:fd:81:d4:7e:0e:a7:48:cf:dd:1c:
4a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:43:FC:4E:68:A3:69:6F:81:4D:E3:E2:53:03:1D:0F:AC:08:5A:16
X509v3 Authority Key Identifier:
keyid:62:D1:8B:31:2E:35:3E:78:FA:8E:E5:F8:0D:36:F7:41:CD:CD:E3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YtGLMS41Pnj6juX4DTb3Qc3N46o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3b9215-9807-481e-9a1e-732272023ec2/1/0EP8TmijaW-BTePiUwMdD6wIWhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3b9215-9807-481e-9a1e-732272023ec2/1/YtGLMS41Pnj6juX4DTb3Qc3N46o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.132.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:10:4c:cc:aa:20:3b:79:c8:ce:05:9a:09:1e:51:b8:2f:ce:
ef:be:f9:25:05:29:10:a3:e7:6f:af:7e:bd:66:62:ad:54:67:
8f:81:cb:50:54:30:8a:89:74:9a:07:ca:85:c5:1c:1c:3e:8d:
45:20:fa:b8:43:e8:f7:1f:a1:b6:15:af:94:83:3e:e8:9a:17:
8b:3f:81:9d:5b:9c:40:48:84:97:c1:0d:80:55:3a:14:55:16:
6a:f0:a8:db:f7:3c:1c:9f:2b:25:a3:41:ba:7a:6f:62:3e:3c:
3d:ba:c4:21:87:da:4c:c0:fb:e9:91:f8:a2:c7:58:8f:74:0b:
74:62:08:06:9b:6a:75:b2:21:d7:d0:e0:c3:e3:86:78:2f:5d:
18:fb:fd:ee:e9:f6:ef:67:24:f6:37:96:e5:86:04:f8:c9:c3:
6b:bc:b9:7b:31:74:b4:fc:91:ea:c5:38:11:e6:00:d9:c5:07:
1e:92:5e:58:ea:77:10:75:22:04:83:7d:4b:83:7f:c6:03:b2:
64:fd:b2:41:69:54:98:68:46:84:25:63:e1:ae:19:25:28:3f:
3a:c5:04:80:7c:8b:d3:f2:48:25:fa:2c:50:2f:33:97:0b:ec:
3a:f7:c3:5b:2c:4d:57:68:05:c6:2c:83:ae:09:b3:85:c8:f8:
37:d8:ab:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxgw8Ct5BZ2+29ztfH+1C0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZDE4YjMxMmUzNTNlNzhmYThlZTVmODBkMzZmNzQxY2Rj
ZGUzYWEwHhcNMjMwMTAyMDgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDQzZmM0ZTY4YTM2OTZmODE0ZGUzZTI1MzAzMWQwZmFjMDg1YTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZF0wdkzAtZkT6zLQQyHUEYhJpXq
yjU3Q+rTDpEdDpHJQ86RdKmg4/8+tHVj1U7V7yamy+eNUM0P7ZOyaHZVU/UaLVF4
Klo8BTh9OvCsZsPISupUzxq5ktTx+b3rPKmgj1YdSNrF85lJru54jLpvIlOqh76e
5eoYaSo2U5raq+jsTQcoP3ovcBARfV8tvv+cn/VRmwUpg7kSa+we3Tdl0CblJEmK
gxSS+LXPVe7vL6FPhTgViM/dQwFvPpXji+KFRjByPSfD7LWnbfZgZtiDWQYllx2e
F2XBDSB/zilZpwlSELFiiFkA4m54kZNH5icEwOWvgv2B1H4Op0jP3RxK3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNBD/E5oo2lvgU3j4lMDHQ+sCFoWMB8GA1UdIwQY
MBaAFGLRizEuNT54+o7l+A0290HNzeOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRHTE1TNDFQbmo2anVYNERUYjNRYzNONDZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8zYjkyMTUtOTgwNy00ODFlLTlhMWUt
NzMyMjcyMDIzZWMyLzEvMEVQOFRtaWphVy1CVGVQaVV3TWRENndJV2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8zYjkyMTUtOTgwNy00ODFlLTlhMWUtNzMyMjcyMDIzZWMy
LzEvWXRHTE1TNDFQbmo2anVYNERUYjNRYzNONDZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLV6EMA0G
CSqGSIb3DQEBCwUAA4IBAQAaEEzMqiA7ecjOBZoJHlG4L87vvvklBSkQo+dvr369
ZmKtVGePgctQVDCKiXSaB8qFxRwcPo1FIPq4Q+j3H6G2Fa+Ugz7omheLP4GdW5xA
SISXwQ2AVToUVRZq8Kjb9zwcnyslo0G6em9iPjw9usQhh9pMwPvpkfiix1iPdAt0
YggGm2p1siHX0ODD44Z4L10Y+/3u6fbvZyT2N5blhgT4ycNrvLl7MXS0/JHqxTgR
5gDZxQcekl5Y6ncQdSIEg31Lg3/GA7Jk/bJBaVSYaEaEJWPhrhklKD86xQSAfIvT
8kgl+ixQLzOXC+w698NbLE1XaAXGLIOuCbOFyPg32Ktc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:31 2025 by rpki-client