Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/ysI0-sDU8lqdy-FzteEkls0iUn0.roa
File: ysI0-sDU8lqdy-FzteEkls0iUn0.roa (raw, json)
Hash identifier: FhMSro3UGYuBcuXp+gfM2OrBmJK2f4HmQx0gix2kgBQ=
Subject key identifier: CA:C2:34:FA:C0:D4:F2:5A:9D:CB:E1:73:B5:E1:24:96:CD:22:52:7D
Certificate issuer: /CN=53bd0992872152a86d60d963b87d01817c00fc53
Certificate serial: 01856C013F5D0730746FD317D56736830D00
Authority key identifier: 53:BD:09:92:87:21:52:A8:6D:60:D9:63:B8:7D:01:81:7C:00:FC:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U70JkochUqhtYNljuH0BgXwA_FM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/ysI0-sDU8lqdy-FzteEkls0iUn0.roa
Signing time: Sun 01 Jan 2023 06:24:59 +0000
ROA not before: Sun 01 Jan 2023 06:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9044
IP address blocks: 45.86.132.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:3f:5d:07:30:74:6f:d3:17:d5:67:36:83:0d:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53bd0992872152a86d60d963b87d01817c00fc53
Validity
Not Before: Jan 1 06:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cac234fac0d4f25a9dcbe173b5e12496cd22527d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:08:16:9f:1b:89:db:aa:9f:8a:c1:08:d6:7c:
ac:ac:58:eb:76:a0:f0:c3:66:a1:3c:ac:3d:6a:04:
38:8e:eb:d5:e8:6a:65:0f:19:dc:bc:e1:85:e0:51:
29:d0:54:e3:86:d9:58:9f:8b:89:00:40:3c:ae:1d:
3d:38:1e:3b:9d:09:04:76:b5:df:a2:e5:f8:15:6e:
b9:04:2b:ba:3b:c1:71:1f:25:f9:21:4f:41:14:ac:
35:37:38:33:9b:6b:5c:7e:7d:dc:af:a2:55:e7:78:
de:9c:03:f2:31:88:f4:d5:89:a9:15:63:7a:ff:36:
9d:ae:3c:29:72:01:75:b6:18:7a:9f:af:90:de:4c:
a1:a3:7d:90:07:8b:77:c2:0b:f3:c0:21:18:92:6f:
69:d1:45:fd:a3:f1:ae:7a:ef:4f:b9:2d:22:fb:a5:
4c:47:9d:eb:ed:81:78:02:66:e9:97:eb:2c:e6:a6:
18:5b:5d:89:6c:16:25:a8:ce:04:75:49:ed:bb:c4:
57:0d:1d:b0:f4:e8:3e:b4:ef:45:9d:fd:c6:a0:ac:
c7:04:af:d0:69:98:9e:a6:ca:a2:81:1b:98:45:b5:
4a:64:1f:03:83:a1:ab:e2:c3:52:a3:95:7d:5b:49:
d2:fd:78:14:e5:b1:3f:68:c4:bc:78:78:60:df:b4:
7c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C2:34:FA:C0:D4:F2:5A:9D:CB:E1:73:B5:E1:24:96:CD:22:52:7D
X509v3 Authority Key Identifier:
keyid:53:BD:09:92:87:21:52:A8:6D:60:D9:63:B8:7D:01:81:7C:00:FC:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U70JkochUqhtYNljuH0BgXwA_FM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/ysI0-sDU8lqdy-FzteEkls0iUn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.132.0/23
Signature Algorithm: sha256WithRSAEncryption
95:0c:37:b5:6b:6a:59:36:31:77:05:37:ac:6e:ce:62:3b:c2:
d8:9c:32:ee:ca:5b:80:5c:8b:5b:5e:15:48:02:6e:df:51:4d:
ad:71:31:a6:89:2a:1c:72:68:07:fb:5d:ae:61:a4:ba:33:41:
41:d0:1d:54:f9:97:dd:46:81:c9:bd:33:ad:bb:cd:c0:67:1d:
67:21:db:9f:82:e4:b3:cd:eb:70:b7:e4:14:ce:34:b7:52:d5:
ea:2a:de:02:45:e5:3a:2b:d0:09:91:8d:47:c7:37:23:9f:c9:
dd:33:8c:16:67:1a:f7:3a:eb:a8:3a:14:e2:a2:c7:d6:d8:1c:
9e:8f:2a:a3:a6:ec:eb:bb:c2:bd:e8:a2:77:d8:92:e2:4e:4b:
a2:b6:ef:2a:9f:a4:9e:73:77:b9:85:41:92:c8:8c:fc:4a:9b:
b2:a5:73:5b:dc:fc:33:b7:b5:74:5a:ff:d5:04:f5:75:12:b5:
39:9f:28:f0:25:7d:b0:6c:c4:8a:8c:74:3a:26:8c:0d:ac:53:
15:d9:cd:ba:d7:68:8b:99:26:fb:7b:1f:36:cc:cd:f8:04:92:
72:68:7e:3b:81:2e:12:d3:88:fe:d6:36:bd:d4:9a:98:a9:ed:
1d:ca:1e:0d:b2:a2:dd:59:40:b1:5a:05:db:0a:69:ec:80:f6:
af:1f:84:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsAT9dBzB0b9MX1Wc2gw0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYmQwOTkyODcyMTUyYTg2ZDYwZDk2M2I4N2QwMTgxN2Mw
MGZjNTMwHhcNMjMwMTAxMDYyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWMyMzRmYWMwZDRmMjVhOWRjYmUxNzNiNWUxMjQ5NmNkMjI1MjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQgWnxuJ26qfisEI1nysrFjrdqDw
w2ahPKw9agQ4juvV6GplDxncvOGF4FEp0FTjhtlYn4uJAEA8rh09OB47nQkEdrXf
ouX4FW65BCu6O8FxHyX5IU9BFKw1Nzgzm2tcfn3cr6JV53jenAPyMYj01YmpFWN6
/zadrjwpcgF1thh6n6+Q3kyho32QB4t3wgvzwCEYkm9p0UX9o/Gueu9PuS0i+6VM
R53r7YF4Ambpl+ss5qYYW12JbBYlqM4EdUntu8RXDR2w9Og+tO9Fnf3GoKzHBK/Q
aZiepsqigRuYRbVKZB8Dg6Gr4sNSo5V9W0nS/XgU5bE/aMS8eHhg37R8/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrCNPrA1PJancvhc7XhJJbNIlJ9MB8GA1UdIwQY
MBaAFFO9CZKHIVKobWDZY7h9AYF8APxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTcwSmtvY2hVcWh0WU5sanVIMEJnWHdBX0ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82ZTI2NGUtZDZjZS00MmQ1LWIwNWQt
ZTE1ZjRmODQwOWU2LzEveXNJMC1zRFU4bHFkeS1GenRlRWtsczBpVW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82ZTI2NGUtZDZjZS00MmQ1LWIwNWQtZTE1ZjRmODQwOWU2
LzEvVTcwSmtvY2hVcWh0WU5sanVIMEJnWHdBX0ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVaEMA0G
CSqGSIb3DQEBCwUAA4IBAQCVDDe1a2pZNjF3BTesbs5iO8LYnDLuyluAXItbXhVI
Am7fUU2tcTGmiSoccmgH+12uYaS6M0FB0B1U+ZfdRoHJvTOtu83AZx1nIdufguSz
zetwt+QUzjS3UtXqKt4CReU6K9AJkY1Hxzcjn8ndM4wWZxr3OuuoOhTiosfW2Bye
jyqjpuzru8K96KJ32JLiTkuitu8qn6Sec3e5hUGSyIz8SpuypXNb3Pwzt7V0Wv/V
BPV1ErU5nyjwJX2wbMSKjHQ6JowNrFMV2c2612iLmSb7ex82zM34BJJyaH47gS4S
04j+1ja91JqYqe0dyh4NsqLdWUCxWgXbCmnsgPavH4Q1
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:35:43 2025 by rpki-client