Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/saTmia0jZ_WM2wkSls_CZYMniHI.roa
File: saTmia0jZ_WM2wkSls_CZYMniHI.roa (raw, json)
Hash identifier: rxC4MsdopOgw2qTKqm8Is4+dzBh4Xrp50+/JHq0cuKo=
Subject key identifier: B1:A4:E6:89:AD:23:67:F5:8C:DB:09:12:96:CF:C2:65:83:27:88:72
Certificate issuer: /CN=2326eeeadd4c0ee55b3594a596e67220819c18d5
Certificate serial: 07F35209
Authority key identifier: 23:26:EE:EA:DD:4C:0E:E5:5B:35:94:A5:96:E6:72:20:81:9C:18:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iybu6t1MDuVbNZSlluZyIIGcGNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/saTmia0jZ_WM2wkSls_CZYMniHI.roa
Signing time: Sat 01 Jan 2022 03:59:18 +0000
ROA not before: Sat 01 Jan 2022 03:59:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51519
IP address blocks: 45.132.233.0/24 maxlen: 24
45.132.232.0/22 maxlen: 22
45.132.235.0/24 maxlen: 24
2a0e:73c0::/29 maxlen: 29
2a0e:73c2:cafe::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133386761 (0x7f35209)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2326eeeadd4c0ee55b3594a596e67220819c18d5
Validity
Not Before: Jan 1 03:59:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b1a4e689ad2367f58cdb091296cfc26583278872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ac:42:49:10:48:33:14:a8:23:82:bf:d3:63:
43:bd:d7:2b:50:ed:e7:64:c7:92:d1:5b:13:20:17:
3a:34:0b:7d:7c:f8:5a:eb:73:95:d4:25:8e:0d:ea:
18:30:0f:c8:ed:aa:94:c2:86:b1:1d:13:78:67:db:
8e:f8:10:5f:49:2e:d6:1e:f0:0f:cb:84:ae:4a:89:
45:fa:9f:c4:bf:6d:97:66:7d:cf:86:d5:9e:85:a0:
50:a9:d9:51:9e:6f:93:d5:f8:00:a0:4e:9f:3d:10:
ab:ae:2e:b3:f6:94:a2:96:d4:18:98:1b:ab:44:01:
01:0b:ad:94:d4:18:bb:28:e5:51:c4:00:56:12:0f:
7d:49:82:4c:bc:89:95:28:d9:7d:c9:bc:5c:ab:ff:
e2:e5:a7:53:f3:d8:01:88:60:7e:98:98:ab:b0:06:
af:cd:1a:59:91:8c:b2:8b:57:fe:bb:c6:04:40:dd:
cf:ba:07:42:5e:95:f6:e0:ae:21:e4:61:cd:67:f7:
93:37:93:43:92:27:1c:47:83:26:15:bf:bf:d6:9c:
c6:f4:7f:b9:a7:75:ff:20:53:79:81:cd:d4:2d:c9:
d1:0c:1a:f0:a4:d3:40:d3:ec:f5:34:db:73:04:bb:
85:ee:b5:84:45:0f:7b:fa:75:69:59:cf:9f:6a:4a:
58:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A4:E6:89:AD:23:67:F5:8C:DB:09:12:96:CF:C2:65:83:27:88:72
X509v3 Authority Key Identifier:
keyid:23:26:EE:EA:DD:4C:0E:E5:5B:35:94:A5:96:E6:72:20:81:9C:18:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iybu6t1MDuVbNZSlluZyIIGcGNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/saTmia0jZ_WM2wkSls_CZYMniHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/Iybu6t1MDuVbNZSlluZyIIGcGNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.232.0/22
IPv6:
2a0e:73c0::/29
Signature Algorithm: sha256WithRSAEncryption
97:d0:dd:ec:22:c0:e4:b0:4b:52:65:3f:ab:14:35:6a:1b:c7:
00:5f:ab:8d:cc:25:38:32:aa:b5:fd:f6:e4:6b:16:97:3b:8d:
48:c6:b2:04:7b:6c:d7:d4:df:35:25:b5:e6:32:b5:8f:51:c6:
42:32:9b:b9:de:3e:59:33:33:4e:4c:e7:b1:fb:5d:3c:71:be:
46:e5:c5:ee:54:05:85:d8:18:80:05:d6:cd:ad:c9:e4:08:a3:
6b:72:6f:10:13:f6:88:ca:c9:53:28:c3:94:8c:94:3d:a1:94:
90:96:84:b8:2e:55:2f:0c:ed:6d:89:81:4d:df:b7:88:c1:34:
c6:9e:d8:91:df:05:c9:28:17:85:9e:36:f9:7f:54:5b:11:ad:
51:3f:b1:93:3e:5c:be:6e:02:40:9b:13:35:b2:e2:de:ae:47:
29:d4:30:54:e9:34:f8:c4:9c:1c:8a:fb:46:a1:89:40:9b:27:
ad:e9:14:8f:63:75:39:98:8d:7e:bb:04:6d:69:78:d2:50:7c:
1a:92:8e:0f:d0:b6:10:b1:87:f3:97:76:f0:b6:4b:9e:3e:f2:
7b:93:70:73:5a:5c:e5:d4:35:c1:95:04:49:69:df:76:b8:58:
28:0e:18:6a:42:03:b5:c9:ce:41:b1:0d:6f:dd:45:9d:82:4b:
ed:db:3a:38
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB/NSCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzI2ZWVlYWRkNGMwZWU1NWIzNTk0YTU5NmU2NzIyMDgxOWMxOGQ1MB4XDTIyMDEw
MTAzNTkxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjFhNGU2ODlhZDIz
NjdmNThjZGIwOTEyOTZjZmMyNjU4MzI3ODg3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOsQkkQSDMUqCOCv9NjQ73XK1Dt52THktFbEyAXOjQLfXz4
WutzldQljg3qGDAPyO2qlMKGsR0TeGfbjvgQX0ku1h7wD8uErkqJRfqfxL9tl2Z9
z4bVnoWgUKnZUZ5vk9X4AKBOnz0Qq64us/aUopbUGJgbq0QBAQutlNQYuyjlUcQA
VhIPfUmCTLyJlSjZfcm8XKv/4uWnU/PYAYhgfpiYq7AGr80aWZGMsotX/rvGBEDd
z7oHQl6V9uCuIeRhzWf3kzeTQ5InHEeDJhW/v9acxvR/uad1/yBTeYHN1C3J0Qwa
8KTTQNPs9TTbcwS7he61hEUPe/p1aVnPn2pKWL8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSxpOaJrSNn9YzbCRKWz8JlgyeIcjAfBgNVHSMEGDAWgBQjJu7q3UwO5Vs1
lKWW5nIggZwY1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l5YnU2dDFNRHVWYk5aU2xsdVp5SUlHY0dOVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvYTU5ODBkLTY1ZjQtNDU3My05NzU5LTMzNDE1OTY3YzIxMy8x
L3NhVG1pYTBqWl9XTTJ3a1Nsc19DWllNbmlISS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
YTU5ODBkLTY1ZjQtNDU3My05NzU5LTMzNDE1OTY3YzIxMy8xL0l5YnU2dDFNRHVW
Yk5aU2xsdVp5SUlHY0dOVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2E6DANBAIAAjAHAwUDKg5zwDAN
BgkqhkiG9w0BAQsFAAOCAQEAl9Dd7CLA5LBLUmU/qxQ1ahvHAF+rjcwlODKqtf32
5GsWlzuNSMayBHts19TfNSW15jK1j1HGQjKbud4+WTMzTkznsftdPHG+RuXF7lQF
hdgYgAXWza3J5Aija3JvEBP2iMrJUyjDlIyUPaGUkJaEuC5VLwztbYmBTd+3iME0
xp7Ykd8FySgXhZ42+X9UWxGtUT+xkz5cvm4CQJsTNbLi3q5HKdQwVOk0+MScHIr7
RqGJQJsnrekUj2N1OZiNfrsEbWl40lB8GpKOD9C2ELGH85d28LZLnj7ye5Nwc1pc
5dQ1wZUESWnfdrhYKA4YakIDtcnOQbENb91FnYJL7ds6OA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:55 2025 by rpki-client