Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/E4gr8cMj8WMkGhPEtiMKiKzhA3U.roa
File: E4gr8cMj8WMkGhPEtiMKiKzhA3U.roa (raw, json)
Hash identifier: VZ0E+nXpO52N+4JSFxjQ/A5mVyMwfw9auydE/yaTJtQ=
Subject key identifier: 13:88:2B:F1:C3:23:F1:63:24:1A:13:C4:B6:23:0A:88:AC:E1:03:75
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CA15F2D9BF32C717079B879C2B4636363
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/E4gr8cMj8WMkGhPEtiMKiKzhA3U.roa
Signing time: Mon 25 Dec 2023 14:26:58 +0000
ROA not before: Mon 25 Dec 2023 14:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 45.137.87.0/24 maxlen: 24
2a0f:c400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a1:5f:2d:9b:f3:2c:71:70:79:b8:79:c2:b4:63:63:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 25 14:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13882bf1c323f163241a13c4b6230a88ace10375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b3:b6:7c:d1:94:6d:70:77:a8:27:ef:f3:16:
30:9c:04:ed:cf:15:69:a9:42:9a:76:3f:be:08:3c:
64:7a:a4:cd:2c:86:84:14:1b:b2:dd:3a:e3:05:01:
4a:10:3e:3f:15:b8:55:3a:26:b9:43:7d:04:f0:f0:
0e:2f:79:cc:27:62:0a:77:2b:75:99:bb:6d:83:39:
ae:fd:b9:2b:aa:db:d8:72:9f:ba:9c:46:f1:3c:af:
ee:fd:5b:89:d4:40:cc:bf:fa:11:35:8c:a7:e6:a9:
cb:96:1f:83:64:bf:a5:7b:b0:9b:c1:2a:12:4c:95:
30:7c:63:e1:6b:59:dd:6b:1e:58:6f:92:84:13:cf:
5d:42:03:3d:27:b7:73:a4:49:85:dd:e2:09:dd:4f:
13:56:b5:01:cc:d8:d0:a5:92:84:85:f3:60:5d:86:
f5:fe:b9:5b:f3:7b:a4:a5:cb:e6:03:f7:61:9c:54:
c8:ce:d6:a4:a0:7b:52:53:64:37:64:e3:73:7e:53:
1f:cf:cd:e3:4c:b7:70:73:b8:ac:5d:25:36:12:b8:
8f:f9:bd:18:fd:39:90:ae:b5:02:dd:d1:84:c4:c4:
00:db:16:70:05:d9:d7:02:2e:ab:cb:56:8f:49:fc:
f6:9a:f7:1d:b4:d2:d2:42:ce:97:ee:6d:52:63:cb:
68:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:88:2B:F1:C3:23:F1:63:24:1A:13:C4:B6:23:0A:88:AC:E1:03:75
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/E4gr8cMj8WMkGhPEtiMKiKzhA3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.87.0/24
IPv6:
2a0f:c400::/29
Signature Algorithm: sha256WithRSAEncryption
48:19:c8:71:bd:d8:7a:2e:74:f1:71:0b:47:5d:a9:80:c1:f6:
b9:2d:57:84:ac:3f:43:bb:53:f9:c7:5b:6c:9e:bf:2e:08:8a:
10:4b:9e:3f:c4:88:8b:99:81:f4:69:30:3c:3d:b8:ed:83:e4:
59:51:9a:22:61:0e:a1:16:c9:26:fd:10:33:23:b4:57:4e:26:
2c:aa:a2:9e:1b:e0:50:f7:55:41:70:c7:35:ef:85:94:28:84:
b5:57:c9:d7:ae:fb:9b:dd:c5:47:7b:39:17:85:2a:87:27:5e:
38:0f:c8:c7:5f:c4:b7:f9:6d:dc:44:a4:03:55:1d:f6:97:5e:
1c:35:08:f7:3d:12:e8:e7:d0:c8:76:ed:e1:cd:7f:d4:57:70:
3f:fa:9b:42:c9:fa:7c:c3:58:1e:20:9d:dc:d2:59:d4:42:8a:
ff:d8:75:4a:76:93:05:60:af:52:6a:ce:b5:ac:f6:23:7a:19:
d8:44:ba:6c:5c:92:18:2a:7b:aa:53:d4:fd:25:d8:dc:93:2d:
29:0b:b9:42:52:a3:ed:b6:31:9c:30:03:1d:79:b9:31:0d:a1:
22:fe:0e:ac:63:10:f6:45:e9:d9:2d:15:fe:d3:59:1c:63:41:
67:b3:89:b1:f7:72:0e:c5:73:0f:7c:dd:3c:1c:c5:72:91:ec:
c4:3e:2a:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYyhXy2b8yxxcHm4ecK0Y2NjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjI1MTQyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzg4MmJmMWMzMjNmMTYzMjQxYTEzYzRiNjIzMGE4OGFjZTEwMzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLO2fNGUbXB3qCfv8xYwnATtzxVp
qUKadj++CDxkeqTNLIaEFBuy3TrjBQFKED4/FbhVOia5Q30E8PAOL3nMJ2IKdyt1
mbttgzmu/bkrqtvYcp+6nEbxPK/u/VuJ1EDMv/oRNYyn5qnLlh+DZL+le7CbwSoS
TJUwfGPha1ndax5Yb5KEE89dQgM9J7dzpEmF3eIJ3U8TVrUBzNjQpZKEhfNgXYb1
/rlb83ukpcvmA/dhnFTIztakoHtSU2Q3ZONzflMfz83jTLdwc7isXSU2EriP+b0Y
/TmQrrUC3dGExMQA2xZwBdnXAi6ry1aPSfz2mvcdtNLSQs6X7m1SY8todwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBOIK/HDI/FjJBoTxLYjCois4QN1MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRTRncjhjTWo4V01rR2hQRXRpTUtpS3poQTNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYlXMA0E
AgACMAcDBQMqD8QAMA0GCSqGSIb3DQEBCwUAA4IBAQBIGchxvdh6LnTxcQtHXamA
wfa5LVeErD9Du1P5x1tsnr8uCIoQS54/xIiLmYH0aTA8Pbjtg+RZUZoiYQ6hFskm
/RAzI7RXTiYsqqKeG+BQ91VBcMc174WUKIS1V8nXrvub3cVHezkXhSqHJ144D8jH
X8S3+W3cRKQDVR32l14cNQj3PRLo59DIdu3hzX/UV3A/+ptCyfp8w1geIJ3c0lnU
Qor/2HVKdpMFYK9Sas61rPYjehnYRLpsXJIYKnuqU9T9Jdjcky0pC7lCUqPttjGc
MAMdebkxDaEi/g6sYxD2RenZLRX+01kcY0Fns4mx93IOxXMPfN08HMVykezEPirg
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:18 2025 by rpki-client