Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/S5YirCNv8KpcHBIL0johBA1VTwM.roa
File: S5YirCNv8KpcHBIL0johBA1VTwM.roa (raw, json)
Hash identifier: I5xiwd0P9GenAL/dklPiTG2ZFf0vd5VBVJSbr/M3nvw=
Subject key identifier: 4B:96:22:AC:23:6F:F0:AA:5C:1C:12:0B:D2:3A:21:04:0D:55:4F:03
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018BD157D8E74537E413C37B1C3469086A03
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/S5YirCNv8KpcHBIL0johBA1VTwM.roa
Signing time: Wed 15 Nov 2023 04:57:57 +0000
ROA not before: Wed 15 Nov 2023 04:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 45.141.178.0/24 maxlen: 24
93.190.246.0/24 maxlen: 24
45.128.79.0/24 maxlen: 24
2a0e:2240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d1:57:d8:e7:45:37:e4:13:c3:7b:1c:34:69:08:6a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 15 04:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b9622ac236ff0aa5c1c120bd23a21040d554f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9e:28:24:7d:0d:08:ea:b5:71:c2:11:68:2c:
76:9f:7c:5f:58:38:36:3d:ff:00:3a:16:7e:05:71:
c1:66:a2:2f:40:95:eb:f5:a8:4f:91:83:76:7b:b1:
ea:d5:85:64:10:e2:b5:9a:a2:58:a8:13:83:f1:f7:
be:8d:a6:b6:d7:27:09:c8:df:af:ab:22:74:9c:a5:
8b:5a:1c:33:00:10:74:0f:a1:0f:b0:69:90:55:75:
39:5c:71:ed:8a:eb:a2:e7:ed:08:e9:3a:cc:5b:6c:
83:79:53:c4:e3:09:48:51:93:a0:99:ce:86:bc:75:
d1:e6:20:0c:0a:54:54:c4:d7:b5:25:95:4a:d4:41:
9d:ad:69:67:a5:9c:79:d0:24:3e:11:f3:4e:e1:86:
ed:c4:6b:a7:0b:d2:d4:3c:33:47:a6:9d:1e:f4:d2:
30:b1:cb:54:d9:d9:33:70:9b:5d:72:f8:65:b6:b3:
21:39:03:6a:42:91:55:b7:c4:6d:28:83:63:ee:78:
81:a7:27:d5:07:4d:f5:8d:53:51:00:da:6c:38:ac:
f9:dd:bc:03:71:85:fc:0e:20:9f:68:27:22:12:d2:
ce:90:d5:89:51:86:af:ad:42:4f:77:b3:a4:ac:a1:
f9:ba:37:1d:32:c5:60:94:27:00:9d:c2:9e:b4:de:
09:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:96:22:AC:23:6F:F0:AA:5C:1C:12:0B:D2:3A:21:04:0D:55:4F:03
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/S5YirCNv8KpcHBIL0johBA1VTwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.79.0/24
45.141.178.0/24
93.190.246.0/24
IPv6:
2a0e:2240::/29
Signature Algorithm: sha256WithRSAEncryption
8e:91:0c:2e:00:f6:df:9c:8a:c2:92:54:85:a8:04:35:1f:15:
51:a2:9f:db:90:98:b9:9b:5e:76:ec:44:ed:55:ca:4d:7b:23:
a3:8f:a9:57:57:b1:fc:4a:57:05:f9:c3:03:3c:89:be:0e:08:
0f:2a:c1:b1:eb:61:40:a1:0e:db:0d:ef:45:e5:0c:2c:dc:7f:
8e:2a:69:d0:fe:7d:27:9d:d0:77:94:f1:b9:83:aa:9b:1e:5c:
36:8d:38:d1:dc:c4:63:8a:98:e8:da:25:6c:1d:87:b0:1a:03:
4a:ac:d8:8a:50:07:46:1e:b5:4a:96:39:43:e7:f7:0e:2c:3c:
6f:5b:31:7f:39:60:05:8b:e7:41:6d:e9:c9:65:61:da:1e:ba:
4e:72:00:85:2f:ee:81:05:f0:8e:41:cf:c8:08:97:e4:b2:b5:
5f:73:4c:43:5c:9f:76:4d:80:a6:1c:23:d9:f1:12:74:4f:4c:
3f:49:aa:2b:62:28:a3:06:f5:98:fd:09:70:38:94:e3:d6:13:
4b:4e:b6:7d:b6:1a:99:26:c4:34:c7:5f:7c:c5:3e:ac:6d:38:
b7:b0:73:fc:d0:cf:5e:67:6d:46:06:d4:9d:8d:d4:52:52:60:
30:bb:d5:4d:86:31:c7:da:95:e5:53:46:ab:3a:4a:53:61:55:
f2:34:7e:34
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYvRV9jnRTfkE8N7HDRpCGoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTE1MDQ1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjk2MjJhYzIzNmZmMGFhNWMxYzEyMGJkMjNhMjEwNDBkNTU0ZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ4oJH0NCOq1ccIRaCx2n3xfWDg2
Pf8AOhZ+BXHBZqIvQJXr9ahPkYN2e7Hq1YVkEOK1mqJYqBOD8fe+jaa21ycJyN+v
qyJ0nKWLWhwzABB0D6EPsGmQVXU5XHHtiuui5+0I6TrMW2yDeVPE4wlIUZOgmc6G
vHXR5iAMClRUxNe1JZVK1EGdrWlnpZx50CQ+EfNO4YbtxGunC9LUPDNHpp0e9NIw
sctU2dkzcJtdcvhltrMhOQNqQpFVt8RtKINj7niBpyfVB031jVNRANpsOKz53bwD
cYX8DiCfaCciEtLOkNWJUYavrUJPd7OkrKH5ujcdMsVglCcAncKetN4JOwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEuWIqwjb/CqXBwSC9I6IQQNVU8DMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUzVZaXJDTnY4S3BjSEJJTDBqb2hCQTFWVHdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALYBPAwQA
LY2yAwQAXb72MA0EAgACMAcDBQMqDiJAMA0GCSqGSIb3DQEBCwUAA4IBAQCOkQwu
APbfnIrCklSFqAQ1HxVRop/bkJi5m1527ETtVcpNeyOjj6lXV7H8SlcF+cMDPIm+
DggPKsGx62FAoQ7bDe9F5Qws3H+OKmnQ/n0nndB3lPG5g6qbHlw2jTjR3MRjipjo
2iVsHYewGgNKrNiKUAdGHrVKljlD5/cOLDxvWzF/OWAFi+dBbenJZWHaHrpOcgCF
L+6BBfCOQc/ICJfksrVfc0xDXJ92TYCmHCPZ8RJ0T0w/SaorYiijBvWY/QlwOJTj
1hNLTrZ9thqZJsQ0x198xT6sbTi3sHP80M9eZ21GBtSdjdRSUmAwu9VNhjHH2pXl
U0arOkpTYVXyNH40
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:57 2025 by rpki-client