Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/iTbQdivMb9WjbaFHiCU05unoGaw.roa
File: iTbQdivMb9WjbaFHiCU05unoGaw.roa (raw, json)
Hash identifier: PfpvoPE+hc2/75hCAqiXwp7dEsgVZzK0ojhIbnSwplQ=
Subject key identifier: 89:36:D0:76:2B:CC:6F:D5:A3:6D:A1:47:88:25:34:E6:E9:E8:19:AC
Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922
Certificate serial: 0183889EBE8EFA779B6D33FFF5DBD417A924
Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/iTbQdivMb9WjbaFHiCU05unoGaw.roa
Signing time: Thu 29 Sep 2022 09:40:48 +0000
ROA not before: Thu 29 Sep 2022 09:40:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203172
IP address blocks: 45.129.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:88:9e:be:8e:fa:77:9b:6d:33:ff:f5:db:d4:17:a9:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922
Validity
Not Before: Sep 29 09:40:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8936d0762bcc6fd5a36da147882534e6e9e819ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c1:27:d0:d0:bf:6b:65:d5:aa:64:b9:16:5e:
54:ce:93:6f:a4:bf:c9:a8:e9:4f:55:1f:e0:1e:50:
a5:53:e9:2f:c3:c3:1f:51:17:43:97:e7:71:ef:56:
8d:e5:45:0b:56:0f:a5:91:ed:bd:95:82:33:ea:86:
8c:55:6d:d6:c0:7c:7b:14:c6:e2:85:5a:18:4d:72:
67:0c:15:3a:c3:d4:3f:6b:58:9d:13:d5:2f:33:62:
59:50:d1:1b:2f:f3:a3:e1:56:29:fb:09:f8:2f:c3:
fb:90:db:d9:ba:9d:f1:e6:45:cc:ac:cf:73:7d:9e:
71:bf:e4:8c:27:7a:30:fc:8d:23:a8:55:6d:70:54:
47:7f:b3:18:5c:c5:fa:26:a9:b3:3e:59:fd:6a:f8:
d1:9e:c5:ea:e0:1f:37:7d:69:fc:23:b2:22:cc:58:
9e:a6:af:53:7f:2e:97:b4:5d:db:e0:4f:4f:d3:dd:
ec:c2:b6:2c:5f:d8:56:d2:10:2d:48:b4:af:e3:f5:
d4:dd:b0:fc:89:55:53:e7:68:fc:9c:d5:32:2a:6c:
32:c1:ab:7c:d2:74:94:c6:53:0a:f7:94:77:40:b9:
a7:89:8e:ec:87:c4:3b:15:78:ff:3a:8d:d0:74:9a:
d5:33:b9:23:ce:82:32:b8:e9:54:52:c7:0a:b7:d0:
4b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:36:D0:76:2B:CC:6F:D5:A3:6D:A1:47:88:25:34:E6:E9:E8:19:AC
X509v3 Authority Key Identifier:
keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/iTbQdivMb9WjbaFHiCU05unoGaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.147.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:42:bf:97:b8:31:4b:8d:72:f5:7c:5c:3d:38:ce:74:67:32:
e1:12:d8:9c:0f:8c:17:12:84:dd:a9:3a:32:1b:24:6c:f6:03:
04:2f:c4:04:80:2d:1d:7c:09:46:0d:ee:83:8a:2c:5d:6d:d9:
f4:ae:ce:94:d9:20:62:39:16:c8:5e:80:d8:ac:13:88:04:f9:
39:1d:08:07:89:f5:6a:25:67:ba:b6:02:9b:05:69:c5:c8:68:
7d:21:93:5e:e8:f6:1e:29:82:b5:87:c0:a6:62:95:a8:e0:43:
d2:46:b3:35:0b:04:60:6d:d8:d5:e2:89:9a:e9:8e:0c:91:cb:
f8:e5:38:61:8a:ee:0e:55:e0:9b:20:00:78:29:bb:49:a5:6d:
1b:5a:92:76:ab:07:a0:11:d7:a2:1d:c0:1c:2d:51:22:d1:42:
10:c9:71:3d:84:a0:aa:95:3b:47:df:6a:4e:ca:32:78:ce:bf:
49:74:a0:65:2a:eb:c3:64:e0:42:25:d2:ff:96:9e:32:e7:77:
0b:9d:03:66:fd:fb:7b:a7:39:da:04:43:6e:33:18:c0:77:c3:
23:e0:01:6b:d6:8c:64:34:cb:18:08:02:51:b8:8e:b2:b1:38:
ed:dc:2f:1e:a3:6f:5a:b8:70:d4:ad:0d:34:e7:b9:75:fa:82:
67:b3:a7:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOInr6O+nebbTP/9dvUF6kkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm
NmU5MjIwHhcNMjIwOTI5MDk0MDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTM2ZDA3NjJiY2M2ZmQ1YTM2ZGExNDc4ODI1MzRlNmU5ZTgxOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8En0NC/a2XVqmS5Fl5UzpNvpL/J
qOlPVR/gHlClU+kvw8MfURdDl+dx71aN5UULVg+lke29lYIz6oaMVW3WwHx7FMbi
hVoYTXJnDBU6w9Q/a1idE9UvM2JZUNEbL/Oj4VYp+wn4L8P7kNvZup3x5kXMrM9z
fZ5xv+SMJ3ow/I0jqFVtcFRHf7MYXMX6JqmzPln9avjRnsXq4B83fWn8I7IizFie
pq9Tfy6XtF3b4E9P093swrYsX9hW0hAtSLSv4/XU3bD8iVVT52j8nNUyKmwywat8
0nSUxlMK95R3QLmniY7sh8Q7FXj/Oo3QdJrVM7kjzoIyuOlUUscKt9BLzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIk20HYrzG/Vo22hR4glNObp6BmsMB8GA1UdIwQY
MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt
ODFjNDA1NTE0OGUwLzEvaVRiUWRpdk1iOVdqYmFGSGlDVTA1dW5vR2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw
LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYGTMA0G
CSqGSIb3DQEBCwUAA4IBAQAcQr+XuDFLjXL1fFw9OM50ZzLhEticD4wXEoTdqToy
GyRs9gMEL8QEgC0dfAlGDe6Diixdbdn0rs6U2SBiORbIXoDYrBOIBPk5HQgHifVq
JWe6tgKbBWnFyGh9IZNe6PYeKYK1h8CmYpWo4EPSRrM1CwRgbdjV4oma6Y4Mkcv4
5Thhiu4OVeCbIAB4KbtJpW0bWpJ2qwegEdeiHcAcLVEi0UIQyXE9hKCqlTtH32pO
yjJ4zr9JdKBlKuvDZOBCJdL/lp4y53cLnQNm/ft7pznaBENuMxjAd8Mj4AFr1oxk
NMsYCAJRuI6ysTjt3C8eo29auHDUrQ0057l1+oJns6c3
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:39:04 2025 by rpki-client