Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/e91813-927e-47a5-b702-de5378461fee/1/TfzZnjUHooj1S-oCTjVnpekZxoo.roa
File: TfzZnjUHooj1S-oCTjVnpekZxoo.roa (raw, json)
Hash identifier: D/IXBqxCuLlDjec+kRaiQHbPtlLJf2iBoHOsc+6eDfA=
Subject key identifier: 4D:FC:D9:9E:35:07:A2:88:F5:4B:EA:02:4E:35:67:A5:E9:19:C6:8A
Certificate issuer: /CN=b39c70f7ce3831b8f2cce89db14a27ddaa0e99c2
Certificate serial: 01856C1C855AEE5F3B49D6FD0B30CFA59361
Authority key identifier: B3:9C:70:F7:CE:38:31:B8:F2:CC:E8:9D:B1:4A:27:DD:AA:0E:99:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s5xw9844MbjyzOidsUon3aoOmcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/e91813-927e-47a5-b702-de5378461fee/1/TfzZnjUHooj1S-oCTjVnpekZxoo.roa
Signing time: Sun 01 Jan 2023 06:54:46 +0000
ROA not before: Sun 01 Jan 2023 06:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208504
IP address blocks: 45.130.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:85:5a:ee:5f:3b:49:d6:fd:0b:30:cf:a5:93:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b39c70f7ce3831b8f2cce89db14a27ddaa0e99c2
Validity
Not Before: Jan 1 06:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dfcd99e3507a288f54bea024e3567a5e919c68a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:99:71:80:fa:0f:cb:be:6d:31:9e:2d:cf:2f:
91:a2:29:a9:36:67:7a:56:b4:53:3f:ca:f3:c7:22:
4e:6a:94:3e:46:11:2f:86:ff:47:18:50:33:8c:f1:
a9:05:c8:c4:0c:66:1a:25:cb:de:b6:f5:3f:96:e1:
cc:74:88:60:de:40:2f:2b:a9:ff:bb:f9:f6:65:00:
f5:76:24:ae:df:fd:c8:79:2d:60:90:1f:e9:6a:b0:
16:64:97:27:d8:4b:51:11:ed:ce:fe:5e:73:02:1d:
67:63:9c:3e:b0:18:0f:a8:3e:04:56:29:74:19:3d:
52:0d:11:ac:52:d2:09:2f:c0:51:12:58:3b:ab:f1:
4e:f7:05:40:d6:c3:ad:be:4d:44:e2:fd:41:d7:61:
8d:25:69:e6:28:3b:3d:e3:01:a8:1d:2d:fe:9b:00:
b7:0c:5e:29:33:b0:2f:71:a2:08:70:e7:e8:c2:32:
b4:84:c3:5f:17:87:aa:30:24:01:74:db:8d:80:67:
eb:0f:6c:a3:08:ea:78:c7:0d:52:36:c3:a6:9e:39:
c8:0f:f5:2f:2e:d4:43:78:ff:b5:c5:64:93:9d:40:
eb:22:6a:bb:9d:c1:49:ab:d5:24:3d:89:62:b0:73:
8c:23:b5:08:35:bb:3f:f2:cb:1b:c1:76:a3:91:26:
10:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FC:D9:9E:35:07:A2:88:F5:4B:EA:02:4E:35:67:A5:E9:19:C6:8A
X509v3 Authority Key Identifier:
keyid:B3:9C:70:F7:CE:38:31:B8:F2:CC:E8:9D:B1:4A:27:DD:AA:0E:99:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s5xw9844MbjyzOidsUon3aoOmcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e91813-927e-47a5-b702-de5378461fee/1/TfzZnjUHooj1S-oCTjVnpekZxoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e91813-927e-47a5-b702-de5378461fee/1/s5xw9844MbjyzOidsUon3aoOmcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.12.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:98:1f:71:7c:98:6a:b3:77:a5:a2:f5:3e:05:8e:aa:94:06:
6b:90:11:d6:62:70:2e:d7:fa:47:e4:21:72:27:cb:16:6d:1a:
e9:e9:55:6d:b5:79:12:73:8d:79:b2:b0:51:83:17:8f:0c:99:
b2:9c:50:24:33:b9:b3:90:b1:f8:0c:c3:0d:c5:4a:6e:eb:a2:
4e:2c:2d:a0:d6:aa:47:7e:7d:2f:d8:77:d9:c7:f0:4f:16:7c:
23:c1:01:0c:36:47:f1:11:23:80:97:23:f9:92:f2:23:05:a9:
42:bf:11:51:af:99:cb:34:33:72:86:16:0c:30:32:d0:35:67:
70:87:8f:28:9c:1d:73:35:a2:3d:c4:13:29:9f:87:2c:50:4e:
81:6d:50:50:55:a1:7d:6e:10:e7:aa:fc:2c:91:7e:92:d7:21:
f9:78:5e:c0:27:d3:ca:84:9b:49:aa:60:9a:67:ce:b4:59:63:
7a:da:0a:b8:d2:ed:31:3f:2f:94:60:8c:fb:5e:5f:11:42:13:
96:5d:c2:0e:46:39:55:99:89:77:37:f9:94:2a:61:a3:35:f8:
ad:e3:6b:b5:e4:e3:52:13:38:a0:d6:c6:c5:22:ae:27:0e:98:
90:c3:76:ac:92:f1:a6:c3:db:51:cf:df:4f:05:ab:20:03:ea:
98:c0:70:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsHIVa7l87Sdb9CzDPpZNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOWM3MGY3Y2UzODMxYjhmMmNjZTg5ZGIxNGEyN2RkYWEw
ZTk5YzIwHhcNMjMwMTAxMDY1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGZjZDk5ZTM1MDdhMjg4ZjU0YmVhMDI0ZTM1NjdhNWU5MTljNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlplxgPoPy75tMZ4tzy+RoimpNmd6
VrRTP8rzxyJOapQ+RhEvhv9HGFAzjPGpBcjEDGYaJcvetvU/luHMdIhg3kAvK6n/
u/n2ZQD1diSu3/3IeS1gkB/parAWZJcn2EtREe3O/l5zAh1nY5w+sBgPqD4EVil0
GT1SDRGsUtIJL8BRElg7q/FO9wVA1sOtvk1E4v1B12GNJWnmKDs94wGoHS3+mwC3
DF4pM7AvcaIIcOfowjK0hMNfF4eqMCQBdNuNgGfrD2yjCOp4xw1SNsOmnjnID/Uv
LtRDeP+1xWSTnUDrImq7ncFJq9UkPYlisHOMI7UINbs/8ssbwXajkSYQxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE382Z41B6KI9UvqAk41Z6XpGcaKMB8GA1UdIwQY
MBaAFLOccPfOODG48szonbFKJ92qDpnCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczV4dzk4NDRNYmp5ek9pZHNVb24zYW9PbWNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lOTE4MTMtOTI3ZS00N2E1LWI3MDIt
ZGU1Mzc4NDYxZmVlLzEvVGZ6Wm5qVUhvb2oxUy1vQ1RqVm5wZWtaeG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lOTE4MTMtOTI3ZS00N2E1LWI3MDItZGU1Mzc4NDYxZmVl
LzEvczV4dzk4NDRNYmp5ek9pZHNVb24zYW9PbWNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYIMMA0G
CSqGSIb3DQEBCwUAA4IBAQCpmB9xfJhqs3elovU+BY6qlAZrkBHWYnAu1/pH5CFy
J8sWbRrp6VVttXkSc415srBRgxePDJmynFAkM7mzkLH4DMMNxUpu66JOLC2g1qpH
fn0v2HfZx/BPFnwjwQEMNkfxESOAlyP5kvIjBalCvxFRr5nLNDNyhhYMMDLQNWdw
h48onB1zNaI9xBMpn4csUE6BbVBQVaF9bhDnqvwskX6S1yH5eF7AJ9PKhJtJqmCa
Z860WWN62gq40u0xPy+UYIz7Xl8RQhOWXcIORjlVmYl3N/mUKmGjNfit42u15ONS
Ezig1sbFIq4nDpiQw3askvGmw9tRz99PBasgA+qYwHBV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:49 2025 by rpki-client