Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/eB0TavgSbhL3hBA6Nxj1U1-Yfcc.roa
File: eB0TavgSbhL3hBA6Nxj1U1-Yfcc.roa (raw, json)
Hash identifier: ucCrt0+2VcSSM+h2ZpixCq0vr2ApoWap3MjaNHVBxEw=
Subject key identifier: 78:1D:13:6A:F8:12:6E:12:F7:84:10:3A:37:18:F5:53:5F:98:7D:C7
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 0185E24F7883E01382F8A283B90616AFF58F
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/eB0TavgSbhL3hBA6Nxj1U1-Yfcc.roa
Signing time: Tue 24 Jan 2023 05:45:37 +0000
ROA not before: Tue 24 Jan 2023 05:45:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211440
IP address blocks: 45.156.58.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e2:4f:78:83:e0:13:82:f8:a2:83:b9:06:16:af:f5:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Jan 24 05:45:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=781d136af8126e12f784103a3718f5535f987dc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:52:ba:d4:ff:3b:6e:e8:80:18:f1:d0:c0:2b:
b3:a0:17:b8:e2:c7:a3:88:1e:ef:a2:d9:93:ec:2a:
5c:77:be:8f:b4:7f:32:56:90:f4:a2:1c:97:0b:7b:
b9:20:e4:ce:40:1b:d5:60:29:00:68:24:a9:8d:f6:
75:e7:34:ca:c5:d3:99:a6:a3:91:a5:3f:21:92:f6:
23:2c:21:c6:db:b5:cb:5f:05:54:a1:fb:9b:03:a4:
4a:b3:30:e3:12:47:dc:f2:5c:e7:ed:d8:99:9d:f5:
d8:01:7e:d4:c5:5d:2b:88:5e:ad:b5:54:f0:38:29:
58:73:1d:4d:e0:6b:4b:87:a4:02:e6:41:17:22:3d:
0d:3d:10:d5:cc:e1:4e:3d:17:1f:a3:63:68:fa:77:
fc:78:73:d0:76:03:1f:71:70:5a:08:71:d4:2c:ff:
15:8e:cc:7f:82:35:16:31:3d:fc:8e:01:31:d4:82:
76:ae:48:8f:bf:3c:9d:77:c6:26:66:e7:54:80:7e:
1a:3d:5a:7d:d0:fd:b5:97:82:5c:02:dd:17:3e:f8:
52:39:d5:b9:09:52:aa:e1:1f:c9:d9:9e:b8:ce:da:
29:cf:f0:a0:b3:f9:35:65:b9:dc:71:55:cd:f0:25:
51:6b:ee:f5:ec:25:48:d1:5f:40:95:e1:f4:de:6b:
79:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:1D:13:6A:F8:12:6E:12:F7:84:10:3A:37:18:F5:53:5F:98:7D:C7
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/eB0TavgSbhL3hBA6Nxj1U1-Yfcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.58.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:f5:dc:f2:1e:cd:ca:f8:34:ca:20:f9:89:d4:d8:aa:69:ee:
88:bf:cb:a9:21:3e:dc:3d:a7:d0:ad:be:c5:7a:27:a6:93:1c:
68:ed:e4:6f:2d:55:37:31:32:9b:5f:8e:25:e4:11:00:70:b7:
19:24:33:0c:a1:35:35:1c:6d:6f:64:cd:aa:15:35:50:2a:12:
9b:41:a5:34:98:0c:1a:26:55:30:fd:59:eb:96:39:b3:7a:64:
d0:3c:0a:49:06:83:07:3c:81:d9:a7:fc:55:ab:69:40:92:3e:
3e:30:03:d9:f3:a6:f4:c1:64:87:45:c6:8d:03:13:b6:89:3c:
fd:19:7d:fa:ac:bc:91:fa:cf:6a:29:85:c4:bf:97:0b:10:04:
08:35:d7:47:63:1b:e4:df:25:9a:39:1a:85:10:cc:5c:ef:d5:
50:b6:aa:f3:78:eb:a0:f6:67:f8:b7:9e:f2:3c:65:19:a9:07:
ab:e7:b8:d2:15:bf:86:4b:6d:63:d1:fe:5d:52:b7:62:77:57:
4c:d2:0b:10:fc:0b:28:14:55:18:e1:aa:99:da:d4:56:36:91:
74:f4:1d:a6:d6:7e:5b:e5:aa:76:60:59:54:a9:3e:c8:17:0d:
d4:c2:f2:42:00:d0:be:74:9f:3c:51:68:70:e5:58:47:ed:44:
5f:4b:d9:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXiT3iD4BOC+KKDuQYWr/WPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwMTI0MDU0NTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODFkMTM2YWY4MTI2ZTEyZjc4NDEwM2EzNzE4ZjU1MzVmOTg3ZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilK61P87buiAGPHQwCuzoBe44sej
iB7votmT7Cpcd76PtH8yVpD0ohyXC3u5IOTOQBvVYCkAaCSpjfZ15zTKxdOZpqOR
pT8hkvYjLCHG27XLXwVUofubA6RKszDjEkfc8lzn7diZnfXYAX7UxV0riF6ttVTw
OClYcx1N4GtLh6QC5kEXIj0NPRDVzOFOPRcfo2No+nf8eHPQdgMfcXBaCHHULP8V
jsx/gjUWMT38jgEx1IJ2rkiPvzydd8YmZudUgH4aPVp90P21l4JcAt0XPvhSOdW5
CVKq4R/J2Z64ztopz/Cgs/k1ZbnccVXN8CVRa+717CVI0V9AleH03mt5vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHgdE2r4Em4S94QQOjcY9VNfmH3HMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvZUIwVGF2Z1NiaEwzaEJBNk54ajFVMS1ZZmNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZw6MA0G
CSqGSIb3DQEBCwUAA4IBAQBq9dzyHs3K+DTKIPmJ1Niqae6Iv8upIT7cPafQrb7F
eiemkxxo7eRvLVU3MTKbX44l5BEAcLcZJDMMoTU1HG1vZM2qFTVQKhKbQaU0mAwa
JlUw/VnrljmzemTQPApJBoMHPIHZp/xVq2lAkj4+MAPZ86b0wWSHRcaNAxO2iTz9
GX36rLyR+s9qKYXEv5cLEAQINddHYxvk3yWaORqFEMxc79VQtqrzeOug9mf4t57y
PGUZqQer57jSFb+GS21j0f5dUrdid1dM0gsQ/AsoFFUY4aqZ2tRWNpF09B2m1n5b
5ap2YFlUqT7IFw3UwvJCANC+dJ88UWhw5VhH7URfS9lJ
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:23:14 2025 by rpki-client