Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/34yKOYmZz61FdaWEqU8u6rkvsUY.roa
File: 34yKOYmZz61FdaWEqU8u6rkvsUY.roa (raw, json)
Hash identifier: Mjq5MIaXfaLYOnTfCwDmX3wPEvmxzThGQ/U9sRLQpuU=
Subject key identifier: DF:8C:8A:39:89:99:CF:AD:45:75:A5:84:A9:4F:2E:EA:B9:2F:B1:46
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0183F9EB079217A3FBD3B25E3F5A4559019C
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/34yKOYmZz61FdaWEqU8u6rkvsUY.roa
Signing time: Fri 21 Oct 2022 09:41:12 +0000
ROA not before: Fri 21 Oct 2022 09:41:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 152.89.30.0/23 maxlen: 23
152.89.28.0/23 maxlen: 23
45.138.12.0/23 maxlen: 23
91.132.162.0/23 maxlen: 23
91.132.160.0/23 maxlen: 23
193.135.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f9:eb:07:92:17:a3:fb:d3:b2:5e:3f:5a:45:59:01:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Oct 21 09:41:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df8c8a398999cfad4575a584a94f2eeab92fb146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e2:d0:96:7c:e0:46:85:c5:8e:e0:15:1c:83:
99:8f:ce:78:f7:5c:3a:46:29:98:b2:de:fc:10:2a:
16:5c:47:4a:9a:b9:c0:a4:99:f3:2b:24:f3:29:65:
e8:83:7c:ee:e5:41:90:cd:c3:92:ba:cb:8c:6b:34:
69:6c:2c:2f:a7:10:03:22:cf:bc:40:6b:2c:69:fc:
22:52:03:7c:c9:03:65:b4:d7:f5:03:68:0c:66:71:
cf:01:9c:e0:4d:39:f5:59:8a:20:66:3a:eb:4c:fc:
ab:0b:7d:ac:7a:a0:dd:45:7f:54:74:60:5f:d9:f3:
8a:a0:dc:b2:34:6b:02:b3:48:cc:51:4d:18:29:12:
96:92:ce:b9:43:6c:42:60:50:4e:d8:97:db:7c:3e:
8f:bd:4e:31:f0:10:8f:fd:05:34:8c:0b:50:01:1f:
f7:68:ef:ef:59:60:03:b0:c9:00:c4:20:68:85:9c:
47:50:14:b7:a5:35:19:af:5d:4a:62:6c:ee:10:1d:
fa:a5:25:6b:61:5b:fa:93:10:de:3f:77:9a:c4:50:
1a:d6:13:05:ce:ba:9e:b0:28:cd:fe:19:5b:54:44:
54:3b:4f:df:96:84:b7:dd:b7:4b:de:47:e2:01:8f:
26:a0:58:81:7f:b4:18:cd:36:49:7e:1c:bb:50:44:
c1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:8C:8A:39:89:99:CF:AD:45:75:A5:84:A9:4F:2E:EA:B9:2F:B1:46
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/34yKOYmZz61FdaWEqU8u6rkvsUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/23
91.132.160.0/22
152.89.28.0/22
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
53:9c:ee:c1:eb:de:15:b7:09:bf:64:2c:1d:85:ad:ea:75:32:
5e:13:79:15:f0:03:f6:19:83:10:ae:32:24:78:ef:da:77:89:
11:bb:57:97:8c:ff:e0:e6:c2:e5:a5:51:ee:ad:d2:f1:21:c3:
e2:05:0b:13:97:f4:69:cb:e8:78:33:c8:59:67:0e:03:6c:81:
6c:5e:23:c2:04:e5:e1:b8:bd:f0:dc:14:94:e8:98:fa:d4:3f:
68:7a:65:d3:15:94:5a:b6:18:2d:c0:a8:70:7c:be:1f:36:66:
16:3a:23:b9:72:2c:35:7c:5e:40:2e:2f:bf:f0:bb:84:0f:78:
45:c0:d6:6a:0a:b3:7e:b5:0e:59:07:fe:9a:ae:9e:01:73:c6:
dd:7b:de:0d:a1:2a:47:6c:46:e3:75:15:1f:23:88:46:ea:d0:
57:83:2a:7e:b2:f4:75:0d:ca:d8:7e:78:fa:96:36:f2:e4:7e:
c1:e6:ce:00:8e:a3:7f:ed:88:55:9a:b5:7f:a5:27:32:ce:54:
b5:2a:28:eb:6d:f9:1e:a1:9b:20:ea:11:6d:b6:9f:de:8b:f1:
7e:52:56:22:c1:e1:50:34:c0:34:b0:99:4a:77:96:e5:91:d4:
88:d3:14:b7:f0:45:b6:20:cb:13:fc:d5:9a:0c:3f:82:ff:e1:
b8:eb:18:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYP56weSF6P707JeP1pFWQGcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjIxMDIxMDk0MTEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjhjOGEzOTg5OTljZmFkNDU3NWE1ODRhOTRmMmVlYWI5MmZiMTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOLQlnzgRoXFjuAVHIOZj85491w6
RimYst78ECoWXEdKmrnApJnzKyTzKWXog3zu5UGQzcOSusuMazRpbCwvpxADIs+8
QGssafwiUgN8yQNltNf1A2gMZnHPAZzgTTn1WYogZjrrTPyrC32seqDdRX9UdGBf
2fOKoNyyNGsCs0jMUU0YKRKWks65Q2xCYFBO2JfbfD6PvU4x8BCP/QU0jAtQAR/3
aO/vWWADsMkAxCBohZxHUBS3pTUZr11KYmzuEB36pSVrYVv6kxDeP3eaxFAa1hMF
zrqesCjN/hlbVERUO0/floS33bdL3kfiAY8moFiBf7QYzTZJfhy7UETBEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN+MijmJmc+tRXWlhKlPLuq5L7FGMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvMzR5S09ZbVp6NjFGZGFXRXFVOHU2cmt2c1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYoMAwQC
W4SgAwQCmFkcAwQAwYeuMA0GCSqGSIb3DQEBCwUAA4IBAQBTnO7B694Vtwm/ZCwd
ha3qdTJeE3kV8AP2GYMQrjIkeO/ad4kRu1eXjP/g5sLlpVHurdLxIcPiBQsTl/Rp
y+h4M8hZZw4DbIFsXiPCBOXhuL3w3BSU6Jj61D9oemXTFZRathgtwKhwfL4fNmYW
OiO5ciw1fF5ALi+/8LuED3hFwNZqCrN+tQ5ZB/6arp4Bc8bde94NoSpHbEbjdRUf
I4hG6tBXgyp+svR1DcrYfnj6ljby5H7B5s4AjqN/7YhVmrV/pScyzlS1Kijrbfke
oZsg6hFttp/ei/F+UlYiweFQNMA0sJlKd5blkdSI0xS38EW2IMsT/NWaDD+C/+G4
6xim
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:34 2025 by rpki-client