Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/5ayC5vKgKcRWMe8MqNLM4F8eAGQ.roa
File: 5ayC5vKgKcRWMe8MqNLM4F8eAGQ.roa (raw, json)
Hash identifier: xGRVoLDz0C78jcv4/SJyk0aqCMn5zK0W/5nmGsDmclY=
Subject key identifier: E5:AC:82:E6:F2:A0:29:C4:56:31:EF:0C:A8:D2:CC:E0:5F:1E:00:64
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 01857030402CA0E18033DA7CCB2BE741EB4F
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/5ayC5vKgKcRWMe8MqNLM4F8eAGQ.roa
Signing time: Mon 02 Jan 2023 01:54:48 +0000
ROA not before: Mon 02 Jan 2023 01:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 45.138.12.0/23 maxlen: 23
91.132.160.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:40:2c:a0:e1:80:33:da:7c:cb:2b:e7:41:eb:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Jan 2 01:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5ac82e6f2a029c45631ef0ca8d2cce05f1e0064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c8:fe:7c:13:75:3a:7f:50:6e:41:a4:ae:57:
71:52:66:27:a7:44:9b:b9:d5:21:eb:c5:84:29:42:
75:4a:5e:b7:71:8d:ba:07:d2:8c:39:d0:ae:46:5e:
4d:26:02:c0:92:08:f8:99:0f:22:dc:29:4d:b6:75:
83:36:b4:fc:2f:ed:f0:7b:83:74:6d:0b:69:90:7d:
bc:fb:ab:5f:16:70:d0:f5:45:0a:e8:1b:2d:b6:8f:
79:f5:c3:12:47:3f:54:1b:38:05:75:9e:59:de:e4:
69:b8:c3:ac:f0:f4:55:74:7d:6c:1a:b0:93:5c:39:
4c:7c:64:4e:b4:f7:60:f5:25:52:e7:85:d6:ab:9f:
d5:e4:8c:f7:83:f9:27:76:42:85:6d:73:c4:5a:51:
61:af:23:ca:14:d3:de:a3:43:66:c3:c4:ad:bc:3c:
c0:9c:96:66:aa:8b:0d:16:63:8b:b5:91:ff:7d:b7:
3e:e1:d2:04:92:ae:39:f1:43:2b:ed:ad:2d:4d:97:
5a:28:33:a6:aa:6e:46:a3:14:7f:df:ea:96:c9:1f:
83:f9:9d:2c:54:f2:89:d6:c0:cd:4d:ff:c0:4a:07:
d2:e8:f7:4c:43:9a:4c:c4:a4:32:8a:93:bb:e6:87:
1c:59:72:72:63:a7:4a:6b:54:1e:61:11:45:60:a4:
21:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AC:82:E6:F2:A0:29:C4:56:31:EF:0C:A8:D2:CC:E0:5F:1E:00:64
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/5ayC5vKgKcRWMe8MqNLM4F8eAGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/23
91.132.160.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:d3:20:92:b8:47:7b:35:06:9e:36:86:f7:49:32:8b:ce:5e:
1b:8c:cf:b3:42:cf:07:29:ad:82:8e:b4:7f:ac:7b:ca:21:87:
5a:41:94:aa:3d:35:63:4c:f3:d1:59:48:b6:02:99:d1:68:4a:
bf:4d:5c:23:a5:83:cf:06:d2:59:08:54:e7:54:59:78:a6:08:
68:a4:69:11:c9:34:c1:6c:1a:b3:e3:16:7a:b6:46:85:d3:aa:
78:1b:ec:7b:7a:41:41:b9:ab:c1:d3:ae:09:77:e5:cb:36:38:
a7:c3:13:6c:7b:72:c2:0e:79:99:80:1e:ad:36:70:45:c9:b1:
1b:1d:81:59:b3:03:3d:46:fb:18:9f:88:59:83:5d:93:72:09:
ce:c5:05:ac:b9:db:ed:7b:f4:42:14:e5:3d:86:22:8b:9e:31:
41:a1:45:d3:12:0f:7c:37:9f:c6:c6:ba:c6:5d:1e:b8:b2:5a:
7f:c3:6f:29:d6:c0:e3:1c:b9:a5:b5:05:2d:3c:21:d8:4e:b3:
ad:42:b5:f8:17:59:11:4a:fb:11:5d:3a:90:5f:16:92:d8:b7:
9d:98:9a:5b:dc:f0:9f:b2:4a:92:2b:72:0f:18:44:24:f2:cf:
ec:b8:4e:09:4a:65:d3:6b:8a:1d:cd:f1:5b:20:f2:71:34:2b:
57:01:17:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwMEAsoOGAM9p8yyvnQetPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMwMTAyMDE1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWFjODJlNmYyYTAyOWM0NTYzMWVmMGNhOGQyY2NlMDVmMWUwMDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8j+fBN1On9QbkGkrldxUmYnp0Sb
udUh68WEKUJ1Sl63cY26B9KMOdCuRl5NJgLAkgj4mQ8i3ClNtnWDNrT8L+3we4N0
bQtpkH28+6tfFnDQ9UUK6Bstto959cMSRz9UGzgFdZ5Z3uRpuMOs8PRVdH1sGrCT
XDlMfGROtPdg9SVS54XWq5/V5Iz3g/kndkKFbXPEWlFhryPKFNPeo0Nmw8StvDzA
nJZmqosNFmOLtZH/fbc+4dIEkq458UMr7a0tTZdaKDOmqm5GoxR/3+qWyR+D+Z0s
VPKJ1sDNTf/ASgfS6PdMQ5pMxKQyipO75occWXJyY6dKa1QeYRFFYKQhtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOWsgubyoCnEVjHvDKjSzOBfHgBkMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvNWF5QzV2S2dLY1JXTWU4TXFOTE00RjhlQUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYoMAwQC
W4SgMA0GCSqGSIb3DQEBCwUAA4IBAQCg0yCSuEd7NQaeNob3STKLzl4bjM+zQs8H
Ka2CjrR/rHvKIYdaQZSqPTVjTPPRWUi2ApnRaEq/TVwjpYPPBtJZCFTnVFl4pgho
pGkRyTTBbBqz4xZ6tkaF06p4G+x7ekFBuavB064Jd+XLNjinwxNse3LCDnmZgB6t
NnBFybEbHYFZswM9RvsYn4hZg12TcgnOxQWsudvte/RCFOU9hiKLnjFBoUXTEg98
N5/GxrrGXR64slp/w28p1sDjHLmltQUtPCHYTrOtQrX4F1kRSvsRXTqQXxaS2Led
mJpb3PCfskqSK3IPGEQk8s/suE4JSmXTa4odzfFbIPJxNCtXARfI
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:36 2025 by rpki-client