Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/Clx_bM2YJ0c2MsRBjFRx1VZSDas.roa
File: Clx_bM2YJ0c2MsRBjFRx1VZSDas.roa (raw, json)
Hash identifier: 3s41LIWuRgVY17Q8/9At5hMPMitCplr3YRnvOWVHjSA=
Subject key identifier: 0A:5C:7F:6C:CD:98:27:47:36:32:C4:41:8C:54:71:D5:56:52:0D:AB
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 01859BDD721E1C3BF7CD378A18FA3774273C
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/Clx_bM2YJ0c2MsRBjFRx1VZSDas.roa
Signing time: Tue 10 Jan 2023 13:27:39 +0000
ROA not before: Tue 10 Jan 2023 13:27:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 152.89.28.0/22 maxlen: 22
91.132.160.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9b:dd:72:1e:1c:3b:f7:cd:37:8a:18:fa:37:74:27:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Jan 10 13:27:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a5c7f6ccd9827473632c4418c5471d556520dab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1b:4d:5e:f1:af:2e:52:18:3a:04:44:07:66:
9d:26:a8:8e:22:9b:f5:44:5c:66:1b:e1:93:ef:6a:
34:eb:53:7e:e8:76:1e:c0:a1:4f:e9:c1:04:22:77:
98:37:07:e0:de:c6:c1:b9:36:f6:7f:2e:f7:fd:22:
c2:8e:af:4a:dd:21:71:d3:68:85:b2:fc:70:17:5f:
a8:b0:14:9f:81:fa:4d:59:6a:3a:f2:44:8c:24:f2:
9d:55:62:c9:09:d9:09:90:c8:1e:3a:3c:b5:fd:cd:
dd:3a:dc:4d:89:35:0b:9a:71:7c:ff:68:c6:43:c7:
58:73:97:a5:88:b2:49:22:7f:d1:67:1b:35:42:42:
6e:87:88:1c:9d:44:20:4b:eb:4d:f3:e6:f3:a1:66:
0b:25:77:bf:46:2f:3c:e2:b8:28:2c:85:48:18:00:
75:12:1f:ee:46:ca:13:71:2b:01:13:4d:98:30:87:
b5:89:52:bf:2a:4b:e7:6c:03:04:15:c1:e6:43:d7:
d3:cd:06:4b:7b:7f:08:da:bc:14:7b:9c:cc:32:26:
a1:a0:ea:ac:42:c0:67:4c:1d:4f:27:c0:fa:66:32:
c8:22:a3:e9:a7:7b:b8:b9:ef:fa:b9:70:5d:5c:b4:
df:00:ee:21:b4:3f:e4:d2:1f:22:08:d4:2b:d4:44:
c9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:5C:7F:6C:CD:98:27:47:36:32:C4:41:8C:54:71:D5:56:52:0D:AB
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/Clx_bM2YJ0c2MsRBjFRx1VZSDas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.160.0/22
152.89.28.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:09:b8:17:07:9d:8b:68:df:20:56:9d:b9:98:d9:89:a0:97:
09:f0:e8:ca:a1:7a:fb:3b:e1:cf:de:3a:80:9a:b1:af:14:f1:
3a:3e:7b:a0:2c:74:01:f6:34:f9:18:66:5c:a7:4e:6e:11:ed:
29:a4:ef:5e:2c:d5:4e:52:a7:40:42:79:d8:de:b7:b7:de:92:
fe:68:8e:38:f3:92:19:82:db:55:44:77:56:3a:ac:dd:50:00:
bf:55:c1:15:25:0a:f1:09:39:84:b9:a5:3d:c9:64:9f:8b:46:
bf:db:2a:64:b4:fd:31:35:dc:f7:11:88:06:62:45:c8:00:c3:
02:fd:20:e9:78:25:8c:29:3a:cd:7c:4a:b9:da:e6:ec:6a:b4:
75:ed:f1:7a:af:84:ca:50:8d:fc:8a:76:4d:63:86:ab:10:50:
96:51:e1:3f:cc:5b:1a:1e:7c:d1:08:e1:9b:89:30:0e:73:cb:
c7:de:d9:5f:f3:df:06:62:1c:96:47:8e:46:c0:e8:8f:ff:4a:
2d:3f:2a:2b:08:35:19:67:3d:a0:9d:fc:72:2f:c1:4f:5e:cb:
7e:1b:fb:65:8b:c7:31:72:91:f7:d7:df:8a:a1:87:56:88:34:
a5:c2:c4:18:b6:28:1e:99:30:de:d2:45:1c:e7:ce:1f:80:54:
df:c6:ca:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWb3XIeHDv3zTeKGPo3dCc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMwMTEwMTMyNzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTVjN2Y2Y2NkOTgyNzQ3MzYzMmM0NDE4YzU0NzFkNTU2NTIwZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhtNXvGvLlIYOgREB2adJqiOIpv1
RFxmG+GT72o061N+6HYewKFP6cEEIneYNwfg3sbBuTb2fy73/SLCjq9K3SFx02iF
svxwF1+osBSfgfpNWWo68kSMJPKdVWLJCdkJkMgeOjy1/c3dOtxNiTULmnF8/2jG
Q8dYc5eliLJJIn/RZxs1QkJuh4gcnUQgS+tN8+bzoWYLJXe/Ri884rgoLIVIGAB1
Eh/uRsoTcSsBE02YMIe1iVK/KkvnbAMEFcHmQ9fTzQZLe38I2rwUe5zMMiahoOqs
QsBnTB1PJ8D6ZjLIIqPpp3u4ue/6uXBdXLTfAO4htD/k0h8iCNQr1ETJwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFApcf2zNmCdHNjLEQYxUcdVWUg2rMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvQ2x4X2JNMllKMGMyTXNSQmpGUngxVlpTRGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW4SgAwQC
mFkcMA0GCSqGSIb3DQEBCwUAA4IBAQBcCbgXB52LaN8gVp25mNmJoJcJ8OjKoXr7
O+HP3jqAmrGvFPE6PnugLHQB9jT5GGZcp05uEe0ppO9eLNVOUqdAQnnY3re33pL+
aI4485IZgttVRHdWOqzdUAC/VcEVJQrxCTmEuaU9yWSfi0a/2ypktP0xNdz3EYgG
YkXIAMMC/SDpeCWMKTrNfEq52ubsarR17fF6r4TKUI38inZNY4arEFCWUeE/zFsa
HnzRCOGbiTAOc8vH3tlf898GYhyWR45GwOiP/0otPyorCDUZZz2gnfxyL8FPXst+
G/tli8cxcpH319+KoYdWiDSlwsQYtigemTDe0kUc584fgFTfxsql
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:36 2025 by rpki-client