Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/IY7n-00vnX5Q3jSpmqq0SnqrBn0.roa
File: IY7n-00vnX5Q3jSpmqq0SnqrBn0.roa (raw, json)
Hash identifier: 1wUzOc0exgz1uBdQjUNFJEANuJsZ3CUGfflwD8mPVno=
Subject key identifier: 21:8E:E7:FB:4D:2F:9D:7E:50:DE:34:A9:9A:AA:B4:4A:7A:AB:06:7D
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 01853527FB3AFEF2584B08C3274461C10E72
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/IY7n-00vnX5Q3jSpmqq0SnqrBn0.roa
Signing time: Wed 21 Dec 2022 14:48:10 +0000
ROA not before: Wed 21 Dec 2022 14:48:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 45.138.12.0/23 maxlen: 23
91.132.160.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:27:fb:3a:fe:f2:58:4b:08:c3:27:44:61:c1:0e:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Dec 21 14:48:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=218ee7fb4d2f9d7e50de34a99aaab44a7aab067d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:33:9f:c0:9e:14:a6:df:05:07:cb:c2:1d:d6:
f0:a7:ec:af:2e:19:47:f1:9f:58:5f:19:77:46:39:
9e:dd:42:31:7b:65:a9:bb:92:24:bb:d9:e8:67:2c:
25:d6:6d:ec:31:e4:a5:dd:1c:de:d5:08:c8:69:f9:
d7:ea:89:2d:79:95:1b:c3:15:7e:3f:65:2e:bb:d5:
87:b7:7f:0b:d2:12:e6:ea:cc:2a:b1:cc:f3:56:4a:
d7:38:6c:ff:9f:60:83:6f:cf:91:6b:03:51:59:c3:
92:3f:be:d1:ca:18:4c:74:9a:e0:97:d9:dc:35:9f:
b2:04:60:9e:73:a3:1d:0e:e9:f0:89:55:88:8c:35:
f8:2e:bd:ef:2a:f3:1c:93:cf:88:07:5d:fd:95:9d:
d7:a6:69:d9:b1:61:e2:b1:c8:55:6f:90:1c:25:fc:
6a:95:12:df:e7:0e:5d:85:1d:a0:22:bf:54:fe:70:
14:96:b4:12:d3:9f:9a:5b:ed:ef:3a:d7:6a:a5:9d:
67:6b:50:18:cf:b0:af:d9:30:c5:15:3d:b0:32:2e:
79:66:5d:3a:b8:3d:e0:04:37:86:fe:b0:f9:d5:37:
bc:ad:81:30:d3:ad:f3:e9:b0:90:9b:24:c1:2e:38:
62:e2:68:6a:19:e3:04:e0:9e:2f:b2:de:37:47:38:
08:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8E:E7:FB:4D:2F:9D:7E:50:DE:34:A9:9A:AA:B4:4A:7A:AB:06:7D
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/IY7n-00vnX5Q3jSpmqq0SnqrBn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/23
91.132.160.0/22
Signature Algorithm: sha256WithRSAEncryption
64:57:34:5a:17:d4:87:3d:40:fb:52:88:fe:a1:7d:6f:3f:b4:
9a:9c:b5:0d:2f:5a:09:34:7c:78:b9:5e:f1:88:13:19:c3:a7:
df:8f:f2:52:75:97:6e:95:0c:98:84:4c:59:d1:6f:cf:a3:c9:
c4:4b:2a:d8:03:3a:9b:bb:a6:9d:91:7f:45:3d:ad:f2:bc:8e:
f3:54:48:61:33:f7:6b:b2:79:3e:ad:46:46:6b:1c:22:91:7d:
85:a9:3d:e6:b3:a3:15:b4:fc:fd:08:b4:eb:5f:c4:94:a5:6d:
2e:17:8d:f5:80:eb:7b:54:18:64:1e:74:13:27:92:ca:66:a0:
17:0e:4e:71:54:51:37:02:3f:b5:b0:4b:ff:f6:cc:7c:8f:b1:
f6:97:de:f6:2b:12:df:c5:44:80:b9:97:6b:95:32:94:79:f8:
81:32:00:f5:10:79:12:1b:b4:4c:f6:18:8e:30:e5:c2:b0:5f:
06:12:4d:95:78:82:1e:e8:f5:3e:d3:42:8a:09:23:79:e2:69:
88:53:43:ee:4d:d6:9b:54:82:6a:be:69:5b:5d:32:1f:8d:04:
37:2f:ec:df:47:b8:b7:7f:1a:d6:c1:a9:a6:61:84:dc:13:d7:
ba:8f:5d:48:1e:96:b0:c2:dd:1d:c7:1a:f5:0d:69:27:4b:1c:
19:71:e8:64
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU1J/s6/vJYSwjDJ0RhwQ5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjIxMjIxMTQ0ODEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMThlZTdmYjRkMmY5ZDdlNTBkZTM0YTk5YWFhYjQ0YTdhYWIwNjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzOfwJ4Upt8FB8vCHdbwp+yvLhlH
8Z9YXxl3Rjme3UIxe2Wpu5Iku9noZywl1m3sMeSl3Rze1QjIafnX6okteZUbwxV+
P2Uuu9WHt38L0hLm6swqsczzVkrXOGz/n2CDb8+RawNRWcOSP77RyhhMdJrgl9nc
NZ+yBGCec6MdDunwiVWIjDX4Lr3vKvMck8+IB139lZ3XpmnZsWHischVb5AcJfxq
lRLf5w5dhR2gIr9U/nAUlrQS05+aW+3vOtdqpZ1na1AYz7Cv2TDFFT2wMi55Zl06
uD3gBDeG/rD51Te8rYEw063z6bCQmyTBLjhi4mhqGeME4J4vst43RzgIXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCGO5/tNL51+UN40qZqqtEp6qwZ9MB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvSVk3bi0wMHZuWDVRM2pTcG1xcTBTbnFyQm4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYoMAwQC
W4SgMA0GCSqGSIb3DQEBCwUAA4IBAQBkVzRaF9SHPUD7Uoj+oX1vP7SanLUNL1oJ
NHx4uV7xiBMZw6ffj/JSdZdulQyYhExZ0W/Po8nESyrYAzqbu6adkX9FPa3yvI7z
VEhhM/drsnk+rUZGaxwikX2FqT3ms6MVtPz9CLTrX8SUpW0uF431gOt7VBhkHnQT
J5LKZqAXDk5xVFE3Aj+1sEv/9sx8j7H2l972KxLfxUSAuZdrlTKUefiBMgD1EHkS
G7RM9hiOMOXCsF8GEk2VeIIe6PU+00KKCSN54mmIU0PuTdabVIJqvmlbXTIfjQQ3
L+zfR7i3fxrWwammYYTcE9e6j11IHpawwt0dxxr1DWknSxwZcehk
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:40 2025 by rpki-client