Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/IbJaH6A32TTmccnYaKzbTMVqoQ8.roa
File: IbJaH6A32TTmccnYaKzbTMVqoQ8.roa (raw, json)
Hash identifier: Nv0NoTsqQ8u5Fh+1RAMmsHyxZBNjF+JjBgpc01CPXJE=
Subject key identifier: 21:B2:5A:1F:A0:37:D9:34:E6:71:C9:D8:68:AC:DB:4C:C5:6A:A1:0F
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 01861235A008A9003B4875877ED9CEE75971
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/IbJaH6A32TTmccnYaKzbTMVqoQ8.roa
Signing time: Thu 02 Feb 2023 12:59:09 +0000
ROA not before: Thu 02 Feb 2023 12:59:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22653
IP address blocks: 45.138.12.0/22 maxlen: 22
193.135.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:35:a0:08:a9:00:3b:48:75:87:7e:d9:ce:e7:59:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Feb 2 12:59:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21b25a1fa037d934e671c9d868acdb4cc56aa10f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ba:6d:b3:fe:45:4a:07:bc:ee:74:41:17:61:
81:33:2b:1a:79:a4:a2:3e:80:74:ea:a2:c9:f2:50:
9b:50:b0:ac:7d:d2:37:7a:88:bc:1a:db:1c:3d:09:
4e:c8:bc:5c:66:08:0c:7b:30:09:03:19:29:e6:62:
e8:91:d4:81:a6:1b:65:1d:ed:92:f3:d1:fe:b4:e8:
b9:de:92:e9:a5:f8:f4:79:ea:14:fc:25:a1:59:26:
11:f4:bf:0c:fe:b5:6c:20:58:63:c2:53:94:46:05:
77:b1:39:46:00:8a:70:1e:d5:25:2f:b8:8c:ae:c8:
f3:9e:ae:1f:0c:25:d2:c3:2b:3f:f8:5d:11:76:76:
85:39:dd:f9:fb:94:69:73:4f:58:90:2a:20:95:eb:
0a:8b:85:ce:78:bd:bc:e6:48:5c:e7:c0:ef:02:33:
1e:a3:82:2e:71:fd:64:fc:e9:b8:bd:c8:1b:41:91:
90:96:b5:98:e1:c1:d0:59:ae:45:4a:46:36:b2:97:
ab:48:36:62:ef:e1:20:e0:1b:97:66:32:99:02:68:
3b:ea:61:a3:eb:6b:4c:1a:35:bb:2e:76:77:3e:05:
bd:8e:f5:c7:36:0b:7c:11:0a:11:e9:6a:5b:13:b3:
0d:1f:f5:9a:e2:ea:48:01:2d:e5:f4:0d:ad:6f:2d:
11:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B2:5A:1F:A0:37:D9:34:E6:71:C9:D8:68:AC:DB:4C:C5:6A:A1:0F
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/IbJaH6A32TTmccnYaKzbTMVqoQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/22
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:62:43:e4:37:ca:39:36:03:62:20:53:c8:2a:f5:5f:b7:26:
66:c9:b9:39:b7:50:22:db:b1:f3:87:fb:3b:1b:08:ba:64:cd:
5a:25:1e:64:cb:0f:2b:d8:a3:68:4c:6c:c6:2b:af:9a:7c:06:
bc:5a:c0:ad:50:f1:60:1a:39:df:68:7e:0f:d7:6a:d6:9c:b0:
0d:fc:76:bf:99:86:20:c9:b8:d7:d1:db:7a:56:bf:ef:de:b9:
36:7f:ae:3e:12:5a:b2:42:2e:65:a4:6c:f0:dd:b1:03:23:26:
99:fe:f0:e4:e1:11:5d:b5:98:fc:a5:b0:c6:98:a9:e4:85:0f:
72:ca:f4:e9:05:4c:55:4e:22:e9:52:5a:dc:dc:c5:8e:09:13:
57:b8:bc:42:cc:a8:dd:2b:5c:86:c9:29:7e:00:6c:7e:a1:db:
d5:f8:b3:67:48:5d:37:2f:d6:91:4a:ac:ee:b5:3e:0d:ae:2b:
6a:9c:91:02:21:44:e3:10:1b:a1:b0:95:2b:1d:27:f6:83:28:
08:95:a2:c4:45:cb:ee:5a:bc:99:1a:89:20:bf:0e:dc:0f:ca:
0d:cb:0c:1d:85:2a:96:cd:6d:4f:2c:bc:ee:f8:5e:28:a9:ce:
f0:eb:37:58:45:81:e9:e0:0f:b8:58:64:33:a5:7c:5a:67:f5:
eb:99:f5:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYSNaAIqQA7SHWHftnO51lxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMwMjAyMTI1OTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWIyNWExZmEwMzdkOTM0ZTY3MWM5ZDg2OGFjZGI0Y2M1NmFhMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbpts/5FSge87nRBF2GBMysaeaSi
PoB06qLJ8lCbULCsfdI3eoi8GtscPQlOyLxcZggMezAJAxkp5mLokdSBphtlHe2S
89H+tOi53pLppfj0eeoU/CWhWSYR9L8M/rVsIFhjwlOURgV3sTlGAIpwHtUlL7iM
rsjznq4fDCXSwys/+F0RdnaFOd35+5Rpc09YkCoglesKi4XOeL285khc58DvAjMe
o4Iucf1k/Om4vcgbQZGQlrWY4cHQWa5FSkY2sperSDZi7+Eg4BuXZjKZAmg76mGj
62tMGjW7LnZ3PgW9jvXHNgt8EQoR6WpbE7MNH/Wa4upIAS3l9A2tby0R3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCGyWh+gN9k05nHJ2Gis20zFaqEPMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvSWJKYUg2QTMyVFRtY2NuWWFLemJUTVZxb1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYoMAwQA
wYeuMA0GCSqGSIb3DQEBCwUAA4IBAQB+YkPkN8o5NgNiIFPIKvVftyZmybk5t1Ai
27Hzh/s7Gwi6ZM1aJR5kyw8r2KNoTGzGK6+afAa8WsCtUPFgGjnfaH4P12rWnLAN
/Ha/mYYgybjX0dt6Vr/v3rk2f64+ElqyQi5lpGzw3bEDIyaZ/vDk4RFdtZj8pbDG
mKnkhQ9yyvTpBUxVTiLpUlrc3MWOCRNXuLxCzKjdK1yGySl+AGx+odvV+LNnSF03
L9aRSqzutT4NritqnJECIUTjEBuhsJUrHSf2gygIlaLERcvuWryZGokgvw7cD8oN
ywwdhSqWzW1PLLzu+F4oqc7w6zdYRYHp4A+4WGQzpXxaZ/XrmfWc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:53 2025 by rpki-client