Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/PkW8GVezWKos9-fiI3gvswqv6NU.roa
File: PkW8GVezWKos9-fiI3gvswqv6NU.roa (raw, json)
Hash identifier: pONdcxw4q63GQ0rYIwD1bwvchR9o2iyjgB0nVWKsI+4=
Subject key identifier: 3E:45:BC:19:57:B3:58:AA:2C:F7:E7:E2:23:78:2F:B3:0A:AF:E8:D5
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 01851A5E235B81EDDF84D656A39E52AA75FE
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/PkW8GVezWKos9-fiI3gvswqv6NU.roa
Signing time: Fri 16 Dec 2022 09:57:34 +0000
ROA not before: Fri 16 Dec 2022 09:57:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 45.138.14.0/23 maxlen: 23
45.138.12.0/23 maxlen: 23
91.132.160.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:5e:23:5b:81:ed:df:84:d6:56:a3:9e:52:aa:75:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Dec 16 09:57:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e45bc1957b358aa2cf7e7e223782fb30aafe8d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d0:7f:47:0a:3a:36:97:44:84:68:ab:c8:21:
cd:80:46:c3:1f:e5:ec:3e:de:bd:cf:fd:af:67:f6:
cf:07:33:b4:f9:9a:bc:7b:aa:9f:ec:48:71:68:c2:
b1:ed:1a:95:24:20:32:5a:97:1c:55:18:ca:95:aa:
e1:47:eb:7c:db:6d:d9:e8:02:46:3a:36:77:78:a3:
86:24:7e:34:fa:0f:f3:ca:48:12:43:e7:ee:de:50:
62:72:2b:64:d3:e6:92:cb:a7:81:fb:82:32:85:22:
d9:13:84:11:db:0f:d7:c7:96:05:c1:c4:b7:c6:4f:
c8:99:c6:22:e5:ce:39:1d:1b:e8:22:b4:fa:8a:52:
7d:51:a6:75:8a:5f:7e:45:dd:d8:da:b6:9f:b9:88:
86:7b:82:f8:71:0c:23:1f:a5:c6:7d:ce:46:33:ab:
a5:09:be:c9:e5:67:6f:42:bb:4c:15:63:2b:54:5c:
cb:ae:02:de:f7:34:d1:c4:c1:20:93:c8:d8:cf:71:
06:a1:28:d1:b8:91:43:f3:85:8a:1b:51:bb:03:84:
1c:45:5a:bd:cb:ee:bd:b2:be:d7:5b:78:b8:75:bc:
d8:96:eb:b7:b1:2c:3e:23:1e:3b:45:45:b0:79:a8:
79:ed:08:4a:a1:06:68:d3:cd:37:5a:06:67:8f:37:
d3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:45:BC:19:57:B3:58:AA:2C:F7:E7:E2:23:78:2F:B3:0A:AF:E8:D5
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/PkW8GVezWKos9-fiI3gvswqv6NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/22
91.132.160.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:6a:ea:d7:a9:b3:98:3e:10:ce:79:0b:72:5e:30:f6:a8:34:
35:2e:7a:d1:9a:d4:d1:1f:84:d2:7c:e1:2a:2d:a2:c9:3b:63:
f3:99:da:7b:ce:0d:29:7b:4b:e5:ab:c5:51:56:25:3d:21:11:
59:1c:16:83:48:34:e2:c9:0c:83:68:64:d6:b3:0a:6b:bc:60:
2c:fc:5d:67:ba:9f:ae:4c:97:d2:df:05:0b:a9:ef:eb:1b:e3:
85:72:68:fa:42:f5:8b:cf:eb:17:c8:a3:a5:47:55:ed:45:81:
3f:81:c9:ac:e8:41:3b:3e:3f:86:97:fb:76:46:79:65:a0:41:
70:f1:e8:6a:cf:37:50:06:ec:34:34:42:42:45:99:98:af:bf:
e5:e2:66:28:d0:ee:c4:b8:dc:b2:e4:38:a7:78:d1:ab:49:e1:
ac:f1:7f:33:2c:e6:a7:26:22:6e:18:05:30:25:cc:00:50:81:
5e:8f:ae:43:94:fe:36:55:16:51:88:99:5a:7e:e9:77:29:0c:
29:1f:10:05:c2:41:4b:70:54:e5:14:d5:d5:52:f1:4e:0f:64:
b4:66:43:92:7e:82:f4:e7:03:b2:e9:02:19:a2:7b:1b:ea:8d:
fd:64:bb:70:f1:22:f0:75:c3:da:ab:2c:3e:5e:c0:44:eb:6e:
79:5a:df:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUaXiNbge3fhNZWo55SqnX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjIxMjE2MDk1NzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQ1YmMxOTU3YjM1OGFhMmNmN2U3ZTIyMzc4MmZiMzBhYWZlOGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtB/Rwo6NpdEhGiryCHNgEbDH+Xs
Pt69z/2vZ/bPBzO0+Zq8e6qf7EhxaMKx7RqVJCAyWpccVRjKlarhR+t8223Z6AJG
OjZ3eKOGJH40+g/zykgSQ+fu3lBicitk0+aSy6eB+4IyhSLZE4QR2w/Xx5YFwcS3
xk/ImcYi5c45HRvoIrT6ilJ9UaZ1il9+Rd3Y2rafuYiGe4L4cQwjH6XGfc5GM6ul
Cb7J5WdvQrtMFWMrVFzLrgLe9zTRxMEgk8jYz3EGoSjRuJFD84WKG1G7A4QcRVq9
y+69sr7XW3i4dbzYluu3sSw+Ix47RUWweah57QhKoQZo0803WgZnjzfT2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD5FvBlXs1iqLPfn4iN4L7MKr+jVMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvUGtXOEdWZXpXS29zOS1maUkzZ3Zzd3F2Nk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYoMAwQC
W4SgMA0GCSqGSIb3DQEBCwUAA4IBAQCxaurXqbOYPhDOeQtyXjD2qDQ1LnrRmtTR
H4TSfOEqLaLJO2Pzmdp7zg0pe0vlq8VRViU9IRFZHBaDSDTiyQyDaGTWswprvGAs
/F1nup+uTJfS3wULqe/rG+OFcmj6QvWLz+sXyKOlR1XtRYE/gcms6EE7Pj+Gl/t2
RnlloEFw8ehqzzdQBuw0NEJCRZmYr7/l4mYo0O7EuNyy5DineNGrSeGs8X8zLOan
JiJuGAUwJcwAUIFej65DlP42VRZRiJlaful3KQwpHxAFwkFLcFTlFNXVUvFOD2S0
ZkOSfoL05wOy6QIZonsb6o39ZLtw8SLwdcPaqyw+XsBE6255Wt8i
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:55:55 2025 by rpki-client