Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/XOisVYE_Gbq81Sk0UQD37RhAajU.roa
File: XOisVYE_Gbq81Sk0UQD37RhAajU.roa (raw, json)
Hash identifier: RNJczLaQO1Ua1UPZep3xzkYlybpObO3qUmpm1KfKuuA=
Subject key identifier: 5C:E8:AC:55:81:3F:19:BA:BC:D5:29:34:51:00:F7:ED:18:40:6A:35
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 01859576CDF42E8311BE213AA2F780367687
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/XOisVYE_Gbq81Sk0UQD37RhAajU.roa
Signing time: Mon 09 Jan 2023 07:37:49 +0000
ROA not before: Mon 09 Jan 2023 07:37:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 45.138.14.0/24 maxlen: 24
45.138.15.0/24 maxlen: 24
45.138.12.0/22 maxlen: 24
45.138.12.0/24 maxlen: 24
45.138.13.0/24 maxlen: 24
193.135.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:95:76:cd:f4:2e:83:11:be:21:3a:a2:f7:80:36:76:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Jan 9 07:37:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ce8ac55813f19babcd529345100f7ed18406a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:79:a9:79:f3:66:ff:a1:ab:d6:ed:d2:fb:58:
e2:d3:42:36:ba:a3:76:1a:56:bf:1e:88:70:c6:ef:
57:e2:11:4e:b1:06:53:53:4e:77:92:c8:fa:30:c4:
f6:24:b6:be:61:b6:57:e1:9d:c2:3e:63:ee:71:69:
3d:bc:77:e2:6e:38:01:49:20:ab:b8:28:92:27:8d:
d2:15:b7:59:f3:8e:a5:ba:9b:fe:43:cb:17:f9:f6:
69:6e:3f:54:33:6b:fc:a7:5c:28:80:dc:be:e8:4f:
ad:ae:5e:58:f9:cf:cd:33:bb:09:93:17:97:27:d0:
59:94:bc:b3:27:03:69:da:78:4d:8c:a7:a8:f3:fe:
df:67:41:85:25:90:8e:81:64:8d:ba:e2:bb:58:85:
f9:fe:19:a5:fd:65:7c:cf:9c:8f:77:d2:4a:40:92:
dd:69:1e:4d:1c:1e:27:ef:6d:9b:e2:51:ef:8f:19:
73:50:31:c9:5d:5a:ca:ff:91:ce:dd:81:af:ae:6a:
a1:00:d6:df:a4:a1:3d:e7:76:27:ca:f3:b6:47:8b:
e7:fb:25:eb:82:30:86:42:86:c2:b9:c3:20:cb:45:
a4:e8:5c:dc:07:91:34:46:ef:8a:23:7e:b0:40:33:
bf:ce:3c:93:68:8c:0d:0f:2e:73:dd:32:08:94:79:
24:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:E8:AC:55:81:3F:19:BA:BC:D5:29:34:51:00:F7:ED:18:40:6A:35
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/XOisVYE_Gbq81Sk0UQD37RhAajU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/22
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
56:3e:4f:4c:d6:1f:84:88:8f:e6:f8:71:42:ca:ff:00:1d:1d:
25:6b:c9:e9:13:b6:63:1b:1a:08:f9:dc:85:09:72:dd:e1:a1:
b3:2a:89:a5:dc:d5:cd:0c:b7:2c:3b:49:c7:a5:7d:53:97:01:
28:3d:4d:e1:34:36:d2:7e:84:10:c2:be:c5:42:32:42:07:db:
df:36:91:b0:57:29:e2:83:5c:20:f6:bd:78:b5:f9:5f:a0:b5:
c4:97:a1:81:29:4c:16:4f:33:76:16:21:eb:4e:d4:38:b7:77:
8a:18:4c:34:3b:2d:fe:37:37:29:62:2f:26:1a:4a:ef:61:d4:
f7:76:c4:22:d0:d8:e1:d8:da:52:8b:e4:ce:1f:d4:f7:d5:87:
91:73:9a:c4:51:49:57:c7:a5:78:34:b7:28:98:90:70:4f:c6:
ca:26:ab:90:3b:ce:99:17:fe:ab:64:ea:da:0f:89:db:b9:2c:
07:3f:a9:5c:b3:8b:a0:25:85:7f:09:0c:85:b3:2e:c3:3e:bd:
ec:4a:05:b7:c6:09:41:6c:f3:e9:01:1c:85:b8:f0:35:c0:08:
8c:ef:dd:c4:ac:9b:f8:9a:3f:8f:34:86:14:3e:40:e4:34:d2:
0c:bd:a0:6a:c1:9c:d6:a4:43:a0:ad:69:3d:24:14:0b:fb:ca:
e4:e3:32:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWVds30LoMRviE6oveANnaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMwMTA5MDczNzQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U4YWM1NTgxM2YxOWJhYmNkNTI5MzQ1MTAwZjdlZDE4NDA2YTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznmpefNm/6Gr1u3S+1ji00I2uqN2
Gla/Hohwxu9X4hFOsQZTU053ksj6MMT2JLa+YbZX4Z3CPmPucWk9vHfibjgBSSCr
uCiSJ43SFbdZ846lupv+Q8sX+fZpbj9UM2v8p1wogNy+6E+trl5Y+c/NM7sJkxeX
J9BZlLyzJwNp2nhNjKeo8/7fZ0GFJZCOgWSNuuK7WIX5/hml/WV8z5yPd9JKQJLd
aR5NHB4n722b4lHvjxlzUDHJXVrK/5HO3YGvrmqhANbfpKE953YnyvO2R4vn+yXr
gjCGQobCucMgy0Wk6FzcB5E0Ru+KI36wQDO/zjyTaIwNDy5z3TIIlHkkQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFzorFWBPxm6vNUpNFEA9+0YQGo1MB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvWE9pc1ZZRV9HYnE4MVNrMFVRRDM3UmhBYWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYoMAwQA
wYeuMA0GCSqGSIb3DQEBCwUAA4IBAQBWPk9M1h+EiI/m+HFCyv8AHR0la8npE7Zj
GxoI+dyFCXLd4aGzKoml3NXNDLcsO0nHpX1TlwEoPU3hNDbSfoQQwr7FQjJCB9vf
NpGwVynig1wg9r14tflfoLXEl6GBKUwWTzN2FiHrTtQ4t3eKGEw0Oy3+NzcpYi8m
GkrvYdT3dsQi0Njh2NpSi+TOH9T31YeRc5rEUUlXx6V4NLcomJBwT8bKJquQO86Z
F/6rZOraD4nbuSwHP6lcs4ugJYV/CQyFsy7DPr3sSgW3xglBbPPpARyFuPA1wAiM
793ErJv4mj+PNIYUPkDkNNIMvaBqwZzWpEOgrWk9JBQL+8rk4zLK
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:50 2025 by rpki-client