Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/cnAmeExVfCpsB_X-nyl1cZhJFsE.roa
File: cnAmeExVfCpsB_X-nyl1cZhJFsE.roa (raw, json)
Hash identifier: tTufcoJOnpJwm7G+G1WjIvH7WXH5OS1RTFNsL+SKCx0=
Subject key identifier: 72:70:26:78:4C:55:7C:2A:6C:07:F5:FE:9F:29:75:71:98:49:16:C1
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0183C55F8AEFAED54B71686E1FFC5A204E29
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/cnAmeExVfCpsB_X-nyl1cZhJFsE.roa
Signing time: Tue 11 Oct 2022 04:48:36 +0000
ROA not before: Tue 11 Oct 2022 04:48:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 45.138.14.0/23 maxlen: 23
45.138.14.0/24 maxlen: 24
45.138.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c5:5f:8a:ef:ae:d5:4b:71:68:6e:1f:fc:5a:20:4e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Oct 11 04:48:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=727026784c557c2a6c07f5fe9f297571984916c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e1:a6:e6:79:8c:08:a3:76:37:e0:46:70:0d:
0f:ee:1b:7d:9f:ae:6e:3d:ec:28:d6:d3:3e:ca:53:
21:87:24:d5:87:b3:2a:1b:69:8b:61:de:ce:0d:44:
ce:c3:af:2c:c1:f9:e0:a4:da:69:39:7a:51:aa:53:
e6:94:a1:85:ad:86:23:b1:a3:1d:c8:56:1d:1c:e8:
92:10:07:c0:d9:ee:68:10:c6:d3:6e:1b:15:ac:b2:
94:35:10:b1:62:53:7c:0f:3d:9b:da:71:76:50:4e:
1e:cd:f0:52:19:63:e7:b9:e2:35:d4:ba:fb:bd:5b:
43:5d:52:5d:a7:2a:ed:45:3f:04:87:d8:09:0a:3f:
cb:55:b5:5c:dc:82:3a:55:bf:ae:e6:d5:f5:81:de:
ea:55:d6:69:67:55:c1:37:22:b1:c4:2b:37:5b:47:
43:31:ae:19:d0:40:7c:8a:b0:d4:3c:b3:0c:8d:68:
ec:8a:b1:92:5e:28:8a:b0:d0:10:7e:c9:c9:eb:b7:
68:7f:0b:33:3b:be:a7:3d:8b:c0:18:85:c2:bd:e4:
69:6a:76:4c:4c:3f:95:c3:0d:9a:30:9c:a9:f4:dd:
ec:40:ab:24:fa:f9:28:90:81:80:5b:d5:d7:94:1f:
e1:7c:b3:fa:c2:e1:bf:7c:b2:3c:3d:0e:0c:79:a5:
0f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:70:26:78:4C:55:7C:2A:6C:07:F5:FE:9F:29:75:71:98:49:16:C1
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/cnAmeExVfCpsB_X-nyl1cZhJFsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.14.0/23
Signature Algorithm: sha256WithRSAEncryption
31:52:0f:f7:db:79:3a:d0:35:9f:6f:8f:8b:b5:1c:ff:95:7d:
f5:aa:1a:b4:1d:0d:24:7f:1c:06:c5:35:88:74:d3:48:85:ad:
6e:a6:fe:fb:27:41:da:17:81:fd:28:70:80:e2:18:98:9b:5c:
74:20:9d:58:c7:92:14:95:ca:3b:56:8b:53:2d:d4:79:d3:e5:
a4:58:0a:ba:de:25:24:1e:7a:9f:db:05:75:81:48:ba:4c:11:
13:1d:96:d6:47:35:b6:95:47:dd:61:67:7b:8a:44:00:45:5c:
8b:54:70:51:d1:7c:28:e4:8c:de:dc:04:4f:f8:60:ab:26:b5:
4d:56:b0:96:01:9d:79:13:e7:74:07:de:7c:98:a2:09:7a:35:
14:25:8e:9f:e6:da:6c:e0:2d:5b:14:df:20:fe:d7:e5:d2:11:
2f:6a:fd:b7:de:41:b7:f7:6e:d4:ae:7a:c2:0b:29:20:7c:6c:
8e:8e:90:2c:21:9f:75:3b:cb:e3:86:7d:9a:15:09:a9:fe:f6:
7c:aa:7b:db:74:95:1a:af:ef:66:59:c9:ad:ae:00:49:80:fd:
e7:97:43:4c:fc:51:33:df:5c:dd:d1:ff:77:0b:3c:40:cb:30:
0b:76:e8:97:b6:0c:a1:03:6b:ca:70:e2:0c:21:e5:19:e0:ae:
c0:68:7a:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPFX4rvrtVLcWhuH/xaIE4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjIxMDExMDQ0ODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjcwMjY3ODRjNTU3YzJhNmMwN2Y1ZmU5ZjI5NzU3MTk4NDkxNmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+Gm5nmMCKN2N+BGcA0P7ht9n65u
Pewo1tM+ylMhhyTVh7MqG2mLYd7ODUTOw68swfngpNppOXpRqlPmlKGFrYYjsaMd
yFYdHOiSEAfA2e5oEMbTbhsVrLKUNRCxYlN8Dz2b2nF2UE4ezfBSGWPnueI11Lr7
vVtDXVJdpyrtRT8Eh9gJCj/LVbVc3II6Vb+u5tX1gd7qVdZpZ1XBNyKxxCs3W0dD
Ma4Z0EB8irDUPLMMjWjsirGSXiiKsNAQfsnJ67dofwszO76nPYvAGIXCveRpanZM
TD+Vww2aMJyp9N3sQKsk+vkokIGAW9XXlB/hfLP6wuG/fLI8PQ4MeaUPKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJwJnhMVXwqbAf1/p8pdXGYSRbBMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvY25BbWVFeFZmQ3BzQl9YLW55bDFjWmhKRnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYoOMA0G
CSqGSIb3DQEBCwUAA4IBAQAxUg/323k60DWfb4+LtRz/lX31qhq0HQ0kfxwGxTWI
dNNIha1upv77J0HaF4H9KHCA4hiYm1x0IJ1Yx5IUlco7VotTLdR50+WkWAq63iUk
Hnqf2wV1gUi6TBETHZbWRzW2lUfdYWd7ikQARVyLVHBR0Xwo5Ize3ARP+GCrJrVN
VrCWAZ15E+d0B958mKIJejUUJY6f5tps4C1bFN8g/tfl0hEvav233kG3927UrnrC
CykgfGyOjpAsIZ91O8vjhn2aFQmp/vZ8qnvbdJUar+9mWcmtrgBJgP3nl0NM/FEz
31zd0f93CzxAyzALduiXtgyhA2vKcOIMIeUZ4K7AaHro
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:27 2025 by rpki-client