Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/cq5_om_zahBnPuPCfH9lvM3_KOg.roa
File: cq5_om_zahBnPuPCfH9lvM3_KOg.roa (raw, json)
Hash identifier: qBrjsNvhXrpRZ0G+gRMKiLd2nFhO32hSeoWWU6+XjJQ=
Subject key identifier: 72:AE:7F:A2:6F:F3:6A:10:67:3E:E3:C2:7C:7F:65:BC:CD:FF:28:E8
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0183EEA064EAF7607CDA3FC0700CB620FBBD
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/cq5_om_zahBnPuPCfH9lvM3_KOg.roa
Signing time: Wed 19 Oct 2022 05:03:52 +0000
ROA not before: Wed 19 Oct 2022 05:03:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 45.138.14.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ee:a0:64:ea:f7:60:7c:da:3f:c0:70:0c:b6:20:fb:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Oct 19 05:03:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72ae7fa26ff36a10673ee3c27c7f65bccdff28e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:95:eb:3d:9c:10:d9:6b:b3:20:28:1f:3d:de:
1c:45:ee:c2:4a:04:47:37:52:ad:a1:c1:56:0c:b0:
c7:64:a5:10:02:91:f4:fb:f1:ec:53:44:82:e0:06:
f3:3c:59:1b:33:32:24:d7:96:1d:98:a7:3d:8b:b9:
c5:e4:af:c6:42:a9:f3:bc:aa:8b:eb:3e:5d:7e:e9:
3c:1c:38:cc:51:cd:cc:12:3b:c7:d5:46:46:81:07:
bf:05:69:2e:00:a7:8a:f7:68:2a:b3:10:ca:58:10:
a4:66:5a:99:1c:51:5a:66:ac:25:c4:44:05:e4:f9:
9a:da:f7:2c:07:c9:97:2c:ed:ee:8b:ad:22:45:4c:
b9:6f:6f:a7:4e:07:83:e6:d7:bf:33:20:53:be:cd:
85:b7:19:5f:b7:29:8c:18:20:88:c5:c5:fb:8b:f6:
29:f1:86:e3:2d:26:f3:b0:fc:a0:f0:a8:a4:72:01:
df:db:94:eb:8d:6d:c0:0c:8c:0a:7a:24:e2:5c:04:
d7:3b:7b:0f:45:fe:dc:52:7a:21:ef:60:dc:6e:c9:
6b:22:f8:33:7b:dc:df:c5:6f:05:19:26:91:e2:ce:
22:d8:6a:23:04:97:c3:b7:ad:15:95:d2:4c:64:aa:
c2:5a:4b:c6:b0:f6:ac:6a:03:6f:b4:1b:cc:85:53:
a5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:AE:7F:A2:6F:F3:6A:10:67:3E:E3:C2:7C:7F:65:BC:CD:FF:28:E8
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/cq5_om_zahBnPuPCfH9lvM3_KOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.14.0/23
Signature Algorithm: sha256WithRSAEncryption
51:0b:e6:80:55:6e:4f:9e:1d:1d:de:5d:4f:ec:5e:7c:84:40:
b5:c8:c6:38:97:5d:ca:23:6c:ca:6b:64:d1:3e:70:bf:69:e1:
72:96:8e:3e:f0:81:43:86:1c:7e:98:0b:dc:e7:a0:04:b2:66:
f1:c8:7c:47:0d:70:ca:42:83:15:d7:8e:ce:ba:77:f6:a4:eb:
9d:7a:5e:00:47:48:4e:7f:ed:17:75:be:8c:93:76:9b:4e:22:
2c:fc:02:d3:c4:19:8d:e6:94:29:0a:eb:31:5b:72:96:39:d0:
50:c6:a2:3a:53:bb:0c:dc:55:4e:5c:4b:8a:ea:4d:89:91:f8:
88:a0:f8:ca:42:7e:46:ca:35:a0:48:60:0e:e3:09:a0:b0:a3:
f9:76:2f:03:f7:03:ba:12:3f:ad:39:e1:61:21:5d:6a:9b:85:
c0:70:ed:73:ef:75:8e:d0:0a:d4:da:c6:b0:53:e9:66:e2:81:
45:2c:12:45:cb:e1:76:1d:66:46:b2:45:d0:13:c7:6c:f8:bd:
7f:5d:38:2a:3c:a8:cc:cf:4e:cc:0d:2b:36:c4:cf:72:6b:57:
0a:bf:c5:06:70:31:5b:d3:bc:03:f4:14:c8:bb:c0:01:24:5e:
fd:55:58:fd:48:8c:21:7f:fa:bd:fe:f9:85:a1:92:c1:c1:31:
4a:16:17:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPuoGTq92B82j/AcAy2IPu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjIxMDE5MDUwMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmFlN2ZhMjZmZjM2YTEwNjczZWUzYzI3YzdmNjViY2NkZmYyOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5XrPZwQ2WuzICgfPd4cRe7CSgRH
N1KtocFWDLDHZKUQApH0+/HsU0SC4AbzPFkbMzIk15YdmKc9i7nF5K/GQqnzvKqL
6z5dfuk8HDjMUc3MEjvH1UZGgQe/BWkuAKeK92gqsxDKWBCkZlqZHFFaZqwlxEQF
5Pma2vcsB8mXLO3ui60iRUy5b2+nTgeD5te/MyBTvs2FtxlftymMGCCIxcX7i/Yp
8YbjLSbzsPyg8KikcgHf25TrjW3ADIwKeiTiXATXO3sPRf7cUnoh72DcbslrIvgz
e9zfxW8FGSaR4s4i2GojBJfDt60VldJMZKrCWkvGsPasagNvtBvMhVOlGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKuf6Jv82oQZz7jwnx/ZbzN/yjoMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvY3E1X29tX3phaEJuUHVQQ2ZIOWx2TTNfS09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYoOMA0G
CSqGSIb3DQEBCwUAA4IBAQBRC+aAVW5Pnh0d3l1P7F58hEC1yMY4l13KI2zKa2TR
PnC/aeFylo4+8IFDhhx+mAvc56AEsmbxyHxHDXDKQoMV147Ounf2pOudel4AR0hO
f+0Xdb6Mk3abTiIs/ALTxBmN5pQpCusxW3KWOdBQxqI6U7sM3FVOXEuK6k2JkfiI
oPjKQn5GyjWgSGAO4wmgsKP5di8D9wO6Ej+tOeFhIV1qm4XAcO1z73WO0ArU2saw
U+lm4oFFLBJFy+F2HWZGskXQE8ds+L1/XTgqPKjMz07MDSs2xM9ya1cKv8UGcDFb
07wD9BTIu8ABJF79VVj9SIwhf/q9/vmFoZLBwTFKFhcX
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:57:37 2025 by rpki-client