Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/tYIEZrzOztDOsO_t3PLRNtoQQNg.roa
File: tYIEZrzOztDOsO_t3PLRNtoQQNg.roa (raw, json)
Hash identifier: 8sVVFlU5eqlqotVqllD0DGYSuV+PJ7Yuv/zAOqAXhBw=
Subject key identifier: B5:82:04:66:BC:CE:CE:D0:CE:B0:EF:ED:DC:F2:D1:36:DA:10:40:D8
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018B335A93837C0E2344990BE4627E3C9CAB
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/tYIEZrzOztDOsO_t3PLRNtoQQNg.roa
Signing time: Sun 15 Oct 2023 12:40:55 +0000
ROA not before: Sun 15 Oct 2023 12:40:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 45.138.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:33:5a:93:83:7c:0e:23:44:99:0b:e4:62:7e:3c:9c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Oct 15 12:40:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5820466bcceced0ceb0efeddcf2d136da1040d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8b:a5:30:f7:ae:25:ee:29:31:dd:10:4c:c5:
cd:26:92:7a:be:9b:5f:83:9b:d4:4b:ca:a5:af:5f:
ef:bf:00:4b:aa:ab:d6:c2:95:a2:51:de:bf:ba:ca:
8c:69:a7:55:1d:26:7b:54:58:47:55:62:33:ab:9f:
13:43:02:45:7d:08:4e:1d:58:2b:9d:7a:4d:94:48:
4a:0d:ca:be:64:3c:03:9e:6a:02:28:5d:9a:4a:9b:
54:74:b8:92:ba:27:ef:3b:09:2f:2f:a0:c5:65:04:
21:e6:10:60:b2:ef:1e:b5:7d:28:fe:d5:60:9d:7f:
4d:de:30:8c:a8:48:c8:3c:e5:eb:36:43:de:3d:4b:
72:75:28:b9:fb:07:88:30:14:83:04:a0:e0:64:3f:
d1:37:b7:af:c0:41:ea:cb:ee:7c:4c:18:c9:7f:f8:
c8:ed:2e:0c:99:f1:f4:40:40:57:6f:9c:fd:79:73:
c6:f8:06:d4:e7:74:39:e8:d9:e5:d0:32:a4:fc:f8:
74:19:6e:18:9d:3b:c5:ec:61:63:40:1d:75:d4:d7:
a8:d1:91:0e:ef:fe:74:ce:08:10:9c:cc:b7:e8:c8:
93:7d:eb:cd:93:9a:7b:db:90:9d:99:23:7b:81:d7:
e6:fd:a1:4e:1a:0f:ad:75:5a:85:0f:b1:d0:44:f3:
04:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:82:04:66:BC:CE:CE:D0:CE:B0:EF:ED:DC:F2:D1:36:DA:10:40:D8
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/tYIEZrzOztDOsO_t3PLRNtoQQNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/22
Signature Algorithm: sha256WithRSAEncryption
19:d5:e1:84:63:e7:7a:7e:fe:78:0c:1e:83:f8:92:d0:31:bb:
24:a8:ff:00:b8:c2:2f:af:e2:27:01:22:af:e9:cc:99:03:e5:
a9:ed:67:bf:7a:4b:47:7a:06:10:3d:31:6d:97:bd:4b:fd:5b:
a7:b0:9f:35:81:c7:46:73:2d:44:27:75:d5:33:ca:88:6b:27:
61:1a:26:3f:8e:d2:9d:3b:5d:4f:ab:3c:39:18:96:09:3d:20:
59:42:06:56:46:04:63:89:06:a9:5e:04:74:ce:6e:e0:b3:18:
82:46:47:79:81:a1:c6:7d:76:8f:09:e7:0c:4d:21:bb:19:00:
f7:e9:34:c3:d3:54:4d:7e:ff:c0:c5:0f:c5:c7:e8:ec:50:93:
07:15:64:e1:bf:7c:b2:45:a1:d6:bb:44:69:8a:77:7a:ba:45:
91:7e:b1:4f:eb:0c:73:e1:f3:67:10:cb:6f:37:22:f5:33:9a:
7b:06:92:70:7a:4e:68:5f:f4:c6:53:37:91:27:f4:29:68:51:
a8:b1:26:c8:6b:7c:3a:d5:1a:20:bd:29:f1:0b:33:5b:22:42:
b7:a1:57:2a:51:d4:83:4c:eb:fa:a5:10:53:1a:78:80:90:ab:
23:00:92:34:72:a4:eb:f5:13:69:57:46:cd:9e:ce:01:93:e7:
91:ce:88:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYszWpODfA4jRJkL5GJ+PJyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMxMDE1MTI0MDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTgyMDQ2NmJjY2VjZWQwY2ViMGVmZWRkY2YyZDEzNmRhMTA0MGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YulMPeuJe4pMd0QTMXNJpJ6vptf
g5vUS8qlr1/vvwBLqqvWwpWiUd6/usqMaadVHSZ7VFhHVWIzq58TQwJFfQhOHVgr
nXpNlEhKDcq+ZDwDnmoCKF2aSptUdLiSuifvOwkvL6DFZQQh5hBgsu8etX0o/tVg
nX9N3jCMqEjIPOXrNkPePUtydSi5+weIMBSDBKDgZD/RN7evwEHqy+58TBjJf/jI
7S4MmfH0QEBXb5z9eXPG+AbU53Q56Nnl0DKk/Ph0GW4YnTvF7GFjQB111Neo0ZEO
7/50zggQnMy36MiTfevNk5p725CdmSN7gdfm/aFOGg+tdVqFD7HQRPMElQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLWCBGa8zs7QzrDv7dzy0TbaEEDYMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvdFlJRVpyek96dERPc09fdDNQTFJOdG9RUU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYoMMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ1eGEY+d6fv54DB6D+JLQMbskqP8AuMIvr+InASKv
6cyZA+Wp7We/ektHegYQPTFtl71L/VunsJ81gcdGcy1EJ3XVM8qIaydhGiY/jtKd
O11Pqzw5GJYJPSBZQgZWRgRjiQapXgR0zm7gsxiCRkd5gaHGfXaPCecMTSG7GQD3
6TTD01RNfv/AxQ/Fx+jsUJMHFWThv3yyRaHWu0Rpind6ukWRfrFP6wxz4fNnEMtv
NyL1M5p7BpJwek5oX/TGUzeRJ/QpaFGosSbIa3w61RogvSnxCzNbIkK3oVcqUdSD
TOv6pRBTGniAkKsjAJI0cqTr9RNpV0bNns4Bk+eRzohF
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:04 2025 by rpki-client