Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/Y9jWmLvpry9MI33mZahw81NGQmI.roa
File: Y9jWmLvpry9MI33mZahw81NGQmI.roa (raw, json)
Hash identifier: pS7et5d6XtOeEDNurJFNz/UXfth1Lv4tsbweIFKzFbY=
Subject key identifier: 63:D8:D6:98:BB:E9:AF:2F:4C:23:7D:E6:65:A8:70:F3:53:46:42:62
Certificate issuer: /CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Certificate serial: 0186E438859DF6EDBD78C51B8BECD83EC7B9
Authority key identifier: A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/Y9jWmLvpry9MI33mZahw81NGQmI.roa
Signing time: Wed 15 Mar 2023 07:42:34 +0000
ROA not before: Wed 15 Mar 2023 07:42:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208414
IP address blocks: 45.138.105.0/24 maxlen: 29
45.138.104.0/24 maxlen: 29
45.138.107.0/24 maxlen: 24
45.138.106.0/24 maxlen: 24
185.8.236.0/22 maxlen: 24
2a0e:acc0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:38:85:9d:f6:ed:bd:78:c5:1b:8b:ec:d8:3e:c7:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Validity
Not Before: Mar 15 07:42:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63d8d698bbe9af2f4c237de665a870f353464262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:37:05:5a:d6:00:82:10:a6:53:db:f7:fd:a9:
d4:0e:c2:d5:e1:17:d7:a1:5a:5c:12:fc:56:22:64:
ce:d5:d8:e0:cf:ae:dc:14:ba:6a:14:3e:cb:e4:a8:
82:b6:c8:f4:0d:ea:5e:c9:8e:f9:3f:ab:38:64:00:
9e:93:1c:0f:6f:29:94:98:3b:cf:b9:9c:7f:f5:80:
a2:76:62:a7:ab:9f:9f:6b:45:c7:ed:80:05:50:c5:
7e:6c:49:d5:d4:63:6c:8e:57:5a:c9:77:60:20:67:
3b:ac:be:a3:1f:76:d8:00:3e:57:9b:3d:dd:2f:ec:
ce:0f:e1:d9:c0:be:ac:79:62:16:de:e2:d9:8c:e6:
a2:0e:05:07:29:af:59:f6:cb:82:b4:4a:43:6c:40:
31:3b:61:7e:7b:a6:fe:b6:17:51:5c:1f:97:f6:67:
14:6c:95:1d:fc:51:4c:63:26:36:71:36:25:eb:74:
d3:8a:d9:8d:1a:16:fb:0a:8b:17:6e:9a:85:08:ed:
fc:ff:de:36:ad:77:a2:70:32:f1:52:8f:6a:8b:7e:
42:18:0f:94:2d:b6:41:3b:d6:99:bd:14:d2:af:68:
57:55:70:35:2a:c0:11:7c:ff:a5:8f:59:6b:d8:30:
f1:c9:79:93:e3:20:b5:0e:57:10:60:c5:6f:03:8f:
52:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D8:D6:98:BB:E9:AF:2F:4C:23:7D:E6:65:A8:70:F3:53:46:42:62
X509v3 Authority Key Identifier:
keyid:A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/Y9jWmLvpry9MI33mZahw81NGQmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/pbnffpj285_iukAi2id9KBmCgCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.104.0/22
185.8.236.0/22
IPv6:
2a0e:acc0::/29
Signature Algorithm: sha256WithRSAEncryption
86:a5:fb:4a:24:7e:22:a1:4a:ff:80:9b:62:46:32:a2:2c:e7:
e2:5b:db:24:35:18:f1:51:88:35:6b:4c:ef:21:4f:7d:0b:92:
a7:dc:b8:3f:81:4c:d4:35:e8:53:19:ff:0b:68:da:42:94:6c:
39:31:66:f9:41:df:0f:eb:66:a8:23:fc:51:af:ab:20:1a:de:
55:9d:89:a5:1d:67:c8:77:62:5f:2e:7f:48:de:10:90:eb:71:
76:87:f9:38:f4:ec:73:10:aa:e5:ac:47:8d:39:13:98:cc:3c:
ec:19:72:2a:1b:ca:ba:a9:38:02:53:14:05:da:11:1b:20:53:
b9:76:ef:ea:21:b9:9a:00:ee:bb:50:58:db:33:a5:7d:2d:08:
c3:1d:9d:d9:1e:a9:f5:8b:29:1a:fe:f4:4a:70:be:03:e4:60:
b4:31:44:68:ea:79:50:98:21:14:9d:80:01:07:99:ae:f4:df:
73:8c:b4:3d:9a:f0:82:ec:2b:bb:17:b0:d6:c7:7b:33:25:37:
10:a6:3f:0b:29:ae:4a:4d:93:45:4c:00:f5:cc:03:42:3b:ee:
ac:5f:61:2c:51:6c:14:bc:84:ef:ef:b8:47:97:64:e8:f6:9e:
48:49:4c:40:40:f6:4d:84:98:ec:c5:57:22:c5:92:10:85:05:
62:18:5c:3c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbkOIWd9u29eMUbi+zYPse5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YjlkZjdlOThmNmYzOWZlMmJhNDAyMmRhMjc3ZDI4MTk4
MjgwMjEwHhcNMjMwMzE1MDc0MjM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Q4ZDY5OGJiZTlhZjJmNGMyMzdkZTY2NWE4NzBmMzUzNDY0MjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDcFWtYAghCmU9v3/anUDsLV4RfX
oVpcEvxWImTO1djgz67cFLpqFD7L5KiCtsj0DepeyY75P6s4ZACekxwPbymUmDvP
uZx/9YCidmKnq5+fa0XH7YAFUMV+bEnV1GNsjldayXdgIGc7rL6jH3bYAD5Xmz3d
L+zOD+HZwL6seWIW3uLZjOaiDgUHKa9Z9suCtEpDbEAxO2F+e6b+thdRXB+X9mcU
bJUd/FFMYyY2cTYl63TTitmNGhb7CosXbpqFCO38/942rXeicDLxUo9qi35CGA+U
LbZBO9aZvRTSr2hXVXA1KsARfP+lj1lr2DDxyXmT4yC1DlcQYMVvA49SzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGPY1pi76a8vTCN95mWocPNTRkJiMB8GA1UdIwQY
MBaAFKW5336Y9vOf4rpAItonfSgZgoAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAt
MGFjN2I3ZWRlNDJiLzEvWTlqV21MdnByeTlNSTMzbVphaHc4MU5HUW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAtMGFjN2I3ZWRlNDJi
LzEvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYpoAwQC
uQjsMA0EAgACMAcDBQMqDqzAMA0GCSqGSIb3DQEBCwUAA4IBAQCGpftKJH4ioUr/
gJtiRjKiLOfiW9skNRjxUYg1a0zvIU99C5Kn3Lg/gUzUNehTGf8LaNpClGw5MWb5
Qd8P62aoI/xRr6sgGt5VnYmlHWfId2JfLn9I3hCQ63F2h/k49OxzEKrlrEeNOROY
zDzsGXIqG8q6qTgCUxQF2hEbIFO5du/qIbmaAO67UFjbM6V9LQjDHZ3ZHqn1iyka
/vRKcL4D5GC0MURo6nlQmCEUnYABB5mu9N9zjLQ9mvCC7Cu7F7DWx3szJTcQpj8L
Ka5KTZNFTAD1zANCO+6sX2EsUWwUvITv77hHl2To9p5ISUxAQPZNhJjsxVcixZIQ
hQViGFw8
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:21:03 2025 by rpki-client