Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/f5I4OEmtxy1pTHYdd6BMvaJsKY4.roa
File: f5I4OEmtxy1pTHYdd6BMvaJsKY4.roa (raw, json)
Hash identifier: Lxov2rWhr1NwNA6ObbIjBmuEA7u9n61ywhEI6iWk2mg=
Subject key identifier: 7F:92:38:38:49:AD:C7:2D:69:4C:76:1D:77:A0:4C:BD:A2:6C:29:8E
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018ADBE4EA792127B8DF925E6D3EFE3448F1
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/f5I4OEmtxy1pTHYdd6BMvaJsKY4.roa
Signing time: Thu 28 Sep 2023 13:05:27 +0000
ROA not before: Thu 28 Sep 2023 13:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 152.89.28.0/22 maxlen: 22
45.138.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:e4:ea:79:21:27:b8:df:92:5e:6d:3e:fe:34:48:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Sep 28 13:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f92383849adc72d694c761d77a04cbda26c298e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:05:30:85:9f:59:03:f7:ed:d5:5e:05:b9:70:
7a:be:ab:73:6a:0d:1b:18:39:88:98:bd:4b:40:d4:
8b:f0:e1:be:8c:d3:c2:70:a7:99:b7:9b:41:7a:bf:
a5:ab:18:b5:20:fe:9e:ce:b9:74:fd:5d:37:15:08:
c9:8a:cb:fd:7d:7d:c6:6e:f3:a8:84:76:00:ab:a2:
97:d3:2d:66:06:08:bb:7c:d2:6e:ad:9d:f5:69:cc:
ad:bc:13:50:2b:48:03:40:54:6d:db:57:e6:d7:fc:
1c:ae:80:69:0c:ba:0e:e3:58:b5:53:aa:a8:29:81:
02:58:be:08:dc:70:db:5d:4b:af:3d:76:19:71:fe:
f1:04:f0:b1:96:59:88:23:fa:b0:69:e7:15:d6:2b:
bd:77:d3:93:f7:43:2c:9b:67:e9:cc:68:ee:64:28:
36:56:bc:73:70:be:d7:78:a2:73:2e:e5:a2:13:2c:
60:2a:01:02:33:14:3c:f1:8f:58:eb:ab:bd:12:51:
cc:28:83:84:10:04:5c:37:3c:35:1a:b5:71:91:6c:
f8:52:a1:3e:de:65:77:58:44:dc:26:46:d6:7e:40:
b9:8a:d4:57:b5:17:fb:02:ab:e7:ac:79:67:d8:3b:
e2:b8:82:dd:b9:26:99:0b:70:4a:bd:07:63:4e:a0:
4e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:92:38:38:49:AD:C7:2D:69:4C:76:1D:77:A0:4C:BD:A2:6C:29:8E
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/f5I4OEmtxy1pTHYdd6BMvaJsKY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/22
152.89.28.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:31:a1:2e:69:f3:24:88:83:4b:7c:d6:96:16:81:25:99:98:
b3:ef:f1:4e:2f:dc:cf:71:04:3b:7a:95:d6:92:1d:0e:ef:76:
dd:d7:21:19:1b:16:66:05:06:d0:4c:f8:a2:54:6e:db:d8:22:
71:06:28:77:a9:67:39:6f:4f:f2:8d:ba:cf:85:80:11:29:94:
ca:e8:54:6c:74:6e:d0:af:2c:03:e7:a3:95:20:94:10:f8:e4:
3f:09:20:bf:b4:87:ca:a4:1c:c9:79:f4:e3:55:2c:07:1f:e0:
88:8a:d8:4a:80:55:ee:f4:91:38:1e:7a:21:6e:9c:03:68:e4:
36:6b:f7:69:a1:41:a4:2c:49:fa:5d:8b:21:36:80:e9:0c:e4:
5f:41:1c:23:5c:62:4e:05:0e:8d:c7:0a:55:03:27:86:1e:28:
dc:1e:0f:31:20:38:bd:95:e2:18:9c:16:4c:64:51:5d:3e:69:
74:37:fe:8b:1f:08:92:3d:e5:ed:de:66:0b:f0:7f:ab:9c:fa:
2b:c4:f0:f0:e8:c1:83:f1:0d:57:2f:7f:60:ce:05:24:2d:d6:
e6:52:57:76:cd:ad:90:a9:a6:f6:af:9a:b5:05:5f:55:a8:c1:
ec:45:89:17:da:7a:dc:5b:e0:ac:93:4e:b2:d4:42:87:83:ba:
09:0b:ed:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrb5Op5ISe435JebT7+NEjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMwOTI4MTMwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjkyMzgzODQ5YWRjNzJkNjk0Yzc2MWQ3N2EwNGNiZGEyNmMyOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogUwhZ9ZA/ft1V4FuXB6vqtzag0b
GDmImL1LQNSL8OG+jNPCcKeZt5tBer+lqxi1IP6ezrl0/V03FQjJisv9fX3GbvOo
hHYAq6KX0y1mBgi7fNJurZ31acytvBNQK0gDQFRt21fm1/wcroBpDLoO41i1U6qo
KYECWL4I3HDbXUuvPXYZcf7xBPCxllmII/qwaecV1iu9d9OT90Msm2fpzGjuZCg2
VrxzcL7XeKJzLuWiEyxgKgECMxQ88Y9Y66u9ElHMKIOEEARcNzw1GrVxkWz4UqE+
3mV3WETcJkbWfkC5itRXtRf7AqvnrHln2DviuILduSaZC3BKvQdjTqBORwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH+SODhJrcctaUx2HXegTL2ibCmOMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvZjVJNE9FbXR4eTFwVEhZZGQ2Qk12YUpzS1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYoMAwQC
mFkcMA0GCSqGSIb3DQEBCwUAA4IBAQBPMaEuafMkiINLfNaWFoElmZiz7/FOL9zP
cQQ7epXWkh0O73bd1yEZGxZmBQbQTPiiVG7b2CJxBih3qWc5b0/yjbrPhYARKZTK
6FRsdG7QrywD56OVIJQQ+OQ/CSC/tIfKpBzJefTjVSwHH+CIithKgFXu9JE4Hnoh
bpwDaOQ2a/dpoUGkLEn6XYshNoDpDORfQRwjXGJOBQ6NxwpVAyeGHijcHg8xIDi9
leIYnBZMZFFdPml0N/6LHwiSPeXt3mYL8H+rnPorxPDw6MGD8Q1XL39gzgUkLdbm
Uld2za2Qqab2r5q1BV9VqMHsRYkX2nrcW+Csk06y1EKHg7oJC+3o
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:27:42 2025 by rpki-client