Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/KptzTVKofT75PoMK3Q5Zmj76vJ8.roa
File: KptzTVKofT75PoMK3Q5Zmj76vJ8.roa (raw, json)
Hash identifier: 7w7TvQWh2070IvNckPLsdBYJ08rFsm4oOr0FWf6TY0c=
Subject key identifier: 2A:9B:73:4D:52:A8:7D:3E:F9:3E:83:0A:DD:0E:59:9A:3E:FA:BC:9F
Certificate issuer: /CN=0a4a702f677f336d9b3e36c384ebc8c9fd8859f4
Certificate serial: 05B97B83
Authority key identifier: 0A:4A:70:2F:67:7F:33:6D:9B:3E:36:C3:84:EB:C8:C9:FD:88:59:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkpwL2d_M22bPjbDhOvIyf2IWfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/KptzTVKofT75PoMK3Q5Zmj76vJ8.roa
Signing time: Sat 01 Jan 2022 14:59:54 +0000
ROA not before: Sat 01 Jan 2022 14:59:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208395
IP address blocks: 45.139.136.0/22 maxlen: 22
2a0e:b940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96041859 (0x5b97b83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a4a702f677f336d9b3e36c384ebc8c9fd8859f4
Validity
Not Before: Jan 1 14:59:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a9b734d52a87d3ef93e830add0e599a3efabc9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:4a:16:7e:c2:41:02:02:86:30:64:c1:1f:dc:
7d:83:77:d1:91:41:98:a8:81:27:7d:f3:da:f4:54:
c6:64:73:45:f9:72:bb:cb:18:5a:bd:42:37:89:3f:
9d:67:1f:14:d8:d4:3e:e4:c2:c6:8f:13:80:9b:e3:
40:44:82:a3:83:52:cf:5d:89:96:72:c8:20:0a:a9:
67:dd:f8:33:a3:15:0e:14:b4:49:29:d8:fc:5c:2e:
c6:b3:15:69:e1:d6:ff:1d:0b:8d:b1:c2:1a:3b:ed:
fa:d4:83:15:be:b0:cd:f0:e8:0a:b2:61:60:ee:79:
0e:bf:40:bd:2d:17:56:40:7b:90:84:a5:fe:c0:27:
6a:41:92:73:e4:e0:ff:ff:45:33:7e:ae:85:bc:dd:
f0:08:58:95:90:06:ed:bf:15:59:1b:e8:31:ea:56:
9c:33:ef:c6:87:1a:ca:62:35:6c:91:b2:11:34:d1:
f7:e2:c4:de:21:91:e5:03:fd:07:fd:ad:fa:00:6e:
d6:dd:1e:9d:83:bd:57:6f:06:c7:55:40:68:53:08:
4f:a2:46:2a:ae:e2:9f:d5:fd:60:eb:7c:ea:24:a6:
72:20:d8:00:69:84:e4:d4:81:86:24:e4:6f:1c:75:
8a:27:d3:b6:79:68:bf:be:a4:5d:02:71:b9:38:9e:
67:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:9B:73:4D:52:A8:7D:3E:F9:3E:83:0A:DD:0E:59:9A:3E:FA:BC:9F
X509v3 Authority Key Identifier:
keyid:0A:4A:70:2F:67:7F:33:6D:9B:3E:36:C3:84:EB:C8:C9:FD:88:59:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkpwL2d_M22bPjbDhOvIyf2IWfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/KptzTVKofT75PoMK3Q5Zmj76vJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/CkpwL2d_M22bPjbDhOvIyf2IWfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.136.0/22
IPv6:
2a0e:b940::/29
Signature Algorithm: sha256WithRSAEncryption
7a:40:39:4a:5b:e2:32:66:3d:49:56:68:ef:ac:80:f1:2c:23:
f7:5f:af:bf:64:3f:f7:ed:61:9d:f8:b7:81:ec:ea:47:8f:f6:
f7:be:ae:e7:5d:9c:a9:8d:43:99:fc:66:d1:1e:3e:43:3d:3f:
0b:b1:fc:f8:4d:67:3c:90:91:6b:25:9b:e2:61:bf:30:c3:3c:
80:8e:6f:36:ac:72:ae:0d:86:7e:77:a5:ca:5b:fc:b1:fa:20:
5a:83:e0:8f:4a:de:64:bd:75:19:6f:49:7a:62:33:e2:0c:77:
09:c2:88:67:a1:cc:76:07:f4:49:92:02:7e:e4:b9:13:1e:fb:
a0:f3:d8:60:a9:59:e7:52:53:66:bc:b1:f1:1b:f9:5f:77:4f:
5d:2b:ad:ab:f0:ab:29:95:40:4e:e2:78:fc:54:14:f1:36:d3:
23:3c:d2:74:d2:09:b5:37:90:d7:be:eb:a6:f4:ac:cd:e2:8b:
94:7d:de:a3:83:29:36:17:fe:a6:37:b6:24:01:bb:df:de:cc:
88:b3:1a:fd:5b:60:c5:1c:1d:1d:92:93:7c:67:f3:a3:ee:08:
08:7e:e0:1f:93:36:74:08:3b:80:62:2a:1c:ec:4c:ab:be:bd:
f2:ba:f4:05:cd:df:0b:91:6c:90:b7:5e:fd:57:69:1d:e6:b8:
54:c9:1c:da
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBbl7gzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTRhNzAyZjY3N2YzMzZkOWIzZTM2YzM4NGViYzhjOWZkODg1OWY0MB4XDTIyMDEw
MTE0NTk1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE5YjczNGQ1MmE4
N2QzZWY5M2U4MzBhZGQwZTU5OWEzZWZhYmM5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOlKFn7CQQIChjBkwR/cfYN30ZFBmKiBJ33z2vRUxmRzRfly
u8sYWr1CN4k/nWcfFNjUPuTCxo8TgJvjQESCo4NSz12JlnLIIAqpZ934M6MVDhS0
SSnY/FwuxrMVaeHW/x0LjbHCGjvt+tSDFb6wzfDoCrJhYO55Dr9AvS0XVkB7kISl
/sAnakGSc+Tg//9FM36uhbzd8AhYlZAG7b8VWRvoMepWnDPvxocaymI1bJGyETTR
9+LE3iGR5QP9B/2t+gBu1t0enYO9V28Gx1VAaFMIT6JGKq7in9X9YOt86iSmciDY
AGmE5NSBhiTkbxx1iifTtnlov76kXQJxuTieZ4kCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQqm3NNUqh9Pvk+gwrdDlmaPvq8nzAfBgNVHSMEGDAWgBQKSnAvZ38zbZs+
NsOE68jJ/YhZ9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NrcHdMMmRfTTIyYlBqYkRoT3ZJeWYySVdmUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvZGE1YjMyLTIwYTctNGUwYS1iODM0LWVmMzE3MTU2MTFhYS8x
L0twdHpUVktvZlQ3NVBvTUszUTVabWo3NnZKOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
ZGE1YjMyLTIwYTctNGUwYS1iODM0LWVmMzE3MTU2MTFhYS8xL0NrcHdMMmRfTTIy
YlBqYkRoT3ZJeWYySVdmUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2LiDANBAIAAjAHAwUDKg65QDAN
BgkqhkiG9w0BAQsFAAOCAQEAekA5SlviMmY9SVZo76yA8Swj91+vv2Q/9+1hnfi3
gezqR4/2976u512cqY1Dmfxm0R4+Qz0/C7H8+E1nPJCRayWb4mG/MMM8gI5vNqxy
rg2Gfnelylv8sfogWoPgj0reZL11GW9JemIz4gx3CcKIZ6HMdgf0SZICfuS5Ex77
oPPYYKlZ51JTZryx8Rv5X3dPXSutq/CrKZVATuJ4/FQU8TbTIzzSdNIJtTeQ177r
pvSszeKLlH3eo4MpNhf+pje2JAG7397MiLMa/VtgxRwdHZKTfGfzo+4ICH7gH5M2
dAg7gGIqHOxMq7698rr0Bc3fC5FskLde/VdpHea4VMkc2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:37 2024 by rpki-client on console-ams.rpki-client.org