Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/86d23e-400a-4adc-80e4-905d9dcf50ae/1/tnWYxFVkW5BrwYyOB1zCvVNNex0.roa
File: tnWYxFVkW5BrwYyOB1zCvVNNex0.roa (raw, json)
Hash identifier: UkLG8MqtMqAowwfjYypYatRXD/1ZL3B6uraN4U955/A=
Subject key identifier: B6:75:98:C4:55:64:5B:90:6B:C1:8C:8E:07:5C:C2:BD:53:4D:7B:1D
Certificate issuer: /CN=519a6a9beb52eff29644659b9432a0a59237314c
Certificate serial: 03E559BC
Authority key identifier: 51:9A:6A:9B:EB:52:EF:F2:96:44:65:9B:94:32:A0:A5:92:37:31:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UZpqm-tS7_KWRGWblDKgpZI3MUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/86d23e-400a-4adc-80e4-905d9dcf50ae/1/tnWYxFVkW5BrwYyOB1zCvVNNex0.roa
Signing time: Sat 01 Jan 2022 01:00:58 +0000
ROA not before: Sat 01 Jan 2022 01:00:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44938
IP address blocks: 45.14.129.0/24 maxlen: 24
45.14.130.0/24 maxlen: 24
45.14.131.0/24 maxlen: 24
45.14.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65362364 (0x3e559bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=519a6a9beb52eff29644659b9432a0a59237314c
Validity
Not Before: Jan 1 01:00:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b67598c455645b906bc18c8e075cc2bd534d7b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c2:d8:dc:60:09:85:28:f1:b3:70:22:c0:a0:
e6:38:4c:3e:ea:a4:d9:f0:74:3a:e3:f4:40:56:38:
90:9c:5d:9e:65:49:82:7b:4f:f6:ed:b1:45:0d:4e:
a5:52:fe:5c:e4:67:d8:0b:4a:5e:f9:f1:43:d1:55:
35:9f:d7:b5:d5:de:50:a6:2e:b5:fa:ed:7d:15:94:
c1:52:cd:28:78:87:4a:4f:b4:31:b2:d2:1d:2d:da:
20:f5:06:d3:4e:bf:2b:ae:a7:a4:ff:47:ab:23:79:
4d:02:26:fc:8e:3d:5e:fa:1f:2b:e8:4b:29:0b:2c:
cb:6e:0a:d5:f7:0a:6e:10:3d:85:9c:ab:0d:88:6b:
3a:14:49:e9:e3:c6:2d:db:75:03:98:cb:8a:56:fe:
08:19:5b:a2:e5:bf:70:2f:6b:92:fd:73:a0:9e:a0:
4a:e4:0b:b6:d7:0c:58:c0:81:6c:9d:11:40:f7:4d:
a8:af:76:fb:95:ed:3f:ce:38:84:66:6c:9f:85:08:
48:37:02:41:96:1e:a1:2a:58:f6:40:47:18:4a:d7:
e0:e7:d7:31:28:b9:e7:c4:9f:ad:1d:4d:67:76:fe:
fe:ad:bc:1a:10:bf:e8:3a:8c:83:dc:9d:b0:42:59:
99:2e:b7:ac:09:12:1a:d9:dd:2b:03:a3:fd:c0:82:
5c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:75:98:C4:55:64:5B:90:6B:C1:8C:8E:07:5C:C2:BD:53:4D:7B:1D
X509v3 Authority Key Identifier:
keyid:51:9A:6A:9B:EB:52:EF:F2:96:44:65:9B:94:32:A0:A5:92:37:31:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UZpqm-tS7_KWRGWblDKgpZI3MUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/86d23e-400a-4adc-80e4-905d9dcf50ae/1/tnWYxFVkW5BrwYyOB1zCvVNNex0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/86d23e-400a-4adc-80e4-905d9dcf50ae/1/UZpqm-tS7_KWRGWblDKgpZI3MUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.128.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:98:4c:57:09:d9:ae:84:e3:22:85:67:e2:cf:75:ad:2d:ee:
25:fe:47:02:ff:f5:d3:ef:f9:23:73:0e:13:1a:da:c2:ea:31:
a6:d1:14:e6:bd:d2:2c:cd:e2:8d:5b:b4:5c:2c:1a:24:cd:df:
6f:02:31:fb:7d:7f:b2:e9:d1:95:e7:86:b9:02:b2:ba:f4:49:
24:94:a5:06:cb:3f:d3:e1:b8:a7:68:97:f8:12:1f:db:43:92:
63:4a:5b:1d:6a:f8:4a:66:c3:d5:d2:df:40:64:48:00:30:c0:
72:69:27:c4:2b:e6:d3:1e:8a:9e:bd:df:7a:0c:b1:01:d7:68:
6d:54:1f:6f:4e:1b:6f:b2:a4:4b:bd:2e:36:1c:d9:63:0e:bc:
c7:66:fd:31:c3:2b:f8:19:e4:70:51:94:02:a8:33:23:5a:12:
c4:32:38:20:4e:aa:da:f0:76:03:f6:47:3c:31:a5:7f:23:53:
29:9e:79:25:4c:95:53:54:d3:24:f9:7f:72:ed:5c:57:ff:5d:
a8:1c:71:e3:55:a4:80:93:40:c2:ea:20:74:67:05:61:5b:ed:
fe:b9:f4:d9:57:fc:a6:31:68:72:2e:7f:a8:fd:66:cb:85:25:
fb:88:ba:ed:18:f7:51:9a:f1:95:7d:45:6b:63:74:ba:30:48:
4a:d2:07:32
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+VZvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MTlhNmE5YmViNTJlZmYyOTY0NDY1OWI5NDMyYTBhNTkyMzczMTRjMB4XDTIyMDEw
MTAxMDA1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY3NTk4YzQ1NTY0
NWI5MDZiYzE4YzhlMDc1Y2MyYmQ1MzRkN2IxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnC2NxgCYUo8bNwIsCg5jhMPuqk2fB0OuP0QFY4kJxdnmVJ
gntP9u2xRQ1OpVL+XORn2AtKXvnxQ9FVNZ/XtdXeUKYutfrtfRWUwVLNKHiHSk+0
MbLSHS3aIPUG006/K66npP9HqyN5TQIm/I49XvofK+hLKQssy24K1fcKbhA9hZyr
DYhrOhRJ6ePGLdt1A5jLilb+CBlbouW/cC9rkv1zoJ6gSuQLttcMWMCBbJ0RQPdN
qK92+5XtP844hGZsn4UISDcCQZYeoSpY9kBHGErX4OfXMSi558SfrR1NZ3b+/q28
GhC/6DqMg9ydsEJZmS63rAkSGtndKwOj/cCCXAMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS2dZjEVWRbkGvBjI4HXMK9U017HTAfBgNVHSMEGDAWgBRRmmqb61Lv8pZE
ZZuUMqClkjcxTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VacHFtLXRTN19LV1JHV2JsREtncFpJM01Vdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvODZkMjNlLTQwMGEtNGFkYy04MGU0LTkwNWQ5ZGNmNTBhZS8x
L3RuV1l4RlZrVzVCcndZeU9CMXpDdlZOTmV4MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
ODZkMjNlLTQwMGEtNGFkYy04MGU0LTkwNWQ5ZGNmNTBhZS8xL1VacHFtLXRTN19L
V1JHV2JsREtncFpJM01Vdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi0OgDANBgkqhkiG9w0BAQsFAAOC
AQEADJhMVwnZroTjIoVn4s91rS3uJf5HAv/10+/5I3MOExrawuoxptEU5r3SLM3i
jVu0XCwaJM3fbwIx+31/sunRleeGuQKyuvRJJJSlBss/0+G4p2iX+BIf20OSY0pb
HWr4SmbD1dLfQGRIADDAcmknxCvm0x6Knr3fegyxAddobVQfb04bb7KkS70uNhzZ
Yw68x2b9McMr+BnkcFGUAqgzI1oSxDI4IE6q2vB2A/ZHPDGlfyNTKZ55JUyVU1TT
JPl/cu1cV/9dqBxx41WkgJNAwuogdGcFYVvt/rn02Vf8pjFoci5/qP1my4Ul+4i6
7Rj3UZrxlX1Fa2N0ujBIStIHMg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:28:11 2025 by rpki-client