Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/T11jq92Cxrn4pGPbi9RCZUY4c8Y.roa
File: T11jq92Cxrn4pGPbi9RCZUY4c8Y.roa (raw, json)
Hash identifier: DT/XJzcGhhKtLN/UqbmJsEGaRVKyjtyiDWNV/BpCXzo=
Subject key identifier: 4F:5D:63:AB:DD:82:C6:B9:F8:A4:63:DB:8B:D4:42:65:46:38:73:C6
Certificate issuer: /CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Certificate serial: 0185786BB0F1D3CAA3E10CBF511403EEE0CA
Authority key identifier: 1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/T11jq92Cxrn4pGPbi9RCZUY4c8Y.roa
Signing time: Tue 03 Jan 2023 16:16:41 +0000
ROA not before: Tue 03 Jan 2023 16:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60767
IP address blocks: 45.95.204.0/22 maxlen: 24
2a0e:3940:f000::/36 maxlen: 44
2a0e:3940:1000::/36 maxlen: 44
2a0e:3940:2000::/36 maxlen: 44
2a0e:3940::/34 maxlen: 36
2a0e:3940:d000::/36 maxlen: 36
2a0e:3940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:78:6b:b0:f1:d3:ca:a3:e1:0c:bf:51:14:03:ee:e0:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Validity
Not Before: Jan 3 16:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f5d63abdd82c6b9f8a463db8bd44265463873c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:75:7f:22:76:23:3e:4a:88:63:00:2b:04:8d:
50:57:8f:9d:16:82:db:28:7e:78:a5:78:fe:06:77:
3f:ce:2d:f5:c9:04:17:83:c2:49:e9:26:b3:a6:e4:
22:e5:fa:fc:c5:87:b0:6d:54:7a:7f:a5:0e:fc:b2:
c5:6c:e7:13:0e:66:12:88:1e:1e:1f:ed:6b:25:17:
21:2e:3f:82:ef:66:7e:1c:a8:12:99:9e:5e:15:f0:
cd:b6:4b:e9:7d:ed:a2:3b:9e:51:44:d6:ee:45:61:
16:d2:89:30:34:6f:37:5f:ba:d4:24:ab:47:92:19:
11:5a:0a:65:65:d5:b6:60:5e:65:16:70:90:b6:a1:
07:45:a9:31:1f:9e:a6:f6:ea:43:87:e7:2d:d6:42:
31:14:ad:41:fa:c9:2e:1c:12:e0:66:18:5c:d0:8d:
92:29:97:8c:77:64:93:2a:5d:ae:77:3c:b5:cf:a1:
eb:47:c3:76:5e:18:0a:89:d4:41:b6:c0:c6:fd:f2:
fe:8e:e4:6a:60:fd:6d:b8:1d:90:dc:1a:e2:c9:ec:
03:2b:cc:7d:40:07:85:7c:f1:36:28:5e:2e:b6:5c:
bc:bd:45:14:61:00:17:18:e7:97:21:6c:28:3b:4d:
84:58:81:b9:76:06:af:d0:65:53:3a:ac:bb:1b:d2:
47:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:5D:63:AB:DD:82:C6:B9:F8:A4:63:DB:8B:D4:42:65:46:38:73:C6
X509v3 Authority Key Identifier:
keyid:1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/T11jq92Cxrn4pGPbi9RCZUY4c8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.204.0/22
IPv6:
2a0e:3940::/29
Signature Algorithm: sha256WithRSAEncryption
49:06:be:ed:80:e6:cf:3b:be:0b:fc:eb:35:3b:b0:aa:ae:b3:
67:c1:c5:9a:04:0a:b5:3f:fe:db:85:ba:b1:34:c9:57:2f:37:
6a:f1:e4:82:e1:e0:d3:14:ec:65:44:4d:93:39:2e:95:c7:53:
3c:d3:23:6f:33:33:ec:e6:56:27:80:94:08:57:2a:e3:75:d5:
5d:2d:29:24:dc:95:74:3d:9e:91:a7:fe:bb:26:81:6e:b8:e1:
73:1b:68:b0:12:82:8a:38:9c:8f:6f:3f:f4:84:b9:81:0d:c7:
8c:32:85:2f:b9:45:17:af:a1:0f:7b:a6:9a:a1:f9:3e:68:d1:
58:94:2a:a1:cb:dc:66:da:14:c0:94:fd:cb:ea:6b:88:e1:45:
4d:25:e5:6e:a1:3f:01:d4:8f:61:92:85:e2:3b:56:c6:09:94:
19:d9:0f:f1:e0:22:85:39:15:dd:1e:76:7a:21:c4:22:d3:b5:
82:d4:b4:d7:a0:f5:36:87:9e:25:d4:16:3b:e2:75:83:5b:30:
61:a1:c0:0d:45:69:8c:82:fd:e6:dc:f0:2d:a5:2b:d2:17:02:
38:24:ca:43:b6:35:a4:2d:8d:27:bb:a5:c8:42:09:40:92:d0:
29:0f:83:67:72:8f:37:21:9a:c8:99:cb:08:dd:8a:89:04:6e:
ae:e9:da:a3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYV4a7Dx08qj4Qy/URQD7uDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjFhYTVkMWJlZmQ3YTBmZTNlNGRmZTNhYThkYTczZWZj
ZmJhMzQwHhcNMjMwMTAzMTYxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjVkNjNhYmRkODJjNmI5ZjhhNDYzZGI4YmQ0NDI2NTQ2Mzg3M2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnV/InYjPkqIYwArBI1QV4+dFoLb
KH54pXj+Bnc/zi31yQQXg8JJ6SazpuQi5fr8xYewbVR6f6UO/LLFbOcTDmYSiB4e
H+1rJRchLj+C72Z+HKgSmZ5eFfDNtkvpfe2iO55RRNbuRWEW0okwNG83X7rUJKtH
khkRWgplZdW2YF5lFnCQtqEHRakxH56m9upDh+ct1kIxFK1B+skuHBLgZhhc0I2S
KZeMd2STKl2udzy1z6HrR8N2XhgKidRBtsDG/fL+juRqYP1tuB2Q3BriyewDK8x9
QAeFfPE2KF4utly8vUUUYQAXGOeXIWwoO02EWIG5dgav0GVTOqy7G9JHJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE9dY6vdgsa5+KRj24vUQmVGOHPGMB8GA1UdIwQY
MBaAFB9hql0b79eg/j5N/jqo2nPvz7o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUt
YzYyMWU4ZGY5NWZmLzEvVDExanE5MkN4cm40cEdQYmk5UkNaVVk0YzhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUtYzYyMWU4ZGY5NWZm
LzEvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLV/MMA0E
AgACMAcDBQMqDjlAMA0GCSqGSIb3DQEBCwUAA4IBAQBJBr7tgObPO74L/Os1O7Cq
rrNnwcWaBAq1P/7bhbqxNMlXLzdq8eSC4eDTFOxlRE2TOS6Vx1M80yNvMzPs5lYn
gJQIVyrjddVdLSkk3JV0PZ6Rp/67JoFuuOFzG2iwEoKKOJyPbz/0hLmBDceMMoUv
uUUXr6EPe6aaofk+aNFYlCqhy9xm2hTAlP3L6muI4UVNJeVuoT8B1I9hkoXiO1bG
CZQZ2Q/x4CKFORXdHnZ6IcQi07WC1LTXoPU2h54l1BY74nWDWzBhocANRWmMgv3m
3PAtpSvSFwI4JMpDtjWkLY0nu6XIQglAktApD4Nnco83IZrImcsI3YqJBG6u6dqj
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:05:44 2025 by rpki-client