Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/3fIPrWYv1vYYUmwLYUZhAQOCOuM.roa
File: 3fIPrWYv1vYYUmwLYUZhAQOCOuM.roa (raw, json)
Hash identifier: p6MGCWRUZNzss9Q51wulscboG2WFRESjT61m0VeV0eg=
Subject key identifier: DD:F2:0F:AD:66:2F:D6:F6:18:52:6C:0B:61:46:61:01:03:82:3A:E3
Certificate issuer: /CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Certificate serial: 01856C7839EED44E806DE9F2E3FC7E4D636A
Authority key identifier: BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/3fIPrWYv1vYYUmwLYUZhAQOCOuM.roa
Signing time: Sun 01 Jan 2023 08:34:56 +0000
ROA not before: Sun 01 Jan 2023 08:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31122
IP address blocks: 45.129.89.0/24 maxlen: 24
45.129.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:39:ee:d4:4e:80:6d:e9:f2:e3:fc:7e:4d:63:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Validity
Not Before: Jan 1 08:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddf20fad662fd6f618526c0b6146610103823ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4d:a0:12:53:07:e6:8a:c1:8e:90:19:13:e3:
4d:40:90:06:52:8d:3b:5e:c9:38:56:af:a4:3c:10:
7c:32:28:38:f2:73:4e:48:49:4e:4c:36:6e:9b:14:
0d:9b:b8:a4:5e:bf:e4:e0:ae:69:a5:b1:ac:0d:09:
9d:af:38:45:31:ed:04:9c:3a:54:2e:31:d0:5f:99:
8f:f8:e4:ca:66:69:f3:0f:3e:e9:77:25:85:c5:44:
cd:ea:a0:71:d4:91:bd:95:d2:b2:ac:5f:c7:44:43:
2a:b1:78:70:45:41:49:ce:06:a6:3b:2e:57:21:e7:
03:88:67:9e:27:86:d4:4c:48:2a:34:82:45:39:d7:
7d:fe:85:80:9d:e8:42:ce:8e:16:90:de:6a:a9:94:
88:eb:31:c5:43:5d:fb:e4:83:0c:2a:9c:d3:05:3c:
85:07:49:bd:bc:e2:86:bf:d6:08:5d:15:14:af:1f:
1a:34:cd:b7:cd:76:5d:58:4d:6c:47:78:19:da:2c:
84:5f:54:13:29:3f:b4:a1:3f:16:4f:e3:2e:2e:79:
9c:c0:ef:31:d2:7b:c2:82:71:d4:5e:ec:2e:90:ca:
ac:7a:83:48:07:39:d4:fe:34:5c:86:1e:40:3e:22:
82:2d:73:58:ef:2d:2f:fb:c7:f6:3d:d5:a5:12:36:
7c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F2:0F:AD:66:2F:D6:F6:18:52:6C:0B:61:46:61:01:03:82:3A:E3
X509v3 Authority Key Identifier:
keyid:BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/3fIPrWYv1vYYUmwLYUZhAQOCOuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.89.0/24
45.129.91.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:57:f5:d4:35:50:29:31:da:a9:b7:8f:e0:14:1c:c0:f2:7f:
60:17:81:a7:35:f4:63:33:27:71:b9:9a:a5:b1:4c:f5:37:a8:
8b:37:4f:03:99:2e:5a:65:8c:c8:35:b4:95:f3:56:ba:35:7f:
52:f3:d2:e5:f8:a9:80:e1:e2:63:11:12:30:59:92:f4:af:e7:
9d:c7:20:07:57:b6:b6:e5:9b:a6:57:97:7d:db:72:fc:85:48:
a8:37:32:ed:0e:d6:47:7c:4a:c1:63:b2:9d:ee:16:5e:9d:eb:
31:8a:04:90:f1:b5:8d:f6:91:7f:b5:fd:b4:e4:3d:a8:7d:85:
42:82:4f:ad:a9:e9:d8:76:94:fb:41:01:a5:59:35:7e:6c:50:
30:04:95:b3:a5:de:6e:2c:d6:64:ad:32:2c:2e:f9:d4:95:d7:
26:67:7a:d3:d4:24:6f:17:48:7b:49:4d:13:90:97:7c:8b:b3:
df:95:f3:46:19:57:4e:2d:8f:c6:81:3f:40:fc:2b:ce:6c:f1:
05:85:dc:b0:4a:ee:10:8e:3a:80:01:d4:cf:cd:c5:1f:d5:46:
79:04:25:72:d4:ed:1c:16:db:cb:f1:64:94:7c:68:88:c2:ed:
68:e9:70:8e:fd:8a:9e:55:8b:b1:1e:6e:ce:33:cb:16:29:46:
5f:83:1b:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVseDnu1E6Abeny4/x+TWNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3YjRjMDFlOTI5YzM4OTIzOTgxYWI1MWM5NzI3YTFm
OWYwN2UwHhcNMjMwMTAxMDgzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGYyMGZhZDY2MmZkNmY2MTg1MjZjMGI2MTQ2NjEwMTAzODIzYWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp02gElMH5orBjpAZE+NNQJAGUo07
Xsk4Vq+kPBB8Mig48nNOSElOTDZumxQNm7ikXr/k4K5ppbGsDQmdrzhFMe0EnDpU
LjHQX5mP+OTKZmnzDz7pdyWFxUTN6qBx1JG9ldKyrF/HREMqsXhwRUFJzgamOy5X
IecDiGeeJ4bUTEgqNIJFOdd9/oWAnehCzo4WkN5qqZSI6zHFQ1375IMMKpzTBTyF
B0m9vOKGv9YIXRUUrx8aNM23zXZdWE1sR3gZ2iyEX1QTKT+0oT8WT+MuLnmcwO8x
0nvCgnHUXuwukMqseoNIBznU/jRchh5APiKCLXNY7y0v+8f2PdWlEjZ8swIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN3yD61mL9b2GFJsC2FGYQEDgjrjMB8GA1UdIwQY
MBaAFLqqe0wB6SnDiSOYGrUclyeh+fB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUt
ZTY4ZjZjZjJjMGQyLzEvM2ZJUHJXWXYxdllZVW13TFlVWmhBUU9DT3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUtZTY4ZjZjZjJjMGQy
LzEvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYFZAwQA
LYFbMA0GCSqGSIb3DQEBCwUAA4IBAQCgV/XUNVApMdqpt4/gFBzA8n9gF4GnNfRj
MydxuZqlsUz1N6iLN08DmS5aZYzINbSV81a6NX9S89Ll+KmA4eJjERIwWZL0r+ed
xyAHV7a25ZumV5d923L8hUioNzLtDtZHfErBY7Kd7hZenesxigSQ8bWN9pF/tf20
5D2ofYVCgk+tqenYdpT7QQGlWTV+bFAwBJWzpd5uLNZkrTIsLvnUldcmZ3rT1CRv
F0h7SU0TkJd8i7PflfNGGVdOLY/GgT9A/CvObPEFhdywSu4QjjqAAdTPzcUf1UZ5
BCVy1O0cFtvL8WSUfGiIwu1o6XCO/YqeVYuxHm7OM8sWKUZfgxus
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:51 2025 by rpki-client