Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/6PtmmuD5pvvmOEjU39OWY2yOYKs.roa
File: 6PtmmuD5pvvmOEjU39OWY2yOYKs.roa (raw, json)
Hash identifier: 277LjjVc24xcK0onXXtIE+eoN2BpAEb8L/PM2cGVqAU=
Subject key identifier: E8:FB:66:9A:E0:F9:A6:FB:E6:38:48:D4:DF:D3:96:63:6C:8E:60:AB
Certificate issuer: /CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Certificate serial: 0185724C818A76C5C84DE5AFE55AF1E8CE24
Authority key identifier: DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/6PtmmuD5pvvmOEjU39OWY2yOYKs.roa
Signing time: Mon 02 Jan 2023 11:44:54 +0000
ROA not before: Mon 02 Jan 2023 11:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12293
IP address blocks: 45.132.64.0/22 maxlen: 22
2a0c:1180::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:81:8a:76:c5:c8:4d:e5:af:e5:5a:f1:e8:ce:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Validity
Not Before: Jan 2 11:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8fb669ae0f9a6fbe63848d4dfd396636c8e60ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:07:f8:d2:47:7d:53:46:33:79:96:47:77:c0:
77:2b:d5:02:19:9b:d6:bb:d8:61:a0:b4:04:8e:b9:
2d:0b:35:87:d0:57:04:2a:ee:99:0b:1e:3e:6f:cd:
0d:78:c0:f0:85:7a:82:c0:1b:4a:f7:25:e2:3a:9f:
5d:83:cf:93:f5:ee:df:5e:76:40:b6:98:82:6c:ca:
c0:96:e9:a0:5f:2a:b4:ae:79:47:1a:c7:0b:c4:11:
9a:1a:12:90:2e:a4:65:fc:b8:2d:7d:b3:a8:84:ce:
ee:71:c5:a3:db:75:4f:6c:17:63:1a:a3:9d:f2:f8:
95:1f:9e:63:46:68:29:07:80:48:91:2d:02:46:5d:
a8:18:68:6c:76:1f:66:5a:1d:b9:d6:cc:5d:c8:39:
25:f3:55:35:d3:55:fe:62:f5:f6:93:86:54:45:0b:
76:1a:27:80:bd:08:ad:ed:7f:e7:fb:34:71:6e:62:
82:94:8e:e5:3f:60:62:6e:0a:6a:b5:f3:34:d4:a6:
3f:61:7f:f3:b9:21:6e:bf:08:d8:24:1d:36:0f:48:
71:9e:04:50:50:8b:b3:19:cb:ec:92:1f:78:00:67:
33:93:fb:90:e3:86:30:ad:cd:dc:b8:f6:f4:7a:36:
6b:55:7e:ea:13:93:b4:1a:8d:2b:b1:06:b9:66:dd:
97:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:FB:66:9A:E0:F9:A6:FB:E6:38:48:D4:DF:D3:96:63:6C:8E:60:AB
X509v3 Authority Key Identifier:
keyid:DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/6PtmmuD5pvvmOEjU39OWY2yOYKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.64.0/22
IPv6:
2a0c:1180::/40
Signature Algorithm: sha256WithRSAEncryption
4c:eb:19:83:0e:98:20:ef:4a:d3:5f:5e:0b:f8:51:6d:0b:de:
ec:3c:a1:7f:ab:cb:2a:12:4b:09:d6:97:df:6c:42:a1:c0:d5:
23:9f:85:0a:ff:8c:ba:32:f6:6b:f3:17:a7:87:c0:25:a2:ac:
ff:92:c4:a3:69:9b:63:dc:57:27:47:f7:ff:f1:60:82:63:c9:
21:b1:cd:c2:e1:9f:c1:ab:48:af:bc:f6:ec:9d:14:db:60:b5:
1c:e2:03:61:11:71:c3:4b:94:6f:09:4e:0d:80:36:fe:22:c2:
77:98:12:c8:8d:d3:57:2f:1b:aa:63:f0:c2:af:c9:cb:25:fc:
c2:b5:19:2e:fa:0e:35:16:bc:2c:86:e2:a2:fd:e6:19:f6:80:
9a:68:34:f4:19:5c:53:d0:e0:c6:6b:d1:69:dd:de:a8:00:04:
b3:84:30:2a:c1:2e:70:17:93:a6:d4:98:d2:7e:fe:6c:9f:d9:
1f:24:b4:f1:e5:45:16:19:73:b2:c5:fc:1f:71:46:fa:0c:98:
bb:8a:2d:64:48:7d:a2:2d:be:cc:3e:6f:c1:23:d8:3b:a7:c7:
06:a6:ed:8e:d4:af:ce:a0:26:a2:84:cb:14:0c:43:a4:d1:73:
0c:03:00:e3:c5:8c:e7:ba:91:23:a1:db:c6:aa:e8:67:a5:b5:
a0:6a:33:2e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVyTIGKdsXITeWv5Vrx6M4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMjkyMTk4OWQ3ZDkwYzY0ZWJiMzU2NTg4MzFmZTZhOGY0
OWM5MzgwHhcNMjMwMTAyMTE0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGZiNjY5YWUwZjlhNmZiZTYzODQ4ZDRkZmQzOTY2MzZjOGU2MGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwf40kd9U0YzeZZHd8B3K9UCGZvW
u9hhoLQEjrktCzWH0FcEKu6ZCx4+b80NeMDwhXqCwBtK9yXiOp9dg8+T9e7fXnZA
tpiCbMrAlumgXyq0rnlHGscLxBGaGhKQLqRl/LgtfbOohM7uccWj23VPbBdjGqOd
8viVH55jRmgpB4BIkS0CRl2oGGhsdh9mWh251sxdyDkl81U101X+YvX2k4ZURQt2
GieAvQit7X/n+zRxbmKClI7lP2BibgpqtfM01KY/YX/zuSFuvwjYJB02D0hxngRQ
UIuzGcvskh94AGczk/uQ44Ywrc3cuPb0ejZrVX7qE5O0Go0rsQa5Zt2XdwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOj7Zprg+ab75jhI1N/TlmNsjmCrMB8GA1UdIwQY
MBaAFN4pIZidfZDGTrs1ZYgx/mqPSck4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTct
MGI1ZWNiNDc0ZjE1LzEvNlB0bW11RDVwdnZtT0VqVTM5T1dZMnlPWUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTctMGI1ZWNiNDc0ZjE1
LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCLYRAMA4E
AgACMAgDBgAqDBGAADANBgkqhkiG9w0BAQsFAAOCAQEATOsZgw6YIO9K019eC/hR
bQve7Dyhf6vLKhJLCdaX32xCocDVI5+FCv+MujL2a/MXp4fAJaKs/5LEo2mbY9xX
J0f3//FggmPJIbHNwuGfwatIr7z27J0U22C1HOIDYRFxw0uUbwlODYA2/iLCd5gS
yI3TVy8bqmPwwq/JyyX8wrUZLvoONRa8LIbiov3mGfaAmmg09BlcU9DgxmvRad3e
qAAEs4QwKsEucBeTptSY0n7+bJ/ZHyS08eVFFhlzssX8H3FG+gyYu4otZEh9oi2+
zD5vwSPYO6fHBqbtjtSvzqAmooTLFAxDpNFzDAMA48WM57qRI6HbxqroZ6W1oGoz
Lg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:13 2025 by rpki-client