Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/F0fHJP7SbOQd77NWoPE-tp8MVAo.roa
File: F0fHJP7SbOQd77NWoPE-tp8MVAo.roa (raw, json)
Hash identifier: 85lSWOkjTSdZs1E/Rnk5YLvDULPOWUvTuotgd1jVjm8=
Subject key identifier: 17:47:C7:24:FE:D2:6C:E4:1D:EF:B3:56:A0:F1:3E:B6:9F:0C:54:0A
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E46483570D552B8DCC3C8D4F9D13D
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/F0fHJP7SbOQd77NWoPE-tp8MVAo.roa
Signing time: Mon 02 Jan 2023 06:14:47 +0000
ROA not before: Mon 02 Jan 2023 06:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59598
IP address blocks: 45.13.119.0/24 maxlen: 24
2a0c:b641:260::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:46:48:35:70:d5:52:b8:dc:c3:c8:d4:f9:d1:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1747c724fed26ce41defb356a0f13eb69f0c540a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f5:01:09:ea:bf:8b:05:e0:1b:ba:c6:ba:a5:
f6:c3:94:a0:a9:0a:a6:83:2a:e5:c9:54:44:8a:f8:
fc:f0:60:1f:03:4a:58:5b:9d:e6:24:00:2c:b6:2d:
9f:b2:ef:a7:e8:3d:75:41:ca:59:ab:21:18:26:77:
2e:44:a6:49:0d:1f:5e:74:cf:2c:18:24:a6:9e:30:
1f:05:4f:84:d3:0b:f7:04:27:cc:ad:aa:a2:79:15:
28:90:22:f7:1e:c1:52:0f:47:c4:0f:70:44:b8:b0:
05:8a:e0:1d:7d:50:4b:62:69:72:69:3b:89:ee:f5:
41:34:55:a6:6e:d4:b6:59:20:60:6e:6c:e2:1b:f7:
10:c6:1e:64:9b:84:4c:57:35:8a:03:1f:82:13:85:
8c:3a:cf:85:89:48:5d:4d:f4:ad:c9:9e:8f:6f:e7:
6f:fc:2a:56:2c:c9:52:a9:cf:25:37:ee:b9:b7:d7:
b9:a8:3a:28:53:31:be:a1:db:50:3a:f3:37:9b:51:
7d:0d:71:fb:11:ca:4a:46:a1:c7:23:e0:37:4f:49:
f9:2a:ec:d2:cd:bd:4a:5f:d5:69:31:92:96:40:af:
22:01:85:25:ab:ae:fb:ac:3a:da:dd:01:bd:19:d6:
35:ce:18:af:e7:5d:f2:65:7f:4b:bc:42:7b:2a:ca:
f9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:47:C7:24:FE:D2:6C:E4:1D:EF:B3:56:A0:F1:3E:B6:9F:0C:54:0A
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/F0fHJP7SbOQd77NWoPE-tp8MVAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.119.0/24
IPv6:
2a0c:b641:260::/44
Signature Algorithm: sha256WithRSAEncryption
1a:ba:f3:57:5c:1d:74:99:14:19:78:76:28:21:40:6f:58:d0:
60:aa:b9:0e:50:a6:ea:ba:38:1a:d3:45:0e:4c:07:76:04:7e:
60:eb:4c:6e:3c:3f:eb:26:f3:05:31:6e:41:72:2e:d7:7d:aa:
c5:ff:14:7a:3c:2f:46:3b:0d:b3:34:e5:5a:cf:41:4e:66:8b:
28:3e:7b:f4:9f:f2:26:11:fe:0a:71:c4:6c:7b:e1:1f:0b:4b:
e6:72:be:b5:1d:b2:ce:4e:5b:5e:60:d8:4b:5f:60:6d:f3:ec:
06:cd:65:b8:f9:71:3d:16:3b:11:b0:2f:8a:1f:3f:16:cf:ae:
1e:44:1c:7e:2f:7d:e6:00:06:94:bd:db:70:4b:4f:c0:32:d3:
d9:ae:98:f9:c5:f1:52:8c:0e:e9:1d:50:50:dc:4f:df:72:07:
d3:6b:2c:6d:88:9a:b2:57:8d:27:7b:04:a2:9a:3d:db:06:ba:
55:ba:1d:89:28:2b:2d:60:16:a8:c0:6a:e4:7b:dc:84:5f:28:
bf:90:70:b8:59:ac:a4:07:40:fc:0a:7d:04:26:87:22:a3:8c:
ad:b6:ad:b4:2d:6a:5f:8a:e8:d6:93:93:17:11:78:e9:e7:4f:
60:42:33:8e:0e:33:5b:15:53:d9:6a:6a:f3:1c:7c:04:97:9b:
47:67:9b:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxHkZINXDVUrjcw8jU+dE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzQ3YzcyNGZlZDI2Y2U0MWRlZmIzNTZhMGYxM2ViNjlmMGM1NDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPUBCeq/iwXgG7rGuqX2w5SgqQqm
gyrlyVREivj88GAfA0pYW53mJAAsti2fsu+n6D11QcpZqyEYJncuRKZJDR9edM8s
GCSmnjAfBU+E0wv3BCfMraqieRUokCL3HsFSD0fED3BEuLAFiuAdfVBLYmlyaTuJ
7vVBNFWmbtS2WSBgbmziG/cQxh5km4RMVzWKAx+CE4WMOs+FiUhdTfStyZ6Pb+dv
/CpWLMlSqc8lN+65t9e5qDooUzG+odtQOvM3m1F9DXH7EcpKRqHHI+A3T0n5KuzS
zb1KX9VpMZKWQK8iAYUlq677rDra3QG9GdY1zhiv513yZX9LvEJ7Ksr5ZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBdHxyT+0mzkHe+zVqDxPrafDFQKMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvRjBmSEpQN1NiT1FkNzdOV29QRS10cDhNVkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALQ13MA8E
AgACMAkDBwQqDLZBAmAwDQYJKoZIhvcNAQELBQADggEBABq681dcHXSZFBl4digh
QG9Y0GCquQ5Qpuq6OBrTRQ5MB3YEfmDrTG48P+sm8wUxbkFyLtd9qsX/FHo8L0Y7
DbM05VrPQU5miyg+e/Sf8iYR/gpxxGx74R8LS+ZyvrUdss5OW15g2EtfYG3z7AbN
Zbj5cT0WOxGwL4ofPxbPrh5EHH4vfeYABpS923BLT8Ay09mumPnF8VKMDukdUFDc
T99yB9NrLG2ImrJXjSd7BKKaPdsGulW6HYkoKy1gFqjAauR73IRfKL+QcLhZrKQH
QPwKfQQmhyKjjK22rbQtal+K6NaTkxcReOnnT2BCM44OM1sVU9lqavMcfASXm0dn
mzA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:08:53 2025 by rpki-client