Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/tPZVWRNhpcuaqbA_fdC-PfhtPCo.roa
File: tPZVWRNhpcuaqbA_fdC-PfhtPCo.roa (raw, json)
Hash identifier: t+pBsabTbxr1YihZaeGluUK4Bzclk6CfleX7PGGa0bM=
Subject key identifier: B4:F6:55:59:13:61:A5:CB:9A:A9:B0:3F:7D:D0:BE:3D:F8:6D:3C:2A
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 02E33CA6
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/tPZVWRNhpcuaqbA_fdC-PfhtPCo.roa
Signing time: Mon 30 May 2022 12:51:15 +0000
ROA not before: Mon 30 May 2022 12:51:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49519
IP address blocks: 45.13.117.0/24 maxlen: 24
2a0c:b641:8a0::/44 maxlen: 48
2a0c:b641:470::/44 maxlen: 48
2a0c:b642:5000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48446630 (0x2e33ca6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: May 30 12:51:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4f655591361a5cb9aa9b03f7dd0be3df86d3c2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a2:04:02:97:ee:8f:30:70:c4:c4:aa:4c:54:
17:b7:db:9e:e5:da:0d:ad:56:de:1a:26:e7:8a:3b:
24:f6:e8:2b:b6:de:c2:32:46:91:83:62:31:c7:fd:
24:25:dc:88:01:8e:48:4f:f7:c2:a7:fc:c2:fa:a9:
21:23:45:64:b3:17:39:21:28:b0:29:b9:54:d0:cf:
3a:2b:ea:1e:55:9d:97:ee:5c:bb:da:d0:6e:2e:56:
b0:0a:35:07:7c:33:06:2a:9b:7a:54:d5:5f:86:1b:
71:85:5f:c0:f7:59:af:f8:b8:e4:10:50:26:33:16:
a3:a3:81:07:e4:e7:cf:78:58:73:44:02:ef:b5:2e:
63:55:58:80:48:4f:5d:45:a5:1a:b1:06:84:ec:1b:
93:aa:8c:d2:43:1d:c8:9c:40:d6:9d:db:81:50:fc:
dd:0a:16:38:22:67:ca:4f:ab:93:44:15:b7:d3:80:
8f:be:ed:71:79:d4:39:d5:b4:a7:58:51:e8:8c:7f:
28:45:01:fd:54:87:d6:7e:50:f4:45:b6:d7:ea:e1:
cd:18:84:8a:0b:4a:ee:16:51:f6:b8:2b:11:5c:26:
66:3c:aa:92:7a:86:6c:a6:5c:34:61:d4:2c:7f:87:
98:08:c1:83:63:af:84:bf:57:84:0a:23:4b:a3:58:
ef:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F6:55:59:13:61:A5:CB:9A:A9:B0:3F:7D:D0:BE:3D:F8:6D:3C:2A
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/tPZVWRNhpcuaqbA_fdC-PfhtPCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.117.0/24
IPv6:
2a0c:b641:470::/44
2a0c:b641:8a0::/44
2a0c:b642:5000::/36
Signature Algorithm: sha256WithRSAEncryption
08:5c:d9:ad:8e:9b:d0:31:c4:fc:8d:78:f6:31:65:10:a4:f7:
54:20:04:b0:57:48:94:e9:48:18:f8:8d:49:65:48:1f:fe:5f:
b9:97:89:ac:0d:68:b3:bc:b6:36:7d:37:3f:fc:92:2e:d2:d4:
5e:a0:86:da:38:ed:09:ce:78:38:3f:41:ba:1f:47:96:76:23:
f3:66:76:85:dc:45:2e:7b:85:12:ab:f4:75:7e:59:2d:7f:1e:
9d:fb:8e:8f:67:df:9b:37:83:89:95:6a:cc:8f:de:25:56:f3:
6d:46:6b:21:fa:5f:c6:e2:8d:21:38:ed:08:59:53:db:8e:18:
f9:7d:60:24:d8:e9:c6:42:d9:a5:91:e8:41:04:7e:f4:24:5c:
95:90:eb:54:ef:3d:e7:11:ec:d5:b6:38:77:be:f4:e4:3c:9b:
17:81:20:2e:f0:9b:2b:5f:e5:f0:01:c6:b8:fc:5e:5c:84:0c:
0f:a6:b5:8f:fe:2d:9e:53:7e:f8:dd:9a:6d:6b:ba:16:09:cc:
da:13:a2:3c:18:8c:3d:0f:87:1c:24:eb:0c:78:da:c2:cc:e0:
64:95:40:25:fc:9e:b5:fb:cc:1c:ea:02:a3:bc:31:4e:4a:af:
62:3c:2b:0f:bb:d7:bc:42:8a:2c:14:b0:93:e6:2c:32:e9:c2:
64:91:b2:96
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEAuM8pjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDUz
MDEyNTExNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRmNjU1NTkxMzYx
YTVjYjlhYTliMDNmN2RkMGJlM2RmODZkM2MyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuiBAKX7o8wcMTEqkxUF7fbnuXaDa1W3hom54o7JPboK7be
wjJGkYNiMcf9JCXciAGOSE/3wqf8wvqpISNFZLMXOSEosCm5VNDPOivqHlWdl+5c
u9rQbi5WsAo1B3wzBiqbelTVX4YbcYVfwPdZr/i45BBQJjMWo6OBB+Tnz3hYc0QC
77UuY1VYgEhPXUWlGrEGhOwbk6qM0kMdyJxA1p3bgVD83QoWOCJnyk+rk0QVt9OA
j77tcXnUOdW0p1hR6Ix/KEUB/VSH1n5Q9EW21+rhzRiEigtK7hZR9rgrEVwmZjyq
knqGbKZcNGHULH+HmAjBg2OvhL9XhAojS6NY73ECAwEAAaOCAiswggInMB0GA1Ud
DgQWBBS09lVZE2Gly5qpsD990L49+G08KjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L3RQWlZXUk5ocGN1YXFiQV9mZEMtUGZodFBDby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwDAQCAAEwBgMEAC0NdTAgBAIAAjAaAwcEKgy2QQRw
AwcEKgy2QQigAwYEKgy2QlAwDQYJKoZIhvcNAQELBQADggEBAAhc2a2Om9AxxPyN
ePYxZRCk91QgBLBXSJTpSBj4jUllSB/+X7mXiawNaLO8tjZ9Nz/8ki7S1F6ghto4
7QnOeDg/QbofR5Z2I/NmdoXcRS57hRKr9HV+WS1/Hp37jo9n35s3g4mVasyP3iVW
821GayH6X8bijSE47QhZU9uOGPl9YCTY6cZC2aWR6EEEfvQkXJWQ61TvPecR7NW2
OHe+9OQ8mxeBIC7wmytf5fABxrj8XlyEDA+mtY/+LZ5Tfvjdmm1ruhYJzNoTojwY
jD0Phxwk6wx42sLM4GSVQCX8nrX7zBzqAqO8MU5Kr2I8Kw+717xCiiwUsJPmLDLp
wmSRspY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:25 2023 by rpki-client on console-ams.rpki-client.org