Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/cRTuohenNgXJqSCivSKE7YNnX0o.roa
File: cRTuohenNgXJqSCivSKE7YNnX0o.roa (raw, json)
Hash identifier: Br5ZDObZTozvOwYvD2tKZKcTWWVYh8tHh+1d9usgf8I=
Subject key identifier: 71:14:EE:A2:17:A7:36:05:C9:A9:20:A2:BD:22:84:ED:83:67:5F:4A
Certificate issuer: /CN=2f6f0ea0127a6e392195696380be5bb0474b01df
Certificate serial: 018845569F994EFF06D6DD1DECA8E4441D73
Authority key identifier: 2F:6F:0E:A0:12:7A:6E:39:21:95:69:63:80:BE:5B:B0:47:4B:01:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/cRTuohenNgXJqSCivSKE7YNnX0o.roa
Signing time: Mon 22 May 2023 21:21:24 +0000
ROA not before: Mon 22 May 2023 21:21:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 553
IP address blocks: 45.90.132.0/22 maxlen: 22
185.134.84.0/22 maxlen: 22
2a0e:3c0::/29 maxlen: 29
2a06:ec00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:45:56:9f:99:4e:ff:06:d6:dd:1d:ec:a8:e4:44:1d:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6f0ea0127a6e392195696380be5bb0474b01df
Validity
Not Before: May 22 21:21:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7114eea217a73605c9a920a2bd2284ed83675f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:86:9e:83:fc:88:b0:c8:b2:6a:74:e6:8f:0e:
cb:fe:9b:ac:11:41:08:ee:18:8e:97:80:20:45:ba:
53:be:03:3c:3d:68:6a:b4:e5:4c:43:b1:28:37:65:
71:01:f0:87:8f:48:cd:bd:21:40:e8:01:cb:6b:fd:
44:8a:9e:f3:d0:0d:70:ad:dc:6f:20:7a:8e:ea:54:
39:a6:82:4e:a5:fe:13:0a:38:c7:6b:45:4a:f6:82:
a3:d0:57:16:ab:01:95:2b:b8:c3:3a:34:ce:a9:fd:
01:db:45:de:fa:11:95:d2:ea:d6:72:64:c0:d9:0d:
63:7b:06:79:fb:96:32:ca:34:2b:27:cc:a8:a9:44:
46:41:67:5c:c7:7b:c9:dd:dc:a9:15:9d:4e:72:88:
1d:83:82:a0:5b:11:b4:01:3d:e0:19:37:b7:75:61:
e6:af:1a:c7:e8:5e:ed:73:b0:25:27:31:82:63:d7:
74:73:12:bc:9a:9a:bd:d9:11:46:ff:fe:6e:9e:a8:
06:68:00:63:30:a3:eb:a2:ca:58:cf:29:fa:94:cc:
fa:4e:fa:3b:16:1b:0a:48:61:b0:6b:55:47:2c:e5:
56:4f:7a:7d:fd:b5:5c:66:3a:28:2f:65:db:ee:32:
c6:94:f7:95:ef:b7:ae:94:13:8e:1f:86:65:7f:f9:
2a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:14:EE:A2:17:A7:36:05:C9:A9:20:A2:BD:22:84:ED:83:67:5F:4A
X509v3 Authority Key Identifier:
keyid:2F:6F:0E:A0:12:7A:6E:39:21:95:69:63:80:BE:5B:B0:47:4B:01:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/cRTuohenNgXJqSCivSKE7YNnX0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/L28OoBJ6bjkhlWljgL5bsEdLAd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.132.0/22
185.134.84.0/22
IPv6:
2a06:ec00::/29
2a0e:3c0::/29
Signature Algorithm: sha256WithRSAEncryption
79:28:e7:54:93:ac:c4:b3:44:af:5c:05:70:55:d1:db:a5:d3:
30:50:73:84:51:fa:83:f4:d1:d6:37:0d:9d:64:f2:72:2c:e8:
9e:56:64:c0:23:9a:ef:f5:23:2b:c2:f9:40:3b:e5:6b:6b:ff:
ca:2c:61:7f:bc:88:81:ec:5e:e2:b9:cf:d3:87:25:dc:4a:61:
d9:0b:61:9b:34:90:56:8f:8f:03:5f:80:77:42:0d:0e:bb:50:
6d:75:fd:b8:30:fb:1e:a9:b2:06:21:81:28:69:cb:02:c4:83:
cd:bb:05:cf:06:10:82:26:a5:8c:7c:b6:cc:cc:0c:b4:3f:4c:
e9:f4:c5:17:fa:fd:09:0e:69:2c:39:af:5b:d8:49:5f:3a:65:
6b:75:78:de:d6:0f:f5:86:4f:eb:35:a0:af:45:47:67:6b:08:
69:e0:77:3f:35:f9:1a:2f:e2:6d:74:80:8e:2e:ab:5d:fb:b7:
b3:c5:64:3a:fc:a8:dd:93:8e:c4:c6:97:59:1b:75:ec:48:0c:
42:01:34:38:0d:c0:52:01:4c:e5:69:12:87:60:8d:7b:cb:8f:
7c:69:98:4d:5d:db:0d:b5:bc:d1:26:18:dd:ce:4d:49:36:55:
dc:ba:03:8c:14:30:61:54:b7:2c:cf:07:8e:0f:95:e4:19:b6:
12:e0:02:4a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYhFVp+ZTv8G1t0d7KjkRB1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmYwZWEwMTI3YTZlMzkyMTk1Njk2MzgwYmU1YmIwNDc0
YjAxZGYwHhcNMjMwNTIyMjEyMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTE0ZWVhMjE3YTczNjA1YzlhOTIwYTJiZDIyODRlZDgzNjc1ZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloaeg/yIsMiyanTmjw7L/pusEUEI
7hiOl4AgRbpTvgM8PWhqtOVMQ7EoN2VxAfCHj0jNvSFA6AHLa/1Eip7z0A1wrdxv
IHqO6lQ5poJOpf4TCjjHa0VK9oKj0FcWqwGVK7jDOjTOqf0B20Xe+hGV0urWcmTA
2Q1jewZ5+5YyyjQrJ8yoqURGQWdcx3vJ3dypFZ1Ocogdg4KgWxG0AT3gGTe3dWHm
rxrH6F7tc7AlJzGCY9d0cxK8mpq92RFG//5unqgGaABjMKProspYzyn6lMz6Tvo7
FhsKSGGwa1VHLOVWT3p9/bVcZjooL2Xb7jLGlPeV77eulBOOH4Zlf/kqbwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHEU7qIXpzYFyakgor0ihO2DZ19KMB8GA1UdIwQY
MBaAFC9vDqASem45IZVpY4C+W7BHSwHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDI4T29CSjZiamtobFdsamdMNWJzRWRMQWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS82MjY0MWYtY2Y5OS00NTE0LWI3ZDct
YjJhMjMyNDZlNjE0LzEvY1JUdW9oZW5OZ1hKcVNDaXZTS0U3WU5uWDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS82MjY0MWYtY2Y5OS00NTE0LWI3ZDctYjJhMjMyNDZlNjE0
LzEvTDI4T29CSjZiamtobFdsamdMNWJzRWRMQWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLVqEAwQC
uYZUMBQEAgACMA4DBQMqBuwAAwUDKg4DwDANBgkqhkiG9w0BAQsFAAOCAQEAeSjn
VJOsxLNEr1wFcFXR26XTMFBzhFH6g/TR1jcNnWTycizonlZkwCOa7/UjK8L5QDvl
a2v/yixhf7yIgexe4rnP04cl3Eph2QthmzSQVo+PA1+Ad0INDrtQbXX9uDD7Hqmy
BiGBKGnLAsSDzbsFzwYQgialjHy2zMwMtD9M6fTFF/r9CQ5pLDmvW9hJXzpla3V4
3tYP9YZP6zWgr0VHZ2sIaeB3PzX5Gi/ibXSAji6rXfu3s8VkOvyo3ZOOxMaXWRt1
7EgMQgE0OA3AUgFM5WkSh2CNe8uPfGmYTV3bDbW80SYY3c5NSTZV3LoDjBQwYVS3
LM8Hjg+V5Bm2EuACSg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:34 2025 by rpki-client