Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/k2Sf493X7ZGAvalra_uPSN-68xM.roa
File: k2Sf493X7ZGAvalra_uPSN-68xM.roa (raw, json)
Hash identifier: Bwn2tkS0F1p1aUE5QxZ+0fP09eKKjg3QghzJzHCI5RM=
Subject key identifier: 93:64:9F:E3:DD:D7:ED:91:80:BD:A9:6B:6B:FB:8F:48:DF:BA:F3:13
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 01856D4AE24A71E1660F02DA6112F4417FEE
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/k2Sf493X7ZGAvalra_uPSN-68xM.roa
Signing time: Sun 01 Jan 2023 12:25:02 +0000
ROA not before: Sun 01 Jan 2023 12:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212384
IP address blocks: 45.12.104.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:e2:4a:71:e1:66:0f:02:da:61:12:f4:41:7f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Jan 1 12:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93649fe3ddd7ed9180bda96b6bfb8f48dfbaf313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:31:d7:a8:ef:1f:1f:eb:01:54:12:b7:14:90:
c6:b6:ab:95:43:4e:da:72:73:b6:5a:68:d9:e1:be:
ea:c9:02:70:1e:4d:7a:f2:9d:23:5a:21:a4:dd:9e:
b8:8a:04:ea:dc:e8:37:a8:26:36:bd:1e:61:75:7b:
40:1d:74:18:30:1d:19:3e:49:be:18:52:e6:77:6b:
9c:b5:c7:48:56:05:b2:75:7e:74:b1:a0:45:e4:83:
e6:12:2e:68:3b:5a:98:21:63:21:f2:64:88:6c:1f:
ea:58:22:c8:96:38:b5:1a:5f:ed:05:19:ef:9c:6b:
f1:fa:bb:b4:22:5a:0e:21:08:f1:a8:d0:7c:c8:1f:
86:df:6a:93:d7:1c:33:89:3c:25:2c:54:81:e3:e6:
5c:fb:46:a6:38:bf:0e:7d:1a:26:4c:bc:d8:bf:4f:
57:7f:07:a6:41:8f:55:93:93:f0:1f:71:bd:14:2b:
b7:a3:0f:a8:88:03:55:41:b5:9c:3f:27:cc:fe:50:
40:33:72:38:e1:c7:b4:0b:f4:2b:0b:8d:50:08:21:
bd:34:2c:49:5d:a0:b7:db:b1:27:e9:e8:70:cd:71:
27:b5:5c:64:cc:61:c6:bb:ab:93:6c:c6:89:b7:c9:
3c:0a:ec:9b:a9:f8:61:14:eb:94:70:e1:43:9e:00:
bd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:64:9F:E3:DD:D7:ED:91:80:BD:A9:6B:6B:FB:8F:48:DF:BA:F3:13
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/k2Sf493X7ZGAvalra_uPSN-68xM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.104.0/22
Signature Algorithm: sha256WithRSAEncryption
95:af:96:1e:03:3f:19:1e:0f:d8:4b:6d:3e:e9:a6:40:73:1d:
ba:8c:56:99:0f:47:87:17:47:96:35:f1:b4:d3:f3:92:14:0f:
16:53:ac:71:b5:81:fe:c7:9a:02:39:08:a2:30:40:c3:bc:13:
b7:f0:bc:76:4b:7e:a2:bc:7d:49:33:a9:a2:9a:85:4a:98:f1:
b6:e6:d9:18:ba:99:86:ad:82:49:65:62:e8:2e:91:a9:d4:8b:
dc:71:2f:c4:26:b0:f1:0e:68:77:77:3e:13:8c:4d:e4:06:08:
90:e4:46:03:c6:78:98:d4:a7:e1:89:8d:61:db:bd:8e:1e:c6:
96:27:69:de:63:7d:25:71:50:45:c2:db:ba:63:ea:c5:36:dc:
3a:94:d7:6f:b4:5a:06:0a:d0:da:0f:83:83:f7:3e:bc:f8:56:
65:60:8f:93:7a:39:81:8e:24:20:49:3c:1d:95:f0:75:13:54:
e8:b4:6c:3b:ab:38:d6:45:ed:8c:5c:3d:a9:4f:b6:f7:e9:f3:
63:d6:61:78:33:9f:c9:a3:4f:cc:91:5f:ce:a6:72:5f:f8:9c:
9a:a3:83:f3:d3:d2:61:50:02:04:25:6d:ce:fe:9f:16:fe:f2:
ea:f0:da:d6:a4:2d:38:ef:f4:10:3e:63:6e:94:2c:08:b9:e3:
0b:31:3b:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSuJKceFmDwLaYRL0QX/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjMwMTAxMTIyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzY0OWZlM2RkZDdlZDkxODBiZGE5NmI2YmZiOGY0OGRmYmFmMzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzHXqO8fH+sBVBK3FJDGtquVQ07a
cnO2WmjZ4b7qyQJwHk168p0jWiGk3Z64igTq3Og3qCY2vR5hdXtAHXQYMB0ZPkm+
GFLmd2uctcdIVgWydX50saBF5IPmEi5oO1qYIWMh8mSIbB/qWCLIlji1Gl/tBRnv
nGvx+ru0IloOIQjxqNB8yB+G32qT1xwziTwlLFSB4+Zc+0amOL8OfRomTLzYv09X
fwemQY9Vk5PwH3G9FCu3ow+oiANVQbWcPyfM/lBAM3I44ce0C/QrC41QCCG9NCxJ
XaC327En6ehwzXEntVxkzGHGu6uTbMaJt8k8CuybqfhhFOuUcOFDngC9aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJNkn+Pd1+2RgL2pa2v7j0jfuvMTMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvazJTZjQ5M1g3WkdBdmFscmFfdVBTTi02OHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQxoMA0G
CSqGSIb3DQEBCwUAA4IBAQCVr5YeAz8ZHg/YS20+6aZAcx26jFaZD0eHF0eWNfG0
0/OSFA8WU6xxtYH+x5oCOQiiMEDDvBO38Lx2S36ivH1JM6mimoVKmPG25tkYupmG
rYJJZWLoLpGp1IvccS/EJrDxDmh3dz4TjE3kBgiQ5EYDxniY1KfhiY1h272OHsaW
J2neY30lcVBFwtu6Y+rFNtw6lNdvtFoGCtDaD4OD9z68+FZlYI+TejmBjiQgSTwd
lfB1E1TotGw7qzjWRe2MXD2pT7b36fNj1mF4M5/Jo0/MkV/OpnJf+Jyao4Pz09Jh
UAIEJW3O/p8W/vLq8NrWpC047/QQPmNulCwIueMLMTuW
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:40 2025 by rpki-client