Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/c76275-d8da-4523-83ad-b421c38b2f7f/1/2KLnFmbubpqPsI0i6MjVmSqXkiM.roa
File: 2KLnFmbubpqPsI0i6MjVmSqXkiM.roa (raw, json)
Hash identifier: DBoD+FffcxmY2QKfygGPCS97EIj/RUDLiMYZxGNAgX4=
Subject key identifier: D8:A2:E7:16:66:EE:6E:9A:8F:B0:8D:22:E8:C8:D5:99:2A:97:92:23
Certificate issuer: /CN=30195c3bb050586b5f4e5004118007c48b34eae5
Certificate serial: 07FFB8A5
Authority key identifier: 30:19:5C:3B:B0:50:58:6B:5F:4E:50:04:11:80:07:C4:8B:34:EA:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBlcO7BQWGtfTlAEEYAHxIs06uU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/c76275-d8da-4523-83ad-b421c38b2f7f/1/2KLnFmbubpqPsI0i6MjVmSqXkiM.roa
Signing time: Sat 01 Jan 2022 07:53:29 +0000
ROA not before: Sat 01 Jan 2022 07:53:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20546
IP address blocks: 45.91.159.0/24 maxlen: 24
45.91.156.0/24 maxlen: 24
45.91.157.0/24 maxlen: 24
45.91.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134199461 (0x7ffb8a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30195c3bb050586b5f4e5004118007c48b34eae5
Validity
Not Before: Jan 1 07:53:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8a2e71666ee6e9a8fb08d22e8c8d5992a979223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:49:68:27:b9:b8:fa:47:98:fa:32:1f:b4:b8:
25:10:5b:9e:fb:17:ae:51:f3:7d:05:1e:82:5e:3b:
c2:e5:f1:75:44:7d:4f:7a:14:0f:31:f5:ed:d3:5c:
17:b8:1c:25:09:50:10:d4:f7:0d:a8:2b:4e:6a:74:
ad:78:87:2d:b8:30:75:ff:5c:24:b3:80:e8:12:ec:
55:f0:7d:06:87:bb:42:a0:ec:99:9f:41:96:83:ee:
f9:f0:ad:ed:33:6d:87:d4:59:2d:17:42:67:cc:61:
d2:8b:a0:ad:98:2b:18:ad:87:02:d0:35:58:db:73:
31:a5:46:85:68:80:db:64:93:cf:45:ca:15:ab:de:
9f:86:8d:4d:01:67:42:59:e4:27:78:53:cd:51:6e:
e4:6c:fc:d2:e4:f1:51:a6:56:dc:57:29:9a:9b:9b:
f1:1e:79:31:85:41:8a:89:dc:1b:ba:7e:24:6c:1e:
03:69:78:fe:1d:d7:9c:3e:b9:f9:98:13:d9:ab:40:
dd:21:54:02:33:7b:cc:dc:25:db:ce:94:2e:a2:98:
41:53:6c:01:cc:81:45:1b:2f:b1:5c:fa:a5:bd:a4:
3c:aa:b8:ed:17:43:ba:c9:8b:f0:ee:f3:0b:14:59:
ec:d2:e4:36:81:9b:23:a8:fc:24:ef:a2:63:27:14:
bd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A2:E7:16:66:EE:6E:9A:8F:B0:8D:22:E8:C8:D5:99:2A:97:92:23
X509v3 Authority Key Identifier:
keyid:30:19:5C:3B:B0:50:58:6B:5F:4E:50:04:11:80:07:C4:8B:34:EA:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBlcO7BQWGtfTlAEEYAHxIs06uU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/c76275-d8da-4523-83ad-b421c38b2f7f/1/2KLnFmbubpqPsI0i6MjVmSqXkiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/c76275-d8da-4523-83ad-b421c38b2f7f/1/MBlcO7BQWGtfTlAEEYAHxIs06uU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.156.0/22
Signature Algorithm: sha256WithRSAEncryption
53:c2:30:85:d3:02:8b:f8:ae:e0:8e:db:df:58:62:00:e3:99:
57:3a:67:7d:23:df:61:8e:94:89:90:e1:6b:72:e6:73:ff:a6:
ff:37:66:7f:ae:b2:ee:f5:d5:5b:de:8a:ad:69:29:94:e8:14:
ff:1f:46:6b:5a:ab:51:d6:fd:4d:48:a0:ce:15:3d:8e:d9:4e:
76:16:cd:11:d4:47:e3:8b:4b:16:c6:48:a2:59:57:0f:e3:79:
99:07:f1:28:1f:1b:b7:59:cd:cf:57:65:3e:7b:e7:9a:84:88:
a0:26:08:66:1d:21:2b:ea:d4:cf:96:c4:1e:76:99:59:45:6c:
1d:c8:b8:ab:2f:5b:27:8a:5b:d9:c5:f1:c8:08:3e:44:20:0a:
0f:fc:df:f3:48:94:22:3c:fa:36:20:12:2f:8a:a9:ec:d6:3b:
b5:4c:5d:99:9b:d0:6a:48:34:8c:08:98:9b:82:9e:4d:35:67:
b2:b3:63:b8:de:de:6b:04:45:dc:22:d3:94:c2:5a:2c:87:40:
a4:7b:d9:a0:9e:29:61:1f:1c:9c:74:8d:41:e5:39:14:6a:de:
ec:99:da:cc:c2:e5:c9:d1:fb:4c:37:79:3e:f3:83:1f:41:e8:
b7:3e:10:ac:a1:69:24:c6:4c:75:f9:9c:09:02:ec:08:0b:82:
3f:0a:ff:e5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB/+4pTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDE5NWMzYmIwNTA1ODZiNWY0ZTUwMDQxMTgwMDdjNDhiMzRlYWU1MB4XDTIyMDEw
MTA3NTMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhhMmU3MTY2NmVl
NmU5YThmYjA4ZDIyZThjOGQ1OTkyYTk3OTIyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAP1JaCe5uPpHmPoyH7S4JRBbnvsXrlHzfQUegl47wuXxdUR9
T3oUDzH17dNcF7gcJQlQENT3DagrTmp0rXiHLbgwdf9cJLOA6BLsVfB9Boe7QqDs
mZ9BloPu+fCt7TNth9RZLRdCZ8xh0ougrZgrGK2HAtA1WNtzMaVGhWiA22STz0XK
Faven4aNTQFnQlnkJ3hTzVFu5Gz80uTxUaZW3Fcpmpub8R55MYVBioncG7p+JGwe
A2l4/h3XnD65+ZgT2atA3SFUAjN7zNwl286ULqKYQVNsAcyBRRsvsVz6pb2kPKq4
7RdDusmL8O7zCxRZ7NLkNoGbI6j8JO+iYycUvQMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTYoucWZu5umo+wjSLoyNWZKpeSIzAfBgNVHSMEGDAWgBQwGVw7sFBYa19O
UAQRgAfEizTq5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01CbGNPN0JRV0d0ZlRsQUVFWUFIeElzMDZ1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvYzc2Mjc1LWQ4ZGEtNDUyMy04M2FkLWI0MjFjMzhiMmY3Zi8x
LzJLTG5GbWJ1YnBxUHNJMGk2TWpWbVNxWGtpTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
Yzc2Mjc1LWQ4ZGEtNDUyMy04M2FkLWI0MjFjMzhiMmY3Zi8xL01CbGNPN0JRV0d0
ZlRsQUVFWUFIeElzMDZ1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1bnDANBgkqhkiG9w0BAQsFAAOC
AQEAU8IwhdMCi/iu4I7b31hiAOOZVzpnfSPfYY6UiZDha3Lmc/+m/zdmf66y7vXV
W96KrWkplOgU/x9Ga1qrUdb9TUigzhU9jtlOdhbNEdRH44tLFsZIollXD+N5mQfx
KB8bt1nNz1dlPnvnmoSIoCYIZh0hK+rUz5bEHnaZWUVsHci4qy9bJ4pb2cXxyAg+
RCAKD/zf80iUIjz6NiASL4qp7NY7tUxdmZvQakg0jAiYm4KeTTVnsrNjuN7eawRF
3CLTlMJaLIdApHvZoJ4pYR8cnHSNQeU5FGre7JnazMLlydH7TDd5PvODH0Hotz4Q
rKFpJMZMdfmcCQLsCAuCPwr/5Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:01 2025 by rpki-client