Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/fda059-3436-4158-a1e4-49da05978ad0/1/Cv2PSySBO6NnFs7AU7KcmfIwqxY.roa
File: Cv2PSySBO6NnFs7AU7KcmfIwqxY.roa (raw, json)
Hash identifier: aOurmi7t3BANtN6zUhgSCsqs7M+kmJMfc0uCQ+bHWAI=
Subject key identifier: 0A:FD:8F:4B:24:81:3B:A3:67:16:CE:C0:53:B2:9C:99:F2:30:AB:16
Certificate issuer: /CN=23dcd6f17126d4e951d92bc5f4c06ba9450fc8d4
Certificate serial: 01857079A673C742443E5DC8B07C39E48CEC
Authority key identifier: 23:DC:D6:F1:71:26:D4:E9:51:D9:2B:C5:F4:C0:6B:A9:45:0F:C8:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9zW8XEm1OlR2SvF9MBrqUUPyNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/fda059-3436-4158-a1e4-49da05978ad0/1/Cv2PSySBO6NnFs7AU7KcmfIwqxY.roa
Signing time: Mon 02 Jan 2023 03:14:58 +0000
ROA not before: Mon 02 Jan 2023 03:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202966
IP address blocks: 45.137.228.0/22 maxlen: 22
2a0e:ac40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:a6:73:c7:42:44:3e:5d:c8:b0:7c:39:e4:8c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23dcd6f17126d4e951d92bc5f4c06ba9450fc8d4
Validity
Not Before: Jan 2 03:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0afd8f4b24813ba36716cec053b29c99f230ab16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:01:8d:0b:0e:2c:37:ce:70:b6:d1:a5:be:df:
e8:6e:69:9b:ff:eb:36:11:71:8d:0d:e7:1f:9a:46:
0c:42:bc:e2:b0:df:95:cd:36:0a:c0:69:eb:c6:56:
51:7a:45:ea:6f:6d:4e:f8:de:7f:c5:57:af:b2:77:
05:10:c6:05:ac:18:f7:5d:3f:03:e0:76:2a:0e:a8:
d9:d1:ef:19:83:5b:49:a5:2d:ce:e8:5f:31:c8:ba:
39:5c:13:de:12:49:92:a7:0b:e2:3c:37:66:d8:e9:
4b:05:63:31:13:5a:50:64:9f:f1:df:23:de:86:d0:
78:10:8b:19:2b:cc:2d:4b:81:57:6d:e3:94:5b:3a:
30:6d:30:61:08:8a:a4:0c:dd:b0:3d:84:12:46:35:
69:9d:a6:2a:66:f1:f3:44:77:27:b9:e7:1b:a3:45:
8e:cc:7e:27:6f:46:a9:82:d9:7c:99:87:d5:3b:f0:
fd:2b:e2:58:b2:9f:f6:5f:71:11:ed:8a:5b:b2:82:
a8:83:ce:64:64:58:91:86:9b:b4:8e:3b:57:9e:0b:
23:46:13:25:44:26:28:d7:e4:0b:ce:1c:c2:d9:ad:
2e:ac:c4:6f:6d:1c:79:e2:cf:0d:ba:e1:f1:79:09:
f8:c1:9e:04:fb:f9:0d:8f:79:25:b6:1c:f6:71:c1:
91:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:FD:8F:4B:24:81:3B:A3:67:16:CE:C0:53:B2:9C:99:F2:30:AB:16
X509v3 Authority Key Identifier:
keyid:23:DC:D6:F1:71:26:D4:E9:51:D9:2B:C5:F4:C0:6B:A9:45:0F:C8:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9zW8XEm1OlR2SvF9MBrqUUPyNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/fda059-3436-4158-a1e4-49da05978ad0/1/Cv2PSySBO6NnFs7AU7KcmfIwqxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/fda059-3436-4158-a1e4-49da05978ad0/1/I9zW8XEm1OlR2SvF9MBrqUUPyNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.228.0/22
IPv6:
2a0e:ac40::/29
Signature Algorithm: sha256WithRSAEncryption
99:af:17:46:ee:ac:e5:b9:be:9d:e0:8e:df:72:0b:e0:0c:a4:
c9:78:09:92:ec:af:7a:ce:fd:04:6e:51:f8:6e:e2:6a:55:3e:
b2:cc:38:b3:84:f2:6b:4e:de:09:d9:4d:53:54:13:a7:06:a2:
0c:32:4f:90:3d:38:f8:39:b2:60:0c:b8:29:39:87:86:70:3e:
2a:56:0f:f8:10:a6:bf:07:b2:f3:3a:1d:6f:4d:4f:b2:23:98:
44:64:ff:3a:d8:f3:cb:e3:10:6d:36:47:ae:d2:fc:31:42:43:
f4:9f:1e:a4:2b:b8:e8:1b:d8:96:92:71:90:8c:b7:05:f8:16:
22:74:f1:16:41:db:e4:b1:fe:26:04:0d:8e:d0:2a:39:fc:97:
c6:25:d3:7c:05:7b:1e:95:57:ce:86:eb:fa:ff:db:73:b5:cd:
c8:c7:fb:73:96:18:15:d3:ae:e6:8a:84:0d:c9:30:ef:88:fd:
26:77:87:28:e1:00:17:84:26:3e:6d:4b:52:ff:7f:28:15:4e:
02:6e:c2:52:ff:19:e0:24:9c:61:45:0d:fc:cd:b5:e6:2d:3f:
f4:2e:f6:27:f4:c5:b1:d2:a3:05:a2:7a:70:7e:9d:03:bb:86:
d8:b4:fc:04:81:d9:aa:c0:fb:16:83:43:fd:a3:bc:94:0f:aa:
88:e9:83:9a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVweaZzx0JEPl3IsHw55IzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZGNkNmYxNzEyNmQ0ZTk1MWQ5MmJjNWY0YzA2YmE5NDUw
ZmM4ZDQwHhcNMjMwMTAyMDMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWZkOGY0YjI0ODEzYmEzNjcxNmNlYzA1M2IyOWM5OWYyMzBhYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAGNCw4sN85wttGlvt/obmmb/+s2
EXGNDecfmkYMQrzisN+VzTYKwGnrxlZRekXqb21O+N5/xVevsncFEMYFrBj3XT8D
4HYqDqjZ0e8Zg1tJpS3O6F8xyLo5XBPeEkmSpwviPDdm2OlLBWMxE1pQZJ/x3yPe
htB4EIsZK8wtS4FXbeOUWzowbTBhCIqkDN2wPYQSRjVpnaYqZvHzRHcnuecbo0WO
zH4nb0apgtl8mYfVO/D9K+JYsp/2X3ER7YpbsoKog85kZFiRhpu0jjtXngsjRhMl
RCYo1+QLzhzC2a0urMRvbRx54s8NuuHxeQn4wZ4E+/kNj3klthz2ccGRNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAr9j0skgTujZxbOwFOynJnyMKsWMB8GA1UdIwQY
MBaAFCPc1vFxJtTpUdkrxfTAa6lFD8jUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTl6VzhYRW0xT2xSMlN2RjlNQnJxVVVQeU5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9mZGEwNTktMzQzNi00MTU4LWExZTQt
NDlkYTA1OTc4YWQwLzEvQ3YyUFN5U0JPNk5uRnM3QVU3S2NtZkl3cXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9mZGEwNTktMzQzNi00MTU4LWExZTQtNDlkYTA1OTc4YWQw
LzEvSTl6VzhYRW0xT2xSMlN2RjlNQnJxVVVQeU5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYnkMA0E
AgACMAcDBQMqDqxAMA0GCSqGSIb3DQEBCwUAA4IBAQCZrxdG7qzlub6d4I7fcgvg
DKTJeAmS7K96zv0EblH4buJqVT6yzDizhPJrTt4J2U1TVBOnBqIMMk+QPTj4ObJg
DLgpOYeGcD4qVg/4EKa/B7LzOh1vTU+yI5hEZP862PPL4xBtNkeu0vwxQkP0nx6k
K7joG9iWknGQjLcF+BYidPEWQdvksf4mBA2O0Co5/JfGJdN8BXselVfOhuv6/9tz
tc3Ix/tzlhgV067mioQNyTDviP0md4co4QAXhCY+bUtS/38oFU4CbsJS/xngJJxh
RQ38zbXmLT/0LvYn9MWx0qMFonpwfp0Du4bYtPwEgdmqwPsWg0P9o7yUD6qI6YOa
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:13 2025 by rpki-client