Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/t9plSnqqRWwje6rz0FDVfv-yJk4.roa
File: t9plSnqqRWwje6rz0FDVfv-yJk4.roa (raw, json)
Hash identifier: daN6oNbkxjilm4/RvZP7yJmMt6UFgm7zWqQF94nhhw4=
Subject key identifier: B7:DA:65:4A:7A:AA:45:6C:23:7B:AA:F3:D0:50:D5:7E:FF:B2:26:4E
Certificate issuer: /CN=52702cdee043094ac2f33170125f94f7034da8f0
Certificate serial: 018573B18BD3808C9459569188213C442B8B
Authority key identifier: 52:70:2C:DE:E0:43:09:4A:C2:F3:31:70:12:5F:94:F7:03:4D:A8:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UnAs3uBDCUrC8zFwEl-U9wNNqPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/t9plSnqqRWwje6rz0FDVfv-yJk4.roa
Signing time: Mon 02 Jan 2023 18:14:53 +0000
ROA not before: Mon 02 Jan 2023 18:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29396
IP address blocks: 185.171.128.0/22 maxlen: 24
45.80.38.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:b1:8b:d3:80:8c:94:59:56:91:88:21:3c:44:2b:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52702cdee043094ac2f33170125f94f7034da8f0
Validity
Not Before: Jan 2 18:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7da654a7aaa456c237baaf3d050d57effb2264e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:38:b5:c6:2a:8f:6b:1b:a6:18:65:4f:f4:02:
f3:79:55:bc:0e:1a:c8:1a:59:61:3f:f1:54:d7:32:
a4:37:bc:f3:d3:6f:d5:56:eb:08:a0:cd:4d:d4:5f:
27:0d:26:59:a5:15:0d:1a:9c:d6:55:02:09:81:cb:
83:38:a3:4a:48:32:c3:c6:24:f6:6b:25:dd:d2:fe:
d6:0f:57:3b:d9:1a:03:e7:dc:ac:c9:f2:fa:d3:ce:
95:96:ef:6f:8b:36:4f:e8:95:78:18:92:56:29:2c:
58:1b:ed:d3:17:7c:51:7f:ae:eb:ba:54:94:ac:83:
d2:70:8f:ef:35:49:ca:fa:e1:49:75:f3:0a:c5:ef:
57:ff:94:8e:c7:fa:33:39:1d:3c:79:b0:9b:42:12:
26:d0:53:09:94:ca:c2:57:75:64:b4:46:1e:17:76:
e4:f0:3a:fd:3c:97:f2:aa:c0:85:71:86:c2:67:46:
bf:6b:c7:52:36:53:dd:81:27:14:57:e6:04:e9:e2:
b1:76:2f:65:73:bd:5d:d6:10:99:62:fd:d1:67:3f:
99:1f:30:b7:90:92:47:c4:85:aa:5b:30:f1:f6:c4:
be:45:37:11:2e:33:c3:8f:4a:03:f2:18:7e:05:6e:
ed:f6:a6:ad:5f:97:33:9f:f5:c4:84:e7:65:e1:7e:
8a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:DA:65:4A:7A:AA:45:6C:23:7B:AA:F3:D0:50:D5:7E:FF:B2:26:4E
X509v3 Authority Key Identifier:
keyid:52:70:2C:DE:E0:43:09:4A:C2:F3:31:70:12:5F:94:F7:03:4D:A8:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UnAs3uBDCUrC8zFwEl-U9wNNqPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/t9plSnqqRWwje6rz0FDVfv-yJk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/UnAs3uBDCUrC8zFwEl-U9wNNqPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.38.0/23
185.171.128.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:26:b0:b3:ea:c9:d5:5f:41:56:a0:3b:f9:f3:68:03:98:b4:
14:77:61:0f:f4:0a:c9:99:9b:29:a8:ab:67:83:33:bb:3c:ed:
c5:67:35:8e:bd:54:a8:77:8a:a9:53:1e:eb:2c:97:6e:80:43:
3f:5b:0f:b8:ca:83:af:c7:cc:19:f7:13:d2:bd:0e:91:d8:cb:
77:74:7a:42:22:73:12:8b:ac:8e:2c:e6:20:aa:7f:c8:4c:40:
6e:37:b8:04:85:56:7e:b3:fc:d2:a3:38:75:47:1d:d2:d7:94:
86:7b:1f:4a:59:ad:1c:c6:10:ce:16:6b:3e:b4:8b:28:b6:75:
1a:31:36:a6:c4:aa:a7:e2:3f:07:6b:22:ae:bb:d8:e5:31:62:
be:e5:80:b0:29:90:c9:ef:60:0f:c6:b2:97:d3:a9:4f:4e:14:
2b:6b:e0:de:12:00:0c:cf:b2:28:c9:95:97:d1:ee:0c:f3:12:
1e:0d:83:39:61:61:db:07:09:e5:81:60:2d:cf:e4:49:94:1e:
48:28:bb:59:be:2f:0f:2d:b9:54:04:ba:f3:ad:8d:4b:ad:c2:
15:f9:4c:91:d3:85:8d:4f:b7:0e:09:2a:69:f9:0e:42:77:4a:
32:c0:c6:07:34:7a:b6:7e:98:1c:37:f6:4c:89:1e:29:71:04:
a9:01:52:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzsYvTgIyUWVaRiCE8RCuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNzAyY2RlZTA0MzA5NGFjMmYzMzE3MDEyNWY5NGY3MDM0
ZGE4ZjAwHhcNMjMwMTAyMTgxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2RhNjU0YTdhYWE0NTZjMjM3YmFhZjNkMDUwZDU3ZWZmYjIyNjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDi1xiqPaxumGGVP9ALzeVW8DhrI
GllhP/FU1zKkN7zz02/VVusIoM1N1F8nDSZZpRUNGpzWVQIJgcuDOKNKSDLDxiT2
ayXd0v7WD1c72RoD59ysyfL6086Vlu9vizZP6JV4GJJWKSxYG+3TF3xRf67rulSU
rIPScI/vNUnK+uFJdfMKxe9X/5SOx/ozOR08ebCbQhIm0FMJlMrCV3VktEYeF3bk
8Dr9PJfyqsCFcYbCZ0a/a8dSNlPdgScUV+YE6eKxdi9lc71d1hCZYv3RZz+ZHzC3
kJJHxIWqWzDx9sS+RTcRLjPDj0oD8hh+BW7t9qatX5czn/XEhOdl4X6K4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLfaZUp6qkVsI3uq89BQ1X7/siZOMB8GA1UdIwQY
MBaAFFJwLN7gQwlKwvMxcBJflPcDTajwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW5BczN1QkRDVXJDOHpGd0VsLVU5d05OcVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kOGM4NWUtNDE5OC00ODY5LWI5Y2Qt
ZTI4MGI2NTAxNzA0LzEvdDlwbFNucXFSV3dqZTZyejBGRFZmdi15Sms0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9kOGM4NWUtNDE5OC00ODY5LWI5Y2QtZTI4MGI2NTAxNzA0
LzEvVW5BczN1QkRDVXJDOHpGd0VsLVU5d05OcVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVAmAwQC
uauAMA0GCSqGSIb3DQEBCwUAA4IBAQCxJrCz6snVX0FWoDv582gDmLQUd2EP9ArJ
mZspqKtngzO7PO3FZzWOvVSod4qpUx7rLJdugEM/Ww+4yoOvx8wZ9xPSvQ6R2Mt3
dHpCInMSi6yOLOYgqn/ITEBuN7gEhVZ+s/zSozh1Rx3S15SGex9KWa0cxhDOFms+
tIsotnUaMTamxKqn4j8HayKuu9jlMWK+5YCwKZDJ72APxrKX06lPThQra+DeEgAM
z7IoyZWX0e4M8xIeDYM5YWHbBwnlgWAtz+RJlB5IKLtZvi8PLblUBLrzrY1LrcIV
+UyR04WNT7cOCSpp+Q5Cd0oywMYHNHq2fpgcN/ZMiR4pcQSpAVJx
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:45:41 2025 by rpki-client