Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/f2cd5e-fd1c-4b47-aa65-5e861165884c/1/2sfX40CMnwD3z4SsRgUszx-hLPM.roa
File: 2sfX40CMnwD3z4SsRgUszx-hLPM.roa (raw, json)
Hash identifier: BJbO5uIiEOyKnLkSdEI9G1+2Z6wk/38KQed3/KKIsFc=
Subject key identifier: DA:C7:D7:E3:40:8C:9F:00:F7:CF:84:AC:46:05:2C:CF:1F:A1:2C:F3
Certificate issuer: /CN=bc98da09f0a45a408f5b7f1bae6d91e3333d5732
Certificate serial: 0185A02F6648A6B019F1A3140B155401329E
Authority key identifier: BC:98:DA:09:F0:A4:5A:40:8F:5B:7F:1B:AE:6D:91:E3:33:3D:57:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJjaCfCkWkCPW38brm2R4zM9VzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/f2cd5e-fd1c-4b47-aa65-5e861165884c/1/2sfX40CMnwD3z4SsRgUszx-hLPM.roa
Signing time: Wed 11 Jan 2023 09:35:38 +0000
ROA not before: Wed 11 Jan 2023 09:35:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 45.133.76.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:2f:66:48:a6:b0:19:f1:a3:14:0b:15:54:01:32:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc98da09f0a45a408f5b7f1bae6d91e3333d5732
Validity
Not Before: Jan 11 09:35:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dac7d7e3408c9f00f7cf84ac46052ccf1fa12cf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:36:1e:04:7e:36:6a:89:52:75:ff:cd:6e:cb:
21:b5:74:8b:ea:be:14:b1:0d:b8:45:eb:5e:0f:bb:
69:60:ae:65:0f:32:4e:91:1f:1b:b0:ab:3d:18:ed:
6b:0d:35:c0:6e:3b:97:77:ca:c0:fb:fb:e1:d0:97:
d5:cc:d8:ed:c8:f1:ff:da:12:be:3b:87:1d:99:75:
f4:0c:f0:17:a1:5e:f3:99:8f:41:20:4a:72:bf:ff:
25:ba:68:e0:f3:e5:29:c0:b6:ae:75:37:62:3d:80:
1a:93:f3:f7:85:c9:53:8e:ed:d6:43:7f:a7:08:ed:
ec:d5:07:22:be:c9:68:44:cb:87:f4:6a:3a:65:08:
27:61:69:1a:32:c1:03:a6:77:b5:69:33:16:14:59:
ed:e0:f4:6e:52:e4:58:b8:45:7a:7c:b3:10:10:e0:
d2:2d:a0:2d:97:f7:a7:28:40:a0:c5:5f:7f:92:87:
b2:7c:c8:83:4a:dd:54:5a:45:7a:ac:af:a6:c8:d1:
86:b4:fd:e6:d8:f6:a4:8e:7a:f1:b7:8f:8a:8b:c3:
84:6f:79:e7:ce:8e:f5:8a:dc:94:e4:b8:3f:31:ff:
3d:4f:1f:44:ca:e4:71:71:d9:65:8e:6e:95:aa:85:
13:5b:dd:9e:a2:02:e1:5d:b2:3b:52:7a:7c:92:d4:
c3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C7:D7:E3:40:8C:9F:00:F7:CF:84:AC:46:05:2C:CF:1F:A1:2C:F3
X509v3 Authority Key Identifier:
keyid:BC:98:DA:09:F0:A4:5A:40:8F:5B:7F:1B:AE:6D:91:E3:33:3D:57:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJjaCfCkWkCPW38brm2R4zM9VzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/f2cd5e-fd1c-4b47-aa65-5e861165884c/1/2sfX40CMnwD3z4SsRgUszx-hLPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/f2cd5e-fd1c-4b47-aa65-5e861165884c/1/vJjaCfCkWkCPW38brm2R4zM9VzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.76.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:9f:bd:be:f9:6d:cc:3e:04:2a:14:e3:47:86:44:c6:91:49:
0c:f8:c3:fa:1d:72:7a:7e:f2:b6:00:89:c1:ef:f7:c9:1d:7f:
ea:ab:13:cd:e3:16:43:88:36:a8:9a:ff:ae:b2:cf:97:cb:51:
a6:30:cd:af:ea:b5:8e:26:3a:9b:f9:ae:28:9c:1e:95:1c:6e:
3a:45:10:96:57:eb:0a:ca:e2:88:25:63:97:dc:cb:ab:d0:41:
8a:c7:23:8b:35:1c:10:0f:58:a2:1f:4e:4f:ae:5f:a3:d1:f6:
12:c3:be:cf:c0:d2:df:69:79:42:63:5a:37:ff:ee:b3:a6:c8:
42:8a:46:bf:33:c0:07:c7:74:e0:63:98:18:1c:24:fe:20:d1:
f4:75:09:1d:3e:a2:22:c3:87:63:03:1e:95:c7:6a:9b:39:a8:
87:43:e9:2d:45:bc:10:5e:90:6d:dd:14:0c:3b:7a:2e:9b:36:
41:0b:64:47:2c:9d:3b:43:e8:d3:a1:ca:22:62:b5:0d:32:a0:
94:be:0c:05:26:64:db:6a:9a:ff:48:35:e8:dc:22:1b:83:14:
bf:e6:47:52:f8:53:eb:a3:64:4a:23:d2:f2:26:f2:72:50:33:
12:1d:44:68:2c:ee:32:2d:48:16:54:61:61:1a:b1:89:e5:c0:
5b:a4:3e:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWgL2ZIprAZ8aMUCxVUATKeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOThkYTA5ZjBhNDVhNDA4ZjViN2YxYmFlNmQ5MWUzMzMz
ZDU3MzIwHhcNMjMwMTExMDkzNTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWM3ZDdlMzQwOGM5ZjAwZjdjZjg0YWM0NjA1MmNjZjFmYTEyY2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDYeBH42aolSdf/NbsshtXSL6r4U
sQ24ReteD7tpYK5lDzJOkR8bsKs9GO1rDTXAbjuXd8rA+/vh0JfVzNjtyPH/2hK+
O4cdmXX0DPAXoV7zmY9BIEpyv/8lumjg8+UpwLaudTdiPYAak/P3hclTju3WQ3+n
CO3s1QcivsloRMuH9Go6ZQgnYWkaMsEDpne1aTMWFFnt4PRuUuRYuEV6fLMQEODS
LaAtl/enKECgxV9/koeyfMiDSt1UWkV6rK+myNGGtP3m2Pakjnrxt4+Ki8OEb3nn
zo71ityU5Lg/Mf89Tx9EyuRxcdlljm6VqoUTW92eogLhXbI7Unp8ktTDiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrH1+NAjJ8A98+ErEYFLM8foSzzMB8GA1UdIwQY
MBaAFLyY2gnwpFpAj1t/G65tkeMzPVcyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkpqYUNmQ2tXa0NQVzM4YnJtMlI0ek05VnpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9mMmNkNWUtZmQxYy00YjQ3LWFhNjUt
NWU4NjExNjU4ODRjLzEvMnNmWDQwQ01ud0QzejRTc1JnVXN6eC1oTFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9mMmNkNWUtZmQxYy00YjQ3LWFhNjUtNWU4NjExNjU4ODRj
LzEvdkpqYUNmQ2tXa0NQVzM4YnJtMlI0ek05VnpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYVMMA0G
CSqGSIb3DQEBCwUAA4IBAQC0n72++W3MPgQqFONHhkTGkUkM+MP6HXJ6fvK2AInB
7/fJHX/qqxPN4xZDiDaomv+uss+Xy1GmMM2v6rWOJjqb+a4onB6VHG46RRCWV+sK
yuKIJWOX3Mur0EGKxyOLNRwQD1iiH05Prl+j0fYSw77PwNLfaXlCY1o3/+6zpshC
ika/M8AHx3TgY5gYHCT+INH0dQkdPqIiw4djAx6Vx2qbOaiHQ+ktRbwQXpBt3RQM
O3oumzZBC2RHLJ07Q+jTocoiYrUNMqCUvgwFJmTbapr/SDXo3CIbgxS/5kdS+FPr
o2RKI9LyJvJyUDMSHURoLO4yLUgWVGFhGrGJ5cBbpD7G
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:24 2025 by rpki-client