Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/_S3FXgNaHxvlj5svoz_cxsGJ_g4.roa
File: _S3FXgNaHxvlj5svoz_cxsGJ_g4.roa (raw, json)
Hash identifier: kVcjGRe1bGCuxcdALt6ZzSmBtDobJgoQM5zOe/c0aP8=
Subject key identifier: FD:2D:C5:5E:03:5A:1F:1B:E5:8F:9B:2F:A3:3F:DC:C6:C1:89:FE:0E
Certificate issuer: /CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Certificate serial: 018ACB318FE8B3C174BB380521E9A51B2B8C
Authority key identifier: 2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/_S3FXgNaHxvlj5svoz_cxsGJ_g4.roa
Signing time: Mon 25 Sep 2023 07:15:37 +0000
ROA not before: Mon 25 Sep 2023 07:15:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60501
IP address blocks: 45.129.160.0/22 maxlen: 22
81.16.220.0/22 maxlen: 22
2a0e:4cc0::/29 maxlen: 29
2a0f:c2c0::/29 maxlen: 29
2a0d:2640::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:31:8f:e8:b3:c1:74:bb:38:05:21:e9:a5:1b:2b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Validity
Not Before: Sep 25 07:15:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd2dc55e035a1f1be58f9b2fa33fdcc6c189fe0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:22:b5:14:39:a9:5f:86:cc:49:4a:2b:df:b7:
f8:d2:14:f1:25:3e:a6:5c:0b:bf:28:a4:53:3a:80:
70:32:3b:6e:2b:ae:c6:a8:1a:83:0e:8d:d6:3f:fc:
ca:c4:90:69:90:7b:d9:86:96:89:9e:f3:67:32:cd:
b0:b4:82:2d:12:08:b7:54:4b:83:1e:b5:78:35:21:
ce:a0:a7:68:30:73:48:b3:4f:7a:87:97:11:10:94:
0a:96:c9:61:7d:59:5f:b8:32:2e:7a:8b:e4:41:44:
c8:aa:41:ed:47:4f:ca:6d:05:24:50:81:b2:35:ca:
e4:50:23:be:ba:6b:79:33:13:e0:ce:07:08:64:fd:
5c:dc:32:d4:c7:a5:19:7c:8c:77:34:e4:4a:9c:54:
60:61:bc:72:1f:aa:a2:d6:d9:c9:da:20:43:46:4e:
89:3b:c1:a0:fb:18:3c:14:e0:d7:9c:6a:c0:55:bf:
b6:d8:5f:ae:6a:31:60:e9:b3:98:b5:74:27:fe:4e:
12:60:af:bf:1e:d2:cf:45:03:13:76:ed:5d:f8:4c:
5c:c5:b7:18:4f:ab:84:0c:de:f7:92:cd:d7:f9:a7:
35:ca:50:80:01:c1:8e:3c:2f:4c:f5:ad:47:88:c8:
54:8a:8f:4f:0e:bb:f3:8c:8a:75:4f:d4:af:53:d1:
32:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:2D:C5:5E:03:5A:1F:1B:E5:8F:9B:2F:A3:3F:DC:C6:C1:89:FE:0E
X509v3 Authority Key Identifier:
keyid:2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/_S3FXgNaHxvlj5svoz_cxsGJ_g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.160.0/22
81.16.220.0/22
IPv6:
2a0d:2640::/29
2a0e:4cc0::/29
2a0f:c2c0::/29
Signature Algorithm: sha256WithRSAEncryption
ab:0e:08:c6:af:34:60:58:98:fe:53:cf:99:a9:09:31:15:27:
0c:86:0b:f8:3c:2c:00:04:27:cc:4a:ba:e7:07:bc:f8:a8:e2:
98:f5:54:da:5d:82:e7:82:ec:29:b4:47:3b:24:03:87:7b:ff:
ea:7f:a8:51:d3:41:92:51:a4:2e:e4:97:98:5e:76:09:82:39:
95:d7:6b:b4:c8:ff:7a:ef:bf:3c:d5:9c:32:34:24:3c:97:cc:
8a:50:88:57:54:df:0a:ae:97:27:24:39:33:b1:41:55:4d:4d:
12:38:51:16:a8:dc:a0:e9:e4:79:e9:a9:88:6b:df:9b:8d:f7:
43:a0:ec:0c:97:fa:36:e0:ad:b0:95:f9:8c:3f:76:2d:07:1c:
97:47:63:55:95:81:c5:38:40:1e:be:76:8d:d6:c5:0b:6d:e2:
bb:28:ef:8f:21:34:de:c1:bc:af:b3:a3:06:f7:8b:0a:79:59:
41:66:80:6f:e4:f0:89:2f:df:1d:0f:9b:fe:62:d2:65:7c:0c:
d8:3d:da:2d:f4:e0:7f:5c:9c:30:3d:67:e5:24:57:8f:88:6a:
e2:0d:53:ef:65:8f:89:24:88:be:49:06:f2:cd:4e:a6:01:8d:
79:60:b0:ea:99:f5:d2:b9:db:45:01:15:40:04:48:d1:86:57:
8f:f7:f2:49
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYrLMY/os8F0uzgFIemlGyuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNGUyZDM0Y2NlZTQ1NzZiNWNlNzYwNWEwODRlNmMwODUy
MmMyMjgwHhcNMjMwOTI1MDcxNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDJkYzU1ZTAzNWExZjFiZTU4ZjliMmZhMzNmZGNjNmMxODlmZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCK1FDmpX4bMSUor37f40hTxJT6m
XAu/KKRTOoBwMjtuK67GqBqDDo3WP/zKxJBpkHvZhpaJnvNnMs2wtIItEgi3VEuD
HrV4NSHOoKdoMHNIs096h5cREJQKlslhfVlfuDIueovkQUTIqkHtR0/KbQUkUIGy
NcrkUCO+umt5MxPgzgcIZP1c3DLUx6UZfIx3NORKnFRgYbxyH6qi1tnJ2iBDRk6J
O8Gg+xg8FODXnGrAVb+22F+uajFg6bOYtXQn/k4SYK+/HtLPRQMTdu1d+ExcxbcY
T6uEDN73ks3X+ac1ylCAAcGOPC9M9a1HiMhUio9PDrvzjIp1T9SvU9EyawIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFP0txV4DWh8b5Y+bL6M/3MbBif4OMB8GA1UdIwQY
MBaAFCtOLTTM7kV2tc52BaCE5sCFIsIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMt
MDc3YmM4YmExZTVkLzEvX1MzRlhnTmFIeHZsajVzdm96X2N4c0dKX2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMtMDc3YmM4YmExZTVk
LzEvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQCLYGgAwQC
URDcMBsEAgACMBUDBQMqDSZAAwUDKg5MwAMFAyoPwsAwDQYJKoZIhvcNAQELBQAD
ggEBAKsOCMavNGBYmP5Tz5mpCTEVJwyGC/g8LAAEJ8xKuucHvPio4pj1VNpdgueC
7Cm0RzskA4d7/+p/qFHTQZJRpC7kl5hedgmCOZXXa7TI/3rvvzzVnDI0JDyXzIpQ
iFdU3wqulyckOTOxQVVNTRI4URao3KDp5HnpqYhr35uN90Og7AyX+jbgrbCV+Yw/
di0HHJdHY1WVgcU4QB6+do3WxQtt4rso748hNN7BvK+zowb3iwp5WUFmgG/k8Ikv
3x0Pm/5i0mV8DNg92i304H9cnDA9Z+UkV4+IauINU+9lj4kkiL5JBvLNTqYBjXlg
sOqZ9dK520UBFUAESNGGV4/38kk=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:50:36 2025 by rpki-client