Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/RLVLKanZDtiDPhf5k42ZdATmH5w.roa
File: RLVLKanZDtiDPhf5k42ZdATmH5w.roa (raw, json)
Hash identifier: T1sQ2ueBkT9XEAaaU9W/ynoe9JhT+CukbJUutRsyNYI=
Subject key identifier: 44:B5:4B:29:A9:D9:0E:D8:83:3E:17:F9:93:8D:99:74:04:E6:1F:9C
Certificate issuer: /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial: 01866FC1321D3D8A9D838F0CBF77A25CD42A
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/RLVLKanZDtiDPhf5k42ZdATmH5w.roa
Signing time: Mon 20 Feb 2023 16:56:17 +0000
ROA not before: Mon 20 Feb 2023 16:56:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202945
IP address blocks: 45.154.60.0/24 maxlen: 24
2a0f:b100:2::/48 maxlen: 48
2a0f:b100:5::/48 maxlen: 48
2a0f:b100::/44 maxlen: 44
2a0f:b100:6::/48 maxlen: 48
2a0f:b100:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6f:c1:32:1d:3d:8a:9d:83:8f:0c:bf:77:a2:5c:d4:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Validity
Not Before: Feb 20 16:56:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44b54b29a9d90ed8833e17f9938d997404e61f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:70:38:c1:16:ea:02:82:2f:eb:6d:4e:c4:0a:
7b:d8:82:d3:84:01:60:9c:2f:c1:70:01:b3:20:38:
83:26:7e:43:c5:16:e1:15:a5:a3:97:42:2c:b9:5c:
47:f3:d3:20:d2:fb:13:b8:9e:ae:62:ec:a0:cc:62:
1c:87:80:e2:6a:71:8e:cc:60:50:b3:61:95:0e:69:
e5:bb:fe:12:73:3d:eb:28:63:89:59:6b:17:74:fd:
c2:b4:50:5f:41:3d:04:74:1e:6d:d8:f2:28:7e:4e:
5a:52:71:bd:c0:1f:09:ba:4d:dd:e1:c9:d9:e7:4c:
5c:ae:c5:1c:8e:c4:c8:7a:1d:57:d2:67:1d:48:af:
0b:69:32:de:6c:d1:63:a4:6c:b6:4c:7f:a7:82:50:
3d:54:21:00:64:10:22:82:34:78:2d:f7:30:a8:0c:
c6:da:c6:9e:4f:05:3d:b3:b3:06:79:83:98:ba:83:
b4:64:b7:70:d4:77:da:db:f1:7d:0b:39:7b:09:06:
ac:10:98:6a:7c:96:0a:0f:79:50:b8:08:9f:7d:6d:
93:1f:fa:3b:01:94:29:2a:60:d9:6e:66:d4:88:79:
e4:93:64:5f:8e:87:00:a5:3f:bc:8c:8d:5e:22:21:
24:eb:fe:82:42:f9:8a:a9:62:e8:05:04:35:00:4a:
bc:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B5:4B:29:A9:D9:0E:D8:83:3E:17:F9:93:8D:99:74:04:E6:1F:9C
X509v3 Authority Key Identifier:
keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/RLVLKanZDtiDPhf5k42ZdATmH5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.60.0/24
IPv6:
2a0f:b100::/44
Signature Algorithm: sha256WithRSAEncryption
65:f5:ca:06:54:51:41:b7:66:7f:44:f5:fc:bb:13:25:bb:76:
65:f2:be:76:69:c8:af:9f:98:e0:5c:73:93:fd:68:95:c9:ae:
eb:2b:2c:07:48:06:cc:45:41:1a:40:36:d2:6e:03:76:7e:13:
ac:ec:a7:2f:0f:83:ec:4b:26:00:fb:53:4f:09:53:46:82:b8:
e9:80:f4:ba:36:5a:ff:ef:ce:93:ce:d9:9f:92:fd:a2:d2:1b:
1b:9d:44:4d:7c:2e:bc:de:6a:15:cf:eb:0c:c4:f9:5e:19:90:
56:eb:64:4e:47:0a:00:e5:33:72:ce:ca:93:e7:bf:e5:8f:f1:
3d:39:35:5b:e9:95:7f:c1:68:60:7e:8e:aa:e9:f4:52:2d:37:
35:ef:82:e9:c2:84:e6:1d:6c:61:c6:70:d8:11:68:9c:c7:ef:
e4:29:6a:7b:32:7d:1b:f3:93:ee:31:25:7e:f2:d9:17:09:68:
0e:84:32:a8:80:91:00:34:2b:df:bc:49:51:d7:c5:90:09:87:
d8:cb:39:3d:ba:33:d3:40:cb:f2:a5:4b:96:7d:f1:6a:28:c1:
17:f7:77:9b:66:55:e2:74:8b:8b:2c:66:35:51:e5:c6:d4:45:
64:94:17:98:53:15:89:43:95:d4:68:62:74:e4:8b:46:8c:40:
b9:53:f5:b7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZvwTIdPYqdg48Mv3eiXNQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjMwMjIwMTY1NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGI1NGIyOWE5ZDkwZWQ4ODMzZTE3Zjk5MzhkOTk3NDA0ZTYxZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXA4wRbqAoIv621OxAp72ILThAFg
nC/BcAGzIDiDJn5DxRbhFaWjl0IsuVxH89Mg0vsTuJ6uYuygzGIch4DianGOzGBQ
s2GVDmnlu/4Scz3rKGOJWWsXdP3CtFBfQT0EdB5t2PIofk5aUnG9wB8Juk3d4cnZ
50xcrsUcjsTIeh1X0mcdSK8LaTLebNFjpGy2TH+nglA9VCEAZBAigjR4LfcwqAzG
2saeTwU9s7MGeYOYuoO0ZLdw1Hfa2/F9Czl7CQasEJhqfJYKD3lQuAiffW2TH/o7
AZQpKmDZbmbUiHnkk2RfjocApT+8jI1eIiEk6/6CQvmKqWLoBQQ1AEq8jwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFES1Symp2Q7Ygz4X+ZONmXQE5h+cMB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEvUkxWTEthblpEdGlEUGhmNWs0MlpkQVRtSDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZo8MA8E
AgACMAkDBwQqD7EAAAAwDQYJKoZIhvcNAQELBQADggEBAGX1ygZUUUG3Zn9E9fy7
EyW7dmXyvnZpyK+fmOBcc5P9aJXJrusrLAdIBsxFQRpANtJuA3Z+E6zspy8Pg+xL
JgD7U08JU0aCuOmA9Lo2Wv/vzpPO2Z+S/aLSGxudRE18LrzeahXP6wzE+V4ZkFbr
ZE5HCgDlM3LOypPnv+WP8T05NVvplX/BaGB+jqrp9FItNzXvgunChOYdbGHGcNgR
aJzH7+QpansyfRvzk+4xJX7y2RcJaA6EMqiAkQA0K9+8SVHXxZAJh9jLOT26M9NA
y/KlS5Z98WoowRf3d5tmVeJ0i4ssZjVR5cbURWSUF5hTFYlDldRoYnTki0aMQLlT
9bc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:08 2025 by rpki-client