Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/PaKWCdbZDkZysy4s0Ihi8tOpuIE.roa
File: PaKWCdbZDkZysy4s0Ihi8tOpuIE.roa (raw, json)
Hash identifier: zZ51PnOWEPanxnGe4QDkbScq5H8fvVpnwISzo4C+7gI=
Subject key identifier: 3D:A2:96:09:D6:D9:0E:46:72:B3:2E:2C:D0:88:62:F2:D3:A9:B8:81
Certificate issuer: /CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Certificate serial: 01856C6F0F7189AE5CB2F2E522F2429DAEEB
Authority key identifier: 37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/PaKWCdbZDkZysy4s0Ihi8tOpuIE.roa
Signing time: Sun 01 Jan 2023 08:24:55 +0000
ROA not before: Sun 01 Jan 2023 08:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212123
IP address blocks: 45.129.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:0f:71:89:ae:5c:b2:f2:e5:22:f2:42:9d:ae:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Validity
Not Before: Jan 1 08:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3da29609d6d90e4672b32e2cd08862f2d3a9b881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f2:bd:f7:27:18:74:03:65:42:fd:18:95:4c:
48:59:b2:c7:37:e9:29:64:5a:ff:d0:2d:ab:bb:04:
eb:4d:4c:91:55:44:1f:a8:1c:a8:84:fb:60:91:bc:
4e:61:1a:d3:bb:55:d4:68:37:5d:1a:2e:00:db:44:
9a:dc:75:92:8b:90:c1:00:e8:0e:c5:82:9f:66:e5:
21:ef:19:d4:30:14:a2:42:19:e9:1f:c0:45:08:2f:
e0:01:a1:cd:6b:c0:65:e3:ea:5d:42:56:52:b9:ef:
81:ae:f4:57:04:f6:4a:49:7a:6e:a4:50:f6:91:fe:
d9:5e:ff:55:b5:83:e8:7b:52:c3:d7:c8:e2:b9:0f:
fb:a5:e7:b5:a7:74:98:09:85:49:2b:39:79:98:d8:
4e:b6:da:18:88:9c:65:bf:45:51:e8:c5:a2:45:e9:
4b:83:be:df:8a:d4:c9:c5:b0:ae:7e:b9:f1:93:b4:
e0:96:d9:9e:68:e1:95:b9:76:45:c1:8d:1d:83:d2:
7b:fe:88:64:67:8e:6b:31:bd:62:fa:55:48:82:d2:
22:67:47:fe:c6:55:ad:ad:49:5d:18:8d:c2:dd:4e:
e8:dc:f3:38:9a:5a:a5:8d:6f:be:b4:1e:a8:0e:b9:
6e:6b:52:e7:a6:ec:c6:10:8d:46:a4:fc:4c:d7:84:
45:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A2:96:09:D6:D9:0E:46:72:B3:2E:2C:D0:88:62:F2:D3:A9:B8:81
X509v3 Authority Key Identifier:
keyid:37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/PaKWCdbZDkZysy4s0Ihi8tOpuIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.94.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:12:1d:7c:b2:51:14:fa:e2:4c:b8:32:ee:ca:78:da:d9:48:
59:47:b2:9c:dc:51:91:79:05:26:fc:1b:34:e6:22:e5:eb:fe:
b5:d4:d1:0b:69:b9:c4:82:c5:38:8a:2b:e1:d2:6a:09:3e:61:
a1:02:2e:e4:0d:e5:db:9a:71:0b:9e:ca:c5:f0:af:ff:33:f0:
81:52:e9:aa:e0:22:95:69:c4:8c:c3:a8:85:e5:69:d7:c9:76:
a2:d7:af:47:3d:90:41:ad:7d:9e:89:76:7d:51:38:88:35:bd:
49:63:95:40:48:67:74:94:4d:fc:7a:57:c9:2c:06:80:b7:3d:
b6:ec:f2:09:54:be:2f:80:75:68:5c:53:0d:50:e3:58:ca:c0:
03:ee:ef:dd:78:25:00:3c:13:18:8a:4b:21:7d:13:3c:e0:a0:
42:89:21:30:9e:16:ac:2a:a7:86:61:b3:28:51:fb:59:82:73:
b6:79:cf:3e:47:92:76:5e:b2:78:d0:ad:f4:6c:90:68:f9:43:
ba:c4:f4:e9:60:a4:ee:49:7f:9a:e9:83:ce:d1:8c:a6:68:37:
2d:04:42:40:09:30:bf:98:bd:02:26:0b:d2:49:a9:8c:b4:79:
78:8c:8e:47:d9:1a:c7:db:6b:af:08:a5:43:eb:99:f5:35:d4:
1e:1f:a9:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbw9xia5csvLlIvJCna7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MGU1NDUwZDE0ODY3ODBhYmE1NGYwNDVlYzQ4MDJmMTlm
MGI0ZjcwHhcNMjMwMTAxMDgyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGEyOTYwOWQ2ZDkwZTQ2NzJiMzJlMmNkMDg4NjJmMmQzYTliODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPK99ycYdANlQv0YlUxIWbLHN+kp
ZFr/0C2ruwTrTUyRVUQfqByohPtgkbxOYRrTu1XUaDddGi4A20Sa3HWSi5DBAOgO
xYKfZuUh7xnUMBSiQhnpH8BFCC/gAaHNa8Bl4+pdQlZSue+BrvRXBPZKSXpupFD2
kf7ZXv9VtYPoe1LD18jiuQ/7pee1p3SYCYVJKzl5mNhOttoYiJxlv0VR6MWiRelL
g77fitTJxbCufrnxk7TgltmeaOGVuXZFwY0dg9J7/ohkZ45rMb1i+lVIgtIiZ0f+
xlWtrUldGI3C3U7o3PM4mlqljW++tB6oDrlua1LnpuzGEI1GpPxM14RF5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2ilgnW2Q5GcrMuLNCIYvLTqbiBMB8GA1UdIwQY
MBaAFDcOVFDRSGeAq6VPBF7EgC8Z8LT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgt
ODU4ZGNlNTdmY2RiLzEvUGFLV0NkYlpEa1p5c3k0czBJaGk4dE9wdUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgtODU4ZGNlNTdmY2Ri
LzEvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYFeMA0G
CSqGSIb3DQEBCwUAA4IBAQA+Eh18slEU+uJMuDLuynja2UhZR7Kc3FGReQUm/Bs0
5iLl6/611NELabnEgsU4iivh0moJPmGhAi7kDeXbmnELnsrF8K//M/CBUumq4CKV
acSMw6iF5WnXyXai169HPZBBrX2eiXZ9UTiINb1JY5VASGd0lE38elfJLAaAtz22
7PIJVL4vgHVoXFMNUONYysAD7u/deCUAPBMYikshfRM84KBCiSEwnhasKqeGYbMo
UftZgnO2ec8+R5J2XrJ40K30bJBo+UO6xPTpYKTuSX+a6YPO0YymaDctBEJACTC/
mL0CJgvSSamMtHl4jI5H2RrH22uvCKVD65n1NdQeH6kd
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:46 2025 by rpki-client