Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/kZ__xaQM-uO895U8ymoUENDXfu8.roa
File: kZ__xaQM-uO895U8ymoUENDXfu8.roa (raw, json)
Hash identifier: 7yabGksQ5TGBo+C1TR/FKuOVQaOXOpZ0RP8kwyEhUCs=
Subject key identifier: 91:9F:FF:C5:A4:0C:FA:E3:BC:F7:95:3C:CA:6A:14:10:D0:D7:7E:EF
Certificate issuer: /CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Certificate serial: 01856C6F01320EAA2B703746AC09B8F66800
Authority key identifier: 37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/kZ__xaQM-uO895U8ymoUENDXfu8.roa
Signing time: Sun 01 Jan 2023 08:24:52 +0000
ROA not before: Sun 01 Jan 2023 08:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49752
IP address blocks: 45.129.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:01:32:0e:aa:2b:70:37:46:ac:09:b8:f6:68:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Validity
Not Before: Jan 1 08:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=919fffc5a40cfae3bcf7953cca6a1410d0d77eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:94:2c:aa:83:ee:36:fe:6a:d1:b2:48:04:2f:
d5:ed:b9:80:ee:ad:81:04:8a:be:8e:23:b6:cc:a0:
2c:dc:3b:a0:88:af:2c:1e:f4:df:a9:5b:94:dd:1b:
57:86:24:c6:ab:5b:bb:d1:5b:1e:bf:8c:7b:b2:de:
b8:fe:5c:c9:cc:b6:7c:a7:38:c4:f0:97:40:f8:9f:
3f:34:49:e1:1d:dc:bc:a1:4c:ca:f8:10:a7:f9:90:
ab:c6:9f:6a:59:87:6f:41:27:48:76:78:41:0c:d6:
6d:7a:33:aa:43:03:6f:40:78:6f:a9:11:8d:62:61:
ee:24:0d:ed:47:9c:8c:91:54:2b:6f:fd:03:2b:5a:
2a:ff:aa:9d:39:79:5c:37:fc:66:b5:4b:ee:17:6c:
c8:5b:ea:a1:4e:6b:c0:be:34:ea:d4:f9:a0:98:a5:
f1:d2:75:4d:d3:32:cf:ca:48:17:7b:8b:61:ca:39:
3b:f6:c7:e1:bd:19:b5:b4:6f:dd:ba:bf:78:36:02:
c0:95:8d:ef:f3:80:95:3c:49:39:af:df:48:a5:fd:
5a:ac:96:bc:bc:95:6b:06:99:f6:5f:36:16:49:72:
ce:3a:c3:91:62:13:09:97:19:63:58:46:85:46:d2:
34:dd:b6:91:98:36:bf:5c:15:70:cf:a3:f6:ef:98:
b5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9F:FF:C5:A4:0C:FA:E3:BC:F7:95:3C:CA:6A:14:10:D0:D7:7E:EF
X509v3 Authority Key Identifier:
keyid:37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/kZ__xaQM-uO895U8ymoUENDXfu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.94.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:37:17:6a:e3:34:c3:77:c1:60:44:e9:3a:52:50:fc:2e:61:
d9:7e:2d:10:9d:4b:64:4c:08:fb:16:ff:f7:7c:82:d6:98:d4:
8f:37:18:f7:d5:07:4d:0f:3f:27:3b:95:8f:10:39:32:a0:aa:
2d:2f:6f:74:5f:cb:ee:ad:e8:b2:60:9f:1e:3b:ee:68:7b:ed:
f9:46:b1:ba:65:78:8c:d1:90:82:26:a4:cf:e6:a0:df:c9:bb:
9c:91:91:71:84:ab:54:6a:9c:96:7b:5b:81:35:f0:e5:41:84:
e0:87:c7:18:b2:8c:a1:9c:f2:1d:ef:d4:16:b0:ec:8d:b3:3f:
2e:72:cb:f4:16:50:fc:50:9c:36:7d:8c:3d:f4:6a:b5:28:32:
ed:8e:65:f6:d7:5f:9d:72:4f:cf:92:1d:93:15:e5:10:43:52:
d0:6e:a9:2e:13:3f:3a:75:d5:ed:cc:c6:6c:94:42:ac:76:f1:
16:50:ce:a3:e9:34:82:b6:2d:6d:e4:78:6b:ce:83:f2:e0:39:
9a:65:a5:ea:9c:09:b3:bb:35:9e:12:f6:b7:f6:a2:86:c5:8e:
a6:13:92:46:ee:12:e0:29:6c:22:13:cf:f5:aa:2d:39:71:5c:
ba:8a:22:ca:47:e6:7a:2b:c2:e2:f9:ac:46:bc:4e:fd:05:4f:
c7:ab:1c:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbwEyDqorcDdGrAm49mgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MGU1NDUwZDE0ODY3ODBhYmE1NGYwNDVlYzQ4MDJmMTlm
MGI0ZjcwHhcNMjMwMTAxMDgyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTlmZmZjNWE0MGNmYWUzYmNmNzk1M2NjYTZhMTQxMGQwZDc3ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJQsqoPuNv5q0bJIBC/V7bmA7q2B
BIq+jiO2zKAs3DugiK8sHvTfqVuU3RtXhiTGq1u70Vsev4x7st64/lzJzLZ8pzjE
8JdA+J8/NEnhHdy8oUzK+BCn+ZCrxp9qWYdvQSdIdnhBDNZtejOqQwNvQHhvqRGN
YmHuJA3tR5yMkVQrb/0DK1oq/6qdOXlcN/xmtUvuF2zIW+qhTmvAvjTq1PmgmKXx
0nVN0zLPykgXe4thyjk79sfhvRm1tG/dur94NgLAlY3v84CVPEk5r99Ipf1arJa8
vJVrBpn2XzYWSXLOOsORYhMJlxljWEaFRtI03baRmDa/XBVwz6P275i1sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGf/8WkDPrjvPeVPMpqFBDQ137vMB8GA1UdIwQY
MBaAFDcOVFDRSGeAq6VPBF7EgC8Z8LT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgt
ODU4ZGNlNTdmY2RiLzEva1pfX3hhUU0tdU84OTVVOHltb1VFTkRYZnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgtODU4ZGNlNTdmY2Ri
LzEvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYFeMA0G
CSqGSIb3DQEBCwUAA4IBAQALNxdq4zTDd8FgROk6UlD8LmHZfi0QnUtkTAj7Fv/3
fILWmNSPNxj31QdNDz8nO5WPEDkyoKotL290X8vureiyYJ8eO+5oe+35RrG6ZXiM
0ZCCJqTP5qDfybuckZFxhKtUapyWe1uBNfDlQYTgh8cYsoyhnPId79QWsOyNsz8u
csv0FlD8UJw2fYw99Gq1KDLtjmX211+dck/Pkh2TFeUQQ1LQbqkuEz86ddXtzMZs
lEKsdvEWUM6j6TSCti1t5HhrzoPy4DmaZaXqnAmzuzWeEva39qKGxY6mE5JG7hLg
KWwiE8/1qi05cVy6iiLKR+Z6K8Li+axGvE79BU/HqxzJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:49 2025 by rpki-client