Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/typpnsZun30bWIDWFJIRjf-SzMY.roa
File: typpnsZun30bWIDWFJIRjf-SzMY.roa (raw, json)
Hash identifier: Lfc8ILmc1hwIiZgD/ydrHudYSnnc6X9yRFCP1re1gbQ=
Subject key identifier: B7:2A:69:9E:C6:6E:9F:7D:1B:58:80:D6:14:92:11:8D:FF:92:CC:C6
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 08C83D32
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/typpnsZun30bWIDWFJIRjf-SzMY.roa
Signing time: Wed 13 Apr 2022 18:04:31 +0000
ROA not before: Wed 13 Apr 2022 18:04:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59741
IP address blocks: 185.73.240.0/24 maxlen: 24
185.73.241.0/24 maxlen: 24
45.155.78.0/24 maxlen: 24
45.155.79.0/24 maxlen: 24
45.141.52.0/22 maxlen: 24
2a05:4740::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147340594 (0x8c83d32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Apr 13 18:04:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b72a699ec66e9f7d1b5880d61492118dff92ccc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:82:11:d2:fe:4e:54:6c:bb:b0:ec:b4:cb:4c:
f3:1d:4f:40:5a:2a:94:23:87:2f:8a:1d:da:f8:6d:
dd:57:38:e6:87:d2:eb:41:67:89:ed:7a:e9:bf:62:
b2:3f:d9:eb:bb:2c:f5:77:20:2e:59:4b:e1:d9:1f:
12:70:d6:28:1e:0f:7d:55:4f:26:2b:c2:68:fd:79:
a9:da:3c:a3:cc:61:66:22:35:83:a0:d9:ac:c1:8a:
8c:80:6d:ad:44:0e:01:c9:2d:f1:fb:90:2b:39:70:
ad:eb:6d:b6:1f:74:e9:26:fc:d8:c8:00:8f:f2:f5:
44:0a:b8:7f:62:03:67:4f:67:dd:c2:73:47:7f:97:
66:d6:cf:c5:4e:fc:ca:97:63:aa:3a:e0:40:c9:8a:
f0:98:0a:2b:87:98:37:87:f6:1c:c0:d3:3b:1c:cc:
d1:64:c1:36:da:47:f3:83:a8:94:ba:c8:c3:77:bb:
b7:ec:e9:68:03:5b:1e:d7:af:c0:c4:2f:09:42:81:
af:2a:b2:27:78:b9:5b:1d:56:d2:65:df:3d:81:c2:
4c:44:87:f0:47:1d:02:1f:65:c0:d6:55:de:f6:b6:
12:a9:62:c6:1c:3f:b8:23:fe:05:6d:8f:a5:b4:e8:
a9:fc:f0:af:68:5f:dc:b9:8d:55:24:ab:0e:f0:d6:
3d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2A:69:9E:C6:6E:9F:7D:1B:58:80:D6:14:92:11:8D:FF:92:CC:C6
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/typpnsZun30bWIDWFJIRjf-SzMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.52.0/22
45.155.78.0/23
185.73.240.0/23
IPv6:
2a05:4740::/32
Signature Algorithm: sha256WithRSAEncryption
51:27:e0:62:51:26:90:75:ec:2b:59:ab:a4:09:ed:3c:1c:12:
ad:7d:60:5c:63:9c:37:68:eb:d9:db:c4:62:98:ad:57:5c:21:
fd:5e:f9:bb:dc:d0:ff:2e:6f:e6:21:64:d6:41:cc:9d:74:e1:
42:42:e7:60:38:92:29:ef:2f:11:ed:72:7a:e6:65:23:f0:9c:
8a:69:af:70:cd:c8:44:18:a9:ef:84:dd:15:1e:71:d7:48:c9:
0e:f0:b3:ba:cc:d8:2b:ee:3f:f1:5a:3b:35:f9:7d:6f:50:af:
dc:37:f2:8a:f3:9a:f0:0b:b5:a8:6d:65:60:0a:7a:a0:93:fa:
6b:42:e4:24:e6:ed:aa:2f:54:f9:b4:91:59:9f:6b:5c:b8:a1:
c2:61:46:cf:72:d2:bb:89:e3:c4:d3:6a:c8:6f:34:40:c0:4d:
6b:7d:a2:59:92:0e:a5:ad:28:b0:cc:42:0c:2a:4b:84:2d:37:
d9:ed:96:aa:0e:dd:87:11:cf:a9:7a:ca:c0:26:c4:ba:92:75:
65:54:1d:e4:a5:3c:5c:cf:8a:b1:3d:f5:b9:72:d4:16:8c:60:
bf:f1:36:5c:62:95:eb:b6:30:4a:8b:48:4f:29:78:f9:d7:fc:
ea:68:88:8f:55:35:e8:cf:02:1d:de:3d:89:76:e7:a2:d7:3e:
28:10:98:3a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECMg9MjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjQ3NGFjN2NhODVlMDljMmQ0OGIzM2U3YmY2NmY4ZWQ3NjRkZTBmMB4XDTIyMDQx
MzE4MDQzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjcyYTY5OWVjNjZl
OWY3ZDFiNTg4MGQ2MTQ5MjExOGRmZjkyY2NjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqCEdL+TlRsu7DstMtM8x1PQFoqlCOHL4od2vht3Vc45ofS
60Fnie166b9isj/Z67ss9XcgLllL4dkfEnDWKB4PfVVPJivCaP15qdo8o8xhZiI1
g6DZrMGKjIBtrUQOAckt8fuQKzlwrettth906Sb82MgAj/L1RAq4f2IDZ09n3cJz
R3+XZtbPxU78ypdjqjrgQMmK8JgKK4eYN4f2HMDTOxzM0WTBNtpH84OolLrIw3e7
t+zpaANbHtevwMQvCUKBryqyJ3i5Wx1W0mXfPYHCTESH8EcdAh9lwNZV3va2Eqli
xhw/uCP+BW2PpbToqfzwr2hf3LmNVSSrDvDWPa8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBS3Kmmexm6ffRtYgNYUkhGN/5LMxjAfBgNVHSMEGDAWgBQyR0rHyoXgnC1I
sz579m+O12TeDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01rZEt4OHFGNEp3dFNMTS1lX1p2anRkazNnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvMWZkMGE2LTQ1MTctNGEwYi1iM2M5LTEyZWMyMmM5YzVhMi8x
L3R5cHBuc1p1bjMwYldJRFdGSklSamYtU3pNWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
MWZkMGE2LTQ1MTctNGEwYi1iM2M5LTEyZWMyMmM5YzVhMi8xL01rZEt4OHFGNEp3
dFNMTS1lX1p2anRkazNnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAi2NNAMEAS2bTgMEAblJ8DANBAIA
AjAHAwUAKgVHQDANBgkqhkiG9w0BAQsFAAOCAQEAUSfgYlEmkHXsK1mrpAntPBwS
rX1gXGOcN2jr2dvEYpitV1wh/V75u9zQ/y5v5iFk1kHMnXThQkLnYDiSKe8vEe1y
euZlI/CcimmvcM3IRBip74TdFR5x10jJDvCzuszYK+4/8Vo7Nfl9b1Cv3DfyivOa
8Au1qG1lYAp6oJP6a0LkJObtqi9U+bSRWZ9rXLihwmFGz3LSu4njxNNqyG80QMBN
a32iWZIOpa0osMxCDCpLhC032e2Wqg7dhxHPqXrKwCbEupJ1ZVQd5KU8XM+KsT31
uXLUFoxgv/E2XGKV67YwSotITyl4+df86miIj1U16M8CHd49iXbnotc+KBCYOg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:58 2025 by rpki-client