Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/sUNpuC-9tngA2bnmNZZJzoBoTHY.roa
File: sUNpuC-9tngA2bnmNZZJzoBoTHY.roa (raw, json)
Hash identifier: wWXY9JXg2OU9CjC6QA19Cp0VgWnIpxx8VQfQlZ0wLqs=
Subject key identifier: B1:43:69:B8:2F:BD:B6:78:00:D9:B9:E6:35:96:49:CE:80:68:4C:76
Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922
Certificate serial: 018A8987C15396BB730F758996078D2779C4
Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/sUNpuC-9tngA2bnmNZZJzoBoTHY.roa
Signing time: Tue 12 Sep 2023 13:14:50 +0000
ROA not before: Tue 12 Sep 2023 13:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203172
IP address blocks: 45.129.144.0/22 maxlen: 24
185.249.41.0/24 maxlen: 24
185.249.42.0/24 maxlen: 24
2a0e:5b44::/30 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:89:87:c1:53:96:bb:73:0f:75:89:96:07:8d:27:79:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922
Validity
Not Before: Sep 12 13:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b14369b82fbdb67800d9b9e6359649ce80684c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:96:7a:6d:1d:21:17:df:b6:28:7c:3b:fa:0f:
fc:1d:fe:59:46:a2:7b:fd:b0:e3:60:3e:7d:6f:f4:
07:d5:25:de:b4:61:67:10:88:39:4b:e2:93:5c:93:
a3:8b:24:0f:a3:c6:0a:6b:75:8d:9c:4c:ba:02:b3:
e2:89:6a:b8:a8:21:bf:2c:d9:8d:36:ea:31:c8:3e:
37:02:80:27:eb:64:40:15:7e:4f:f4:03:95:e5:ad:
6c:68:37:37:78:0a:52:2f:42:09:ce:e4:83:b2:12:
da:81:6e:c9:47:c4:c2:90:b3:d4:22:69:fe:72:3d:
f2:35:2f:07:1d:e6:e2:44:5b:5e:c0:c0:6c:9a:c1:
e2:10:0e:49:07:e4:4b:ca:87:28:0d:e3:7f:c0:a0:
1a:b3:95:53:de:74:2e:19:01:1b:62:6e:53:24:50:
59:53:ae:92:30:2b:c7:59:d1:e5:99:da:41:a7:e3:
ef:0c:5b:4b:b7:3f:5c:f3:20:96:01:4b:2e:45:bb:
f0:e1:be:c5:20:50:20:52:f7:f9:ed:bf:4a:c9:18:
c0:d7:f5:c9:ff:a8:cf:51:2d:ec:fd:31:b1:79:62:
4b:89:4c:87:4f:a0:83:06:5e:c0:26:6f:a0:2d:49:
73:2f:24:0f:56:69:c7:80:5a:97:85:52:1d:19:a1:
9c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:43:69:B8:2F:BD:B6:78:00:D9:B9:E6:35:96:49:CE:80:68:4C:76
X509v3 Authority Key Identifier:
keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/sUNpuC-9tngA2bnmNZZJzoBoTHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.144.0/22
185.249.41.0-185.249.42.255
IPv6:
2a0e:5b44::/30
Signature Algorithm: sha256WithRSAEncryption
b6:ce:a6:37:3b:5e:51:62:72:3f:80:57:0e:06:82:d3:33:09:
34:43:f4:07:99:53:ab:3e:d0:64:e1:7e:e0:64:09:53:53:5d:
4b:f7:e2:c1:c6:c2:ec:91:9b:6d:ba:eb:20:90:82:49:20:63:
43:e4:42:54:c9:0f:86:d1:d7:90:65:fd:8f:ad:62:09:a3:15:
e6:ec:90:d9:db:9d:86:d1:e3:3b:32:08:27:cc:5f:0b:42:30:
42:82:34:78:9b:b2:49:8c:3e:4f:70:1c:04:64:8d:2a:2f:c5:
47:bf:df:ac:45:62:a9:05:ea:f3:9d:64:07:99:dc:2b:f2:87:
d9:55:0f:33:be:27:2d:ad:ac:ad:b1:9a:4e:3e:26:1a:a2:7f:
74:0d:ca:bd:fa:b1:60:38:8e:d0:e0:49:4a:2b:42:72:81:97:
2b:68:fd:d6:b6:f8:ab:67:5f:00:48:a2:85:1a:fc:0f:a6:e5:
20:38:57:be:65:93:dd:96:52:69:fa:eb:0f:a2:8d:ca:ef:c3:
ad:8d:5e:47:64:15:c7:cd:7d:8e:df:7a:ac:d1:7d:b2:f2:9e:
56:52:96:ab:e3:e3:d3:f6:c2:31:73:63:a4:83:ed:c8:b5:db:
f3:1d:a7:46:bf:44:27:a3:17:6c:b1:82:b3:45:b0:a3:a0:96:
be:81:52:a0
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYqJh8FTlrtzD3WJlgeNJ3nEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm
NmU5MjIwHhcNMjMwOTEyMTMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQzNjliODJmYmRiNjc4MDBkOWI5ZTYzNTk2NDljZTgwNjg0Yzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5Z6bR0hF9+2KHw7+g/8Hf5ZRqJ7
/bDjYD59b/QH1SXetGFnEIg5S+KTXJOjiyQPo8YKa3WNnEy6ArPiiWq4qCG/LNmN
NuoxyD43AoAn62RAFX5P9AOV5a1saDc3eApSL0IJzuSDshLagW7JR8TCkLPUImn+
cj3yNS8HHebiRFtewMBsmsHiEA5JB+RLyocoDeN/wKAas5VT3nQuGQEbYm5TJFBZ
U66SMCvHWdHlmdpBp+PvDFtLtz9c8yCWAUsuRbvw4b7FIFAgUvf57b9KyRjA1/XJ
/6jPUS3s/TGxeWJLiUyHT6CDBl7AJm+gLUlzLyQPVmnHgFqXhVIdGaGcbQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLFDabgvvbZ4ANm55jWWSc6AaEx2MB8GA1UdIwQY
MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt
ODFjNDA1NTE0OGUwLzEvc1VOcHVDLTl0bmdBMmJubU5aWkp6b0JvVEhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw
LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCLYGQMAwD
BAC5+SkDBAC5+SowDQQCAAIwBwMFAioOW0QwDQYJKoZIhvcNAQELBQADggEBALbO
pjc7XlFicj+AVw4GgtMzCTRD9AeZU6s+0GThfuBkCVNTXUv34sHGwuyRm2266yCQ
gkkgY0PkQlTJD4bR15Bl/Y+tYgmjFebskNnbnYbR4zsyCCfMXwtCMEKCNHibskmM
Pk9wHARkjSovxUe/36xFYqkF6vOdZAeZ3Cvyh9lVDzO+Jy2trK2xmk4+Jhqif3QN
yr36sWA4jtDgSUorQnKBlyto/da2+KtnXwBIooUa/A+m5SA4V75lk92WUmn66w+i
jcrvw62NXkdkFcfNfY7feqzRfbLynlZSlqvj49P2wjFzY6SD7ci12/Mdp0a/RCej
F2yxgrNFsKOglr6BUqA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:09 2025 by rpki-client