Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/02y0zgcLDl-aFhtT5Ctk-C6HSJU.roa
File: 02y0zgcLDl-aFhtT5Ctk-C6HSJU.roa (raw, json)
Hash identifier: 6GwuR+d3sN0RkccyxJv1Hq7Qxl6TBDcJEemKijqfzaY=
Subject key identifier: D3:6C:B4:CE:07:0B:0E:5F:9A:16:1B:53:E4:2B:64:F8:2E:87:48:95
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 1B34
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/02y0zgcLDl-aFhtT5Ctk-C6HSJU.roa
Signing time: Tue 26 Apr 2022 12:13:48 +0000
ROA not before: Tue 26 Apr 2022 12:13:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0e:5040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6964 (0x1b34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Apr 26 12:13:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d36cb4ce070b0e5f9a161b53e42b64f82e874895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:48:e7:34:e7:a8:7b:e1:bd:e3:24:fb:15:77:
e2:3e:f8:49:61:9d:26:8b:66:19:18:c8:d9:dd:14:
ef:a0:0d:72:e0:54:fb:c1:f1:97:84:8b:e4:59:00:
58:4f:20:71:1c:f7:41:58:10:d8:73:41:fd:ee:db:
c3:5f:11:f9:c9:74:67:77:7f:1a:e9:ca:b9:66:dd:
aa:0f:bf:be:30:cf:2a:7d:0d:52:62:5c:5e:24:3f:
41:17:64:91:b9:eb:12:7a:bd:bd:1a:23:25:7e:f1:
fe:78:8c:f0:1a:c8:45:85:32:b1:ca:18:1d:96:c6:
74:36:05:b4:8d:2b:15:5c:03:39:f0:8c:3f:7f:7c:
af:39:1d:fc:06:0a:66:2c:25:11:e1:68:18:92:91:
56:38:5d:fc:7c:9f:ce:11:f4:7a:28:3e:84:19:df:
03:a3:77:3c:e2:4e:ee:23:a4:3c:67:e1:0b:e4:26:
f3:79:e0:f3:e1:33:3d:42:87:60:9d:5a:7e:e1:43:
96:dc:fb:ee:a8:e2:24:43:0c:c6:0d:9c:fb:18:8f:
bb:4a:fe:5a:8f:86:89:ab:df:1d:66:51:c1:d0:80:
5f:91:df:8c:f6:ea:4a:5c:41:d4:d5:4d:3f:5d:af:
0f:15:ee:66:8e:8b:25:b3:25:d1:f2:96:6e:f8:7e:
be:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:6C:B4:CE:07:0B:0E:5F:9A:16:1B:53:E4:2B:64:F8:2E:87:48:95
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/02y0zgcLDl-aFhtT5Ctk-C6HSJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
Signature Algorithm: sha256WithRSAEncryption
41:45:8a:87:b7:f8:94:7b:a1:6c:7e:07:4f:f0:f2:a5:4f:e5:
a8:d3:b2:5a:dd:84:98:64:22:a4:b8:f3:d8:ab:2f:66:e2:0b:
49:de:7b:20:cc:1b:39:18:8b:f2:34:25:a8:ca:c9:59:84:cd:
04:37:42:67:e6:44:05:c8:08:e1:a7:fa:56:9c:dd:aa:72:54:
79:2e:bc:e4:d8:21:67:fa:d1:b7:68:ec:41:9a:17:2a:df:56:
34:b0:00:96:e2:9e:dc:73:1d:e2:ac:7d:30:83:82:43:8e:cb:
f8:df:61:3e:07:2a:47:c3:1f:b6:95:a1:84:31:fa:35:28:cc:
2a:1a:bd:8c:45:f0:cb:5f:f5:1f:c4:1d:e7:cc:03:73:cc:17:
ad:a6:0a:36:2e:08:d6:2c:b6:01:f5:fe:86:6b:68:c0:75:f8:
ba:80:b8:67:61:60:3c:e9:cb:c9:2b:05:8f:31:d6:2f:22:dd:
56:1c:ee:0f:cf:5a:67:49:a2:69:50:79:42:de:aa:70:30:fb:
e3:b6:98:18:c3:7f:3e:b1:82:ee:b5:bc:a1:9d:b7:63:cf:6a:
24:dd:e6:73:b1:ea:4e:2f:b0:d2:37:2e:79:b2:e8:d3:fb:dd:
b8:1f:ac:32:e9:2c:44:bd:41:0b:48:06:d6:27:db:1e:37:6b:
5b:fe:83:03
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgICGzQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzU5
ZjFlM2I4MDU1MWU5OGExNmZjMmJiY2I3ZGQ4N2M5YTBlZmUyNTAeFw0yMjA0MjYx
MjEzNDhaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGQzNmNiNGNlMDcwYjBl
NWY5YTE2MWI1M2U0MmI2NGY4MmU4NzQ4OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRSOc056h74b3jJPsVd+I++ElhnSaLZhkYyNndFO+gDXLgVPvB
8ZeEi+RZAFhPIHEc90FYENhzQf3u28NfEfnJdGd3fxrpyrlm3aoPv74wzyp9DVJi
XF4kP0EXZJG56xJ6vb0aIyV+8f54jPAayEWFMrHKGB2WxnQ2BbSNKxVcAznwjD9/
fK85HfwGCmYsJRHhaBiSkVY4Xfx8n84R9HooPoQZ3wOjdzziTu4jpDxn4QvkJvN5
4PPhMz1Ch2CdWn7hQ5bc++6o4iRDDMYNnPsYj7tK/lqPhomr3x1mUcHQgF+R34z2
6kpcQdTVTT9drw8V7maOiyWzJdHylm74fr5nAgMBAAGjggIYMIICFDAdBgNVHQ4E
FgQU02y0zgcLDl+aFhtT5Ctk+C6HSJUwHwYDVR0jBBgwFoAUNZ8eO4BVHpihb8K7
y33YfJoO/iUwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9O
WjhlTzRCVkhwaWhiOEs3eTMzWWZKb09faVUuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2RhLzg5ZmQ0My01NGYwLTRhMTUtYjJiMS0zZjNhMDI3NDhjMmEvMS8w
MnkwemdjTERsLWFGaHRUNUN0ay1DNkhTSlUucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RhLzg5
ZmQ0My01NGYwLTRhMTUtYjJiMS0zZjNhMDI3NDhjMmEvMS9OWjhlTzRCVkhwaWhi
OEs3eTMzWWZKb09faVUuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYI
KwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAItgeAwDQQCAAIwBwMFAyoOUEAwDQYJ
KoZIhvcNAQELBQADggEBAEFFioe3+JR7oWx+B0/w8qVP5ajTslrdhJhkIqS489ir
L2biC0neeyDMGzkYi/I0JajKyVmEzQQ3QmfmRAXICOGn+lac3apyVHkuvOTYIWf6
0bdo7EGaFyrfVjSwAJbintxzHeKsfTCDgkOOy/jfYT4HKkfDH7aVoYQx+jUozCoa
vYxF8Mtf9R/EHefMA3PMF62mCjYuCNYstgH1/oZraMB1+LqAuGdhYDzpy8krBY8x
1i8i3VYc7g/PWmdJomlQeULeqnAw++O2mBjDfz6xgu61vKGdt2PPaiTd5nOx6k4v
sNI3Lnmy6NP73bgfrDLpLES9QQtIBtYn2x43a1v+gwM=
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:52:29 2025 by rpki-client