Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/3xdiVKN0iZ6G87UCQtM3t0fgy1Y.roa
File: 3xdiVKN0iZ6G87UCQtM3t0fgy1Y.roa (raw, json)
Hash identifier: spchLkp2HwwJuBCxOAUnYvL4zvU3ApfoXVhKQQO5fLc=
Subject key identifier: DF:17:62:54:A3:74:89:9E:86:F3:B5:02:42:D3:37:B7:47:E0:CB:56
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 018B196A63B7E114CA5FCD876B6C307C664F
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/3xdiVKN0iZ6G87UCQtM3t0fgy1Y.roa
Signing time: Tue 10 Oct 2023 11:48:04 +0000
ROA not before: Tue 10 Oct 2023 11:48:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0f:fd00::/29 maxlen: 32
2a0e:5040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:6a:63:b7:e1:14:ca:5f:cd:87:6b:6c:30:7c:66:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Oct 10 11:48:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df176254a374899e86f3b50242d337b747e0cb56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:60:54:c2:52:8b:93:16:8a:ef:10:fd:65:41:
8d:75:98:07:89:fe:eb:2a:ac:72:08:1f:e7:8e:e7:
89:ca:30:42:51:e8:2e:93:88:54:81:56:44:ba:ea:
c0:1c:a4:40:d5:e6:77:ef:cb:2a:19:9b:cb:c2:7c:
66:0d:8b:68:0c:2a:cd:34:fa:02:43:1b:13:36:0c:
03:df:c7:98:07:a2:9e:6f:e3:98:7f:fb:0a:fb:6e:
fd:1c:a7:64:4a:28:b9:97:c7:d4:51:eb:e4:7a:2c:
75:c4:87:fd:c2:77:75:4c:16:9e:20:cd:e9:ba:80:
cd:cd:87:b5:69:66:8d:f2:92:7d:52:04:1d:26:88:
f0:45:ae:6b:a1:d2:cd:e1:8d:03:87:4e:e7:ca:46:
df:c4:83:d9:e8:9d:d2:7c:0f:fd:31:dd:60:9b:3a:
d4:91:94:88:0e:c3:d1:79:84:e8:26:7a:75:0c:4c:
da:28:2b:b0:dc:10:66:51:7a:dd:f8:f9:3c:a4:e6:
59:37:7e:98:4f:f4:97:0f:d0:4f:82:8b:8d:b4:ac:
bc:47:dc:4c:10:d2:c3:17:10:37:1b:30:1f:13:8b:
6a:0c:34:d7:ef:3b:6d:bb:a3:49:06:db:ef:7f:ce:
40:cf:86:3a:b5:3e:23:5c:2c:82:6e:1b:1d:98:a4:
43:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:17:62:54:A3:74:89:9E:86:F3:B5:02:42:D3:37:B7:47:E0:CB:56
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/3xdiVKN0iZ6G87UCQtM3t0fgy1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
91:21:fa:5a:76:ea:41:5a:fc:16:f0:7d:00:6e:85:da:56:a5:
23:98:27:2d:f6:7c:be:f7:37:ab:01:67:96:36:d5:84:c4:5e:
c5:f1:2e:08:33:a1:40:28:6f:26:64:97:46:73:bd:cc:ce:3c:
06:49:96:fe:42:7f:09:aa:88:6c:10:f6:e7:21:af:52:15:65:
95:6c:a1:15:c2:85:5d:22:f2:7f:ca:87:a7:39:26:a7:92:c7:
92:c1:6c:c1:66:3a:e0:c5:ca:3d:13:26:20:9a:ee:2e:fb:3e:
be:0e:dd:3f:e8:45:bf:41:5d:0d:ef:8c:c9:72:30:8d:94:f4:
70:a7:6a:38:12:26:fe:bf:2f:b5:f9:f6:26:11:42:db:05:35:
f7:fe:0e:92:50:bb:23:38:7d:14:35:a7:2f:6d:c4:72:78:18:
5d:84:e1:d7:ab:f4:7c:9b:c1:46:91:d2:25:dd:d3:f3:aa:d5:
f8:c5:0e:dc:42:09:38:5c:43:d8:dc:91:62:be:e7:51:8b:72:
e7:aa:b6:cb:36:00:49:69:0f:71:8a:85:0f:36:e5:be:88:64:
6e:2f:c4:15:b1:76:61:e5:30:b9:c0:a9:83:4d:cf:d2:52:53:
03:2b:eb:17:92:e5:05:91:a3:91:c6:d6:60:8c:ef:ec:f6:14:
e4:92:6e:30
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYsZamO34RTKX82Ha2wwfGZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjMxMDEwMTE0ODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjE3NjI1NGEzNzQ4OTllODZmM2I1MDI0MmQzMzdiNzQ3ZTBjYjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGBUwlKLkxaK7xD9ZUGNdZgHif7r
KqxyCB/njueJyjBCUeguk4hUgVZEuurAHKRA1eZ378sqGZvLwnxmDYtoDCrNNPoC
QxsTNgwD38eYB6Keb+OYf/sK+279HKdkSii5l8fUUevkeix1xIf9wnd1TBaeIM3p
uoDNzYe1aWaN8pJ9UgQdJojwRa5rodLN4Y0Dh07nykbfxIPZ6J3SfA/9Md1gmzrU
kZSIDsPReYToJnp1DEzaKCuw3BBmUXrd+Pk8pOZZN36YT/SXD9BPgouNtKy8R9xM
ENLDFxA3GzAfE4tqDDTX7zttu6NJBtvvf85Az4Y6tT4jXCyCbhsdmKRD9wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFN8XYlSjdImehvO1AkLTN7dH4MtWMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvM3hkaVZLTjBpWjZHODdVQ1F0TTN0MGZneTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAkSH6WnbqQVr8
FvB9AG6F2lalI5gnLfZ8vvc3qwFnljbVhMRexfEuCDOhQChvJmSXRnO9zM48BkmW
/kJ/CaqIbBD25yGvUhVllWyhFcKFXSLyf8qHpzkmp5LHksFswWY64MXKPRMmIJru
Lvs+vg7dP+hFv0FdDe+MyXIwjZT0cKdqOBIm/r8vtfn2JhFC2wU19/4OklC7Izh9
FDWnL23EcngYXYTh16v0fJvBRpHSJd3T86rV+MUO3EIJOFxD2NyRYr7nUYty56q2
yzYASWkPcYqFDzblvohkbi/EFbF2YeUwucCpg03P0lJTAyvrF5LlBZGjkcbWYIzv
7PYU5JJuMA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:02:46 2025 by rpki-client