Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/CKONDPxVXaGqFRFBjLqFr7_92Lo.roa
File: CKONDPxVXaGqFRFBjLqFr7_92Lo.roa (raw, json)
Hash identifier: ZvuiAOEu8POi5YqENEuid9U20aHUFLeEuBZMvXpN+R0=
Subject key identifier: 08:A3:8D:0C:FC:55:5D:A1:AA:15:11:41:8C:BA:85:AF:BF:FD:D8:BA
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 0188F9451D8AD47BBD7C0DCC2AC62403A574
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/CKONDPxVXaGqFRFBjLqFr7_92Lo.roa
Signing time: Mon 26 Jun 2023 19:53:56 +0000
ROA not before: Mon 26 Jun 2023 19:53:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0f:fd00::/32 maxlen: 32
2a0e:5040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f9:45:1d:8a:d4:7b:bd:7c:0d:cc:2a:c6:24:03:a5:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Jun 26 19:53:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08a38d0cfc555da1aa1511418cba85afbffdd8ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d3:d4:d4:18:26:6b:c5:45:6e:fe:d6:11:69:
26:7b:77:f6:05:8e:6f:d2:18:13:eb:15:71:ba:12:
8f:f3:e5:d9:fd:64:d8:24:7e:8b:63:94:a5:a3:30:
8d:c2:e5:68:c5:bf:7e:c5:eb:ea:3a:85:42:b8:2b:
3b:76:38:ed:12:a3:e3:6f:03:7c:b7:fa:34:b1:c7:
f2:84:d4:aa:00:aa:17:ca:17:af:14:50:50:39:b0:
dd:69:82:ac:8a:e4:61:a7:2a:0b:54:03:80:4a:e5:
18:18:c6:86:b4:e1:48:8a:9d:29:ec:28:8a:bd:61:
71:20:e9:52:a0:fd:31:b4:d3:74:f9:20:e5:9c:0d:
2f:4b:57:56:d1:d2:8a:74:c7:27:d4:13:36:37:5d:
27:64:b4:1b:bc:9b:01:29:68:f0:8a:e7:9f:78:ff:
98:b1:57:91:52:50:1b:6c:d1:4b:50:0e:15:bb:59:
8f:f3:b4:8d:d0:c6:6b:92:67:33:d9:58:78:7b:01:
8b:2f:4b:b3:2a:f6:6c:75:c2:c4:bc:03:19:f8:c0:
42:ab:34:e0:18:ec:f0:dc:12:9d:2c:38:2c:95:7e:
df:d6:1f:97:d2:03:55:17:03:a2:a3:20:58:21:7f:
8f:0b:83:24:99:a5:07:b7:51:a4:0e:28:3d:38:cf:
ed:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A3:8D:0C:FC:55:5D:A1:AA:15:11:41:8C:BA:85:AF:BF:FD:D8:BA
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/CKONDPxVXaGqFRFBjLqFr7_92Lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/32
Signature Algorithm: sha256WithRSAEncryption
18:27:ad:e4:8e:e6:c8:76:96:97:8c:77:dc:5d:0d:8c:9b:b4:
6d:d2:fa:cd:2b:dc:22:c5:71:3b:c4:6c:e9:17:55:ef:58:7f:
9e:42:fd:45:5b:de:b8:03:9a:52:ac:cc:96:49:09:35:30:89:
3a:f7:69:68:97:34:83:2b:2e:68:c3:92:03:30:42:eb:40:c2:
e5:79:e6:a2:74:9d:a0:8e:2a:b8:4c:3c:5e:b8:3d:9d:54:1f:
c5:de:31:b2:95:9b:40:82:f1:4c:a7:ec:05:c4:61:8d:72:83:
8a:2f:af:03:d4:0a:f9:78:63:78:8d:e5:4f:e3:1d:a3:0a:54:
d5:86:6c:94:a6:81:5a:64:48:e5:fe:04:bb:e9:c8:ed:78:c3:
98:52:d7:cb:6b:e5:06:dc:33:26:9d:68:2f:52:80:b9:56:be:
cd:68:0e:f9:61:fe:9b:3c:c4:62:05:24:89:8e:47:8f:40:53:
f7:d6:db:41:68:75:37:f5:68:c5:b2:db:7c:a8:f3:52:a9:f0:
8a:ba:93:b8:ab:18:12:e4:f7:ed:1c:a6:3e:cb:0a:2f:cb:93:
3c:e6:64:9a:43:a3:14:9d:d9:b4:40:6b:04:ae:52:21:82:d1:
e5:c6:1c:2e:c2:6d:2b:2e:1e:0f:af:df:0f:40:31:61:1e:7d:
67:7e:ba:73
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYj5RR2K1Hu9fA3MKsYkA6V0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjMwNjI2MTk1MzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGEzOGQwY2ZjNTU1ZGExYWExNTExNDE4Y2JhODVhZmJmZmRkOGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNPU1Bgma8VFbv7WEWkme3f2BY5v
0hgT6xVxuhKP8+XZ/WTYJH6LY5SlozCNwuVoxb9+xevqOoVCuCs7djjtEqPjbwN8
t/o0scfyhNSqAKoXyhevFFBQObDdaYKsiuRhpyoLVAOASuUYGMaGtOFIip0p7CiK
vWFxIOlSoP0xtNN0+SDlnA0vS1dW0dKKdMcn1BM2N10nZLQbvJsBKWjwiuefeP+Y
sVeRUlAbbNFLUA4Vu1mP87SN0MZrkmcz2Vh4ewGLL0uzKvZsdcLEvAMZ+MBCqzTg
GOzw3BKdLDgslX7f1h+X0gNVFwOioyBYIX+PC4MkmaUHt1GkDig9OM/tlQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAijjQz8VV2hqhURQYy6ha+//di6MB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvQ0tPTkRQeFZYYUdxRlJGQmpMcUZyN185MkxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUAKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAGCet5I7myHaW
l4x33F0NjJu0bdL6zSvcIsVxO8Rs6RdV71h/nkL9RVveuAOaUqzMlkkJNTCJOvdp
aJc0gysuaMOSAzBC60DC5XnmonSdoI4quEw8Xrg9nVQfxd4xspWbQILxTKfsBcRh
jXKDii+vA9QK+XhjeI3lT+MdowpU1YZslKaBWmRI5f4Eu+nI7XjDmFLXy2vlBtwz
Jp1oL1KAuVa+zWgO+WH+mzzEYgUkiY5Hj0BT99bbQWh1N/VoxbLbfKjzUqnwirqT
uKsYEuT37RymPssKL8uTPOZkmkOjFJ3ZtEBrBK5SIYLR5cYcLsJtKy4eD6/fD0Ax
YR59Z366cw==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:54:42 2025 by rpki-client