Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/Lnw3c-1jSvN69NK1QTarP77ylK4.roa
File: Lnw3c-1jSvN69NK1QTarP77ylK4.roa (raw, json)
Hash identifier: y4mVGaZqNZ9Ygv4zu6+YI+VOMhTEW7lECzyhfkKVvck=
Subject key identifier: 2E:7C:37:73:ED:63:4A:F3:7A:F4:D2:B5:41:36:AB:3F:BE:F2:94:AE
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 018887C1A7D2DD79422D14D4695E65F16053
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/Lnw3c-1jSvN69NK1QTarP77ylK4.roa
Signing time: Sun 04 Jun 2023 18:53:15 +0000
ROA not before: Sun 04 Jun 2023 18:53:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0f:fd00::/29 maxlen: 64
2a0e:5040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:87:c1:a7:d2:dd:79:42:2d:14:d4:69:5e:65:f1:60:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Jun 4 18:53:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e7c3773ed634af37af4d2b54136ab3fbef294ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6b:87:3b:8d:7f:25:6f:fc:85:83:c7:07:ec:
23:b7:f5:bb:cd:ce:8a:a3:69:34:26:65:64:95:3d:
a0:e8:62:9a:a5:fe:32:63:d7:d5:fd:1d:9e:2b:1f:
3f:78:5f:06:fe:b8:29:e9:32:f2:c5:f5:e2:a9:67:
fe:0b:c4:ce:79:69:6f:af:14:46:a4:21:07:e3:11:
09:35:46:c1:44:79:51:46:6f:f8:55:4f:b8:30:99:
4a:9c:b1:04:81:9a:2d:f2:7b:59:e9:0a:a8:16:cf:
70:4e:f8:86:2e:79:7c:df:cd:2f:21:5b:be:52:d2:
5b:7e:80:8d:1a:db:d1:8f:39:aa:0d:fb:5b:49:6c:
c3:06:8b:9a:0c:a8:43:0f:88:c3:8d:df:75:e9:3f:
89:14:3d:70:0a:c7:c6:dd:c9:8e:a4:b9:19:96:dd:
47:fa:85:ed:e4:4f:4f:07:c7:bb:88:89:07:73:b3:
88:7c:b1:0b:e0:a2:a4:56:24:bb:af:f8:a8:4b:a3:
42:9b:c9:b4:ca:f1:f2:91:ef:7e:e7:e8:bf:17:68:
94:ff:bb:18:e9:dd:80:d7:10:b8:f3:44:15:1d:b9:
05:bb:6b:37:77:92:33:54:2e:49:24:b1:48:b8:d8:
44:5c:1a:9c:09:af:3c:5f:cf:68:e2:73:66:3d:e2:
ac:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:7C:37:73:ED:63:4A:F3:7A:F4:D2:B5:41:36:AB:3F:BE:F2:94:AE
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/Lnw3c-1jSvN69NK1QTarP77ylK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
a1:9a:ed:90:ad:22:ff:ef:6f:38:fe:87:21:ab:bb:4c:dc:33:
92:a4:cc:ff:1b:d3:06:0c:5a:fd:22:e3:f1:f4:bf:1c:58:0f:
f7:ba:e0:00:4a:e5:11:80:b4:dc:d5:1a:8a:c1:02:23:4a:62:
59:46:13:5f:cf:5c:fe:74:f5:77:05:13:9c:d4:88:21:a3:4d:
e9:9c:f5:f6:7d:96:36:34:ab:73:a3:be:61:32:4d:85:9a:c2:
84:94:cb:8d:9f:2a:cc:77:4e:6e:0b:5c:e0:99:ba:79:15:36:
f4:82:f7:92:53:66:9c:60:1d:af:c1:0e:30:01:f3:18:8d:93:
a8:20:09:b7:07:d6:d5:f3:b5:4b:bb:78:f7:cb:9e:0a:c7:f2:
22:81:2f:70:42:c6:d8:f4:c4:f8:40:57:b3:52:16:0e:23:3e:
25:5b:75:ae:6d:fd:1e:7d:27:b1:13:54:55:96:e8:ec:9c:94:
b1:46:b3:af:bb:fa:f6:69:f6:c9:2a:a7:89:32:6b:60:9c:47:
91:39:57:06:a3:bf:db:13:5c:53:dd:66:37:b1:ca:be:05:02:
43:ab:57:f2:60:9e:b8:98:a9:96:af:c9:40:da:bc:46:24:ba:
00:2a:81:da:41:b1:ed:7a:af:8a:bf:5f:ab:e8:99:bb:d9:e1:
ab:ad:08:78
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYiHwafS3XlCLRTUaV5l8WBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjMwNjA0MTg1MzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTdjMzc3M2VkNjM0YWYzN2FmNGQyYjU0MTM2YWIzZmJlZjI5NGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmuHO41/JW/8hYPHB+wjt/W7zc6K
o2k0JmVklT2g6GKapf4yY9fV/R2eKx8/eF8G/rgp6TLyxfXiqWf+C8TOeWlvrxRG
pCEH4xEJNUbBRHlRRm/4VU+4MJlKnLEEgZot8ntZ6QqoFs9wTviGLnl8380vIVu+
UtJbfoCNGtvRjzmqDftbSWzDBouaDKhDD4jDjd916T+JFD1wCsfG3cmOpLkZlt1H
+oXt5E9PB8e7iIkHc7OIfLEL4KKkViS7r/ioS6NCm8m0yvHyke9+5+i/F2iU/7sY
6d2A1xC480QVHbkFu2s3d5IzVC5JJLFIuNhEXBqcCa88X89o4nNmPeKssQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFC58N3PtY0rzevTStUE2qz++8pSuMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvTG53M2MtMWpTdk42OU5LMVFUYXJQNzd5bEs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAoZrtkK0i/+9v
OP6HIau7TNwzkqTM/xvTBgxa/SLj8fS/HFgP97rgAErlEYC03NUaisECI0piWUYT
X89c/nT1dwUTnNSIIaNN6Zz19n2WNjSrc6O+YTJNhZrChJTLjZ8qzHdObgtc4Jm6
eRU29IL3klNmnGAdr8EOMAHzGI2TqCAJtwfW1fO1S7t498ueCsfyIoEvcELG2PTE
+EBXs1IWDiM+JVt1rm39Hn0nsRNUVZbo7JyUsUazr7v69mn2ySqniTJrYJxHkTlX
BqO/2xNcU91mN7HKvgUCQ6tX8mCeuJiplq/JQNq8RiS6ACqB2kGx7Xqvir9fq+iZ
u9nhq60IeA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:54:45 2025 by rpki-client