Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/Ua7tb7OGjO9MdCBK1z8rPEE3YvA.roa
File: Ua7tb7OGjO9MdCBK1z8rPEE3YvA.roa (raw, json)
Hash identifier: PW5RVb/L8BJzZThF5Y+bQZeKM2TZSPJ7RnF6mIhw22Q=
Subject key identifier: 51:AE:ED:6F:B3:86:8C:EF:4C:74:20:4A:D7:3F:2B:3C:41:37:62:F0
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 01856E54143C8F6B29D25671480FE346293E
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/Ua7tb7OGjO9MdCBK1z8rPEE3YvA.roa
Signing time: Sun 01 Jan 2023 17:14:41 +0000
ROA not before: Sun 01 Jan 2023 17:14:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0f:fd00::/29 maxlen: 29
2a0e:5040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:54:14:3c:8f:6b:29:d2:56:71:48:0f:e3:46:29:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Jan 1 17:14:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51aeed6fb3868cef4c74204ad73f2b3c413762f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e0:78:36:b4:08:36:13:03:56:9a:d0:e8:47:
41:05:84:c4:4c:10:f6:83:00:73:3d:b2:9b:c6:1a:
7c:4a:bd:40:3c:45:e5:47:e0:e2:59:f6:93:7e:08:
e2:39:0b:66:f5:03:46:e7:27:9d:fb:97:78:3b:a2:
e6:bc:0d:f6:7e:9d:39:11:a3:3a:e7:f8:14:c6:6c:
cf:0d:77:e5:c5:1f:16:c3:d3:f0:7f:d8:d8:7a:39:
e2:34:cb:00:a0:8a:4c:d6:b9:5e:6d:32:00:79:13:
0e:78:fd:e1:25:d2:0d:77:9d:65:6b:89:f5:3f:ab:
2c:ff:88:e9:df:de:a8:9b:70:8c:09:62:5e:06:4c:
16:d7:51:37:66:c4:39:27:af:ca:9b:cd:d1:c8:92:
66:16:ae:f5:f2:1a:b3:ce:aa:a4:a8:cd:70:a8:a9:
f8:d1:58:d3:b6:1f:22:5b:49:77:f8:72:15:17:0d:
ee:d6:31:a4:3d:3e:9d:25:18:87:45:a8:ca:c2:84:
88:1e:d1:44:06:4f:4c:ac:fe:36:41:38:2f:74:2d:
27:78:13:81:1f:c2:9d:01:62:d3:1b:fc:db:b4:da:
75:73:53:6f:04:26:6a:3f:4a:32:c9:20:08:bf:79:
70:8b:d3:4c:54:3e:d4:98:d4:c2:11:92:d0:48:b6:
a3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:AE:ED:6F:B3:86:8C:EF:4C:74:20:4A:D7:3F:2B:3C:41:37:62:F0
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/Ua7tb7OGjO9MdCBK1z8rPEE3YvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
98:ad:64:56:ef:7b:fe:e6:c8:e5:90:5b:55:82:1d:55:73:cd:
12:1d:10:ea:22:16:99:76:27:1f:05:85:d5:70:4b:ea:d3:e0:
78:16:94:e5:ac:ab:c4:e7:b5:30:90:5a:cc:78:71:d6:c0:61:
7a:47:97:d8:f6:07:00:a2:db:c0:33:91:89:7d:44:10:11:d5:
6c:ec:46:a5:63:0c:b6:28:f9:94:67:0d:08:a4:5b:54:d4:e0:
cd:89:1c:12:9d:6b:e2:f0:71:e9:78:22:3a:8d:53:37:a7:6f:
46:56:99:51:25:79:c5:97:a3:d8:73:f4:0a:25:d2:e4:78:5d:
26:5b:78:bf:71:91:3b:d4:33:79:1a:97:bd:a2:85:92:41:1d:
05:6f:c5:22:ce:77:74:bd:9d:68:d3:6d:cf:09:97:ef:3c:44:
18:17:5a:14:94:c7:fb:70:9f:c9:1b:e7:a0:3b:33:b6:f6:4e:
4a:46:05:68:75:0c:1f:3d:74:1e:00:b2:08:58:8c:b4:a8:c2:
f9:85:94:6a:11:38:f5:d9:cc:48:d7:d0:bc:82:86:c2:24:11:
ed:44:c5:a3:f9:da:17:fd:3d:f0:b2:54:09:95:5c:ce:8c:23:
98:7c:5e:f1:ca:87:61:27:84:bc:bc:2c:d5:70:24:15:9d:45:
43:75:9a:c5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVuVBQ8j2sp0lZxSA/jRik+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjMwMTAxMTcxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWFlZWQ2ZmIzODY4Y2VmNGM3NDIwNGFkNzNmMmIzYzQxMzc2MmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuB4NrQINhMDVprQ6EdBBYTETBD2
gwBzPbKbxhp8Sr1APEXlR+DiWfaTfgjiOQtm9QNG5yed+5d4O6LmvA32fp05EaM6
5/gUxmzPDXflxR8Ww9Pwf9jYejniNMsAoIpM1rlebTIAeRMOeP3hJdINd51la4n1
P6ss/4jp396om3CMCWJeBkwW11E3ZsQ5J6/Km83RyJJmFq718hqzzqqkqM1wqKn4
0VjTth8iW0l3+HIVFw3u1jGkPT6dJRiHRajKwoSIHtFEBk9MrP42QTgvdC0neBOB
H8KdAWLTG/zbtNp1c1NvBCZqP0oyySAIv3lwi9NMVD7UmNTCEZLQSLajxwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFGu7W+zhozvTHQgStc/KzxBN2LwMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvVWE3dGI3T0dqTzlNZENCSzF6OHJQRUUzWXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAmK1kVu97/ubI
5ZBbVYIdVXPNEh0Q6iIWmXYnHwWF1XBL6tPgeBaU5ayrxOe1MJBazHhx1sBhekeX
2PYHAKLbwDORiX1EEBHVbOxGpWMMtij5lGcNCKRbVNTgzYkcEp1r4vBx6XgiOo1T
N6dvRlaZUSV5xZej2HP0CiXS5HhdJlt4v3GRO9QzeRqXvaKFkkEdBW/FIs53dL2d
aNNtzwmX7zxEGBdaFJTH+3CfyRvnoDsztvZOSkYFaHUMHz10HgCyCFiMtKjC+YWU
ahE49dnMSNfQvIKGwiQR7UTFo/naF/098LJUCZVczowjmHxe8cqHYSeEvLws1XAk
FZ1FQ3WaxQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:02:44 2025 by rpki-client