Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/XNC0HdqKlBjQqaOgN7bKVdRv6u8.roa
File: XNC0HdqKlBjQqaOgN7bKVdRv6u8.roa (raw, json)
Hash identifier: FLKcqtlCa+2rx8e4PBl0cdZzy3S5S8Iyfeq4Id+3UbE=
Subject key identifier: 5C:D0:B4:1D:DA:8A:94:18:D0:A9:A3:A0:37:B6:CA:55:D4:6F:EA:EF
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 0187380CC7C7686BB8D9BA6DBBB11C27A5E0
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/XNC0HdqKlBjQqaOgN7bKVdRv6u8.roa
Signing time: Fri 31 Mar 2023 14:22:54 +0000
ROA not before: Fri 31 Mar 2023 14:22:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0e:5040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:38:0c:c7:c7:68:6b:b8:d9:ba:6d:bb:b1:1c:27:a5:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Mar 31 14:22:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cd0b41dda8a9418d0a9a3a037b6ca55d46feaef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:23:b3:b9:28:13:e2:19:4b:e2:df:21:5b:04:
76:23:37:a5:6f:cd:57:9b:b2:58:87:ea:50:ea:9b:
6a:2c:38:ae:34:c2:a5:86:89:9a:f3:c4:a2:72:18:
e9:e2:6d:e8:f4:a1:ac:5d:9b:7c:cc:36:37:6d:05:
95:70:2e:02:7f:8b:e4:59:b4:02:3c:78:f2:7a:25:
84:eb:31:da:a2:9c:70:0b:27:19:70:d2:0d:fe:f2:
7d:3f:ef:83:87:f4:a1:29:69:21:6e:2f:5c:f8:98:
8c:d2:3a:83:2a:5a:a5:f9:f2:dd:dc:a1:5f:48:3c:
f1:27:a7:20:f7:66:c0:71:7a:e4:10:97:12:ce:92:
4b:df:cf:10:40:49:91:aa:c5:6e:73:5f:f8:f1:0a:
d5:3b:a4:28:bc:ad:92:3a:21:15:a1:e8:20:85:17:
90:76:0c:8c:93:6a:3b:a0:03:8f:3b:b7:8f:2b:98:
ba:a0:ef:4e:7d:67:6b:a9:27:17:05:34:ed:b3:c7:
37:00:34:bc:ed:fb:c3:b1:43:bf:74:60:16:d0:18:
ec:27:f1:63:f1:62:8b:7c:e4:f0:cd:29:ee:fe:a9:
aa:9f:8f:e6:e5:7e:2e:1f:aa:1a:81:89:3c:73:8a:
b7:13:aa:a9:5e:a1:76:2e:29:60:28:00:11:9f:2c:
25:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D0:B4:1D:DA:8A:94:18:D0:A9:A3:A0:37:B6:CA:55:D4:6F:EA:EF
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/XNC0HdqKlBjQqaOgN7bKVdRv6u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
Signature Algorithm: sha256WithRSAEncryption
2b:3f:77:28:0b:7e:34:1a:4b:06:80:7a:74:96:33:67:11:17:
34:b3:99:a6:85:0c:32:37:15:af:08:96:d5:70:e8:12:8e:1d:
d1:e9:7c:84:13:bf:ac:c0:9c:36:d9:34:53:ef:01:7a:7e:a9:
50:21:05:63:d2:53:ec:a4:39:c1:b0:bb:3d:14:b0:4c:ba:36:
2f:fd:b9:1b:09:c3:90:3c:81:c2:21:41:3f:32:72:a0:36:b6:
8c:7e:90:ea:8a:c9:89:26:06:88:78:3f:77:1b:a4:9a:f5:c3:
28:66:80:75:e5:1f:0f:35:a2:21:7c:59:f3:5c:82:8b:e6:9a:
fd:72:b0:6a:27:1d:e5:7b:0b:d5:79:4d:d5:f2:2b:4c:2b:e8:
91:86:54:1e:59:45:24:f8:24:40:33:0f:eb:16:4e:cc:93:28:
07:52:f4:b6:62:0f:77:65:1b:a3:e3:f4:8b:a7:08:0a:be:63:
bd:4b:13:2f:af:be:44:aa:d5:27:3f:1e:2e:1c:40:02:f8:cd:
79:a5:5b:b8:29:84:23:63:51:34:27:39:2d:46:1d:8c:b7:13:
f8:a7:9b:c8:38:bd:c5:a4:83:9e:17:9f:c4:a2:89:01:6b:70:
43:bf:e1:f4:a8:c4:fb:4c:0d:3d:61:c2:5e:43:93:64:39:d0:
ab:74:fb:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYc4DMfHaGu42bptu7EcJ6XgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjMwMzMxMTQyMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2QwYjQxZGRhOGE5NDE4ZDBhOWEzYTAzN2I2Y2E1NWQ0NmZlYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyOzuSgT4hlL4t8hWwR2Izelb81X
m7JYh+pQ6ptqLDiuNMKlhoma88Sichjp4m3o9KGsXZt8zDY3bQWVcC4Cf4vkWbQC
PHjyeiWE6zHaopxwCycZcNIN/vJ9P++Dh/ShKWkhbi9c+JiM0jqDKlql+fLd3KFf
SDzxJ6cg92bAcXrkEJcSzpJL388QQEmRqsVuc1/48QrVO6QovK2SOiEVoegghReQ
dgyMk2o7oAOPO7ePK5i6oO9OfWdrqScXBTTts8c3ADS87fvDsUO/dGAW0BjsJ/Fj
8WKLfOTwzSnu/qmqn4/m5X4uH6oagYk8c4q3E6qpXqF2LilgKAARnywlwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFzQtB3aipQY0KmjoDe2ylXUb+rvMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvWE5DMEhkcUtsQmpRcWFPZ043YktWZFJ2NnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYHgMA0E
AgACMAcDBQMqDlBAMA0GCSqGSIb3DQEBCwUAA4IBAQArP3coC340GksGgHp0ljNn
ERc0s5mmhQwyNxWvCJbVcOgSjh3R6XyEE7+swJw22TRT7wF6fqlQIQVj0lPspDnB
sLs9FLBMujYv/bkbCcOQPIHCIUE/MnKgNraMfpDqismJJgaIeD93G6Sa9cMoZoB1
5R8PNaIhfFnzXIKL5pr9crBqJx3lewvVeU3V8itMK+iRhlQeWUUk+CRAMw/rFk7M
kygHUvS2Yg93ZRuj4/SLpwgKvmO9SxMvr75EqtUnPx4uHEAC+M15pVu4KYQjY1E0
JzktRh2MtxP4p5vIOL3FpIOeF5/EookBa3BDv+H0qMT7TA09YcJeQ5NkOdCrdPvr
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:02:41 2025 by rpki-client