Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/ctYVMyN5Ot8-npZSV3qWVJGKtfQ.roa
File: ctYVMyN5Ot8-npZSV3qWVJGKtfQ.roa (raw, json)
Hash identifier: H63YFJ186lJF4FSbXuYkwcB/NLCpxtjojBvQCsLmQgo=
Subject key identifier: 72:D6:15:33:23:79:3A:DF:3E:9E:96:52:57:7A:96:54:91:8A:B5:F4
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 0186EF1FDAA0606037783B4B191FCD82E183
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/ctYVMyN5Ot8-npZSV3qWVJGKtfQ.roa
Signing time: Fri 17 Mar 2023 10:31:27 +0000
ROA not before: Fri 17 Mar 2023 10:31:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0f:fd00::/32 maxlen: 32
2a0e:5040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:1f:da:a0:60:60:37:78:3b:4b:19:1f:cd:82:e1:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Mar 17 10:31:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72d6153323793adf3e9e9652577a9654918ab5f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:66:51:ba:be:fd:d2:72:ca:09:52:8d:aa:3b:
6d:f9:23:38:cd:6b:5e:2d:fa:c9:85:96:e6:8f:69:
56:c0:42:39:98:3a:47:cb:61:3a:29:11:fc:01:ac:
c5:12:16:c4:c8:6f:49:4b:85:25:9f:52:30:8b:53:
1a:69:71:7a:37:3c:56:57:8a:f0:cb:cc:5a:02:92:
dc:fe:6c:bf:40:90:b4:81:6a:d8:db:a6:98:6b:89:
87:70:78:3b:69:63:c1:94:29:a5:1e:a0:1e:c4:00:
7f:9e:e1:8d:ea:d2:95:3c:79:fe:e2:09:43:2b:20:
b4:6e:26:70:48:c1:a0:b0:58:3d:96:5e:25:8e:95:
54:42:97:51:05:8a:23:1b:9f:50:a6:ac:a8:ea:89:
d3:e6:66:3c:ab:21:81:0b:f2:1d:cb:e0:e7:48:a2:
6a:6c:1e:39:04:7e:6f:79:1b:8f:81:a5:a8:8c:74:
ea:7a:2e:cb:40:7c:40:c3:ef:be:94:e0:51:51:b8:
eb:fb:19:7e:bc:67:ba:27:95:84:e5:f3:9a:61:4e:
e9:48:55:eb:be:39:be:63:e5:bf:a7:4c:32:b9:57:
6c:d2:6e:f7:4b:88:6a:1a:4c:0f:9f:17:13:74:41:
d1:b3:b4:3b:9c:70:6f:58:d0:06:44:2e:1a:3f:96:
06:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D6:15:33:23:79:3A:DF:3E:9E:96:52:57:7A:96:54:91:8A:B5:F4
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/ctYVMyN5Ot8-npZSV3qWVJGKtfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/32
Signature Algorithm: sha256WithRSAEncryption
30:13:a7:35:0c:18:05:88:60:86:7c:30:fa:a1:d2:2a:ca:09:
fb:8a:67:5c:2a:a8:e7:a3:3d:bd:99:c3:58:63:b2:07:b4:4d:
dd:05:28:c8:c7:e9:16:a6:88:fe:47:b8:a1:c2:10:06:ea:53:
52:f8:0d:79:ec:e0:a7:8e:33:04:85:b6:0a:f4:a6:08:0b:4c:
75:46:9a:15:8b:49:a7:ae:07:9c:d3:54:e1:4f:c8:2f:06:97:
6d:10:e1:21:29:30:cf:aa:47:af:31:02:97:52:13:fd:9c:7d:
23:2c:99:f2:bb:49:6b:ae:1a:48:7f:8e:1c:90:94:84:80:d7:
9b:f1:68:e1:5a:93:93:04:9d:6f:79:b4:0b:59:dd:e8:0e:6c:
6b:f4:f3:87:05:4e:ca:a1:62:f1:ef:d9:be:09:9b:cb:2f:51:
1f:2d:3c:37:7e:9c:03:1e:d5:8f:f7:99:66:35:34:c8:d6:eb:
ec:44:bc:9c:7d:ea:e6:24:27:99:ef:0c:10:a5:52:4c:cb:ba:
ed:8f:fd:aa:e9:04:53:36:3c:67:97:82:d1:5e:ed:56:f1:ce:
8e:40:af:86:a4:33:19:3c:3d:fa:d9:9a:d9:17:d0:32:31:9c:
9f:4d:71:aa:48:a9:5c:da:95:44:c4:2f:dd:8e:c3:98:7b:9e:
92:ab:26:9a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYbvH9qgYGA3eDtLGR/NguGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjMwMzE3MTAzMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQ2MTUzMzIzNzkzYWRmM2U5ZTk2NTI1NzdhOTY1NDkxOGFiNWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGZRur790nLKCVKNqjtt+SM4zWte
LfrJhZbmj2lWwEI5mDpHy2E6KRH8AazFEhbEyG9JS4Uln1Iwi1MaaXF6NzxWV4rw
y8xaApLc/my/QJC0gWrY26aYa4mHcHg7aWPBlCmlHqAexAB/nuGN6tKVPHn+4glD
KyC0biZwSMGgsFg9ll4ljpVUQpdRBYojG59Qpqyo6onT5mY8qyGBC/Idy+DnSKJq
bB45BH5veRuPgaWojHTqei7LQHxAw+++lOBRUbjr+xl+vGe6J5WE5fOaYU7pSFXr
vjm+Y+W/p0wyuVds0m73S4hqGkwPnxcTdEHRs7Q7nHBvWNAGRC4aP5YGAQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHLWFTMjeTrfPp6WUld6llSRirX0MB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvY3RZVk15TjVPdDgtbnBaU1YzcVdWSkdLdGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUAKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAMBOnNQwYBYhg
hnww+qHSKsoJ+4pnXCqo56M9vZnDWGOyB7RN3QUoyMfpFqaI/ke4ocIQBupTUvgN
eezgp44zBIW2CvSmCAtMdUaaFYtJp64HnNNU4U/ILwaXbRDhISkwz6pHrzECl1IT
/Zx9IyyZ8rtJa64aSH+OHJCUhIDXm/Fo4VqTkwSdb3m0C1nd6A5sa/TzhwVOyqFi
8e/Zvgmbyy9RHy08N36cAx7Vj/eZZjU0yNbr7ES8nH3q5iQnme8MEKVSTMu67Y/9
qukEUzY8Z5eC0V7tVvHOjkCvhqQzGTw9+tma2RfQMjGcn01xqkipXNqVRMQv3Y7D
mHuekqsmmg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:56:57 2025 by rpki-client