Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/jT99wSe_5Yxnnd5Azi57ApB3dfc.roa
File: jT99wSe_5Yxnnd5Azi57ApB3dfc.roa (raw, json)
Hash identifier: CDjX9ItRcVPbKwWHxVeDbdEEQss4YeY2hhpUeVoVU1I=
Subject key identifier: 8D:3F:7D:C1:27:BF:E5:8C:67:9D:DE:40:CE:2E:7B:02:90:77:75:F7
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 0187C36E589771623B23D74EA3C2D346683A
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/jT99wSe_5Yxnnd5Azi57ApB3dfc.roa
Signing time: Thu 27 Apr 2023 15:56:41 +0000
ROA not before: Thu 27 Apr 2023 15:56:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0f:fd00::/29 maxlen: 52
2a0e:5040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c3:6e:58:97:71:62:3b:23:d7:4e:a3:c2:d3:46:68:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Apr 27 15:56:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d3f7dc127bfe58c679dde40ce2e7b02907775f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f1:5d:15:47:9a:f1:09:ad:33:48:a4:e9:a3:
62:c1:2d:26:d3:1f:28:a8:34:49:32:dc:9c:72:c7:
4b:c3:bf:9a:73:7c:63:be:c3:6f:0e:b6:5e:3e:27:
2b:e4:5c:a3:f0:dc:1b:6f:f7:da:6b:94:90:fe:ce:
46:b5:2a:a6:f2:8c:be:1c:1d:4d:ea:4c:fb:ef:7a:
ca:e8:26:d5:b0:87:27:52:a8:fc:e9:10:26:77:46:
49:5e:af:0b:f8:08:b6:6d:4a:cf:0b:f6:cf:14:83:
a1:bd:0f:01:c5:18:b0:d9:8a:7e:5c:b1:d2:90:57:
74:72:50:f0:38:4d:a9:72:90:11:0d:35:80:e1:dd:
9d:95:e5:dc:91:36:d1:9a:05:e6:91:1b:41:3f:18:
03:06:d9:2a:bc:38:d8:24:39:1e:ec:33:05:de:2f:
31:95:50:95:84:b5:4d:36:14:cd:bd:ad:a4:cc:cd:
47:aa:56:8d:77:ad:a2:0c:ff:cf:90:78:d2:a7:b8:
c7:d2:ac:32:3e:ab:9f:95:33:df:3b:1d:4b:64:5a:
29:ad:46:7c:ce:cd:70:3f:fe:07:f8:a0:1d:16:a0:
3c:8b:62:73:61:d9:cf:57:12:20:2f:a2:00:56:f6:
7c:b0:f8:92:18:14:39:1c:32:89:a3:6d:30:ee:96:
8e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:3F:7D:C1:27:BF:E5:8C:67:9D:DE:40:CE:2E:7B:02:90:77:75:F7
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/jT99wSe_5Yxnnd5Azi57ApB3dfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
97:a0:96:10:df:e1:fc:78:cb:b9:79:f5:cc:ed:99:63:91:2e:
7e:67:9c:6a:e9:61:22:d8:bc:47:4b:12:00:92:7c:1d:be:3b:
21:48:d4:47:37:93:79:56:75:3a:0e:d6:93:97:39:74:e6:cb:
44:97:23:ff:61:28:0f:cf:32:66:24:b2:61:1e:a3:55:06:5a:
10:1b:35:11:19:b2:92:c6:37:7e:a6:e2:81:f2:08:57:d6:8e:
6b:3f:27:54:0c:72:01:7a:05:d4:51:d1:ca:08:b3:51:20:ea:
3f:09:06:1c:21:d3:6c:f5:60:d1:86:07:d2:7b:71:03:b6:4a:
d1:26:cf:7a:92:8c:16:b4:87:ce:f3:69:5d:39:3d:d2:cc:3e:
d6:8c:8a:63:e9:62:98:1b:64:90:fc:a5:f5:35:0d:b5:5a:37:
12:38:1a:0b:ea:9d:97:c0:9a:09:5a:dd:62:f5:c3:6a:50:51:
23:95:b0:2a:1e:12:5b:74:1d:83:d1:43:8f:5a:bd:1f:ee:8d:
0d:64:a8:ba:c4:fe:40:86:58:1a:51:64:c4:da:2c:b7:1c:f7:
6d:17:b3:d7:ea:80:60:39:9f:c6:0f:3c:d6:78:b2:33:7a:ce:
ea:be:0c:15:2e:81:12:da:70:66:80:66:fe:6f:13:4d:05:92:
5d:d2:2f:58
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYfDbliXcWI7I9dOo8LTRmg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjMwNDI3MTU1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDNmN2RjMTI3YmZlNThjNjc5ZGRlNDBjZTJlN2IwMjkwNzc3NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPFdFUea8QmtM0ik6aNiwS0m0x8o
qDRJMtyccsdLw7+ac3xjvsNvDrZePicr5Fyj8Nwbb/faa5SQ/s5GtSqm8oy+HB1N
6kz773rK6CbVsIcnUqj86RAmd0ZJXq8L+Ai2bUrPC/bPFIOhvQ8BxRiw2Yp+XLHS
kFd0clDwOE2pcpARDTWA4d2dleXckTbRmgXmkRtBPxgDBtkqvDjYJDke7DMF3i8x
lVCVhLVNNhTNva2kzM1HqlaNd62iDP/PkHjSp7jH0qwyPquflTPfOx1LZFoprUZ8
zs1wP/4H+KAdFqA8i2JzYdnPVxIgL6IAVvZ8sPiSGBQ5HDKJo20w7paOHQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFI0/fcEnv+WMZ53eQM4uewKQd3X3MB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvalQ5OXdTZV81WXhubmQ1QXppNTdBcEIzZGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAl6CWEN/h/HjL
uXn1zO2ZY5EufmecaulhIti8R0sSAJJ8Hb47IUjURzeTeVZ1Og7Wk5c5dObLRJcj
/2EoD88yZiSyYR6jVQZaEBs1ERmyksY3fqbigfIIV9aOaz8nVAxyAXoF1FHRygiz
USDqPwkGHCHTbPVg0YYH0ntxA7ZK0SbPepKMFrSHzvNpXTk90sw+1oyKY+limBtk
kPyl9TUNtVo3EjgaC+qdl8CaCVrdYvXDalBRI5WwKh4SW3Qdg9FDj1q9H+6NDWSo
usT+QIZYGlFkxNostxz3bRez1+qAYDmfxg881niyM3rO6r4MFS6BEtpwZoBm/m8T
TQWSXdIvWA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:01:00 2025 by rpki-client