Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/kZQldPqcVpS3tlf6bz61f0SI0ko.roa
File: kZQldPqcVpS3tlf6bz61f0SI0ko.roa (raw, json)
Hash identifier: X1V0iBQyh91pHuzdAVdVNvNs3YYbbv6qahevIe8rMqw=
Subject key identifier: 91:94:25:74:FA:9C:56:94:B7:B6:57:FA:6F:3E:B5:7F:44:88:D2:4A
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 0187C6B98B842359CA9DF5FF23803BBA95CA
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/kZQldPqcVpS3tlf6bz61f0SI0ko.roa
Signing time: Fri 28 Apr 2023 07:17:41 +0000
ROA not before: Fri 28 Apr 2023 07:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0f:fd00::/29 maxlen: 52
2a0e:5040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c6:b9:8b:84:23:59:ca:9d:f5:ff:23:80:3b:ba:95:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Apr 28 07:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91942574fa9c5694b7b657fa6f3eb57f4488d24a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b2:11:fe:45:c8:22:66:c8:54:95:07:0f:b8:
6e:2e:8d:a8:02:b9:96:74:5a:08:9d:84:8b:02:a1:
b2:a9:88:d2:c0:20:ff:64:e2:23:4b:fb:a9:56:26:
af:76:b5:ec:e0:44:f8:fa:31:8b:88:87:3c:f6:e7:
4b:74:4b:72:60:f6:04:c7:09:79:70:ad:21:53:73:
b4:1a:66:aa:0b:be:03:20:fb:ff:ca:84:55:9d:e7:
bd:ca:ea:5b:b0:27:3a:ad:5e:ab:cd:01:f0:bf:d0:
b8:67:31:20:04:92:1c:35:47:c6:e2:e4:e0:6b:f2:
b0:c1:21:ad:96:c5:95:d3:d2:f2:ba:70:85:d2:64:
79:8c:14:87:26:2c:03:83:34:01:38:43:b8:5d:d3:
38:f3:b4:14:a2:d5:46:c1:14:5b:27:d0:e8:17:c5:
27:c3:c7:77:33:51:16:d0:3c:ef:db:ec:65:d8:a7:
1f:87:6e:6d:33:9c:22:80:b3:0c:a8:64:45:31:d6:
4f:88:9d:f4:89:4f:47:be:c9:5d:cc:ec:86:ca:a8:
fd:44:fe:7c:07:cd:14:2e:d8:e1:ca:18:4a:cc:7f:
7d:ce:be:98:a9:a4:7e:eb:e5:84:f1:2d:6e:8b:28:
9c:1a:5e:2e:e5:7d:9e:b0:7d:fc:8c:94:57:22:2a:
f7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:94:25:74:FA:9C:56:94:B7:B6:57:FA:6F:3E:B5:7F:44:88:D2:4A
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/kZQldPqcVpS3tlf6bz61f0SI0ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
a6:c4:13:04:51:01:4a:8c:de:0b:a5:63:76:a6:ca:f8:a8:db:
f3:d5:35:61:f1:d7:04:1c:2b:41:47:5f:1e:cc:aa:52:67:45:
c3:e1:01:d9:35:9a:aa:91:0b:b7:15:59:8c:8a:42:d2:4e:97:
56:45:db:e4:d9:2f:8c:1d:3c:d2:d6:78:55:bd:69:b9:9c:85:
ab:93:9e:07:9b:58:8a:48:3e:be:cf:f6:6b:e2:fb:0d:cd:99:
e4:24:65:e0:50:0f:2b:e4:1b:f8:a6:ae:bc:2e:50:5b:ed:9a:
21:29:ab:76:c5:1f:29:4c:79:54:84:e5:5e:bb:c9:8a:ef:35:
64:11:64:19:85:8e:fc:30:7f:1f:4e:e0:9e:71:b0:c9:b7:b3:
79:45:d1:a3:5d:fc:4d:05:6e:ec:90:a7:a4:33:54:03:81:6a:
6e:1a:ff:13:01:eb:c0:58:ab:71:65:5d:15:fd:1c:2d:8a:19:
0a:40:07:44:ee:f5:1d:3f:79:15:60:cc:88:c8:34:ea:ab:0b:
ba:09:1c:f1:b4:ae:e4:2b:2e:27:2f:74:b7:59:7f:ec:43:e1:
b9:9e:d2:9b:42:9b:55:77:e8:98:9d:08:49:10:58:6f:80:c4:
ce:d0:6c:ad:29:f3:6b:17:c0:e6:e3:ba:13:d5:f9:d7:40:0e:
d9:8c:96:20
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYfGuYuEI1nKnfX/I4A7upXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjMwNDI4MDcxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTk0MjU3NGZhOWM1Njk0YjdiNjU3ZmE2ZjNlYjU3ZjQ0ODhkMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7IR/kXIImbIVJUHD7huLo2oArmW
dFoInYSLAqGyqYjSwCD/ZOIjS/upViavdrXs4ET4+jGLiIc89udLdEtyYPYExwl5
cK0hU3O0GmaqC74DIPv/yoRVnee9yupbsCc6rV6rzQHwv9C4ZzEgBJIcNUfG4uTg
a/KwwSGtlsWV09LyunCF0mR5jBSHJiwDgzQBOEO4XdM487QUotVGwRRbJ9DoF8Un
w8d3M1EW0Dzv2+xl2Kcfh25tM5wigLMMqGRFMdZPiJ30iU9HvsldzOyGyqj9RP58
B80ULtjhyhhKzH99zr6YqaR+6+WE8S1uiyicGl4u5X2esH38jJRXIir3gwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJGUJXT6nFaUt7ZX+m8+tX9EiNJKMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEva1pRbGRQcWNWcFMzdGxmNmJ6NjFmMFNJMGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEApsQTBFEBSoze
C6VjdqbK+Kjb89U1YfHXBBwrQUdfHsyqUmdFw+EB2TWaqpELtxVZjIpC0k6XVkXb
5NkvjB080tZ4Vb1puZyFq5OeB5tYikg+vs/2a+L7Dc2Z5CRl4FAPK+Qb+KauvC5Q
W+2aISmrdsUfKUx5VITlXrvJiu81ZBFkGYWO/DB/H07gnnGwybezeUXRo138TQVu
7JCnpDNUA4Fqbhr/EwHrwFircWVdFf0cLYoZCkAHRO71HT95FWDMiMg06qsLugkc
8bSu5CsuJy90t1l/7EPhuZ7Sm0KbVXfomJ0ISRBYb4DEztBsrSnzaxfA5uO6E9X5
10AO2YyWIA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:01:01 2025 by rpki-client