Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/rbSYR8obYYmV1kiNmkxKU6U8Pbg.roa
File: rbSYR8obYYmV1kiNmkxKU6U8Pbg.roa (raw, json)
Hash identifier: 98Lpb45ExTZW24Q9LN12LVd1Bl1n1S7u/mFMtvCCXz4=
Subject key identifier: AD:B4:98:47:CA:1B:61:89:95:D6:48:8D:9A:4C:4A:53:A5:3C:3D:B8
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 53331E
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/rbSYR8obYYmV1kiNmkxKU6U8Pbg.roa
Signing time: Thu 02 Jun 2022 13:11:20 +0000
ROA not before: Thu 02 Jun 2022 13:11:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58280
IP address blocks: 45.129.224.0/22 maxlen: 22
2a0f:fd00::/29 maxlen: 29
2a0e:5040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5452574 (0x53331e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Jun 2 13:11:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=adb49847ca1b618995d6488d9a4c4a53a53c3db8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7a:61:1a:fb:81:74:46:60:62:c2:1f:2d:c7:
89:ec:ec:29:9e:0c:68:d0:3e:89:2a:80:4d:14:ef:
67:67:be:1b:09:2a:62:a6:ff:24:bf:75:84:69:73:
28:13:23:82:5b:75:c1:ec:18:a0:55:d0:93:03:36:
cf:5a:b4:26:92:06:f6:14:e3:19:32:df:a9:1a:a1:
a8:04:9a:f6:da:98:3b:37:ea:fe:54:a3:98:ef:92:
72:73:8e:cc:38:34:3f:3f:e7:e2:64:7d:1f:62:84:
fd:e7:9e:4a:33:6d:8f:2b:ef:d7:95:a2:54:c0:71:
1d:77:de:47:05:bf:f4:e0:98:85:3f:db:58:17:6b:
60:a1:40:55:70:f9:e3:62:81:9e:a3:29:c6:ec:c1:
2a:d4:10:37:d8:28:bf:80:8b:cf:df:bf:e4:71:47:
6c:61:47:14:1e:82:90:ec:b3:dd:6e:95:76:de:aa:
cc:5d:5c:4f:39:d6:ea:3b:19:26:5d:14:5c:21:b5:
7f:e3:03:7d:45:14:24:96:4b:e0:83:f1:75:49:15:
b5:a1:47:62:0d:cb:f7:db:1f:4d:cb:74:8c:48:1c:
69:12:c4:6e:ce:7f:9c:58:d2:10:c4:df:32:7c:bc:
d7:fc:3a:0f:db:01:0b:f7:d2:32:28:ec:d7:bb:39:
40:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B4:98:47:CA:1B:61:89:95:D6:48:8D:9A:4C:4A:53:A5:3C:3D:B8
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/rbSYR8obYYmV1kiNmkxKU6U8Pbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.224.0/22
IPv6:
2a0e:5040::/29
2a0f:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
0d:24:ba:a0:bc:f9:fa:5e:1f:f8:23:1c:82:64:6f:91:2c:67:
73:ee:e4:ff:30:7d:7a:45:4f:1e:ca:4f:70:08:b1:8f:17:f3:
d2:75:3b:03:c4:ae:2f:20:ae:cc:8a:a9:8d:40:fd:a6:39:72:
9b:99:f4:e3:42:8f:0f:46:eb:a0:66:7d:48:7b:08:ee:dc:a4:
5c:c8:76:49:4a:2b:55:a9:4d:aa:65:57:62:b5:9b:df:62:51:
64:de:40:4b:75:00:00:27:6c:eb:62:49:5c:6f:bb:74:17:18:
06:c8:19:03:46:b7:c8:cb:fa:40:6d:ca:7e:9f:55:0f:a8:cd:
45:9e:71:c1:e3:c3:a8:c1:08:92:a5:f6:bb:fa:f1:d0:bb:43:
d4:96:5d:4d:5e:12:9b:66:23:16:ed:54:b6:5b:fa:dc:b8:a0:
9b:34:56:4e:bb:ea:a5:83:0f:50:e0:c7:b5:c8:aa:c9:89:98:
ef:28:2a:19:a6:f7:55:d7:38:33:52:33:5d:a1:a5:96:b4:23:
53:30:42:10:e0:ae:30:f6:d3:53:1a:76:59:b4:63:29:69:3d:
ee:87:27:0f:1a:a5:74:a6:2d:74:dc:cd:13:15:1c:d5:85:69:
af:a8:e2:d9:2a:c5:f8:86:0a:98:77:ef:7b:40:6e:a6:bc:4f:
2c:2d:86:91
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIDUzMeMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM1
OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEwZWZlMjUwHhcNMjIwNjAy
MTMxMTIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhZGI0OTg0N2NhMWI2
MTg5OTVkNjQ4OGQ5YTRjNGE1M2E1M2MzZGI4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq3phGvuBdEZgYsIfLceJ7Owpngxo0D6JKoBNFO9nZ74bCSpi
pv8kv3WEaXMoEyOCW3XB7BigVdCTAzbPWrQmkgb2FOMZMt+pGqGoBJr22pg7N+r+
VKOY75Jyc47MODQ/P+fiZH0fYoT9555KM22PK+/XlaJUwHEdd95HBb/04JiFP9tY
F2tgoUBVcPnjYoGeoynG7MEq1BA32Ci/gIvP37/kcUdsYUcUHoKQ7LPdbpV23qrM
XVxPOdbqOxkmXRRcIbV/4wN9RRQklkvgg/F1SRW1oUdiDcv32x9Ny3SMSBxpEsRu
zn+cWNIQxN8yfLzX/DoP2wEL99IyKOzXuzlARwIDAQABo4ICHzCCAhswHQYDVR0O
BBYEFK20mEfKG2GJldZIjZpMSlOlPD24MB8GA1UdIwQYMBaAFDWfHjuAVR6YoW/C
u8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Tlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJhLzEv
cmJTWVI4b2JZWW1WMWtpTm1reEtVNlU4UGJnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84
OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJhLzEvTlo4ZU80QlZIcGlo
YjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDUG
CCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQEAgACMA4DBQMqDlBAAwUD
Kg/9ADANBgkqhkiG9w0BAQsFAAOCAQEADSS6oLz5+l4f+CMcgmRvkSxnc+7k/zB9
ekVPHspPcAixjxfz0nU7A8SuLyCuzIqpjUD9pjlym5n040KPD0broGZ9SHsI7tyk
XMh2SUorValNqmVXYrWb32JRZN5AS3UAACds62JJXG+7dBcYBsgZA0a3yMv6QG3K
fp9VD6jNRZ5xwePDqMEIkqX2u/rx0LtD1JZdTV4Sm2YjFu1Utlv63LigmzRWTrvq
pYMPUODHtciqyYmY7ygqGab3Vdc4M1IzXaGllrQjUzBCEOCuMPbTUxp2WbRjKWk9
7ocnDxqldKYtdNzNExUc1YVpr6ji2SrF+IYKmHfve0BuprxPLC2GkQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:04:07 2025 by rpki-client