Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bdaeb7-52d5-49ff-9a4b-df05d489da17/1/axZu7TezR7fCAncNHHsT2t2Qw-Y.roa
File: axZu7TezR7fCAncNHHsT2t2Qw-Y.roa (raw, json)
Hash identifier: tYHEd47yV/UpRQP5t64ChyddUektmEQQtQCzpGBlT28=
Subject key identifier: 6B:16:6E:ED:37:B3:47:B7:C2:02:77:0D:1C:7B:13:DA:DD:90:C3:E6
Certificate issuer: /CN=096e293ba380dcc75f00106443668f51002555b7
Certificate serial: 01856FCBB6CAEFD49A8D135A8468668CC3BB
Authority key identifier: 09:6E:29:3B:A3:80:DC:C7:5F:00:10:64:43:66:8F:51:00:25:55:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CW4pO6OA3MdfABBkQ2aPUQAlVbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bdaeb7-52d5-49ff-9a4b-df05d489da17/1/axZu7TezR7fCAncNHHsT2t2Qw-Y.roa
Signing time: Mon 02 Jan 2023 00:04:59 +0000
ROA not before: Mon 02 Jan 2023 00:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60435
IP address blocks: 45.157.4.0/24 maxlen: 24
45.157.5.0/24 maxlen: 24
45.157.6.0/24 maxlen: 24
185.29.17.0/24 maxlen: 24
185.29.16.0/24 maxlen: 24
185.29.18.0/24 maxlen: 24
185.29.19.0/24 maxlen: 24
193.242.154.0/24 maxlen: 24
2a00:a362::/32 maxlen: 32
2a00:a360::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:b6:ca:ef:d4:9a:8d:13:5a:84:68:66:8c:c3:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=096e293ba380dcc75f00106443668f51002555b7
Validity
Not Before: Jan 2 00:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b166eed37b347b7c202770d1c7b13dadd90c3e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ba:5a:e1:74:d4:2d:3f:17:d5:c5:c4:86:ed:
08:71:e7:ad:70:6e:75:5e:a9:d9:2b:5b:ed:0d:54:
93:5d:4e:4f:da:06:8e:58:a0:df:c7:e5:54:3b:6b:
0d:d2:0f:49:07:25:59:92:df:f9:02:c1:f4:be:9d:
cc:b2:c7:6e:d9:6b:85:16:88:9e:0f:e5:e3:cc:bf:
7e:74:9d:0b:af:be:65:0e:29:2f:bd:a2:02:ea:f2:
a0:cb:0d:64:93:98:10:cf:b4:fb:da:30:06:f4:42:
25:c5:c4:18:76:14:e6:a5:51:ce:84:58:ad:e2:fa:
ae:f6:5c:5c:f6:54:fc:c4:d0:33:e0:09:d0:5e:a1:
be:55:87:eb:97:b3:17:78:62:a5:be:5a:e0:71:bd:
06:cb:9e:91:42:9b:55:a8:bf:70:41:49:61:34:79:
32:db:37:39:8c:60:f4:84:76:6f:fe:79:71:be:fe:
bf:29:3d:08:79:f7:57:f1:1f:13:26:6a:e1:3c:6c:
95:f2:45:38:06:68:d6:c8:2e:f2:96:4d:cc:31:1e:
07:0c:5e:63:91:b8:57:fd:39:be:3b:22:1f:54:8a:
9a:9f:ea:38:13:f7:01:f8:bd:1c:19:b3:6b:c3:c3:
ab:59:a1:3f:dd:b6:be:4e:aa:54:d3:3d:1a:e2:c9:
3e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:16:6E:ED:37:B3:47:B7:C2:02:77:0D:1C:7B:13:DA:DD:90:C3:E6
X509v3 Authority Key Identifier:
keyid:09:6E:29:3B:A3:80:DC:C7:5F:00:10:64:43:66:8F:51:00:25:55:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CW4pO6OA3MdfABBkQ2aPUQAlVbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bdaeb7-52d5-49ff-9a4b-df05d489da17/1/axZu7TezR7fCAncNHHsT2t2Qw-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bdaeb7-52d5-49ff-9a4b-df05d489da17/1/CW4pO6OA3MdfABBkQ2aPUQAlVbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.4.0-45.157.6.255
185.29.16.0/22
193.242.154.0/24
IPv6:
2a00:a360::/32
2a00:a362::/32
Signature Algorithm: sha256WithRSAEncryption
50:2a:f7:04:1b:41:e8:0a:d8:50:14:ad:2e:d5:cb:d5:2d:9a:
48:81:a1:b4:fe:91:5f:a8:c9:a4:a9:ab:8f:51:f3:4d:c9:fe:
15:e7:98:d5:a0:16:7a:7e:68:fc:a4:39:b5:9c:f5:19:54:d7:
52:58:e0:8c:1c:33:4a:df:0f:65:f1:ec:1e:83:77:11:fe:c8:
01:c1:b1:dc:f0:ab:10:c4:3e:c6:3e:37:78:61:c9:03:2b:f5:
8b:27:43:63:8c:d1:1b:a0:ab:22:91:82:61:fe:32:e3:ad:85:
22:67:3a:2f:53:cb:42:f4:9a:b0:8c:52:34:23:de:9d:91:6f:
40:d9:43:25:0d:4e:59:45:6b:fc:91:34:37:72:07:16:79:38:
0e:bd:e4:82:b2:49:3e:b6:a4:27:74:ed:d0:d9:2f:50:8d:83:
47:64:dc:4f:b6:5e:79:c8:4e:b5:c7:35:9a:e8:bd:ca:c1:52:
51:bb:e2:d0:2e:0a:83:b2:2d:a3:19:81:a0:ec:53:8e:a7:1a:
b0:ff:09:bc:83:9a:a2:72:b0:56:a3:0f:47:41:df:42:f4:3a:
2c:1d:4f:42:96:46:a5:e6:68:bc:b0:35:46:eb:98:6c:e8:7d:
37:5c:dc:0e:99:c6:80:5d:52:32:e7:37:e9:4b:56:6b:36:02:
f4:bc:54:b3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVvy7bK79SajRNahGhmjMO7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NmUyOTNiYTM4MGRjYzc1ZjAwMTA2NDQzNjY4ZjUxMDAy
NTU1YjcwHhcNMjMwMTAyMDAwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjE2NmVlZDM3YjM0N2I3YzIwMjc3MGQxYzdiMTNkYWRkOTBjM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubpa4XTULT8X1cXEhu0IceetcG51
XqnZK1vtDVSTXU5P2gaOWKDfx+VUO2sN0g9JByVZkt/5AsH0vp3Mssdu2WuFFoie
D+XjzL9+dJ0Lr75lDikvvaIC6vKgyw1kk5gQz7T72jAG9EIlxcQYdhTmpVHOhFit
4vqu9lxc9lT8xNAz4AnQXqG+VYfrl7MXeGKlvlrgcb0Gy56RQptVqL9wQUlhNHky
2zc5jGD0hHZv/nlxvv6/KT0IefdX8R8TJmrhPGyV8kU4BmjWyC7ylk3MMR4HDF5j
kbhX/Tm+OyIfVIqan+o4E/cB+L0cGbNrw8OrWaE/3ba+TqpU0z0a4sk+/wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGsWbu03s0e3wgJ3DRx7E9rdkMPmMB8GA1UdIwQY
MBaAFAluKTujgNzHXwAQZENmj1EAJVW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1c0cE82T0EzTWRmQUJCa1EyYVBVUUFsVmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZGFlYjctNTJkNS00OWZmLTlhNGIt
ZGYwNWQ0ODlkYTE3LzEvYXhadTdUZXpSN2ZDQW5jTkhIc1QydDJRdy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZGFlYjctNTJkNS00OWZmLTlhNGItZGYwNWQ0ODlkYTE3
LzEvQ1c0cE82T0EzTWRmQUJCa1EyYVBVUUFsVmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAgBAIAATAaMAwDBAItnQQD
BAAtnQYDBAK5HRADBADB8powFAQCAAIwDgMFACoAo2ADBQAqAKNiMA0GCSqGSIb3
DQEBCwUAA4IBAQBQKvcEG0HoCthQFK0u1cvVLZpIgaG0/pFfqMmkqauPUfNNyf4V
55jVoBZ6fmj8pDm1nPUZVNdSWOCMHDNK3w9l8eweg3cR/sgBwbHc8KsQxD7GPjd4
YckDK/WLJ0NjjNEboKsikYJh/jLjrYUiZzovU8tC9JqwjFI0I96dkW9A2UMlDU5Z
RWv8kTQ3cgcWeTgOveSCskk+tqQndO3Q2S9QjYNHZNxPtl55yE61xzWa6L3KwVJR
u+LQLgqDsi2jGYGg7FOOpxqw/wm8g5qicrBWow9HQd9C9DosHU9Clkal5mi8sDVG
65hs6H03XNwOmcaAXVIy5zfpS1ZrNgL0vFSz
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:46 2025 by rpki-client