Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/KBnMvB2tpu-YKSdkg5Vgy2uUfHk.roa
File: KBnMvB2tpu-YKSdkg5Vgy2uUfHk.roa (raw, json)
Hash identifier: /D7eCSbwM46VP+F66DKq3ZpPWmM3l8WaesNgvQgNUKs=
Subject key identifier: 28:19:CC:BC:1D:AD:A6:EF:98:29:27:64:83:95:60:CB:6B:94:7C:79
Certificate issuer: /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial: 0865FE2A
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/KBnMvB2tpu-YKSdkg5Vgy2uUfHk.roa
Signing time: Sat 01 Jan 2022 15:01:49 +0000
ROA not before: Sat 01 Jan 2022 15:01:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57199
IP address blocks: 45.13.104.0/22 maxlen: 22
2a0e:e700::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140901930 (0x865fe2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Validity
Not Before: Jan 1 15:01:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2819ccbc1dada6ef98292764839560cb6b947c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:35:ca:f4:a9:ed:f7:52:be:8f:de:25:de:97:
95:c6:3c:ea:bb:a6:9f:d0:fe:42:b4:21:bc:d2:a6:
98:bd:11:c7:81:a1:33:bc:d0:a0:6d:5a:60:27:c7:
15:d2:1f:ba:1c:06:17:f1:42:7d:43:2d:db:f7:5c:
18:10:1b:fd:60:3a:0a:a4:44:82:11:48:5e:ae:1c:
f7:7b:77:5f:58:06:36:28:e1:5f:6c:76:cc:c0:27:
9d:9e:65:cc:b5:07:c1:67:44:0a:46:f3:90:b7:9e:
28:4a:09:5a:30:71:a9:f4:7f:e4:43:d7:1a:4c:a1:
53:b0:fe:4f:0a:13:d7:ca:b3:53:6a:b8:9a:de:42:
4f:6f:7d:a9:5e:e5:c2:3a:bc:9e:e3:08:9f:65:3a:
9a:10:2b:6e:a6:a6:f5:17:36:0b:bc:7a:43:a5:86:
86:79:8f:2e:98:57:17:da:23:03:20:3e:65:dd:44:
99:94:99:f1:63:30:c3:4e:a6:81:22:44:6d:64:3c:
d4:e1:6b:2f:f5:a7:e6:19:28:1f:1f:d8:09:48:51:
d8:13:ac:c6:66:a4:13:62:a6:1d:6f:20:7d:46:fe:
0d:8a:a3:aa:1b:f8:73:d9:6a:c7:70:13:e4:91:89:
d5:46:7f:ea:ec:5d:56:f8:29:e2:fa:70:5e:55:76:
ed:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:19:CC:BC:1D:AD:A6:EF:98:29:27:64:83:95:60:CB:6B:94:7C:79
X509v3 Authority Key Identifier:
keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/KBnMvB2tpu-YKSdkg5Vgy2uUfHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.104.0/22
IPv6:
2a0e:e700::/31
Signature Algorithm: sha256WithRSAEncryption
b0:9a:16:88:1d:a6:9c:48:df:85:1c:eb:61:d8:a5:2a:aa:77:
d9:6c:69:ae:c8:94:0e:a4:6e:48:a4:b9:03:6f:9c:50:6b:98:
03:cc:42:bb:98:2d:fc:98:68:cc:ac:19:7a:7b:e5:25:00:39:
f1:d7:be:60:2f:0e:61:2a:52:a3:79:78:a2:fa:61:90:87:2f:
ae:06:f1:30:8d:a4:c2:88:d7:a5:a5:0c:82:55:55:27:19:ce:
73:2e:96:30:ee:fd:59:a8:9d:bb:26:a1:2b:9f:95:a0:e8:d4:
b4:9d:a0:f9:df:da:ea:e6:ec:32:9b:85:09:6c:88:65:0f:e4:
d3:f4:ba:12:cc:03:a7:1d:2b:8e:7a:bf:08:90:50:c1:dc:16:
5a:34:20:4b:70:17:3d:c8:18:fc:61:61:27:59:ad:cf:91:b5:
bb:ac:8f:77:88:4b:10:e3:cb:2c:d7:0d:5b:54:54:7f:b4:4f:
5a:2c:49:0d:86:ec:0f:1f:af:a9:c6:26:15:44:f8:54:d2:7d:
02:f3:5a:76:fb:ce:e2:54:c2:e4:6a:0e:84:ce:76:c2:0d:00:
09:87:81:19:34:0b:f0:ca:15:84:18:39:ad:e6:19:b5:f2:9e:
bc:ec:74:21:80:77:7f:09:cf:a3:e1:df:80:f3:b3:dd:6e:7d:
6f:c0:93:ae
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECGX+KjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjBmNDVmN2NjNGI2OTFmZDRhMzFjMWYxYzBiNGY2MDVkNzdhNmVmMB4XDTIyMDEw
MTE1MDE0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjgxOWNjYmMxZGFk
YTZlZjk4MjkyNzY0ODM5NTYwY2I2Yjk0N2M3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKU1yvSp7fdSvo/eJd6XlcY86rumn9D+QrQhvNKmmL0Rx4Gh
M7zQoG1aYCfHFdIfuhwGF/FCfUMt2/dcGBAb/WA6CqREghFIXq4c93t3X1gGNijh
X2x2zMAnnZ5lzLUHwWdECkbzkLeeKEoJWjBxqfR/5EPXGkyhU7D+TwoT18qzU2q4
mt5CT299qV7lwjq8nuMIn2U6mhArbqam9Rc2C7x6Q6WGhnmPLphXF9ojAyA+Zd1E
mZSZ8WMww06mgSJEbWQ81OFrL/Wn5hkoHx/YCUhR2BOsxmakE2KmHW8gfUb+DYqj
qhv4c9lqx3AT5JGJ1UZ/6uxdVvgp4vpwXlV27T0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQoGcy8Ha2m75gpJ2SDlWDLa5R8eTAfBgNVHSMEGDAWgBTWD0X3zEtpH9Sj
HB8cC09gXXem7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFnOUY5OHhMYVJfVW94d2ZIQXRQWUYxM3B1OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvYWQzMDQ0LWNkY2UtNDZjZi05MmM5LWE5NTRkMDUzOTk0YS8x
L0tCbk12QjJ0cHUtWUtTZGtnNVZneTJ1VWZIay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
YWQzMDQ0LWNkY2UtNDZjZi05MmM5LWE5NTRkMDUzOTk0YS8xLzFnOUY5OHhMYVJf
VW94d2ZIQXRQWUYxM3B1OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi0NaDANBAIAAjAHAwUBKg7nADAN
BgkqhkiG9w0BAQsFAAOCAQEAsJoWiB2mnEjfhRzrYdilKqp32WxprsiUDqRuSKS5
A2+cUGuYA8xCu5gt/JhozKwZenvlJQA58de+YC8OYSpSo3l4ovphkIcvrgbxMI2k
wojXpaUMglVVJxnOcy6WMO79WaiduyahK5+VoOjUtJ2g+d/a6ubsMpuFCWyIZQ/k
0/S6EswDpx0rjnq/CJBQwdwWWjQgS3AXPcgY/GFhJ1mtz5G1u6yPd4hLEOPLLNcN
W1RUf7RPWixJDYbsDx+vqcYmFUT4VNJ9AvNadvvO4lTC5GoOhM52wg0ACYeBGTQL
8MoVhBg5reYZtfKevOx0IYB3fwnPo+HfgPOz3W59b8CTrg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:26 2025 by rpki-client