Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/2Tz2-gx1pCM--_nbHsi--Q4ksRQ.roa
File: 2Tz2-gx1pCM--_nbHsi--Q4ksRQ.roa (raw, json)
Hash identifier: s1rKIuawjk0EUcG51s+fq24/Y4kl2CqCg6VUt5pG+j0=
Subject key identifier: D9:3C:F6:FA:0C:75:A4:23:3E:FB:F9:DB:1E:C8:BE:F9:0E:24:B1:14
Certificate issuer: /CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Certificate serial: 0182F0A8B511B262D4E5AA0D787DE4F34B00
Authority key identifier: 72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/2Tz2-gx1pCM--_nbHsi--Q4ksRQ.roa
Signing time: Tue 30 Aug 2022 21:29:24 +0000
ROA not before: Tue 30 Aug 2022 21:29:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44307
IP address blocks: 45.142.148.0/22 maxlen: 24
45.135.20.0/22 maxlen: 24
45.148.180.0/22 maxlen: 24
45.95.60.0/22 maxlen: 24
45.87.71.0/24 maxlen: 24
45.138.60.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f0:a8:b5:11:b2:62:d4:e5:aa:0d:78:7d:e4:f3:4b:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Validity
Not Before: Aug 30 21:29:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d93cf6fa0c75a4233efbf9db1ec8bef90e24b114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:38:0b:28:9c:ae:93:af:9f:01:a9:39:42:e1:
3d:48:c5:dc:52:7a:3c:50:df:9f:f3:98:f1:36:01:
37:66:1c:bb:e8:ae:de:4a:1d:30:f3:52:8f:7b:71:
d5:7b:67:82:6a:6c:cd:9e:ca:53:bb:71:7d:2f:18:
5d:8c:3e:35:04:a2:5a:96:0b:67:b2:03:ff:a0:8f:
19:5a:35:19:6d:5d:ee:22:ff:c6:11:d5:63:8e:a9:
86:c1:5f:9a:bf:47:ca:87:48:c7:41:1b:1e:2c:88:
10:08:38:43:f8:2b:a2:93:cf:59:00:89:fe:f2:21:
91:a1:e5:59:9a:ae:ca:07:8c:c3:de:6f:ce:c7:42:
05:44:09:75:b2:31:4d:b8:fe:b1:43:8f:4d:d2:a0:
75:33:6e:01:f0:7b:6e:01:11:8e:2f:57:36:b0:2e:
60:9b:91:d4:1b:fc:cd:2c:a5:50:49:e1:a0:f4:c5:
71:2d:5a:25:98:7e:9f:15:ae:69:7a:af:13:94:d6:
2f:a0:d8:21:4a:f5:0c:5e:c1:26:e1:a7:e7:46:fc:
a2:88:a7:6d:ca:6c:9e:95:5d:cb:1b:8e:01:c4:f6:
6d:86:88:5a:a0:d5:e3:20:1a:91:5d:bd:a0:49:2c:
04:46:2d:29:4f:61:c5:94:05:35:2e:01:28:ec:86:
dc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3C:F6:FA:0C:75:A4:23:3E:FB:F9:DB:1E:C8:BE:F9:0E:24:B1:14
X509v3 Authority Key Identifier:
keyid:72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/2Tz2-gx1pCM--_nbHsi--Q4ksRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.71.0/24
45.95.60.0/22
45.135.20.0/22
45.138.60.0/22
45.142.148.0/22
45.148.180.0/22
Signature Algorithm: sha256WithRSAEncryption
78:62:be:29:e0:95:26:0c:0c:e4:b9:0b:be:97:af:43:e2:3b:
fd:02:e5:6b:8d:26:cf:18:5a:6b:6e:2d:a3:15:5a:86:15:5d:
e9:fe:be:7c:1b:40:5f:73:18:1b:67:23:85:32:d8:9e:48:05:
10:6d:1e:e3:07:9d:ed:dc:3b:a8:c9:56:cb:c6:d3:cc:5f:2a:
40:bf:c8:19:56:e4:9e:c9:35:d8:24:56:df:a3:c7:de:e1:42:
e8:f3:6c:38:6c:8b:ef:a6:65:38:c5:9b:a9:e6:c4:6a:a7:5d:
8f:42:a2:d0:6a:f3:07:9c:56:7f:4f:92:1f:ed:8c:55:3f:7d:
a7:e8:4b:35:07:d5:cc:75:f5:73:eb:16:42:be:89:80:b8:f4:
15:69:01:6a:57:40:06:2a:09:9a:9e:92:b2:c6:63:ab:6b:b0:
c2:9b:d4:42:6b:52:b1:83:df:80:c2:0c:58:3f:40:25:aa:95:
a8:7a:ee:30:06:37:06:b4:f4:87:ef:c5:0b:a6:22:4c:db:77:
62:dd:d8:27:6a:83:79:e0:d7:ec:c0:bf:51:fb:2c:38:9e:6a:
92:ae:3b:29:6e:3d:c6:ac:5c:4b:79:e4:de:cb:89:12:7a:17:
8b:60:1c:14:f1:39:b7:74:4a:48:3a:25:fe:91:c1:7b:10:31:
04:c1:7c:e5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYLwqLURsmLU5aoNeH3k80sAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTRiYWY5OWFiODQwMTI5MTMzMjg1ZmU5YWQ3YjgzZmQx
MzBjMzkwHhcNMjIwODMwMjEyOTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTNjZjZmYTBjNzVhNDIzM2VmYmY5ZGIxZWM4YmVmOTBlMjRiMTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTgLKJyuk6+fAak5QuE9SMXcUno8
UN+f85jxNgE3Zhy76K7eSh0w81KPe3HVe2eCamzNnspTu3F9LxhdjD41BKJalgtn
sgP/oI8ZWjUZbV3uIv/GEdVjjqmGwV+av0fKh0jHQRseLIgQCDhD+Cuik89ZAIn+
8iGRoeVZmq7KB4zD3m/Ox0IFRAl1sjFNuP6xQ49N0qB1M24B8HtuARGOL1c2sC5g
m5HUG/zNLKVQSeGg9MVxLVolmH6fFa5peq8TlNYvoNghSvUMXsEm4afnRvyiiKdt
ymyelV3LG44BxPZthohaoNXjIBqRXb2gSSwERi0pT2HFlAU1LgEo7IbcLwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNk89voMdaQjPvv52x7IvvkOJLEUMB8GA1UdIwQY
MBaAFHLkuvmauEASkTMoX+mte4P9Eww5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2Qt
YThkNjVkY2NiOTZiLzEvMlR6Mi1neDFwQ00tLV9uYkhzaS0tUTRrc1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2QtYThkNjVkY2NiOTZi
LzEvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVdHAwQC
LV88AwQCLYcUAwQCLYo8AwQCLY6UAwQCLZS0MA0GCSqGSIb3DQEBCwUAA4IBAQB4
Yr4p4JUmDAzkuQu+l69D4jv9AuVrjSbPGFprbi2jFVqGFV3p/r58G0BfcxgbZyOF
MtieSAUQbR7jB53t3DuoyVbLxtPMXypAv8gZVuSeyTXYJFbfo8fe4ULo82w4bIvv
pmU4xZup5sRqp12PQqLQavMHnFZ/T5If7YxVP32n6Es1B9XMdfVz6xZCvomAuPQV
aQFqV0AGKgmanpKyxmOra7DCm9RCa1Kxg9+AwgxYP0AlqpWoeu4wBjcGtPSH78UL
piJM23di3dgnaoN54NfswL9R+yw4nmqSrjspbj3GrFxLeeTey4kSeheLYBwU8Tm3
dEpIOiX+kcF7EDEEwXzl
-----END CERTIFICATE-----
Generated at Mon Apr 28 14:25:35 2025 by rpki-client