Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/zkKI1KYETofaufPSIycQx1TIYNU.roa
File: zkKI1KYETofaufPSIycQx1TIYNU.roa (raw, json)
Hash identifier: FBoXDoWHSmOrU+OrU3jXQUdf7EzagFS2yAxsPMbxrWo=
Subject key identifier: CE:42:88:D4:A6:04:4E:87:DA:B9:F3:D2:23:27:10:C7:54:C8:60:D5
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 03873184
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/zkKI1KYETofaufPSIycQx1TIYNU.roa
Signing time: Tue 11 Jan 2022 22:17:31 +0000
ROA not before: Tue 11 Jan 2022 22:17:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207717
IP address blocks: 45.132.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59191684 (0x3873184)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 11 22:17:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce4288d4a6044e87dab9f3d2232710c754c860d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:99:30:87:38:b1:da:7e:bd:6b:bd:09:ba:c1:
42:f5:c5:81:5a:08:8a:e4:15:1d:de:3d:e9:8b:ae:
bc:f7:f6:e7:1b:24:2e:18:63:79:5b:c1:f9:9c:10:
3f:b6:aa:35:bd:52:a5:7e:59:2a:ec:b5:85:33:79:
9d:6a:44:dc:5f:a7:15:63:49:cc:f0:9d:12:5e:de:
20:76:ce:23:d3:5e:c0:d2:de:fe:84:08:7d:95:bb:
75:40:7a:59:3d:eb:42:c2:2b:d7:b9:95:36:7b:58:
af:33:6a:c9:d8:cd:93:2e:9d:9b:ac:93:21:00:c1:
b6:f1:c8:5f:9c:67:e9:d9:0a:7c:56:30:39:e1:63:
bf:95:7b:77:6b:93:1d:e5:f5:a4:f6:67:4a:48:37:
f6:2c:7c:cd:b0:53:27:f3:93:4d:7b:8b:70:97:42:
d8:0d:7f:8d:5d:1c:a9:60:6d:77:19:0c:d8:a2:3f:
a9:1a:5d:89:56:81:d5:f2:4a:36:3d:f5:68:20:88:
76:66:ad:41:3e:9a:58:b0:5e:09:95:2e:e7:69:da:
a6:97:14:18:8b:1f:11:7a:c8:86:cd:a1:9b:b5:3a:
25:a7:c4:32:5e:c5:cc:ec:fd:2f:42:cc:54:2f:36:
aa:b6:2d:46:08:e9:50:32:3d:cd:05:31:9f:e6:f3:
a3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:42:88:D4:A6:04:4E:87:DA:B9:F3:D2:23:27:10:C7:54:C8:60:D5
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/zkKI1KYETofaufPSIycQx1TIYNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.150.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:52:d3:e4:58:1f:19:08:03:8b:7b:6e:eb:9e:6d:65:4b:a9:
8a:b3:53:08:c5:af:43:21:4a:7e:bd:e2:4a:eb:f3:80:78:ef:
9f:cd:eb:76:ac:1f:b3:a9:58:f1:99:b0:39:20:9e:f9:7e:78:
6e:c1:ed:8e:55:15:14:22:d9:37:1b:3c:e6:57:f3:ad:dd:5f:
ed:d6:af:5e:77:40:00:a5:da:a4:d0:d4:be:1a:c3:74:c3:20:
39:75:ed:a9:5d:ba:ae:3e:d7:7e:60:a3:ab:d8:31:2d:51:95:
c3:9a:5c:bb:ad:9d:2d:6b:17:92:e7:98:bd:f1:7b:b2:c2:51:
1a:38:eb:ff:80:ec:a2:d1:94:f8:a5:00:a4:2d:87:f0:57:47:
1d:4a:91:60:56:9d:b1:fe:4a:da:ab:c5:72:99:e9:a0:55:4c:
f9:cf:66:66:97:87:14:33:ee:ed:08:38:4c:6c:25:1d:ac:f4:
ba:b5:e0:94:39:db:f6:65:0b:25:66:64:ec:44:28:55:9a:59:
b7:a3:6a:60:df:92:28:35:1e:a0:e5:c3:36:bf:db:f3:ae:df:
b7:9e:a7:45:36:3d:a1:cf:4a:9c:ec:52:9d:3d:52:05:a5:66:
08:db:f8:0e:ba:ac:94:86:14:5c:c7:53:b2:8d:8f:31:99:8e:
51:59:f0:c0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA4cxhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YmY1NDNlMjNlMjlmYjAzNzQ4ZDA5Mzk3MjZmMzBmZTlhZmZhMTllMB4XDTIyMDEx
MTIyMTczMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2U0Mjg4ZDRhNjA0
NGU4N2RhYjlmM2QyMjMyNzEwYzc1NGM4NjBkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKZMIc4sdp+vWu9CbrBQvXFgVoIiuQVHd496YuuvPf25xsk
LhhjeVvB+ZwQP7aqNb1SpX5ZKuy1hTN5nWpE3F+nFWNJzPCdEl7eIHbOI9NewNLe
/oQIfZW7dUB6WT3rQsIr17mVNntYrzNqydjNky6dm6yTIQDBtvHIX5xn6dkKfFYw
OeFjv5V7d2uTHeX1pPZnSkg39ix8zbBTJ/OTTXuLcJdC2A1/jV0cqWBtdxkM2KI/
qRpdiVaB1fJKNj31aCCIdmatQT6aWLBeCZUu52nappcUGIsfEXrIhs2hm7U6JafE
Ml7FzOz9L0LMVC82qrYtRgjpUDI9zQUxn+bzo4ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTOQojUpgROh9q589IjJxDHVMhg1TAfBgNVHSMEGDAWgBQL9UPiPin7A3SN
CTlybzD+mv+hnjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NfVkQ0ajRwLXdOMGpRazVjbTh3X3ByX29aNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvYWZhMzRjLWYzZjAtNDA1Yy1iMDgzLWEzNWZjNDM4ZDRjYS8x
L3prS0kxS1lFVG9mYXVmUFNJeWNReDFUSVlOVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
YWZhMzRjLWYzZjAtNDA1Yy1iMDgzLWEzNWZjNDM4ZDRjYS8xL0NfVkQ0ajRwLXdO
MGpRazVjbTh3X3ByX29aNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2EljANBgkqhkiG9w0BAQsFAAOC
AQEAbVLT5FgfGQgDi3tu655tZUupirNTCMWvQyFKfr3iSuvzgHjvn83rdqwfs6lY
8ZmwOSCe+X54bsHtjlUVFCLZNxs85lfzrd1f7davXndAAKXapNDUvhrDdMMgOXXt
qV26rj7XfmCjq9gxLVGVw5pcu62dLWsXkueYvfF7ssJRGjjr/4DsotGU+KUApC2H
8FdHHUqRYFadsf5K2qvFcpnpoFVM+c9mZpeHFDPu7Qg4TGwlHaz0urXglDnb9mUL
JWZk7EQoVZpZt6NqYN+SKDUeoOXDNr/b867ft56nRTY9oc9KnOxSnT1SBaVmCNv4
DrqslIYUXMdTso2PMZmOUVnwwA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:15:55 2025 by rpki-client