Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/kcKzH_xf9qzOWBC2C2Rr0YNwga8.roa
File: kcKzH_xf9qzOWBC2C2Rr0YNwga8.roa (raw, json)
Hash identifier: e0ZOxQqnF/U2BeIIiHBhye/OIkxrdTYp2vZEPJA2oBM=
Subject key identifier: 91:C2:B3:1F:FC:5F:F6:AC:CE:58:10:B6:0B:64:6B:D1:83:70:81:AF
Certificate issuer: /CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Certificate serial: 01857195536001B13B9EC367A6661CEBB4AF
Authority key identifier: B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/kcKzH_xf9qzOWBC2C2Rr0YNwga8.roa
Signing time: Mon 02 Jan 2023 08:24:49 +0000
ROA not before: Mon 02 Jan 2023 08:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204457
IP address blocks: 45.156.31.0/24 maxlen: 24
45.156.29.0/24 maxlen: 24
45.156.30.0/24 maxlen: 24
45.94.7.0/24 maxlen: 24
45.94.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:53:60:01:b1:3b:9e:c3:67:a6:66:1c:eb:b4:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Validity
Not Before: Jan 2 08:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91c2b31ffc5ff6acce5810b60b646bd1837081af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a2:ab:c4:3e:3a:7d:bf:ac:dd:01:96:f0:f4:
11:92:ff:19:f8:e4:e2:e8:f5:0a:4d:c2:41:a8:d6:
f1:9c:46:03:89:93:39:e6:fc:7d:c7:5e:e7:83:38:
eb:1b:1a:54:a0:82:fb:df:aa:dc:4f:4a:ea:0f:4b:
fd:f0:bd:95:dd:61:15:70:ad:4c:14:d3:30:b1:e4:
aa:fb:f1:90:1f:fd:d8:1c:a7:4b:0c:b1:8f:c7:c2:
f9:bb:98:f5:2f:d2:82:a3:bb:d3:1c:1f:b3:4a:ba:
5f:e7:35:a9:f2:ed:67:3f:de:16:bb:d0:fc:80:01:
b2:81:e7:18:8b:7e:e2:6a:e0:ca:16:ff:3a:fb:fb:
64:02:e8:d0:ba:ce:44:3a:f5:1c:7e:4d:15:7b:33:
5e:55:65:29:ba:ff:07:77:b1:cd:f2:a4:15:5e:a4:
c1:1a:30:1d:80:f6:60:14:34:96:ee:ac:af:ea:17:
3a:6b:b2:55:bd:47:ff:3e:d1:1e:c3:90:92:e5:f6:
1d:1a:2e:1f:05:72:44:fc:64:5e:7c:53:36:08:c3:
0a:04:20:c4:85:60:6d:8e:05:c0:93:01:25:54:37:
39:9c:03:0a:1d:85:89:c8:47:fc:76:89:9b:b9:a0:
c6:f2:58:15:27:d0:44:f3:1e:25:80:62:26:92:5d:
18:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C2:B3:1F:FC:5F:F6:AC:CE:58:10:B6:0B:64:6B:D1:83:70:81:AF
X509v3 Authority Key Identifier:
keyid:B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/kcKzH_xf9qzOWBC2C2Rr0YNwga8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.5.0/24
45.94.7.0/24
45.156.29.0-45.156.31.255
Signature Algorithm: sha256WithRSAEncryption
b0:88:e1:a4:f4:98:b6:cc:60:8a:73:33:63:7f:dd:0b:9c:fa:
9d:65:b4:fc:b3:9f:8b:a6:7f:8e:18:ef:a1:eb:46:88:33:57:
f1:14:cd:8c:f1:53:d1:31:e8:09:2b:92:e9:80:1e:fb:b4:bc:
92:8a:24:5f:50:0c:15:c1:c6:1b:17:c6:37:97:af:20:fb:f7:
a6:93:33:99:4c:bb:0b:be:9a:af:30:32:23:e2:05:8c:56:1f:
08:85:d2:10:1b:96:74:12:5a:24:13:4b:31:9b:9c:fc:ce:bc:
32:d2:b2:b8:44:9f:27:3b:66:6e:28:8c:8e:1c:12:9f:1b:cc:
e5:ed:ca:55:73:0e:bf:51:c1:71:b4:e7:c3:dd:51:22:dc:dd:
d5:45:82:03:bc:a7:16:15:9e:29:c8:06:5f:8a:7a:8d:99:37:
cd:27:78:c4:e0:9f:20:7a:86:eb:0f:33:c2:cc:c2:d8:73:b1:
aa:e8:fe:6b:3a:e7:45:71:ec:e2:96:02:7b:8a:8f:34:92:64:
f1:32:59:c6:b0:e4:3a:e1:c8:da:6f:3c:0b:76:0a:84:7e:13:
af:f7:c0:d3:8c:d4:b4:b2:b3:d8:5d:f1:ec:fc:91:0c:5b:25:
43:b1:4a:54:c5:77:ac:a3:44:03:09:2d:34:4c:d7:05:3a:a6:
0d:04:55:24
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVxlVNgAbE7nsNnpmYc67SvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYzBiZGFmYWRlYTc4ZGNlMzEyZjg2MmRkZjQyYjFiZDRj
NGY2NDUwHhcNMjMwMTAyMDgyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWMyYjMxZmZjNWZmNmFjY2U1ODEwYjYwYjY0NmJkMTgzNzA4MWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKKrxD46fb+s3QGW8PQRkv8Z+OTi
6PUKTcJBqNbxnEYDiZM55vx9x17ngzjrGxpUoIL736rcT0rqD0v98L2V3WEVcK1M
FNMwseSq+/GQH/3YHKdLDLGPx8L5u5j1L9KCo7vTHB+zSrpf5zWp8u1nP94Wu9D8
gAGygecYi37iauDKFv86+/tkAujQus5EOvUcfk0VezNeVWUpuv8Hd7HN8qQVXqTB
GjAdgPZgFDSW7qyv6hc6a7JVvUf/PtEew5CS5fYdGi4fBXJE/GRefFM2CMMKBCDE
hWBtjgXAkwElVDc5nAMKHYWJyEf8dombuaDG8lgVJ9BE8x4lgGImkl0YkQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJHCsx/8X/aszlgQtgtka9GDcIGvMB8GA1UdIwQY
MBaAFLLAva+t6njc4xL4Yt30KxvUxPZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMt
ZmNjMzM2ZWVkOGQ3LzEva2NLekhfeGY5cXpPV0JDMkMyUnIwWU53Z2E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMtZmNjMzM2ZWVkOGQ3
LzEvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALV4FAwQA
LV4HMAwDBAAtnB0DBAUtnAAwDQYJKoZIhvcNAQELBQADggEBALCI4aT0mLbMYIpz
M2N/3Quc+p1ltPyzn4umf44Y76HrRogzV/EUzYzxU9Ex6AkrkumAHvu0vJKKJF9Q
DBXBxhsXxjeXryD796aTM5lMuwu+mq8wMiPiBYxWHwiF0hAblnQSWiQTSzGbnPzO
vDLSsrhEnyc7Zm4ojI4cEp8bzOXtylVzDr9RwXG058PdUSLc3dVFggO8pxYVninI
Bl+Keo2ZN80neMTgnyB6husPM8LMwthzsaro/ms650Vx7OKWAnuKjzSSZPEyWcaw
5DrhyNpvPAt2CoR+E6/3wNOM1LSys9hd8ez8kQxbJUOxSlTFd6yjRAMJLTRM1wU6
pg0EVSQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 11:29:23 2025 by rpki-client