Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/RZz3SLpnM-sCboy8Dzfw0PV0Jt8.roa
File: RZz3SLpnM-sCboy8Dzfw0PV0Jt8.roa (raw, json)
Hash identifier: Rdi1RREd570ASBQm53uWQ2M/Polmc1wJ4A3bDF0SRM4=
Subject key identifier: 45:9C:F7:48:BA:67:33:EB:02:6E:8C:BC:0F:37:F0:D0:F5:74:26:DF
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018571309D1AFD7CDC8F443553F30803DDFD
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/RZz3SLpnM-sCboy8Dzfw0PV0Jt8.roa
Signing time: Mon 02 Jan 2023 06:34:49 +0000
ROA not before: Mon 02 Jan 2023 06:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62014
IP address blocks: 91.108.16.0/22 maxlen: 22
91.108.56.0/23 maxlen: 23
149.154.168.0/22 maxlen: 22
2001:b28:f23f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:9d:1a:fd:7c:dc:8f:44:35:53:f3:08:03:dd:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 2 06:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=459cf748ba6733eb026e8cbc0f37f0d0f57426df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b8:42:27:d2:14:24:65:f5:44:1b:16:d2:37:
d5:87:8f:ae:91:3b:39:85:d1:5c:47:94:74:72:7a:
95:19:9b:8a:47:35:61:e6:6e:be:00:02:81:67:21:
35:72:73:9b:d7:ee:8e:a5:af:6f:b8:72:03:81:05:
b4:46:66:08:3f:07:da:8e:71:64:0c:01:24:e0:b1:
d2:58:aa:27:5d:58:20:c7:b4:d7:d1:6c:29:a4:c6:
56:44:84:df:cc:b5:23:d1:38:e3:a7:27:cc:ff:f4:
b4:8d:91:3e:9b:63:6d:f1:5d:19:bc:a1:0b:26:07:
a6:5b:10:1e:1e:71:e8:d7:53:51:00:4d:f0:77:95:
13:11:a6:7e:ce:c2:6e:4c:6b:85:d2:90:77:13:db:
77:12:9f:f0:b0:bb:e4:d8:86:e2:00:ad:76:b5:99:
58:23:c5:0b:58:93:bd:6a:8f:c6:f5:8a:5a:b6:c0:
3a:30:2d:c8:6c:1f:0b:b8:37:ca:60:e8:9f:3b:b7:
6b:06:c5:e3:ac:c8:9c:3e:00:24:34:a8:71:61:99:
86:55:75:e7:a6:3b:b2:42:16:4f:7a:c1:81:93:ee:
19:16:3e:c6:56:e9:2b:3e:4a:a5:5e:06:73:9c:3e:
4f:3a:87:ef:75:26:06:15:79:14:af:b3:66:ef:f1:
06:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:9C:F7:48:BA:67:33:EB:02:6E:8C:BC:0F:37:F0:D0:F5:74:26:DF
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/RZz3SLpnM-sCboy8Dzfw0PV0Jt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.16.0/22
91.108.56.0/23
149.154.168.0/22
IPv6:
2001:b28:f23f::/48
Signature Algorithm: sha256WithRSAEncryption
b5:2c:f6:ff:0b:06:0c:4e:3e:37:90:df:3c:5b:46:17:34:36:
c5:c9:cd:31:22:40:3b:18:a9:96:51:81:57:f7:0a:4a:a7:ff:
90:48:17:a5:b9:79:a3:6b:15:45:bc:36:54:15:8a:5b:bf:78:
fd:c0:1b:69:a8:ee:d4:2f:65:45:00:73:0c:d5:1c:10:4e:13:
19:a5:7a:a1:6e:29:5c:fe:4d:0e:81:86:a0:60:f1:45:a7:c9:
2a:b2:5d:ca:5b:df:14:b8:ec:e7:08:c4:f1:16:b9:ba:a6:9c:
ac:c7:72:73:f2:04:6b:e5:84:6f:3b:1c:3b:61:f2:07:7d:0f:
8a:61:2f:42:29:76:95:d4:28:03:75:bf:44:b3:29:8e:d3:29:
4c:ba:b7:bd:21:95:ba:84:72:3d:9a:12:d9:e1:a5:d9:de:03:
5b:40:dd:18:f0:16:40:37:7a:a1:5d:2c:34:7d:ff:cb:13:c9:
bd:f8:d7:b9:dd:72:19:4f:98:d1:73:04:e8:0f:3f:fc:3d:dd:
e6:31:fc:5a:ea:64:4d:a1:e3:72:eb:f2:f8:ed:4b:cc:60:b9:
58:6c:51:42:2f:ff:aa:6b:b6:58:a8:f3:f5:a8:9a:33:c3:75:
51:e5:ea:83:ac:ef:e9:37:e7:99:7a:56:01:0f:d9:8f:68:88:
d3:22:81:9b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVxMJ0a/Xzcj0Q1U/MIA939MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjMwMTAyMDYzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTljZjc0OGJhNjczM2ViMDI2ZThjYmMwZjM3ZjBkMGY1NzQyNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirhCJ9IUJGX1RBsW0jfVh4+ukTs5
hdFcR5R0cnqVGZuKRzVh5m6+AAKBZyE1cnOb1+6Opa9vuHIDgQW0RmYIPwfajnFk
DAEk4LHSWKonXVggx7TX0WwppMZWRITfzLUj0TjjpyfM//S0jZE+m2Nt8V0ZvKEL
JgemWxAeHnHo11NRAE3wd5UTEaZ+zsJuTGuF0pB3E9t3Ep/wsLvk2IbiAK12tZlY
I8ULWJO9ao/G9YpatsA6MC3IbB8LuDfKYOifO7drBsXjrMicPgAkNKhxYZmGVXXn
pjuyQhZPesGBk+4ZFj7GVukrPkqlXgZznD5POofvdSYGFXkUr7Nm7/EGJwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEWc90i6ZzPrAm6MvA838ND1dCbfMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvUlp6M1NMcG5NLXNDYm95OER6ZncwUFYwSnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCW2wQAwQB
W2w4AwQClZqoMA8EAgACMAkDBwAgAQso8j8wDQYJKoZIhvcNAQELBQADggEBALUs
9v8LBgxOPjeQ3zxbRhc0NsXJzTEiQDsYqZZRgVf3Ckqn/5BIF6W5eaNrFUW8NlQV
ilu/eP3AG2mo7tQvZUUAcwzVHBBOExmleqFuKVz+TQ6BhqBg8UWnySqyXcpb3xS4
7OcIxPEWubqmnKzHcnPyBGvlhG87HDth8gd9D4phL0IpdpXUKAN1v0SzKY7TKUy6
t70hlbqEcj2aEtnhpdneA1tA3RjwFkA3eqFdLDR9/8sTyb3417ndchlPmNFzBOgP
P/w93eYx/FrqZE2h43Lr8vjtS8xguVhsUUIv/6prtlio8/WomjPDdVHl6oOs7+k3
55l6VgEP2Y9oiNMigZs=
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:25:21 2025 by rpki-client