Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZR4zodWAa6dgb-p8bNcw3pyuiUY.roa
File: ZR4zodWAa6dgb-p8bNcw3pyuiUY.roa (raw, json)
Hash identifier: 90DAGtkf8NJxiCZx6YtuHH2IliTZhyBNrRkOKa+YH58=
Subject key identifier: 65:1E:33:A1:D5:80:6B:A7:60:6F:EA:7C:6C:D7:30:DE:9C:AE:89:46
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01846B8F9A29CFCEFCE7193BDFE4C3DDC909
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZR4zodWAa6dgb-p8bNcw3pyuiUY.roa
Signing time: Sat 12 Nov 2022 11:18:03 +0000
ROA not before: Sat 12 Nov 2022 11:18:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25198
IP address blocks: 45.131.186.0/24 maxlen: 24
2a0e:97c0:a80::/44 maxlen: 48
2a0e:97c0:300::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6b:8f:9a:29:cf:ce:fc:e7:19:3b:df:e4:c3:dd:c9:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 12 11:18:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=651e33a1d5806ba7606fea7c6cd730de9cae8946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:60:46:4b:f5:45:a5:74:09:5b:3f:8d:83:a8:
c5:8a:c9:f2:5c:76:b0:0a:0f:2f:58:6d:aa:44:24:
93:76:5e:d6:d4:f9:56:2f:6d:16:6b:47:1b:1d:17:
95:6d:a3:52:29:7b:ea:6d:96:9c:94:03:6b:61:47:
c4:6a:1e:60:10:68:f3:5c:09:6d:4f:cf:a8:9f:97:
fa:43:81:84:20:f7:0d:6e:61:b6:80:37:da:f4:ca:
4c:31:b3:64:64:1f:bb:ff:fa:a4:b9:92:53:75:48:
6c:e4:1d:29:e2:57:1d:a5:e9:f5:48:08:09:3f:de:
aa:da:9c:9a:ab:87:b2:9b:6a:8a:98:d8:9e:3a:55:
a6:1d:5a:45:71:5a:7d:96:4e:52:35:d4:f7:ad:ad:
e8:8c:1b:5f:4f:41:72:9a:b0:0f:58:65:75:c7:c5:
54:cb:f8:2d:8f:77:6e:6d:ab:6f:0a:4d:e0:d9:b7:
3d:78:f4:c4:5f:49:bd:52:27:3e:d7:81:d4:f7:f1:
50:71:af:4e:10:cb:e2:e3:17:14:0d:58:51:84:e8:
79:8f:2c:fe:64:0f:8a:14:79:08:81:10:4d:f7:0d:
2c:b2:85:77:b7:a2:ee:7d:05:9d:52:27:74:0c:9b:
10:d0:cc:fd:6d:61:4d:af:07:d2:0d:37:32:35:98:
03:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1E:33:A1:D5:80:6B:A7:60:6F:EA:7C:6C:D7:30:DE:9C:AE:89:46
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZR4zodWAa6dgb-p8bNcw3pyuiUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.186.0/24
IPv6:
2a0e:97c0:300::/44
2a0e:97c0:a80::/44
Signature Algorithm: sha256WithRSAEncryption
63:d8:08:64:df:8b:5a:85:e5:5a:d7:e9:5c:3f:85:11:28:20:
36:55:d3:6a:64:0d:6c:68:01:66:e3:45:ac:10:2d:8c:7c:1f:
a1:98:fb:0f:5f:92:7a:83:6e:13:d7:b6:d0:89:27:88:df:55:
1c:63:a6:ec:ce:c2:dc:49:87:45:8f:ec:1e:57:d2:2c:c0:aa:
ea:0d:c2:fb:f1:b9:23:d2:3b:06:6f:13:c4:3b:6f:64:f1:b6:
14:17:b6:d4:8d:d6:bf:9c:1e:4e:81:1a:b8:24:3c:d0:71:7c:
48:7a:a4:37:8e:6b:af:83:62:28:5b:00:08:e8:10:8e:82:ed:
80:08:d4:5a:43:0b:c5:d1:52:de:2c:80:95:82:9f:e4:b7:34:
2a:a6:0e:73:f9:3d:27:db:37:4c:63:69:27:d1:5b:b1:87:98:
6a:fb:d9:64:e5:1b:17:16:d3:4f:23:c9:e6:e0:65:1f:cb:26:
2d:21:98:37:34:30:18:c7:c0:2a:82:21:78:bc:c7:83:fd:d3:
b5:47:c7:52:f1:f6:b2:0b:b4:5a:4b:52:90:03:85:19:ad:b5:
43:8b:cf:12:e3:92:3d:c2:bd:ec:47:d2:93:ee:de:20:e5:61:
85:ae:87:5e:78:cd:53:cb:e8:00:99:6f:70:a9:c3:bd:91:02:
6b:76:0e:26
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYRrj5opz8785xk73+TD3ckJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTEyMTExODAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTFlMzNhMWQ1ODA2YmE3NjA2ZmVhN2M2Y2Q3MzBkZTljYWU4OTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGBGS/VFpXQJWz+Ng6jFisnyXHaw
Cg8vWG2qRCSTdl7W1PlWL20Wa0cbHReVbaNSKXvqbZaclANrYUfEah5gEGjzXAlt
T8+on5f6Q4GEIPcNbmG2gDfa9MpMMbNkZB+7//qkuZJTdUhs5B0p4lcdpen1SAgJ
P96q2pyaq4eym2qKmNieOlWmHVpFcVp9lk5SNdT3ra3ojBtfT0FymrAPWGV1x8VU
y/gtj3dubatvCk3g2bc9ePTEX0m9Uic+14HU9/FQca9OEMvi4xcUDVhRhOh5jyz+
ZA+KFHkIgRBN9w0ssoV3t6LufQWdUid0DJsQ0Mz9bWFNrwfSDTcyNZgD+wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGUeM6HVgGunYG/qfGzXMN6crolGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWlI0em9kV0FhNmRnYi1wOGJOY3czcHl1aVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQALYO6MBgE
AgACMBIDBwQqDpfAAwADBwQqDpfACoAwDQYJKoZIhvcNAQELBQADggEBAGPYCGTf
i1qF5VrX6Vw/hREoIDZV02pkDWxoAWbjRawQLYx8H6GY+w9fknqDbhPXttCJJ4jf
VRxjpuzOwtxJh0WP7B5X0izAquoNwvvxuSPSOwZvE8Q7b2TxthQXttSN1r+cHk6B
GrgkPNBxfEh6pDeOa6+DYihbAAjoEI6C7YAI1FpDC8XRUt4sgJWCn+S3NCqmDnP5
PSfbN0xjaSfRW7GHmGr72WTlGxcW008jyebgZR/LJi0hmDc0MBjHwCqCIXi8x4P9
07VHx1Lx9rILtFpLUpADhRmttUOLzxLjkj3CvexH0pPu3iDlYYWuh154zVPL6ACZ
b3Cpw72RAmt2DiY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-fra.rpki-client.org