Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZbUxNo1g-J5Xmeqa7Q5UzbM4B_U.roa
File: ZbUxNo1g-J5Xmeqa7Q5UzbM4B_U.roa (raw, json)
Hash identifier: 67POlmM5195gFVdDjAidGnZ0ifv/lE8rj1McUydQxjM=
Subject key identifier: 65:B5:31:36:8D:60:F8:9E:57:99:EA:9A:ED:0E:54:CD:B3:38:07:F5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01840124146BAC16ACAD93D963B296DA6CCF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZbUxNo1g-J5Xmeqa7Q5UzbM4B_U.roa
Signing time: Sat 22 Oct 2022 19:20:52 +0000
ROA not before: Sat 22 Oct 2022 19:20:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203790
IP address blocks: 45.148.116.0/24 maxlen: 24
45.148.119.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:01:24:14:6b:ac:16:ac:ad:93:d9:63:b2:96:da:6c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 22 19:20:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65b531368d60f89e5799ea9aed0e54cdb33807f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d7:c7:56:8f:fe:29:80:70:45:6a:d0:79:41:
8d:04:70:88:4b:84:21:a2:ae:f3:48:9c:2e:6e:e3:
9a:11:37:27:48:39:a6:e5:1b:87:43:f3:ff:d8:fe:
17:24:01:40:33:fd:10:1e:55:e7:67:0f:84:52:29:
59:b2:c9:c3:a5:b4:1f:d2:75:1a:84:b5:55:c1:0e:
de:c5:8f:ce:ac:3c:c1:92:7d:56:12:fe:a1:ec:10:
a2:27:7a:68:2e:29:8f:20:54:58:5b:9d:8c:d1:a5:
55:76:28:95:f4:49:8d:37:7a:4a:e6:0a:88:2f:c9:
30:6c:08:f9:f0:b8:83:8f:3b:93:47:a9:c1:35:f5:
a6:d4:30:cb:0b:da:34:5a:6d:26:cd:8d:a6:6e:6b:
dc:f4:71:e3:72:95:e1:c3:b2:fa:94:be:0f:5d:b1:
8e:8b:0f:fe:c6:79:19:2f:60:4a:0d:7d:1a:68:50:
ec:ff:f0:b5:90:b2:69:f7:27:17:19:5f:d8:fc:45:
c5:95:ca:c1:3d:de:2c:18:dc:b9:bc:b4:eb:c0:79:
4f:70:35:34:a2:57:b3:8a:ad:a8:eb:13:b5:4c:91:
59:b8:6b:a1:29:dd:57:fd:f3:07:17:b1:a8:1e:34:
48:db:13:32:24:b2:47:8f:32:92:fb:3f:90:fa:d7:
5e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:B5:31:36:8D:60:F8:9E:57:99:EA:9A:ED:0E:54:CD:B3:38:07:F5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZbUxNo1g-J5Xmeqa7Q5UzbM4B_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/24
45.148.119.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
b8:ee:e1:70:d0:25:59:47:24:8b:36:de:a0:6a:c5:5b:5c:21:
c2:d3:32:63:c9:d9:8c:45:07:ca:ec:d2:bc:64:59:16:9f:6f:
04:9a:ed:5e:69:23:cb:83:b5:d3:24:ac:99:2f:a6:2d:80:9d:
08:fc:c4:cc:45:7c:51:13:99:ca:57:5f:7e:01:fe:13:e1:62:
05:e4:6b:7a:2b:f1:03:7a:7d:0b:69:aa:a5:0d:58:5c:0a:68:
11:02:b5:b0:e2:2f:c4:f3:ea:f7:d6:c3:fb:90:e9:bf:67:2d:
82:e3:89:19:9a:7f:89:6b:5c:79:91:56:5c:29:06:1c:6e:e5:
10:74:b1:18:ad:c1:f5:b1:d4:6e:3d:69:de:b8:be:9b:de:a3:
89:d9:75:7d:2f:d6:ec:b1:d2:57:78:e9:82:ef:2b:98:85:3f:
cd:27:95:eb:ef:82:95:29:3c:07:47:40:8d:1b:fa:fa:c9:03:
4b:25:ad:91:e4:46:23:58:13:3a:75:0f:e7:b5:ec:ad:93:66:
13:51:c8:a9:4b:da:28:a1:c7:c6:cd:75:d0:16:da:50:85:13:
4f:79:5b:f4:7a:df:0c:7d:ad:e1:92:81:fd:91:0c:38:0a:8a:
18:67:c4:60:11:0a:38:ec:2d:c9:60:6f:e1:21:67:6b:26:a8:
20:98:57:84
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYQBJBRrrBasrZPZY7KW2mzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDIyMTkyMDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWI1MzEzNjhkNjBmODllNTc5OWVhOWFlZDBlNTRjZGIzMzgwN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNfHVo/+KYBwRWrQeUGNBHCIS4Qh
oq7zSJwubuOaETcnSDmm5RuHQ/P/2P4XJAFAM/0QHlXnZw+EUilZssnDpbQf0nUa
hLVVwQ7exY/OrDzBkn1WEv6h7BCiJ3poLimPIFRYW52M0aVVdiiV9EmNN3pK5gqI
L8kwbAj58LiDjzuTR6nBNfWm1DDLC9o0Wm0mzY2mbmvc9HHjcpXhw7L6lL4PXbGO
iw/+xnkZL2BKDX0aaFDs//C1kLJp9ycXGV/Y/EXFlcrBPd4sGNy5vLTrwHlPcDU0
oleziq2o6xO1TJFZuGuhKd1X/fMHF7GoHjRI2xMyJLJHjzKS+z+Q+tde3QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGW1MTaNYPieV5nqmu0OVM2zOAf1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWmJVeE5vMWctSjVYbWVxYTdRNVV6Yk00Ql9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzASBAIAATAMAwQALZR0AwQA
LZR3MDEEAgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDMQAHQAwcE
KhDMQQEQMA0GCSqGSIb3DQEBCwUAA4IBAQC47uFw0CVZRySLNt6gasVbXCHC0zJj
ydmMRQfK7NK8ZFkWn28Emu1eaSPLg7XTJKyZL6YtgJ0I/MTMRXxRE5nKV19+Af4T
4WIF5Gt6K/EDen0LaaqlDVhcCmgRArWw4i/E8+r31sP7kOm/Zy2C44kZmn+Ja1x5
kVZcKQYcbuUQdLEYrcH1sdRuPWneuL6b3qOJ2XV9L9bssdJXeOmC7yuYhT/NJ5Xr
74KVKTwHR0CNG/r6yQNLJa2R5EYjWBM6dQ/nteytk2YTUcipS9ooocfGzXXQFtpQ
hRNPeVv0et8Mfa3hkoH9kQw4CooYZ8RgEQo47C3JYG/hIWdrJqggmFeE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:33 2024 by rpki-client on console-fra.rpki-client.org