Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/897061-9217-403c-a0e5-13d28c653efe/1/FU4K80ZgfdlocbzXWR5XU2qxNBA.roa
File: FU4K80ZgfdlocbzXWR5XU2qxNBA.roa (raw, json)
Hash identifier: Xotdkc8xEB6RK1Js4zBbR6CgKJ9haVEauWAXcEVJayU=
Subject key identifier: 15:4E:0A:F3:46:60:7D:D9:68:71:BC:D7:59:1E:57:53:6A:B1:34:10
Certificate issuer: /CN=64f906653fb6732a556ad35528d1d5938d1b0e98
Certificate serial: 01856FE70913403B1FC0F4171F0EA9BC1BBF
Authority key identifier: 64:F9:06:65:3F:B6:73:2A:55:6A:D3:55:28:D1:D5:93:8D:1B:0E:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPkGZT-2cypVatNVKNHVk40bDpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/897061-9217-403c-a0e5-13d28c653efe/1/FU4K80ZgfdlocbzXWR5XU2qxNBA.roa
Signing time: Mon 02 Jan 2023 00:34:50 +0000
ROA not before: Mon 02 Jan 2023 00:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60022
IP address blocks: 185.62.68.0/22 maxlen: 24
45.133.160.0/22 maxlen: 24
2a03:60::/32 maxlen: 48
2a0e:7640::/29 maxlen: 48
2a03:66::/32 maxlen: 48
2a03:65::/32 maxlen: 48
2a03:62::/32 maxlen: 48
2a03:63::/32 maxlen: 48
2a03:61::/32 maxlen: 48
2a03:64::/32 maxlen: 48
2a03:67::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:09:13:40:3b:1f:c0:f4:17:1f:0e:a9:bc:1b:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64f906653fb6732a556ad35528d1d5938d1b0e98
Validity
Not Before: Jan 2 00:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=154e0af346607dd96871bcd7591e57536ab13410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b3:e4:77:8c:a8:5f:67:6c:e0:83:3f:df:1b:
8c:7a:7a:a7:84:d2:7d:92:25:93:36:c9:74:35:84:
16:da:ab:05:bf:ab:91:d4:6b:f6:47:48:73:8e:1b:
db:55:df:db:24:5e:14:93:a9:00:ec:4d:e0:e1:e2:
41:3c:22:27:e2:bc:bd:5b:13:e0:88:4e:3a:13:f4:
8a:f2:23:33:69:b1:83:4a:a0:27:39:46:d0:9c:4b:
61:69:0e:0b:ef:67:53:e0:c4:25:8f:bd:96:54:b3:
07:28:be:85:18:c2:1d:97:2c:b9:df:e2:1f:c4:ea:
26:10:d5:30:7b:6f:74:d3:f1:ee:41:16:be:4d:d6:
78:f5:cd:a6:23:41:b8:64:7d:a8:9d:a9:97:82:fd:
1a:fe:db:b0:b7:4b:90:07:61:51:4a:0a:d5:98:cf:
a3:00:22:3d:0c:8a:72:b1:73:32:f0:7d:01:7d:17:
f9:a0:a6:e8:0f:ce:0b:7c:d2:eb:41:0c:4d:1b:44:
7d:50:76:e4:ce:58:49:99:4b:51:0b:63:25:9d:cd:
45:44:7e:9e:ec:a6:9a:d2:a4:45:a5:3a:6a:39:c1:
68:b6:0d:bd:83:12:5e:60:0e:9e:f0:ee:3a:3d:1e:
0b:e4:92:ef:42:0e:71:b4:af:d9:37:8d:32:e4:61:
73:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:4E:0A:F3:46:60:7D:D9:68:71:BC:D7:59:1E:57:53:6A:B1:34:10
X509v3 Authority Key Identifier:
keyid:64:F9:06:65:3F:B6:73:2A:55:6A:D3:55:28:D1:D5:93:8D:1B:0E:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPkGZT-2cypVatNVKNHVk40bDpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/897061-9217-403c-a0e5-13d28c653efe/1/FU4K80ZgfdlocbzXWR5XU2qxNBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/897061-9217-403c-a0e5-13d28c653efe/1/ZPkGZT-2cypVatNVKNHVk40bDpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.160.0/22
185.62.68.0/22
IPv6:
2a03:60::/29
2a0e:7640::/29
Signature Algorithm: sha256WithRSAEncryption
b4:54:48:f8:72:81:15:75:90:08:7e:06:e3:eb:63:27:59:8f:
29:72:a0:2f:d1:3d:7b:c4:b9:0e:f4:74:32:2b:00:86:20:4e:
4f:0f:e1:dd:e5:2f:fd:41:69:36:52:ca:07:b1:d9:ae:8f:c8:
3f:a4:7f:af:79:c7:34:78:d0:6e:b4:04:7a:c4:67:6c:50:ad:
49:78:bb:e8:66:e3:4c:27:fe:77:87:7c:93:10:67:51:1e:64:
19:32:fc:63:6b:66:97:5b:16:61:cd:c4:ec:4e:53:a3:a2:d2:
4a:9c:47:f7:74:5b:e4:97:6b:6a:30:14:0d:02:33:ef:69:70:
d4:e6:34:8e:a2:fa:dd:62:f6:25:e3:e7:6a:9d:65:e0:b1:15:
33:a7:c5:fd:d8:14:ec:74:51:78:6a:3d:36:e7:99:5e:05:d9:
85:29:71:69:e7:5b:04:14:19:f0:89:7c:ea:ce:c7:2f:c1:35:
0a:a3:fc:63:7a:da:06:e5:1d:fd:34:d4:f2:2c:7e:d5:2d:8b:
fc:02:f5:a0:e1:2b:95:b5:ea:5f:0a:be:12:b2:ea:2a:cb:96:
c5:7a:14:26:7d:fc:3f:c4:0b:7f:14:88:b3:4b:03:d1:e2:54:
36:7a:98:75:30:76:b1:48:e0:6a:b4:50:02:98:df:ff:ad:93:
db:44:d3:7e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVv5wkTQDsfwPQXHw6pvBu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZjkwNjY1M2ZiNjczMmE1NTZhZDM1NTI4ZDFkNTkzOGQx
YjBlOTgwHhcNMjMwMTAyMDAzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTRlMGFmMzQ2NjA3ZGQ5Njg3MWJjZDc1OTFlNTc1MzZhYjEzNDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7Pkd4yoX2ds4IM/3xuMenqnhNJ9
kiWTNsl0NYQW2qsFv6uR1Gv2R0hzjhvbVd/bJF4Uk6kA7E3g4eJBPCIn4ry9WxPg
iE46E/SK8iMzabGDSqAnOUbQnEthaQ4L72dT4MQlj72WVLMHKL6FGMIdlyy53+If
xOomENUwe2900/HuQRa+TdZ49c2mI0G4ZH2onamXgv0a/tuwt0uQB2FRSgrVmM+j
ACI9DIpysXMy8H0BfRf5oKboD84LfNLrQQxNG0R9UHbkzlhJmUtRC2Mlnc1FRH6e
7Kaa0qRFpTpqOcFotg29gxJeYA6e8O46PR4L5JLvQg5xtK/ZN40y5GFzKwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBVOCvNGYH3ZaHG811keV1NqsTQQMB8GA1UdIwQY
MBaAFGT5BmU/tnMqVWrTVSjR1ZONGw6YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBrR1pULTJjeXBWYXROVktOSFZrNDBiRHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84OTcwNjEtOTIxNy00MDNjLWEwZTUt
MTNkMjhjNjUzZWZlLzEvRlU0SzgwWmdmZGxvY2J6WFdSNVhVMnF4TkJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84OTcwNjEtOTIxNy00MDNjLWEwZTUtMTNkMjhjNjUzZWZl
LzEvWlBrR1pULTJjeXBWYXROVktOSFZrNDBiRHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLYWgAwQC
uT5EMBQEAgACMA4DBQMqAwBgAwUDKg52QDANBgkqhkiG9w0BAQsFAAOCAQEAtFRI
+HKBFXWQCH4G4+tjJ1mPKXKgL9E9e8S5DvR0MisAhiBOTw/h3eUv/UFpNlLKB7HZ
ro/IP6R/r3nHNHjQbrQEesRnbFCtSXi76GbjTCf+d4d8kxBnUR5kGTL8Y2tml1sW
Yc3E7E5To6LSSpxH93Rb5JdrajAUDQIz72lw1OY0jqL63WL2JePnap1l4LEVM6fF
/dgU7HRReGo9NueZXgXZhSlxaedbBBQZ8Il86s7HL8E1CqP8Y3raBuUd/TTU8ix+
1S2L/AL1oOErlbXqXwq+ErLqKsuWxXoUJn38P8QLfxSIs0sD0eJUNnqYdTB2sUjg
arRQApjf/62T20TTfg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:51 2025 by rpki-client