Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/zSO2h-TYecSqICGJx7_MzONSOUg.roa
File: zSO2h-TYecSqICGJx7_MzONSOUg.roa (raw, json)
Hash identifier: xll99ZYNFJni5k7wTSfas85I4YEUqM28XK2yWOQztrw=
Subject key identifier: CD:23:B6:87:E4:D8:79:C4:AA:20:21:89:C7:BF:CC:CC:E3:52:39:48
Certificate issuer: /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial: 04042595
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/zSO2h-TYecSqICGJx7_MzONSOUg.roa
Signing time: Sat 01 Jan 2022 08:01:28 +0000
ROA not before: Sat 01 Jan 2022 08:01:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208555
IP address blocks: 45.129.36.0/24 maxlen: 24
45.129.37.0/24 maxlen: 24
45.129.38.0/24 maxlen: 24
45.129.39.0/24 maxlen: 24
45.129.38.0/23 maxlen: 23
185.53.143.0/24 maxlen: 24
185.53.141.0/24 maxlen: 24
185.53.142.0/24 maxlen: 24
185.53.140.0/24 maxlen: 24
185.53.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67380629 (0x4042595)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Validity
Not Before: Jan 1 08:01:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd23b687e4d879c4aa202189c7bfcccce3523948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f4:78:ae:d1:94:de:81:d8:57:41:a7:2a:21:
65:37:32:74:53:2e:29:74:1e:18:0e:bd:5f:43:2e:
2d:8a:a1:b4:5b:fb:b2:17:49:8f:6b:be:7e:18:76:
4e:56:ae:4a:e2:16:34:6c:a8:6d:93:bc:6c:77:f3:
b3:80:3b:7e:38:02:c9:c3:3d:ed:48:b8:f0:24:1f:
e0:75:cf:a2:ff:20:8f:1c:47:a1:1d:cf:49:08:75:
0d:23:9a:61:be:26:89:8e:a8:92:1b:9c:db:ec:8a:
1d:2c:d6:ea:77:59:6a:2e:2d:4f:bc:a2:a8:70:1b:
df:4f:47:a7:d8:9b:55:ec:b1:69:a1:3e:f8:63:75:
71:1c:d5:0b:fe:6e:5f:44:0d:38:15:e5:b1:4c:e8:
96:48:6a:5f:c3:3e:5d:57:7e:c8:55:88:db:27:ab:
eb:74:06:53:18:28:52:f1:b6:6e:62:d7:2e:45:a2:
c7:ab:08:bf:ec:aa:f2:d2:ef:01:56:b6:05:ef:93:
66:fc:42:dc:47:f8:30:b1:f8:75:d5:c5:5c:c7:a0:
a3:9c:f1:22:03:47:af:4e:ca:de:d3:f6:96:a9:0c:
74:f1:2b:bc:82:ef:fb:43:d1:89:90:bb:d7:c3:4a:
1d:1e:b7:25:b8:e2:04:22:15:67:37:36:38:87:e1:
93:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:23:B6:87:E4:D8:79:C4:AA:20:21:89:C7:BF:CC:CC:E3:52:39:48
X509v3 Authority Key Identifier:
keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/zSO2h-TYecSqICGJx7_MzONSOUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.36.0/22
185.53.140.0/22
Signature Algorithm: sha256WithRSAEncryption
85:6e:e9:cb:4b:9b:61:32:fe:6d:de:70:c6:b8:02:86:ce:bf:
53:06:23:74:88:0e:cb:1e:17:31:e8:25:b0:4f:0c:3f:f2:80:
0e:ab:57:2a:7f:d9:61:30:84:21:36:dd:ed:ef:c9:06:55:36:
ed:62:fa:d8:16:8d:12:c7:c1:00:e8:bd:1e:87:28:8c:27:26:
21:a1:11:2e:78:26:22:77:16:ed:78:89:e4:c6:b1:ba:57:eb:
0a:0d:81:d0:35:05:a1:86:4e:96:49:83:90:83:cc:79:f7:30:
73:e9:cd:fd:7f:8d:4d:22:06:16:51:d2:d4:41:ea:6c:23:19:
fc:29:d2:de:da:7a:9d:65:7e:a5:64:de:93:9c:3f:6a:79:60:
60:b5:cd:25:bb:a9:60:06:2f:c2:e9:e7:58:62:b2:d8:f4:d9:
58:f1:36:d7:a8:2b:a0:45:b1:d1:fc:a9:0b:bf:33:fd:82:40:
e2:ba:62:dd:07:16:f7:86:19:0a:64:02:82:c7:eb:74:6d:8e:
84:5d:e6:ae:58:aa:57:ed:7b:3a:a7:f8:22:34:95:24:25:de:
81:34:8b:13:a3:b2:e6:d1:00:d5:9b:c7:fa:15:91:a0:53:56:
a0:c7:80:b1:0c:2e:69:04:a2:7f:0f:f4:7d:bf:42:d6:d0:dc:
8a:05:bc:62
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBAQllTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTNlMGNkOGIzZTA0NGVkYjgyM2FlZjY4OGFhZmIwYjc1ZGU4Njc1MB4XDTIyMDEw
MTA4MDEyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QyM2I2ODdlNGQ4
NzljNGFhMjAyMTg5YzdiZmNjY2NlMzUyMzk0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALH0eK7RlN6B2FdBpyohZTcydFMuKXQeGA69X0MuLYqhtFv7
shdJj2u+fhh2TlauSuIWNGyobZO8bHfzs4A7fjgCycM97Ui48CQf4HXPov8gjxxH
oR3PSQh1DSOaYb4miY6okhuc2+yKHSzW6ndZai4tT7yiqHAb309Hp9ibVeyxaaE+
+GN1cRzVC/5uX0QNOBXlsUzolkhqX8M+XVd+yFWI2yer63QGUxgoUvG2bmLXLkWi
x6sIv+yq8tLvAVa2Be+TZvxC3Ef4MLH4ddXFXMego5zxIgNHr07K3tP2lqkMdPEr
vILv+0PRiZC718NKHR63JbjiBCIVZzc2OIfhk2ECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTNI7aH5Nh5xKogIYnHv8zM41I5SDAfBgNVHSMEGDAWgBQpPgzYs+BE7bgj
rvaIqvsLdd6GdTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tUNE0yTFBnUk8yNEk2NzJpS3I3QzNYZWhuVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvNmRhMWMyLTI1MmQtNGJkMi1iNTZjLWJiMjE3Y2MzYjc4ZC8x
L3pTTzJoLVRZZWNTcUlDR0p4N19Nek9OU09VZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
NmRhMWMyLTI1MmQtNGJkMi1iNTZjLWJiMjE3Y2MzYjc4ZC8xL0tUNE0yTFBnUk8y
NEk2NzJpS3I3QzNYZWhuVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2BJAMEArk1jDANBgkqhkiG9w0B
AQsFAAOCAQEAhW7py0ubYTL+bd5wxrgChs6/UwYjdIgOyx4XMeglsE8MP/KADqtX
Kn/ZYTCEITbd7e/JBlU27WL62BaNEsfBAOi9HocojCcmIaERLngmIncW7XiJ5Max
ulfrCg2B0DUFoYZOlkmDkIPMefcwc+nN/X+NTSIGFlHS1EHqbCMZ/CnS3tp6nWV+
pWTek5w/anlgYLXNJbupYAYvwunnWGKy2PTZWPE216groEWx0fypC78z/YJA4rpi
3QcW94YZCmQCgsfrdG2OhF3mrliqV+17Oqf4IjSVJCXegTSLE6Oy5tEA1ZvH+hWR
oFNWoMeAsQwuaQSifw/0fb9C1tDcigW8Yg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:28:06 2025 by rpki-client