Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/z11Ud-TI7hIhPH9RZUZsmOrh0ow.roa
File: z11Ud-TI7hIhPH9RZUZsmOrh0ow.roa (raw, json)
Hash identifier: C3YY4mfbib02QJ+fZSiE5nShaK9ShxAfmcrIrGfn+N8=
Subject key identifier: CF:5D:54:77:E4:C8:EE:12:21:3C:7F:51:65:46:6C:98:EA:E1:D2:8C
Certificate issuer: /CN=a39b4943e7d6b4b0e1de85c9bc38b857554dd47d
Certificate serial: 018263ECDB16C8EAA21A1E5822FD62D5FA78
Authority key identifier: A3:9B:49:43:E7:D6:B4:B0:E1:DE:85:C9:BC:38:B8:57:55:4D:D4:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/z11Ud-TI7hIhPH9RZUZsmOrh0ow.roa
Signing time: Wed 03 Aug 2022 13:37:23 +0000
ROA not before: Wed 03 Aug 2022 13:37:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29467
IP address blocks: 45.67.254.0/24 maxlen: 24
45.67.255.0/24 maxlen: 24
45.67.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:63:ec:db:16:c8:ea:a2:1a:1e:58:22:fd:62:d5:fa:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a39b4943e7d6b4b0e1de85c9bc38b857554dd47d
Validity
Not Before: Aug 3 13:37:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf5d5477e4c8ee12213c7f5165466c98eae1d28c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b3:e9:a6:12:8d:1d:8d:b0:d6:42:32:a0:bc:
ec:f2:69:24:58:22:3f:72:20:2f:3b:d8:df:cb:3c:
27:43:70:7b:1a:fb:d1:0d:fc:50:40:ba:65:e1:ab:
7b:69:76:a6:52:43:3f:46:88:be:a0:e6:cb:1d:52:
83:27:bf:3a:ac:4e:7f:5f:ee:ad:ec:db:eb:ab:ac:
81:db:50:52:3b:db:f8:94:85:d5:e6:18:60:cc:0a:
e3:04:90:3a:a2:26:3f:52:78:8f:c9:37:f4:b5:28:
0c:89:89:4d:2a:7b:cd:79:61:ad:65:68:7e:fe:46:
df:18:ae:ab:7a:ca:1f:8e:fd:0d:83:21:6f:03:f2:
05:15:d0:61:91:32:f1:e3:a1:fe:4f:ca:ab:f3:0b:
e1:84:b1:7c:29:3c:0a:29:3a:9b:4b:4f:71:54:2d:
08:6d:62:9c:1d:c3:25:22:95:93:01:9b:29:26:6c:
92:d6:3e:ea:e2:d3:c2:0c:11:93:4e:47:67:aa:3d:
dc:42:16:ac:e4:70:0a:a4:ac:51:85:03:48:01:31:
83:63:a0:44:98:ba:0f:0d:c5:14:a7:05:20:56:e7:
be:78:e5:ac:91:19:a7:f9:3b:d0:fa:61:1c:dc:40:
a5:cf:ae:71:0a:55:36:9f:68:d5:c3:62:bb:c4:df:
5a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:5D:54:77:E4:C8:EE:12:21:3C:7F:51:65:46:6C:98:EA:E1:D2:8C
X509v3 Authority Key Identifier:
keyid:A3:9B:49:43:E7:D6:B4:B0:E1:DE:85:C9:BC:38:B8:57:55:4D:D4:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/z11Ud-TI7hIhPH9RZUZsmOrh0ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.253.0-45.67.255.255
Signature Algorithm: sha256WithRSAEncryption
8e:8a:86:08:c1:8e:dd:96:f5:f2:b5:07:5c:3a:48:ea:95:25:
e2:bb:a6:0f:5b:ed:43:88:51:85:a2:0c:c8:ba:68:65:70:26:
61:f2:57:d9:dc:c1:67:54:a6:b4:4f:26:63:e6:8a:ae:62:c7:
3f:e8:a2:3d:0a:2a:c5:4d:3d:d0:a2:36:56:36:62:7c:79:87:
bb:da:12:e9:e5:f3:89:5f:36:4c:fe:5b:ab:2b:e2:fd:29:4f:
57:8f:90:13:ba:d7:36:80:ab:c0:72:b7:ba:1b:39:88:ee:9f:
0c:39:11:43:25:14:3a:93:db:80:bd:05:eb:61:ef:1a:4e:a0:
62:87:21:5e:89:3c:55:31:46:27:69:9d:fd:c2:11:f3:76:07:
fa:8d:0f:89:29:c3:fa:87:c1:8c:4e:8e:cb:b3:97:cc:c9:aa:
32:d9:8a:2a:d6:11:67:22:02:42:62:0d:66:cf:0d:da:2b:7c:
ff:d0:3d:50:bf:2a:41:55:03:1d:2b:23:34:ac:4f:19:22:ef:
24:ff:bf:be:7d:4e:47:7a:1a:10:3c:ba:15:26:3a:1b:68:36:
43:29:a2:96:cd:2c:70:40:68:8b:52:87:ee:f6:90:b6:e7:9d:
20:0d:d3:73:52:42:bc:03:fe:62:a2:f6:15:44:61:98:b6:75:
50:2e:d7:4c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYJj7NsWyOqiGh5YIv1i1fp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzOWI0OTQzZTdkNmI0YjBlMWRlODVjOWJjMzhiODU3NTU0
ZGQ0N2QwHhcNMjIwODAzMTMzNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjVkNTQ3N2U0YzhlZTEyMjEzYzdmNTE2NTQ2NmM5OGVhZTFkMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbPpphKNHY2w1kIyoLzs8mkkWCI/
ciAvO9jfyzwnQ3B7GvvRDfxQQLpl4at7aXamUkM/Roi+oObLHVKDJ786rE5/X+6t
7Nvrq6yB21BSO9v4lIXV5hhgzArjBJA6oiY/UniPyTf0tSgMiYlNKnvNeWGtZWh+
/kbfGK6resofjv0NgyFvA/IFFdBhkTLx46H+T8qr8wvhhLF8KTwKKTqbS09xVC0I
bWKcHcMlIpWTAZspJmyS1j7q4tPCDBGTTkdnqj3cQhas5HAKpKxRhQNIATGDY6BE
mLoPDcUUpwUgVue+eOWskRmn+TvQ+mEc3EClz65xClU2n2jVw2K7xN9aEQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFM9dVHfkyO4SITx/UWVGbJjq4dKMMB8GA1UdIwQY
MBaAFKObSUPn1rSw4d6Fybw4uFdVTdR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzV0SlEtZld0TERoM29YSnZEaTRWMVZOMUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS82Y2Y3MTItZGQwYi00YTkwLTk1OGUt
NjkzYmY2N2U2MWYzLzEvejExVWQtVEk3aEloUEg5UlpVWnNtT3JoMG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS82Y2Y3MTItZGQwYi00YTkwLTk1OGUtNjkzYmY2N2U2MWYz
LzEvbzV0SlEtZld0TERoM29YSnZEaTRWMVZOMUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBAAtQ/0D
AwItQDANBgkqhkiG9w0BAQsFAAOCAQEAjoqGCMGO3Zb18rUHXDpI6pUl4rumD1vt
Q4hRhaIMyLpoZXAmYfJX2dzBZ1SmtE8mY+aKrmLHP+iiPQoqxU090KI2VjZifHmH
u9oS6eXziV82TP5bqyvi/SlPV4+QE7rXNoCrwHK3uhs5iO6fDDkRQyUUOpPbgL0F
62HvGk6gYochXok8VTFGJ2md/cIR83YH+o0PiSnD+ofBjE6Oy7OXzMmqMtmKKtYR
ZyICQmINZs8N2it8/9A9UL8qQVUDHSsjNKxPGSLvJP+/vn1OR3oaEDy6FSY6G2g2
Qymils0scEBoi1KH7vaQtuedIA3Tc1JCvAP+YqL2FURhmLZ1UC7XTA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:03 2025 by rpki-client