Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/Z1i0t7ug3ms0HwP-tdF8J1AlXlc.roa
File: Z1i0t7ug3ms0HwP-tdF8J1AlXlc.roa (raw, json)
Hash identifier: WM67ZNrXZycFT+rDyprbuqUVXdW7/O/KBvItTbRsHiI=
Subject key identifier: 67:58:B4:B7:BB:A0:DE:6B:34:1F:03:FE:B5:D1:7C:27:50:25:5E:57
Certificate issuer: /CN=16ea37a8e73e7679a933d70f7b9c872081024455
Certificate serial: 018CBC2D0D04AD82B2186CA03C5C77C0D162
Authority key identifier: 16:EA:37:A8:E7:3E:76:79:A9:33:D7:0F:7B:9C:87:20:81:02:44:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fuo3qOc-dnmpM9cPe5yHIIECRFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/Z1i0t7ug3ms0HwP-tdF8J1AlXlc.roa
Signing time: Sat 30 Dec 2023 19:21:58 +0000
ROA not before: Sat 30 Dec 2023 19:21:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64458
IP address blocks: 194.59.170.0/24 maxlen: 24
185.81.97.0/24 maxlen: 24
45.90.75.0/24 maxlen: 24
45.90.73.0/24 maxlen: 24
45.90.74.0/24 maxlen: 24
45.90.72.0/24 maxlen: 24
2a05:8641::/32 maxlen: 32
2a05:8640::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bc:2d:0d:04:ad:82:b2:18:6c:a0:3c:5c:77:c0:d1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16ea37a8e73e7679a933d70f7b9c872081024455
Validity
Not Before: Dec 30 19:21:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6758b4b7bba0de6b341f03feb5d17c2750255e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:27:0b:bc:d9:e8:fe:74:c6:16:46:3e:c1:69:
40:20:5a:b3:ec:38:b9:64:d4:dd:08:b6:c5:e1:e8:
a4:13:53:89:2a:37:72:7a:de:9a:72:65:b2:d9:00:
bf:3e:53:b6:07:ef:ce:6d:b0:3b:08:a9:89:24:ff:
a8:33:6d:70:14:ee:c1:a4:af:68:5b:cb:24:38:a0:
44:ef:4f:43:33:38:14:43:93:09:d3:65:ba:b1:af:
2f:bb:4e:86:09:be:f2:4d:c7:ac:b9:b8:f7:6d:f1:
85:15:95:ac:79:de:82:e6:25:0d:b9:b5:d5:30:03:
c0:a8:80:d7:0b:0f:25:66:da:c3:60:08:a4:67:ae:
33:50:a9:1e:29:18:63:8c:00:ca:9a:0f:83:95:9f:
9e:ee:71:23:ae:a0:72:51:87:e5:e8:58:d9:84:b3:
46:3c:5c:4c:95:3a:0e:be:49:ae:07:e6:19:ce:30:
b8:fc:61:e1:40:3f:42:16:e7:e0:98:c6:63:cd:99:
6c:ee:cc:d4:2a:3d:9e:fe:0b:1c:c7:e2:ce:6b:e3:
ef:c5:7a:00:f6:55:14:c5:98:28:80:2d:bc:54:27:
70:c5:8e:b6:59:e4:2c:19:0a:8b:fb:9e:cc:c4:39:
39:60:fe:02:32:3a:8c:ca:13:4e:ff:af:00:e7:32:
06:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:58:B4:B7:BB:A0:DE:6B:34:1F:03:FE:B5:D1:7C:27:50:25:5E:57
X509v3 Authority Key Identifier:
keyid:16:EA:37:A8:E7:3E:76:79:A9:33:D7:0F:7B:9C:87:20:81:02:44:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fuo3qOc-dnmpM9cPe5yHIIECRFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/Z1i0t7ug3ms0HwP-tdF8J1AlXlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/Fuo3qOc-dnmpM9cPe5yHIIECRFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.72.0/22
185.81.97.0/24
194.59.170.0/24
IPv6:
2a05:8640::/29
Signature Algorithm: sha256WithRSAEncryption
66:42:d8:1f:0e:42:a3:7c:1b:58:27:2c:b8:d9:f1:80:60:2a:
e8:11:11:a2:43:af:d4:1c:cd:2c:68:cd:4f:97:63:89:c3:10:
d0:3c:48:c7:5c:97:ff:8b:49:32:96:85:8c:63:4c:52:e2:86:
ca:4c:00:34:db:9b:79:c4:f1:f8:29:4f:a7:c8:5b:dc:d0:37:
56:e4:e3:d3:b3:24:26:66:db:b5:2c:52:86:b2:4c:fa:88:4d:
7e:75:48:a7:a1:d2:c7:c3:69:80:ef:11:26:de:08:62:9d:15:
2d:f8:53:41:50:56:bf:b2:3f:a8:15:c7:71:fb:b4:a9:5a:03:
24:28:6a:86:3d:10:cd:db:fa:df:8b:dc:40:cf:ca:8d:8c:e6:
cc:51:08:27:6e:24:7e:74:bf:01:78:6e:dd:43:04:e3:82:c9:
dd:6b:fc:a1:74:5a:68:3e:8b:3b:f8:d3:08:b7:f3:15:be:4e:
cc:15:5d:e9:f0:13:cf:21:c9:bd:54:ba:81:11:30:1f:d1:68:
a3:79:ec:03:78:0a:ca:71:d4:d5:73:a0:b7:be:23:4f:61:b1:
0e:02:7c:32:43:d3:a1:af:a2:05:f3:6c:8b:62:e2:01:cc:9a:
1a:d8:9c:0c:33:3b:fc:06:96:24:39:74:9d:a4:ae:ca:14:cc:
3d:2a:fc:ac
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYy8LQ0ErYKyGGygPFx3wNFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZWEzN2E4ZTczZTc2NzlhOTMzZDcwZjdiOWM4NzIwODEw
MjQ0NTUwHhcNMjMxMjMwMTkyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzU4YjRiN2JiYTBkZTZiMzQxZjAzZmViNWQxN2MyNzUwMjU1ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkicLvNno/nTGFkY+wWlAIFqz7Di5
ZNTdCLbF4eikE1OJKjdyet6acmWy2QC/PlO2B+/ObbA7CKmJJP+oM21wFO7BpK9o
W8skOKBE709DMzgUQ5MJ02W6sa8vu06GCb7yTcesubj3bfGFFZWsed6C5iUNubXV
MAPAqIDXCw8lZtrDYAikZ64zUKkeKRhjjADKmg+DlZ+e7nEjrqByUYfl6FjZhLNG
PFxMlToOvkmuB+YZzjC4/GHhQD9CFufgmMZjzZls7szUKj2e/gscx+LOa+PvxXoA
9lUUxZgogC28VCdwxY62WeQsGQqL+57MxDk5YP4CMjqMyhNO/68A5zIGGQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGdYtLe7oN5rNB8D/rXRfCdQJV5XMB8GA1UdIwQY
MBaAFBbqN6jnPnZ5qTPXD3uchyCBAkRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnVvM3FPYy1kbm1wTTljUGU1eUhJSUVDUkZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My81MWNkOTQtYTA1NS00M2VlLWEwOWIt
NDcyYjBkMDcyZTgzLzEvWjFpMHQ3dWczbXMwSHdQLXRkRjhKMUFsWGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My81MWNkOTQtYTA1NS00M2VlLWEwOWItNDcyYjBkMDcyZTgz
LzEvRnVvM3FPYy1kbm1wTTljUGU1eUhJSUVDUkZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVpIAwQA
uVFhAwQAwjuqMA0EAgACMAcDBQMqBYZAMA0GCSqGSIb3DQEBCwUAA4IBAQBmQtgf
DkKjfBtYJyy42fGAYCroERGiQ6/UHM0saM1Pl2OJwxDQPEjHXJf/i0kyloWMY0xS
4obKTAA025t5xPH4KU+nyFvc0DdW5OPTsyQmZtu1LFKGskz6iE1+dUinodLHw2mA
7xEm3ghinRUt+FNBUFa/sj+oFcdx+7SpWgMkKGqGPRDN2/rfi9xAz8qNjObMUQgn
biR+dL8BeG7dQwTjgsnda/yhdFpoPos7+NMIt/MVvk7MFV3p8BPPIcm9VLqBETAf
0WijeewDeArKcdTVc6C3viNPYbEOAnwyQ9Ohr6IF82yLYuIBzJoa2JwMMzv8BpYk
OXSdpK7KFMw9Kvys
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:49 2025 by rpki-client