Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/9Owrsjw2wq8IPJsSLgaCoE3nVpU.roa
File: 9Owrsjw2wq8IPJsSLgaCoE3nVpU.roa (raw, json)
Hash identifier: yijLswaC1HE4+fuEUE9rGhekp/dwUwNE5sDEKP6Ppjc=
Subject key identifier: F4:EC:2B:B2:3C:36:C2:AF:08:3C:9B:12:2E:06:82:A0:4D:E7:56:95
Certificate issuer: /CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Certificate serial: 0187E10AA1BFE1F65498E67627EB958742D5
Authority key identifier: 2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/9Owrsjw2wq8IPJsSLgaCoE3nVpU.roa
Signing time: Wed 03 May 2023 09:56:22 +0000
ROA not before: Wed 03 May 2023 09:56:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204582
IP address blocks: 45.144.44.0/30 maxlen: 30
2a0e:eac0:2101::/48 maxlen: 48
2a0e:eac0:2010::/44 maxlen: 44
2a0e:eac0:2100::/44 maxlen: 44
2a0e:eac0:2000::/44 maxlen: 44
2a0e:eac0:2110::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:0a:a1:bf:e1:f6:54:98:e6:76:27:eb:95:87:42:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Validity
Not Before: May 3 09:56:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4ec2bb23c36c2af083c9b122e0682a04de75695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b1:3b:61:e9:ca:78:48:f3:73:3c:57:ef:18:
a6:fc:4d:7c:e7:0b:56:c5:fe:1a:8a:67:5b:46:44:
eb:67:57:28:38:ed:b7:54:32:9a:c2:ca:26:2e:2e:
1d:f7:16:14:f7:d4:ef:cd:0b:5c:45:ee:94:ec:6e:
e0:bc:7d:c1:1e:94:3f:8b:2a:0e:be:52:4b:0c:72:
11:db:04:82:ae:0b:b8:63:82:93:c6:57:c6:f9:74:
46:13:f9:e1:7f:2c:16:08:f6:b2:96:ff:a2:a0:2a:
38:64:a8:2f:56:c1:f2:0a:82:8a:2a:43:d0:a6:5c:
64:fa:6b:58:d7:5f:7f:0e:83:b4:43:ec:23:cc:46:
9d:e5:3f:af:28:3f:a4:2d:ec:8f:3b:18:03:3a:96:
4b:96:7a:9f:22:25:73:21:05:04:0c:e9:07:a3:cc:
55:a2:21:4c:4e:d5:29:f4:b2:11:cf:ee:1f:44:8d:
58:bc:98:87:2a:a9:e5:52:1b:51:c9:d8:d5:39:f9:
50:5b:82:18:89:90:40:10:9c:65:8b:7f:ab:d7:67:
0c:8a:f6:5f:53:c2:b3:b9:88:7b:ab:e8:e1:75:01:
87:d5:01:2a:e1:34:10:81:3b:c0:bc:d3:79:e7:57:
f7:1b:95:ce:aa:d1:ac:63:95:f2:88:41:12:df:5a:
32:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:EC:2B:B2:3C:36:C2:AF:08:3C:9B:12:2E:06:82:A0:4D:E7:56:95
X509v3 Authority Key Identifier:
keyid:2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/9Owrsjw2wq8IPJsSLgaCoE3nVpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.44.0/30
IPv6:
2a0e:eac0:2000::/43
2a0e:eac0:2100::/43
Signature Algorithm: sha256WithRSAEncryption
67:c3:5e:ff:8c:7e:90:86:a3:78:f2:9e:a1:d0:00:41:da:cc:
d9:fd:57:2a:cd:dd:73:68:2c:87:d1:88:c3:96:11:0a:d4:95:
5c:df:ad:79:70:09:ca:88:b4:44:0c:da:8d:16:b8:61:65:8e:
a8:20:2f:e7:ec:5b:50:a4:73:a8:2b:b5:f5:e2:49:a6:d0:c6:
1e:f8:a0:d6:37:02:12:05:ae:ab:74:c1:20:6e:18:56:06:32:
aa:26:ae:58:c5:da:ef:e8:2d:22:2d:66:3e:75:52:43:18:24:
d8:f4:fb:f0:c3:9f:f6:ca:a8:01:37:7c:9a:cc:4b:5c:a1:8d:
34:65:4d:65:1b:b1:4c:d2:d3:bf:c7:fe:20:2f:d6:61:e0:ea:
a0:bb:d7:81:84:ce:ce:1b:1b:bc:04:d7:8e:a7:e9:4e:ec:49:
fb:d8:79:26:3e:74:38:13:92:11:d3:35:24:fd:d4:b2:87:8d:
00:3c:7f:4c:05:33:8a:f9:3c:17:84:65:26:72:42:3f:34:cc:
5b:e8:cc:be:70:a3:e5:49:fc:2a:bd:d7:e9:a4:b5:f2:9f:b7:
3e:c1:d0:a6:a7:a7:f7:f9:fe:05:f5:15:a9:1f:b5:07:90:31:
30:46:09:39:a0:4d:a1:c3:c6:c0:8f:a0:db:fc:40:cb:e1:bd:
d5:3b:8c:0c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYfhCqG/4fZUmOZ2J+uVh0LVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmQ3ZTUxOTFmODFmZjBhMTlmMTAyYjE3MThhYjRmOWUw
ZWEzYTAwHhcNMjMwNTAzMDk1NjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGVjMmJiMjNjMzZjMmFmMDgzYzliMTIyZTA2ODJhMDRkZTc1Njk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLE7YenKeEjzczxX7xim/E185wtW
xf4aimdbRkTrZ1coOO23VDKawsomLi4d9xYU99TvzQtcRe6U7G7gvH3BHpQ/iyoO
vlJLDHIR2wSCrgu4Y4KTxlfG+XRGE/nhfywWCPaylv+ioCo4ZKgvVsHyCoKKKkPQ
plxk+mtY119/DoO0Q+wjzEad5T+vKD+kLeyPOxgDOpZLlnqfIiVzIQUEDOkHo8xV
oiFMTtUp9LIRz+4fRI1YvJiHKqnlUhtRydjVOflQW4IYiZBAEJxli3+r12cMivZf
U8KzuYh7q+jhdQGH1QEq4TQQgTvAvNN551f3G5XOqtGsY5XyiEES31oyAwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPTsK7I8NsKvCDybEi4GgqBN51aVMB8GA1UdIwQY
MBaAFCttflGR+B/woZ8QKxcYq0+eDqOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAt
MDBjYTMxMjZiM2ZlLzEvOU93cnNqdzJ3cThJUEpzU0xnYUNvRTNuVnBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAtMDBjYTMxMjZiM2Zl
LzEvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTANBAIAATAHAwUCLZAsADAY
BAIAAjASAwcFKg7qwCAAAwcFKg7qwCEAMA0GCSqGSIb3DQEBCwUAA4IBAQBnw17/
jH6QhqN48p6h0ABB2szZ/Vcqzd1zaCyH0YjDlhEK1JVc3615cAnKiLREDNqNFrhh
ZY6oIC/n7FtQpHOoK7X14kmm0MYe+KDWNwISBa6rdMEgbhhWBjKqJq5Yxdrv6C0i
LWY+dVJDGCTY9Pvww5/2yqgBN3yazEtcoY00ZU1lG7FM0tO/x/4gL9Zh4Oqgu9eB
hM7OGxu8BNeOp+lO7En72HkmPnQ4E5IR0zUk/dSyh40APH9MBTOK+TwXhGUmckI/
NMxb6My+cKPlSfwqvdfppLXyn7c+wdCmp6f3+f4F9RWpH7UHkDEwRgk5oE2hw8bA
j6Db/EDL4b3VO4wM
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:09:09 2025 by rpki-client