Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/R_52L8Eq7AKSkhOdxgpK0EmcpVQ.roa
File: R_52L8Eq7AKSkhOdxgpK0EmcpVQ.roa (raw, json)
Hash identifier: zEdtnYVsc/Ff/42eoBEEygtl/uphfBOAopjtAdsg4Mc=
Subject key identifier: 47:FE:76:2F:C1:2A:EC:02:92:92:13:9D:C6:0A:4A:D0:49:9C:A5:54
Certificate issuer: /CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Certificate serial: 01153DC1
Authority key identifier: 2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/R_52L8Eq7AKSkhOdxgpK0EmcpVQ.roa
Signing time: Mon 07 Mar 2022 07:24:24 +0000
ROA not before: Mon 07 Mar 2022 07:24:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204582
IP address blocks: 45.144.44.0/30 maxlen: 30
2a0e:eac0:2101::/48 maxlen: 48
2a0e:eac0:2100::/44 maxlen: 44
2a0e:eac0:2000::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18169281 (0x1153dc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Validity
Not Before: Mar 7 07:24:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47fe762fc12aec029292139dc60a4ad0499ca554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:39:11:85:5b:a4:93:99:1e:72:e5:46:6f:30:
eb:3f:6a:21:82:61:53:4b:3f:ff:a9:18:1d:d1:0b:
c9:30:7c:c2:70:7a:4f:d0:d9:2a:4b:6a:15:0b:04:
f9:5c:6c:f7:c8:37:9f:ab:10:06:7a:8d:6e:90:d5:
a1:93:d9:91:81:ba:d9:1f:24:80:63:f1:d5:54:3f:
3a:96:b7:1c:2c:46:4f:c6:22:56:22:c9:c3:61:a1:
15:85:95:88:92:d2:b9:47:e4:7c:34:2c:cd:bf:ce:
2b:65:a4:dd:35:61:b9:e0:e4:c4:35:11:44:15:56:
4f:2c:b4:67:9d:bc:4d:87:70:e1:57:8e:b0:2f:6d:
39:e3:97:41:5f:47:cd:17:d1:da:b0:f0:b7:57:66:
28:1b:9e:fd:15:a4:3a:65:11:6c:3b:df:ea:cb:9c:
c4:a0:61:c2:2e:70:c8:66:85:5b:6a:ea:b6:6d:b4:
f1:cb:25:b7:6d:86:db:58:e1:bd:44:fc:52:2e:05:
55:68:1f:a3:d0:85:8b:b0:14:59:b8:51:32:7b:bd:
0c:ce:5b:90:c9:d3:74:38:46:7d:5b:eb:b2:a6:76:
6d:6b:47:47:a0:3c:6b:d1:76:e9:3b:ed:34:3f:9c:
b1:6f:68:ca:7e:47:21:83:bf:dd:af:c4:75:aa:d4:
a2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:FE:76:2F:C1:2A:EC:02:92:92:13:9D:C6:0A:4A:D0:49:9C:A5:54
X509v3 Authority Key Identifier:
keyid:2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/R_52L8Eq7AKSkhOdxgpK0EmcpVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.44.0/30
IPv6:
2a0e:eac0:2000::/44
2a0e:eac0:2100::/44
Signature Algorithm: sha256WithRSAEncryption
3c:c0:9f:96:cc:dd:cc:8e:d0:cf:47:6f:ca:d2:86:89:ad:ac:
93:11:59:0a:06:20:56:67:93:e0:74:61:b4:75:a7:6d:12:2f:
a1:54:85:d0:1d:0e:7c:1f:22:37:dd:df:7f:a6:c3:98:f8:ac:
6b:fb:b3:a3:3d:13:db:5b:b4:fd:6b:c9:36:9e:ee:9d:f0:4a:
a5:b1:83:43:b0:9d:70:3d:bc:e7:f6:62:99:a3:db:70:03:83:
f1:68:bc:8f:0f:7d:1b:f3:b6:d5:37:da:89:f1:85:2b:e3:f9:
62:d0:39:89:88:a3:ee:d9:8a:ab:b0:0e:cc:67:b1:14:80:fe:
84:23:63:c4:b3:47:1f:a3:9a:08:90:61:dd:0b:2a:c3:f6:46:
7e:fc:66:ce:38:26:2a:87:d1:ac:5b:9e:db:2c:c6:19:46:bf:
89:25:0f:1a:bb:42:33:9e:e8:c8:7c:49:08:23:af:44:69:41:
9a:a8:3b:3d:8d:7b:ae:a3:60:60:7b:68:80:4f:0a:60:70:c4:
73:44:d8:05:96:24:45:b7:c5:d8:72:04:46:9f:cc:c5:42:9b:
34:01:1f:2d:d1:03:15:17:bb:76:ed:e2:90:b3:84:9b:31:19:
d5:30:48:ff:c9:14:69:58:00:38:51:f3:38:5a:5a:1e:93:45:
95:5b:93:73
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEARU9wTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjZkN2U1MTkxZjgxZmYwYTE5ZjEwMmIxNzE4YWI0ZjllMGVhM2EwMB4XDTIyMDMw
NzA3MjQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdmZTc2MmZjMTJh
ZWMwMjkyOTIxMzlkYzYwYTRhZDA0OTljYTU1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOE5EYVbpJOZHnLlRm8w6z9qIYJhU0s//6kYHdELyTB8wnB6
T9DZKktqFQsE+Vxs98g3n6sQBnqNbpDVoZPZkYG62R8kgGPx1VQ/Opa3HCxGT8Yi
ViLJw2GhFYWViJLSuUfkfDQszb/OK2Wk3TVhueDkxDURRBVWTyy0Z528TYdw4VeO
sC9tOeOXQV9HzRfR2rDwt1dmKBue/RWkOmURbDvf6sucxKBhwi5wyGaFW2rqtm20
8cslt22G21jhvUT8Ui4FVWgfo9CFi7AUWbhRMnu9DM5bkMnTdDhGfVvrsqZ2bWtH
R6A8a9F26TvtND+csW9oyn5HIYO/3a/EdarUoocCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRH/nYvwSrsApKSE53GCkrQSZylVDAfBgNVHSMEGDAWgBQrbX5Rkfgf8KGf
ECsXGKtPng6joDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0syMS1VWkg0SF9DaG54QXJGeGlyVDU0T282QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvYWIzMTU2LWIwNjEtNDlmYy1iMWYwLTAwY2EzMTI2YjNmZS8x
L1JfNTJMOEVxN0FLU2toT2R4Z3BLMEVtY3BWUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
YWIzMTU2LWIwNjEtNDlmYy1iMWYwLTAwY2EzMTI2YjNmZS8xL0syMS1VWkg0SF9D
aG54QXJGeGlyVDU0T282QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwDQQCAAEwBwMFAi2QLAAwGAQCAAIwEgMHBCoO6sAg
AAMHBCoO6sAhADANBgkqhkiG9w0BAQsFAAOCAQEAPMCflszdzI7Qz0dvytKGia2s
kxFZCgYgVmeT4HRhtHWnbRIvoVSF0B0OfB8iN93ff6bDmPisa/uzoz0T21u0/WvJ
Np7unfBKpbGDQ7CdcD285/ZimaPbcAOD8Wi8jw99G/O21TfaifGFK+P5YtA5iYij
7tmKq7AOzGexFID+hCNjxLNHH6OaCJBh3Qsqw/ZGfvxmzjgmKofRrFue2yzGGUa/
iSUPGrtCM57oyHxJCCOvRGlBmqg7PY17rqNgYHtogE8KYHDEc0TYBZYkRbfF2HIE
Rp/MxUKbNAEfLdEDFRe7du3ikLOEmzEZ1TBI/8kUaVgAOFHzOFpaHpNFlVuTcw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:27 2025 by rpki-client