Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/ey5cm7yWLpHqTq40e2fWyAdJIMY.roa
File: ey5cm7yWLpHqTq40e2fWyAdJIMY.roa (raw, json)
Hash identifier: YfK1LRrM7e6LvNtDXX1xt3iwUq3lKIwPFUKlHo+0G8Y=
Subject key identifier: 7B:2E:5C:9B:BC:96:2E:91:EA:4E:AE:34:7B:67:D6:C8:07:49:20:C6
Certificate issuer: /CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Certificate serial: 01856ECBA4D563E23E283B409ED91121F37A
Authority key identifier: 2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/ey5cm7yWLpHqTq40e2fWyAdJIMY.roa
Signing time: Sun 01 Jan 2023 19:25:17 +0000
ROA not before: Sun 01 Jan 2023 19:25:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204582
IP address blocks: 45.144.44.0/30 maxlen: 30
2a0e:eac0:2101::/48 maxlen: 48
2a0e:eac0:2020::/44 maxlen: 44
2a0e:eac0:2110::/44 maxlen: 44
2a0e:eac0:2000::/44 maxlen: 44
2a0e:eac0:2100::/44 maxlen: 44
2a0e:eac0:2010::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:a4:d5:63:e2:3e:28:3b:40:9e:d9:11:21:f3:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Validity
Not Before: Jan 1 19:25:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b2e5c9bbc962e91ea4eae347b67d6c8074920c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:19:8d:89:94:0b:42:23:3e:11:99:ea:60:6b:
a5:64:35:6a:bb:9c:70:a8:ab:ac:78:6d:0d:91:5d:
10:ea:1a:0c:8a:90:37:fd:ce:06:61:ba:4e:ba:c5:
0f:90:54:19:e4:95:72:46:86:a9:5a:bc:84:de:f2:
67:1e:fe:52:82:1b:70:dc:42:ff:a7:22:4c:68:8c:
c9:9c:3e:c5:72:cd:d0:89:05:8a:43:3d:0f:10:47:
b2:85:9f:92:13:d6:a2:60:03:b2:69:50:0b:1e:06:
ec:48:63:a8:ac:df:78:ce:11:a2:1f:51:0c:8c:e5:
82:29:54:99:d9:ee:ce:df:72:01:5b:17:d0:99:91:
27:cb:37:dd:3c:cd:df:cf:6d:eb:76:08:f8:e9:50:
4b:56:83:6e:24:01:58:45:ed:d6:34:e5:f0:fa:49:
c5:5b:17:e2:63:4a:07:0e:67:23:e8:75:d4:98:ee:
33:7f:db:de:28:41:9b:eb:12:6d:f8:ea:7d:bb:d3:
ba:1d:82:83:9f:01:f4:b8:b4:cf:a7:99:fb:3e:71:
93:be:9f:75:71:25:36:0f:be:12:5f:73:fd:01:6e:
95:62:e3:4c:ab:0a:22:e3:0d:93:00:4a:25:62:9a:
ea:cf:4f:77:a3:82:cf:21:89:0f:1d:aa:70:60:5a:
aa:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:2E:5C:9B:BC:96:2E:91:EA:4E:AE:34:7B:67:D6:C8:07:49:20:C6
X509v3 Authority Key Identifier:
keyid:2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/ey5cm7yWLpHqTq40e2fWyAdJIMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.44.0/30
IPv6:
2a0e:eac0:2000::-2a0e:eac0:202f:ffff:ffff:ffff:ffff:ffff
2a0e:eac0:2100::/43
Signature Algorithm: sha256WithRSAEncryption
60:65:bc:f7:02:b5:72:14:c2:85:9d:33:dc:45:a3:7b:f9:f7:
b3:97:69:31:b8:e5:43:b5:9c:1a:ed:ae:8f:d7:68:78:66:41:
15:f9:08:b1:d6:d6:89:93:94:b2:33:0e:1b:c7:42:a6:9b:33:
68:94:18:1b:a6:ea:8f:51:44:43:a3:76:6e:67:bc:48:ab:d2:
96:d6:90:4c:f3:cf:c3:e4:ce:0f:75:93:9a:d0:77:19:c5:67:
5b:c5:78:23:79:c8:98:cf:3b:5f:52:cb:09:4d:8a:00:35:4f:
20:dd:b1:6f:a4:f3:19:d6:93:af:9b:1b:22:67:eb:0d:93:dc:
df:7d:dd:a7:78:e7:8c:00:93:69:70:8b:23:e1:7f:f9:97:6a:
e6:d1:c3:1f:d3:00:0f:18:63:6e:32:26:02:22:45:10:2c:16:
fc:3b:e3:7e:6e:66:39:be:04:22:a5:b1:3c:9d:7e:56:b7:01:
a6:90:d0:76:13:92:25:d3:7b:42:51:a0:06:b6:f7:49:93:64:
91:d1:bb:2f:49:44:d4:36:31:2b:0f:b8:2a:09:cc:c1:74:ef:
96:3b:73:f1:45:ec:31:ec:93:a4:ae:28:6a:8c:08:96:ee:c8:
b0:94:5f:2d:6a:26:44:be:b9:28:6e:e0:89:67:d7:da:63:2a:
f8:b5:79:e0
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYVuy6TVY+I+KDtAntkRIfN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmQ3ZTUxOTFmODFmZjBhMTlmMTAyYjE3MThhYjRmOWUw
ZWEzYTAwHhcNMjMwMTAxMTkyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjJlNWM5YmJjOTYyZTkxZWE0ZWFlMzQ3YjY3ZDZjODA3NDkyMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxmNiZQLQiM+EZnqYGulZDVqu5xw
qKuseG0NkV0Q6hoMipA3/c4GYbpOusUPkFQZ5JVyRoapWryE3vJnHv5Sghtw3EL/
pyJMaIzJnD7Fcs3QiQWKQz0PEEeyhZ+SE9aiYAOyaVALHgbsSGOorN94zhGiH1EM
jOWCKVSZ2e7O33IBWxfQmZEnyzfdPM3fz23rdgj46VBLVoNuJAFYRe3WNOXw+knF
WxfiY0oHDmcj6HXUmO4zf9veKEGb6xJt+Op9u9O6HYKDnwH0uLTPp5n7PnGTvp91
cSU2D74SX3P9AW6VYuNMqwoi4w2TAEolYprqz093o4LPIYkPHapwYFqqkwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFHsuXJu8li6R6k6uNHtn1sgHSSDGMB8GA1UdIwQY
MBaAFCttflGR+B/woZ8QKxcYq0+eDqOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAt
MDBjYTMxMjZiM2ZlLzEvZXk1Y203eVdMcEhxVHE0MGUyZld5QWRKSU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAtMDBjYTMxMjZiM2Zl
LzEvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzANBAIAATAHAwUCLZAsADAi
BAIAAjAcMBEDBgUqDurAIAMHBCoO6sAgIAMHBSoO6sAhADANBgkqhkiG9w0BAQsF
AAOCAQEAYGW89wK1chTChZ0z3EWje/n3s5dpMbjlQ7WcGu2uj9doeGZBFfkIsdbW
iZOUsjMOG8dCppszaJQYG6bqj1FEQ6N2bme8SKvSltaQTPPPw+TOD3WTmtB3GcVn
W8V4I3nImM87X1LLCU2KADVPIN2xb6TzGdaTr5sbImfrDZPc333dp3jnjACTaXCL
I+F/+Zdq5tHDH9MADxhjbjImAiJFECwW/Dvjfm5mOb4EIqWxPJ1+VrcBppDQdhOS
JdN7QlGgBrb3SZNkkdG7L0lE1DYxKw+4KgnMwXTvljtz8UXsMeyTpK4oaowIlu7I
sJRfLWomRL65KG7giWfX2mMq+LV54A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:25 2025 by rpki-client