Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/Z0yVuSfGULiSJQSu3N7YKHP0QG0.roa
File: Z0yVuSfGULiSJQSu3N7YKHP0QG0.roa (raw, json)
Hash identifier: hCsRX0mqwVQofGxs2ZZXn/g04f5ybNsbFL+6EipZMQU=
Subject key identifier: 67:4C:95:B9:27:C6:50:B8:92:25:04:AE:DC:DE:D8:28:73:F4:40:6D
Certificate issuer: /CN=250e7df43c82d120a13d3c865f1f06f49644b1e1
Certificate serial: 0185DE8D41B3A81990E8DCAED5A3B10CED68
Authority key identifier: 25:0E:7D:F4:3C:82:D1:20:A1:3D:3C:86:5F:1F:06:F4:96:44:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JQ599DyC0SChPTyGXx8G9JZEseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/Z0yVuSfGULiSJQSu3N7YKHP0QG0.roa
Signing time: Mon 23 Jan 2023 12:14:37 +0000
ROA not before: Mon 23 Jan 2023 12:14:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60781
IP address blocks: 45.143.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:8d:41:b3:a8:19:90:e8:dc:ae:d5:a3:b1:0c:ed:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=250e7df43c82d120a13d3c865f1f06f49644b1e1
Validity
Not Before: Jan 23 12:14:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=674c95b927c650b8922504aedcded82873f4406d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5e:2f:a6:49:e6:34:d3:1a:c3:46:ee:b4:4f:
f5:59:b0:5d:bd:2a:09:65:5a:3d:bd:ce:09:40:bb:
1e:a0:17:f4:ab:9a:e7:5c:4d:9f:0b:7d:65:d8:ab:
76:44:96:bc:38:4a:7c:90:a5:9d:8b:fa:79:7a:b9:
1d:8f:55:33:0e:66:ea:23:83:5d:c5:83:4c:db:c7:
da:36:3c:ea:b0:d7:45:90:ad:5b:f1:44:79:53:2d:
fd:9f:fa:52:35:07:73:04:a1:d8:c2:a3:2e:da:c1:
ca:b5:94:bb:0d:54:77:14:93:9e:7b:bf:c9:e3:0a:
13:d7:b3:ac:9a:f7:df:3a:87:59:4a:ca:af:f7:ae:
8d:f5:f4:0e:4b:af:5e:3c:72:d9:af:d2:f3:b3:13:
1c:26:6d:ff:03:cf:66:9b:76:6c:47:e7:43:81:c0:
1b:ac:e4:d5:d9:a0:8e:c8:40:02:6b:3d:b0:a3:4c:
bd:eb:0c:08:96:30:56:8f:cf:a0:95:8b:01:e8:d7:
0a:19:0e:30:9f:19:17:84:a2:e4:4f:b2:1c:48:11:
0f:50:7b:46:94:c5:d1:8e:82:27:0b:35:c4:3f:0a:
40:74:62:9e:4c:fa:b7:f8:24:04:69:df:c3:a1:60:
f2:96:68:a0:cb:af:b7:3d:c5:67:b2:f3:ad:c5:55:
af:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:4C:95:B9:27:C6:50:B8:92:25:04:AE:DC:DE:D8:28:73:F4:40:6D
X509v3 Authority Key Identifier:
keyid:25:0E:7D:F4:3C:82:D1:20:A1:3D:3C:86:5F:1F:06:F4:96:44:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQ599DyC0SChPTyGXx8G9JZEseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/Z0yVuSfGULiSJQSu3N7YKHP0QG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/JQ599DyC0SChPTyGXx8G9JZEseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.133.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:a0:8e:b0:58:42:00:86:c9:9b:26:59:15:17:1b:bd:95:ae:
ca:3e:a4:ba:17:60:6d:24:29:4b:ec:46:53:72:00:f6:c8:73:
63:f3:cf:f7:9d:88:81:24:aa:b0:69:88:23:c5:ab:f9:bf:77:
fc:39:7b:8a:2d:77:6b:ae:7e:07:dc:5a:a2:01:4a:0f:42:e7:
8d:5f:bd:57:31:fb:bb:a8:8c:91:d1:7b:53:24:a9:6b:de:f7:
12:b4:86:7e:31:2f:24:db:27:fc:52:da:fc:58:47:df:dd:f7:
c1:b4:a7:7b:96:0e:bb:34:6b:85:d2:cf:c8:2d:e9:82:3b:0d:
00:81:47:25:90:5b:b9:7e:4d:ed:94:1a:d8:1d:23:2c:ab:c9:
80:38:8f:be:69:af:91:62:d0:9f:73:d5:41:50:10:61:b7:38:
8f:88:6a:a2:71:e4:5f:48:71:23:f3:ad:7b:30:fb:de:7b:fa:
09:75:09:ca:fe:e5:66:ad:bd:26:04:da:c2:c8:ca:ab:e9:95:
c6:f4:40:05:e1:d7:a0:a8:53:fc:55:68:24:e7:54:ac:50:a6:
74:d7:76:41:65:58:5e:de:43:ec:02:70:f1:6f:1a:50:89:af:
0e:cb:ca:95:e3:b6:92:32:7d:19:0b:c3:f2:c7:b3:a9:b3:e1:
5a:07:45:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXejUGzqBmQ6Nyu1aOxDO1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MGU3ZGY0M2M4MmQxMjBhMTNkM2M4NjVmMWYwNmY0OTY0
NGIxZTEwHhcNMjMwMTIzMTIxNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzRjOTViOTI3YzY1MGI4OTIyNTA0YWVkY2RlZDgyODczZjQ0MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlF4vpknmNNMaw0butE/1WbBdvSoJ
ZVo9vc4JQLseoBf0q5rnXE2fC31l2Kt2RJa8OEp8kKWdi/p5erkdj1UzDmbqI4Nd
xYNM28faNjzqsNdFkK1b8UR5Uy39n/pSNQdzBKHYwqMu2sHKtZS7DVR3FJOee7/J
4woT17OsmvffOodZSsqv966N9fQOS69ePHLZr9LzsxMcJm3/A89mm3ZsR+dDgcAb
rOTV2aCOyEACaz2wo0y96wwIljBWj8+glYsB6NcKGQ4wnxkXhKLkT7IcSBEPUHtG
lMXRjoInCzXEPwpAdGKeTPq3+CQEad/DoWDylmigy6+3PcVnsvOtxVWv9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGdMlbknxlC4kiUErtze2Chz9EBtMB8GA1UdIwQY
MBaAFCUOffQ8gtEgoT08hl8fBvSWRLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlE1OTlEeUMwU0NoUFR5R1h4OEc5SlpFc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83ZDJlNjQtMTBkOS00YTRlLWE0YzYt
NGE5YmIyZmU3MzMxLzEvWjB5VnVTZkdVTGlTSlFTdTNON1lLSFAwUUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83ZDJlNjQtMTBkOS00YTRlLWE0YzYtNGE5YmIyZmU3MzMx
LzEvSlE1OTlEeUMwU0NoUFR5R1h4OEc5SlpFc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY+FMA0G
CSqGSIb3DQEBCwUAA4IBAQBOoI6wWEIAhsmbJlkVFxu9la7KPqS6F2BtJClL7EZT
cgD2yHNj88/3nYiBJKqwaYgjxav5v3f8OXuKLXdrrn4H3FqiAUoPQueNX71XMfu7
qIyR0XtTJKlr3vcStIZ+MS8k2yf8Utr8WEff3ffBtKd7lg67NGuF0s/ILemCOw0A
gUclkFu5fk3tlBrYHSMsq8mAOI++aa+RYtCfc9VBUBBhtziPiGqiceRfSHEj8617
MPvee/oJdQnK/uVmrb0mBNrCyMqr6ZXG9EAF4degqFP8VWgk51SsUKZ013ZBZVhe
3kPsAnDxbxpQia8Oy8qV47aSMn0ZC8Pyx7Ops+FaB0WV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:39 2025 by rpki-client