Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/1ZVl4ybPrIk_n1FoVEHgVBjLKnQ.roa
File: 1ZVl4ybPrIk_n1FoVEHgVBjLKnQ.roa (raw, json)
Hash identifier: d37xpwyI0rOWjbssh2AX8j3TIbQECQ7znq9AlkQGh78=
Subject key identifier: D5:95:65:E3:26:CF:AC:89:3F:9F:51:68:54:41:E0:54:18:CB:2A:74
Certificate issuer: /CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Certificate serial: 018AEA11A64D540EA1AD6CA3E876474C91CA
Authority key identifier: 74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/1ZVl4ybPrIk_n1FoVEHgVBjLKnQ.roa
Signing time: Sun 01 Oct 2023 07:08:59 +0000
ROA not before: Sun 01 Oct 2023 07:08:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210392
IP address blocks: 45.144.16.0/23 maxlen: 23
45.144.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ea:11:a6:4d:54:0e:a1:ad:6c:a3:e8:76:47:4c:91:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Validity
Not Before: Oct 1 07:08:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d59565e326cfac893f9f51685441e05418cb2a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:37:39:16:6b:8f:7f:e1:b9:80:d4:59:cb:7a:
40:ea:0b:58:36:d6:87:6e:eb:60:f3:5f:02:d2:da:
af:f6:de:0d:97:9b:63:94:5e:51:d0:bb:ac:5a:8c:
5a:70:9e:35:69:96:f5:7e:d1:1f:48:58:15:8d:24:
6f:0e:91:63:96:56:5a:f9:6a:0b:6d:fc:8c:2b:90:
71:b0:97:28:41:88:3c:9f:bd:1e:24:4f:2e:15:34:
65:3e:b1:ab:1a:8b:e0:f3:1b:db:56:7d:a4:2e:08:
25:79:de:4c:93:fc:15:e8:5f:d9:b3:42:9e:a9:b2:
03:e4:05:b8:f2:51:ef:b0:ea:94:80:89:1a:e6:90:
bb:d6:cc:4e:1a:04:87:0f:7d:19:3f:ff:3e:22:38:
08:69:52:6b:cf:60:f8:6b:c1:d1:93:72:41:ae:4a:
81:58:21:73:6d:36:a6:dc:9b:b0:da:d8:a1:2a:fe:
50:44:a4:c6:1e:e5:8f:23:f8:f3:16:00:e8:a0:e4:
9b:7c:89:00:41:7a:0d:d3:82:26:af:d6:48:4c:2f:
88:a1:35:0e:a7:8a:e2:3b:41:46:f2:a0:e9:f3:c5:
93:41:d4:e2:c8:eb:62:a6:ea:03:e6:ab:45:c4:f2:
ea:d8:6d:f2:df:10:1f:25:84:63:58:f5:a4:d8:97:
69:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:95:65:E3:26:CF:AC:89:3F:9F:51:68:54:41:E0:54:18:CB:2A:74
X509v3 Authority Key Identifier:
keyid:74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/1ZVl4ybPrIk_n1FoVEHgVBjLKnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/dLTNPt9SHfjsChURESctP7kbmcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.16.0/23
45.144.19.0/24
Signature Algorithm: sha256WithRSAEncryption
04:a2:65:78:98:56:66:dd:f7:bb:3e:89:fd:52:84:e2:fa:07:
d4:5c:24:98:c2:da:f4:7c:9c:17:43:0f:12:d5:3c:06:64:21:
6c:d5:47:d9:c8:56:dd:cf:e1:59:94:b2:f9:e8:0d:c2:39:c8:
85:9b:7b:ea:35:c1:3c:ac:72:4f:83:71:d6:ff:f3:77:1e:50:
3d:da:37:57:95:4f:43:76:a3:17:88:bd:6e:0d:dc:64:36:12:
81:e8:47:ce:e7:dc:42:04:6a:ab:dd:2c:f3:90:64:49:7a:89:
1e:8f:49:12:9b:75:98:c8:39:ec:6c:08:d3:93:27:02:e9:e0:
e1:67:b2:01:90:e8:4d:85:f7:20:a4:19:7e:9a:3c:ca:ba:1f:
fc:93:16:88:b2:10:04:9d:28:b4:98:00:02:71:02:29:e3:42:
a5:cb:b4:36:1c:92:9a:bb:5d:26:1c:10:70:52:8a:ba:b6:42:
25:c0:b6:94:9b:e0:48:ed:3f:28:c9:0b:95:c0:b4:c7:cb:65:
b0:f5:b6:e1:5c:66:df:ee:20:7c:86:31:6b:6b:53:40:7a:86:
32:d1:de:79:30:f3:90:0a:cc:6d:ca:08:e2:1f:45:8e:8a:25:
60:e9:9b:2d:cb:46:33:33:b4:e3:ef:06:e3:f1:a5:4f:bb:ef:
59:ab:1b:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrqEaZNVA6hrWyj6HZHTJHKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjRjZDNlZGY1MjFkZjhlYzBhMTUxMTExMjcyZDNmYjkx
Yjk5YzMwHhcNMjMxMDAxMDcwODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk1NjVlMzI2Y2ZhYzg5M2Y5ZjUxNjg1NDQxZTA1NDE4Y2IyYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDc5FmuPf+G5gNRZy3pA6gtYNtaH
butg818C0tqv9t4Nl5tjlF5R0LusWoxacJ41aZb1ftEfSFgVjSRvDpFjllZa+WoL
bfyMK5BxsJcoQYg8n70eJE8uFTRlPrGrGovg8xvbVn2kLggled5Mk/wV6F/Zs0Ke
qbID5AW48lHvsOqUgIka5pC71sxOGgSHD30ZP/8+IjgIaVJrz2D4a8HRk3JBrkqB
WCFzbTam3Juw2tihKv5QRKTGHuWPI/jzFgDooOSbfIkAQXoN04Imr9ZITC+IoTUO
p4riO0FG8qDp88WTQdTiyOtipuoD5qtFxPLq2G3y3xAfJYRjWPWk2JdpJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNWVZeMmz6yJP59RaFRB4FQYyyp0MB8GA1UdIwQY
MBaAFHS0zT7fUh347AoVEREnLT+5G5nDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMt
ZTJhN2ZiODQ4MzE4LzEvMVpWbDR5YlBySWtfbjFGb1ZFSGdWQmpMS25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMtZTJhN2ZiODQ4MzE4
LzEvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZAQAwQA
LZATMA0GCSqGSIb3DQEBCwUAA4IBAQAEomV4mFZm3fe7Pon9UoTi+gfUXCSYwtr0
fJwXQw8S1TwGZCFs1UfZyFbdz+FZlLL56A3COciFm3vqNcE8rHJPg3HW//N3HlA9
2jdXlU9DdqMXiL1uDdxkNhKB6EfO59xCBGqr3SzzkGRJeokej0kSm3WYyDnsbAjT
kycC6eDhZ7IBkOhNhfcgpBl+mjzKuh/8kxaIshAEnSi0mAACcQIp40Kly7Q2HJKa
u10mHBBwUoq6tkIlwLaUm+BI7T8oyQuVwLTHy2Ww9bbhXGbf7iB8hjFra1NAeoYy
0d55MPOQCsxtygjiH0WOiiVg6Zsty0YzM7Tj7wbj8aVPu+9ZqxtS
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:39:32 2025 by rpki-client