Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/PZm925gGaGxpQL5Tfxftp8T4E_Q.roa
File: PZm925gGaGxpQL5Tfxftp8T4E_Q.roa (raw, json)
Hash identifier: L35XZRbpEnIpgU/KiXwXyuamAhoVdU+8jZtW3jJumR0=
Subject key identifier: 3D:99:BD:DB:98:06:68:6C:69:40:BE:53:7F:17:ED:A7:C4:F8:13:F4
Certificate issuer: /CN=cb335dc6feb385f6a23344056a13c2c595028e91
Certificate serial: 01870BCA1A02A0C8C3434F216572EF2ADD10
Authority key identifier: CB:33:5D:C6:FE:B3:85:F6:A2:33:44:05:6A:13:C2:C5:95:02:8E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzNdxv6zhfaiM0QFahPCxZUCjpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/PZm925gGaGxpQL5Tfxftp8T4E_Q.roa
Signing time: Thu 23 Mar 2023 00:06:46 +0000
ROA not before: Thu 23 Mar 2023 00:06:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41652
IP address blocks: 45.80.2.0/24 maxlen: 24
45.80.0.0/22 maxlen: 22
2a0e:3780::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0b:ca:1a:02:a0:c8:c3:43:4f:21:65:72:ef:2a:dd:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb335dc6feb385f6a23344056a13c2c595028e91
Validity
Not Before: Mar 23 00:06:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d99bddb9806686c6940be537f17eda7c4f813f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:31:3b:65:92:41:f6:0f:7d:89:0b:20:cd:b2:
f4:68:a7:b0:e1:a1:80:61:5c:e7:e6:6c:c8:6e:54:
e4:1a:40:78:86:54:1e:22:ee:54:24:c7:05:01:e2:
69:a0:a7:d7:e4:7a:28:33:f2:d9:2f:f2:67:c2:09:
52:99:ad:87:30:d1:df:d7:a8:45:5b:80:5a:e8:bc:
27:f2:d4:11:15:4c:f5:28:74:10:79:0f:fd:0d:81:
93:f5:b1:e5:a6:e2:b1:b2:17:cb:5c:e4:bd:0b:6f:
2e:c4:ae:41:48:40:6a:97:14:07:5b:5c:5c:46:6e:
a1:7e:e1:db:1c:e3:c4:eb:66:37:29:8d:e5:4c:8a:
5f:d8:6c:8a:f6:06:99:39:37:ee:6f:48:43:32:92:
c5:c2:05:99:54:17:ef:ad:85:bc:4a:03:c2:ed:6c:
a9:2e:33:19:8a:47:d8:75:dc:ae:50:38:14:36:a8:
f2:31:07:ed:ec:90:90:4d:36:85:49:81:4c:24:b7:
bb:1c:ad:d1:9e:44:1a:0c:9f:e7:8d:e2:1a:8b:b1:
8e:9b:2d:38:4c:39:ad:77:e5:ab:81:b0:91:69:ce:
e9:7a:a5:76:5f:bb:02:e5:fa:9e:17:7f:fc:79:dd:
d9:05:65:3f:a0:52:39:5b:3d:5a:ce:07:5e:dc:5a:
62:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:99:BD:DB:98:06:68:6C:69:40:BE:53:7F:17:ED:A7:C4:F8:13:F4
X509v3 Authority Key Identifier:
keyid:CB:33:5D:C6:FE:B3:85:F6:A2:33:44:05:6A:13:C2:C5:95:02:8E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzNdxv6zhfaiM0QFahPCxZUCjpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/PZm925gGaGxpQL5Tfxftp8T4E_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/yzNdxv6zhfaiM0QFahPCxZUCjpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.0.0/22
IPv6:
2a0e:3780::/36
Signature Algorithm: sha256WithRSAEncryption
9d:86:a0:b3:36:ac:12:f6:a9:8d:12:09:b4:3d:b8:bc:03:d7:
b0:f9:93:be:02:24:72:e5:64:72:28:75:e4:07:be:ef:2e:35:
7e:bd:4f:c0:95:81:03:19:80:8a:14:22:12:d6:0b:d6:17:d8:
6b:15:fa:97:f4:81:b7:32:be:ea:8a:97:81:96:4d:7d:78:f0:
ce:a6:71:05:24:37:a1:b0:be:ac:fe:ab:64:56:b1:51:25:c7:
14:80:8b:99:43:af:d4:6c:1b:d9:a0:16:d6:c4:7a:2b:7a:19:
03:df:d0:75:67:9e:b3:c1:1d:3f:c6:33:1c:18:52:11:ab:66:
b1:5e:a2:4b:ef:c3:ac:76:c0:41:0e:9b:85:03:5e:ba:94:da:
b1:6f:36:1d:cc:0d:74:9f:aa:97:31:aa:f3:92:cb:43:b4:e1:
47:75:8f:f9:d9:d0:ed:f2:5c:d3:37:7f:fe:6c:79:79:53:8a:
94:e8:7b:e0:39:6e:26:76:20:97:99:df:61:26:33:77:bf:7f:
e6:b7:6a:ad:55:39:a7:f6:67:92:5f:7e:40:59:c3:58:42:96:
66:d4:22:18:a4:f9:89:2d:40:a8:98:cd:a1:1c:cd:5c:7d:60:
db:e6:0b:c0:68:8c:56:bb:f0:83:14:bf:e0:98:4c:e7:60:3b:
0a:97:ec:9d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYcLyhoCoMjDQ08hZXLvKt0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzM1ZGM2ZmViMzg1ZjZhMjMzNDQwNTZhMTNjMmM1OTUw
MjhlOTEwHhcNMjMwMzIzMDAwNjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDk5YmRkYjk4MDY2ODZjNjk0MGJlNTM3ZjE3ZWRhN2M0ZjgxM2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTE7ZZJB9g99iQsgzbL0aKew4aGA
YVzn5mzIblTkGkB4hlQeIu5UJMcFAeJpoKfX5HooM/LZL/JnwglSma2HMNHf16hF
W4Ba6Lwn8tQRFUz1KHQQeQ/9DYGT9bHlpuKxshfLXOS9C28uxK5BSEBqlxQHW1xc
Rm6hfuHbHOPE62Y3KY3lTIpf2GyK9gaZOTfub0hDMpLFwgWZVBfvrYW8SgPC7Wyp
LjMZikfYddyuUDgUNqjyMQft7JCQTTaFSYFMJLe7HK3RnkQaDJ/njeIai7GOmy04
TDmtd+WrgbCRac7peqV2X7sC5fqeF3/8ed3ZBWU/oFI5Wz1azgde3Fpi3QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFD2ZvduYBmhsaUC+U38X7afE+BP0MB8GA1UdIwQY
MBaAFMszXcb+s4X2ojNEBWoTwsWVAo6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpOZHh2NnpoZmFpTTBRRmFoUEN4WlVDanBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9mYTM0MmUtYjNiYy00MzczLThjNmIt
ODg1NGM4MmI1NDVkLzEvUFptOTI1Z0dhR3hwUUw1VGZ4ZnRwOFQ0RV9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9mYTM0MmUtYjNiYy00MzczLThjNmItODg1NGM4MmI1NDVk
LzEveXpOZHh2NnpoZmFpTTBRRmFoUEN4WlVDanBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCLVAAMA4E
AgACMAgDBgQqDjeAADANBgkqhkiG9w0BAQsFAAOCAQEAnYagszasEvapjRIJtD24
vAPXsPmTvgIkcuVkcih15Ae+7y41fr1PwJWBAxmAihQiEtYL1hfYaxX6l/SBtzK+
6oqXgZZNfXjwzqZxBSQ3obC+rP6rZFaxUSXHFICLmUOv1Gwb2aAW1sR6K3oZA9/Q
dWees8EdP8YzHBhSEatmsV6iS+/DrHbAQQ6bhQNeupTasW82HcwNdJ+qlzGq85LL
Q7ThR3WP+dnQ7fJc0zd//mx5eVOKlOh74DluJnYgl5nfYSYzd79/5rdqrVU5p/Zn
kl9+QFnDWEKWZtQiGKT5iS1AqJjNoRzNXH1g2+YLwGiMVrvwgxS/4JhM52A7Cpfs
nQ==
-----END CERTIFICATE-----
Generated at Tue Feb 18 13:30:40 2025 by rpki-client