Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/f14bc3-1f96-4da8-a16f-7b45be0465aa/1/zS00Y8MAj34Xg_DdT2RdMFF4ipo.roa
File: zS00Y8MAj34Xg_DdT2RdMFF4ipo.roa (raw, json)
Hash identifier: YYIlWSkg3KVecvRYkQyEHKSURw/9fv3iibNsAVLfTw4=
Subject key identifier: CD:2D:34:63:C3:00:8F:7E:17:83:F0:DD:4F:64:5D:30:51:78:8A:9A
Certificate issuer: /CN=076b0185cabb66843d67f88601bc0a79a2eebcad
Certificate serial: 01856F1DBA8DCDC2396C29C3A0FDCDAD4E49
Authority key identifier: 07:6B:01:85:CA:BB:66:84:3D:67:F8:86:01:BC:0A:79:A2:EE:BC:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B2sBhcq7ZoQ9Z_iGAbwKeaLuvK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/f14bc3-1f96-4da8-a16f-7b45be0465aa/1/zS00Y8MAj34Xg_DdT2RdMFF4ipo.roa
Signing time: Sun 01 Jan 2023 20:54:57 +0000
ROA not before: Sun 01 Jan 2023 20:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202942
IP address blocks: 185.135.224.0/22 maxlen: 24
45.9.64.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:ba:8d:cd:c2:39:6c:29:c3:a0:fd:cd:ad:4e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=076b0185cabb66843d67f88601bc0a79a2eebcad
Validity
Not Before: Jan 1 20:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd2d3463c3008f7e1783f0dd4f645d3051788a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:74:83:cc:83:c2:e0:01:6e:ec:61:b7:dd:97:
b8:6b:bd:2d:e6:ba:b2:75:67:e4:5a:68:45:0e:7a:
2a:4d:39:53:7a:99:25:45:b6:b3:c4:39:d2:a8:14:
1e:4a:46:99:2e:13:7e:1d:44:93:0d:0f:b4:59:49:
a5:b6:9c:d6:9c:a9:23:86:d3:c3:d3:63:bf:5e:eb:
03:f6:e3:83:45:93:95:89:a7:81:7d:c1:19:0a:6d:
8b:d6:a7:d5:4d:6a:ea:62:a1:4d:67:8b:af:26:ac:
2f:f2:40:7a:e6:4c:72:29:82:2c:28:ce:ff:41:26:
c7:f9:5d:85:ce:56:85:09:1e:69:2f:40:08:dd:99:
8f:3a:1c:25:3e:a9:6f:d7:7d:30:5f:82:65:0a:3c:
eb:8c:73:b5:a2:19:29:68:b8:7e:8c:c5:6a:84:d9:
bd:fc:59:bd:93:6e:4b:11:36:b8:02:1d:fa:7c:c7:
6a:1f:c7:e5:25:26:2b:01:ee:29:96:a4:21:fa:9d:
e3:61:3f:7f:51:24:3c:2c:a2:8a:64:af:69:10:bc:
1b:85:c3:66:30:e7:2b:a5:f5:79:58:db:20:6a:23:
15:5a:06:ca:15:5e:bb:30:ff:94:47:ad:4b:83:ce:
07:97:58:ac:5e:0d:1e:62:a3:7b:ce:06:0f:fb:4e:
13:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2D:34:63:C3:00:8F:7E:17:83:F0:DD:4F:64:5D:30:51:78:8A:9A
X509v3 Authority Key Identifier:
keyid:07:6B:01:85:CA:BB:66:84:3D:67:F8:86:01:BC:0A:79:A2:EE:BC:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B2sBhcq7ZoQ9Z_iGAbwKeaLuvK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f14bc3-1f96-4da8-a16f-7b45be0465aa/1/zS00Y8MAj34Xg_DdT2RdMFF4ipo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f14bc3-1f96-4da8-a16f-7b45be0465aa/1/B2sBhcq7ZoQ9Z_iGAbwKeaLuvK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.64.0/22
185.135.224.0/22
Signature Algorithm: sha256WithRSAEncryption
56:50:fa:fe:9e:f2:9e:23:ae:8c:29:ad:e8:aa:aa:aa:d8:d0:
47:9e:ed:f5:6d:94:75:05:1f:b3:8a:0b:ce:81:48:33:80:a5:
b3:43:44:56:64:92:43:06:fc:e3:6c:1f:80:07:58:d8:41:42:
8a:3b:be:71:9e:b1:eb:a7:49:4a:d5:af:2a:cd:6c:d1:eb:f9:
42:76:e2:6f:86:9d:4e:29:14:e5:69:66:23:76:b2:07:a9:3b:
d0:27:75:2f:43:cb:70:7b:f7:d3:75:3a:a1:ef:05:84:13:e4:
0e:bf:dc:fe:fe:2a:7b:81:54:52:ad:bb:5a:b9:4b:31:b6:7c:
8a:4c:4e:30:a2:a3:5a:d5:d3:95:8d:76:07:2b:1c:28:8e:e8:
bd:5b:08:08:be:41:74:89:6e:3e:7f:9f:c2:12:07:29:69:30:
e9:71:7a:da:fd:63:8a:2b:0b:da:6f:67:a3:19:b6:6b:35:ad:
09:d6:f3:ef:71:c1:da:81:27:a0:f9:37:84:3b:02:70:f0:28:
62:ce:9d:61:23:b6:39:c0:fe:45:13:74:a9:cb:c6:71:e8:52:
49:a9:91:04:49:b1:1c:b6:f8:58:ba:6b:22:9e:91:6f:a0:19:
67:58:42:00:66:cc:88:b6:09:bf:19:ec:42:3c:64:d8:0c:fd:
8e:a9:e0:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvHbqNzcI5bCnDoP3NrU5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NmIwMTg1Y2FiYjY2ODQzZDY3Zjg4NjAxYmMwYTc5YTJl
ZWJjYWQwHhcNMjMwMTAxMjA1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDJkMzQ2M2MzMDA4ZjdlMTc4M2YwZGQ0ZjY0NWQzMDUxNzg4YTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXSDzIPC4AFu7GG33Ze4a70t5rqy
dWfkWmhFDnoqTTlTepklRbazxDnSqBQeSkaZLhN+HUSTDQ+0WUmltpzWnKkjhtPD
02O/XusD9uODRZOViaeBfcEZCm2L1qfVTWrqYqFNZ4uvJqwv8kB65kxyKYIsKM7/
QSbH+V2FzlaFCR5pL0AI3ZmPOhwlPqlv130wX4JlCjzrjHO1ohkpaLh+jMVqhNm9
/Fm9k25LETa4Ah36fMdqH8flJSYrAe4plqQh+p3jYT9/USQ8LKKKZK9pELwbhcNm
MOcrpfV5WNsgaiMVWgbKFV67MP+UR61Lg84Hl1isXg0eYqN7zgYP+04TIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM0tNGPDAI9+F4Pw3U9kXTBReIqaMB8GA1UdIwQY
MBaAFAdrAYXKu2aEPWf4hgG8Cnmi7rytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjJzQmhjcTdab1E5Wl9pR0Fid0tlYUx1dkswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9mMTRiYzMtMWY5Ni00ZGE4LWExNmYt
N2I0NWJlMDQ2NWFhLzEvelMwMFk4TUFqMzRYZ19EZFQyUmRNRkY0aXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9mMTRiYzMtMWY5Ni00ZGE4LWExNmYtN2I0NWJlMDQ2NWFh
LzEvQjJzQmhjcTdab1E5Wl9pR0Fid0tlYUx1dkswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQlAAwQC
uYfgMA0GCSqGSIb3DQEBCwUAA4IBAQBWUPr+nvKeI66MKa3oqqqq2NBHnu31bZR1
BR+zigvOgUgzgKWzQ0RWZJJDBvzjbB+AB1jYQUKKO75xnrHrp0lK1a8qzWzR6/lC
duJvhp1OKRTlaWYjdrIHqTvQJ3UvQ8twe/fTdTqh7wWEE+QOv9z+/ip7gVRSrbta
uUsxtnyKTE4woqNa1dOVjXYHKxwojui9WwgIvkF0iW4+f5/CEgcpaTDpcXra/WOK
Kwvab2ejGbZrNa0J1vPvccHagSeg+TeEOwJw8Chizp1hI7Y5wP5FE3Spy8Zx6FJJ
qZEESbEctvhYumsinpFvoBlnWEIAZsyItgm/GexCPGTYDP2OqeAR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:48 2025 by rpki-client