Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/ZowylPA0me0NMlrF2-d76etWqxs.roa
File: ZowylPA0me0NMlrF2-d76etWqxs.roa (raw, json)
Hash identifier: eEChfBi6Aw/lNIgnNuaPzKzdnMYU84PB/2VI8J7OpnI=
Subject key identifier: 66:8C:32:94:F0:34:99:ED:0D:32:5A:C5:DB:E7:7B:E9:EB:56:AB:1B
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 018B1963D8C92C43806B229EA639FF05C9A5
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/ZowylPA0me0NMlrF2-d76etWqxs.roa
Signing time: Tue 10 Oct 2023 11:40:55 +0000
ROA not before: Tue 10 Oct 2023 11:40:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 45.91.67.0/24 maxlen: 24
45.82.14.0/24 maxlen: 24
91.200.150.0/24 maxlen: 24
91.200.151.0/24 maxlen: 24
91.200.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:63:d8:c9:2c:43:80:6b:22:9e:a6:39:ff:05:c9:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Oct 10 11:40:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=668c3294f03499ed0d325ac5dbe77be9eb56ab1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f2:d6:97:f5:14:00:69:80:1c:57:5c:a2:13:
d0:cc:d7:f4:c8:a9:88:fb:86:cb:5e:98:13:e2:d4:
d0:70:ba:6a:98:a1:16:c8:50:9d:7f:61:5e:6a:dc:
e1:2a:be:e4:62:23:de:31:b7:4a:b0:79:44:b9:0c:
80:f2:06:ea:79:86:d3:ff:ac:42:be:c1:a0:ae:79:
2a:48:57:d5:77:8b:64:fe:bd:5d:d6:02:0e:9b:4f:
77:b6:97:08:23:71:ee:87:bf:49:0b:8f:39:01:eb:
b1:64:ce:c6:d0:c6:12:ba:51:1d:87:37:41:ed:7d:
53:39:ba:8b:ea:94:e8:fa:04:53:6a:31:4b:8d:be:
39:92:8e:4f:90:8f:22:8f:9a:b8:45:8c:b5:05:b0:
a0:57:0d:62:e1:67:1e:ad:44:c9:18:22:3f:4a:b9:
86:55:6f:d2:60:61:d0:0b:a3:96:97:9a:50:f0:9e:
7e:98:10:0f:34:cb:f7:b1:78:5f:8d:de:a3:8b:62:
e4:42:3a:0b:6b:ff:e7:55:b7:9f:ed:df:31:84:6a:
f2:9b:40:ff:05:9a:42:bc:d5:00:f2:53:85:36:32:
87:2f:dc:77:ea:3a:b6:67:45:6a:45:ad:43:a4:de:
3f:4a:98:e5:db:d1:58:94:62:07:54:cc:e0:74:75:
87:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:8C:32:94:F0:34:99:ED:0D:32:5A:C5:DB:E7:7B:E9:EB:56:AB:1B
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/ZowylPA0me0NMlrF2-d76etWqxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.14.0/24
45.91.67.0/24
91.200.148.0/24
91.200.150.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:bb:68:0c:12:8a:5d:33:e3:72:62:fa:b1:c5:13:b4:68:73:
9a:54:5d:06:d6:e5:68:cc:04:d2:ab:51:dc:1e:64:0d:6a:50:
8e:42:1d:2b:20:5c:c4:8b:e4:30:38:2e:4e:be:72:6e:39:39:
b0:52:50:40:13:64:c5:cf:0f:0a:4e:7a:83:40:1e:f1:e8:e8:
40:64:b6:ad:b6:81:f1:74:07:52:dd:71:13:df:05:8f:e0:b6:
af:68:fd:0c:a9:91:54:00:82:34:d9:d2:0b:19:3d:d1:99:38:
a1:66:08:57:4e:e7:30:17:51:55:82:64:64:41:8b:a6:f9:26:
54:5b:0b:91:5e:6a:5e:40:c1:dc:d5:b8:f6:5c:e6:6c:1c:a2:
55:1f:33:11:d8:e2:15:75:ae:7d:de:f7:0e:41:cb:98:93:5a:
e4:e4:8f:44:7e:48:3d:dc:29:4a:59:df:07:2b:0a:12:ea:79:
43:c8:6b:d9:ed:50:47:b1:c4:dd:71:76:05:ff:62:51:c4:2b:
5e:f3:5d:2e:66:72:72:13:fc:ec:62:4b:b6:2d:98:e4:88:ea:
0f:c1:62:d7:d8:de:50:3b:7e:8f:8f:e3:8e:e2:d2:f5:c0:38:
28:ce:0a:f8:e0:bb:18:59:0b:7e:2c:25:d8:58:f9:93:c4:7b:
72:9a:2c:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsZY9jJLEOAayKepjn/BcmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMxMDEwMTE0MDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjhjMzI5NGYwMzQ5OWVkMGQzMjVhYzVkYmU3N2JlOWViNTZhYjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfLWl/UUAGmAHFdcohPQzNf0yKmI
+4bLXpgT4tTQcLpqmKEWyFCdf2FeatzhKr7kYiPeMbdKsHlEuQyA8gbqeYbT/6xC
vsGgrnkqSFfVd4tk/r1d1gIOm093tpcII3Huh79JC485AeuxZM7G0MYSulEdhzdB
7X1TObqL6pTo+gRTajFLjb45ko5PkI8ij5q4RYy1BbCgVw1i4WcerUTJGCI/SrmG
VW/SYGHQC6OWl5pQ8J5+mBAPNMv3sXhfjd6ji2LkQjoLa//nVbef7d8xhGrym0D/
BZpCvNUA8lOFNjKHL9x36jq2Z0VqRa1DpN4/Spjl29FYlGIHVMzgdHWHPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGaMMpTwNJntDTJaxdvne+nrVqsbMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvWm93eWxQQTBtZTBOTWxyRjItZDc2ZXRXcXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVIOAwQA
LVtDAwQAW8iUAwQBW8iWMA0GCSqGSIb3DQEBCwUAA4IBAQBcu2gMEopdM+NyYvqx
xRO0aHOaVF0G1uVozATSq1HcHmQNalCOQh0rIFzEi+QwOC5OvnJuOTmwUlBAE2TF
zw8KTnqDQB7x6OhAZLattoHxdAdS3XET3wWP4LavaP0MqZFUAII02dILGT3RmTih
ZghXTucwF1FVgmRkQYum+SZUWwuRXmpeQMHc1bj2XOZsHKJVHzMR2OIVda593vcO
QcuYk1rk5I9Efkg93ClKWd8HKwoS6nlDyGvZ7VBHscTdcXYF/2JRxCte810uZnJy
E/zsYku2LZjkiOoPwWLX2N5QO36Pj+OO4tL1wDgozgr44LsYWQt+LCXYWPmTxHty
mixx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:29 2025 by rpki-client