Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/ZUsK7pa978cMyoPzzNH3UuhilwE.roa
File: ZUsK7pa978cMyoPzzNH3UuhilwE.roa (raw, json)
Hash identifier: j0G8DKmbFClJ7iZAcAZyGeJgbnvBVgLQpCAvmp8Pc3c=
Subject key identifier: 65:4B:0A:EE:96:BD:EF:C7:0C:CA:83:F3:CC:D1:F7:52:E8:62:97:01
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 013EF659
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/ZUsK7pa978cMyoPzzNH3UuhilwE.roa
Signing time: Sat 01 Jan 2022 13:05:36 +0000
ROA not before: Sat 01 Jan 2022 13:05:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40065
IP address blocks: 45.142.158.0/23 maxlen: 32
45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.145.72.0/23 maxlen: 32
45.150.226.0/23 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20903513 (0x13ef659)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 1 13:05:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=654b0aee96bdefc70cca83f3ccd1f752e8629701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cc:4b:be:5f:ea:6c:38:26:5e:d2:3e:7a:7a:
a8:c2:56:32:23:93:7a:bc:58:a8:e3:f6:76:60:80:
ab:01:09:95:1e:6a:a5:35:71:5f:41:d0:d2:eb:9d:
c1:7f:4a:57:e4:6a:28:a0:8a:9c:5d:0e:36:b7:ac:
12:89:c2:41:b5:71:ac:c9:6d:18:d6:ef:2f:a2:db:
4b:ee:f8:1b:19:25:5a:aa:e0:90:ec:27:a7:95:b1:
87:71:a5:60:2f:86:9b:40:79:dc:a3:8e:bb:ae:8d:
fe:cc:9b:f8:07:83:b5:d4:3c:6f:14:7e:be:84:df:
44:7d:3e:26:18:17:ae:dc:2e:6c:f8:b3:76:ea:3a:
8f:70:3e:b5:2c:dc:fe:20:09:8e:51:bd:6d:0e:6b:
9d:c0:96:46:61:fa:ff:1c:94:a5:0f:4b:7b:0f:c4:
e6:3a:5b:a9:62:4d:f8:a2:2d:43:26:bd:13:e4:8f:
11:b0:71:36:ca:fa:e7:1e:7e:89:cd:b5:74:f5:2e:
db:03:80:bf:92:f4:6e:c5:b2:b7:33:c2:09:73:1b:
0a:aa:b5:db:47:46:77:64:29:eb:7e:5a:ca:9a:bb:
e7:e4:de:6e:45:a4:74:a5:3d:9f:4b:42:24:e6:3c:
76:29:5a:99:ac:f6:46:eb:48:0d:e8:f3:5d:be:f2:
8b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4B:0A:EE:96:BD:EF:C7:0C:CA:83:F3:CC:D1:F7:52:E8:62:97:01
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/ZUsK7pa978cMyoPzzNH3UuhilwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/23
45.150.226.0/23
Signature Algorithm: sha256WithRSAEncryption
44:c5:0c:a9:c1:31:b9:b4:13:2d:d0:3f:2a:90:5b:4c:5c:d0:
81:92:63:07:3e:ad:05:54:6c:56:0d:76:9c:89:50:bd:f5:6d:
f7:e2:b2:c5:8c:02:b5:4b:68:fb:e0:bd:f2:46:ed:2a:1c:02:
80:ed:17:b7:2a:08:be:01:90:f3:44:71:e6:94:b5:62:79:87:
ec:f0:c0:47:af:4b:21:9b:0e:c0:45:6b:07:7b:94:03:26:d9:
fb:3d:bb:d9:43:44:35:3c:88:93:2d:97:ce:5a:dc:c0:e4:c2:
9a:05:ee:37:01:13:67:60:07:73:b0:38:9b:56:aa:71:79:5b:
c8:78:c2:e9:3b:b8:57:98:2a:62:a3:03:06:8c:68:8a:27:82:
7e:8e:1b:58:53:28:16:2c:9f:2e:31:d2:81:58:af:db:6a:1f:
0c:02:2c:bb:48:b5:90:eb:10:a1:d3:12:3b:d5:27:ad:33:34:
1f:d7:4b:16:27:d0:14:fb:9a:c9:96:0c:05:57:ce:4d:e8:f4:
fd:f3:c9:65:35:af:8a:89:04:9b:2a:fc:a6:be:d4:de:ef:6e:
07:13:49:c0:1a:32:2d:d1:4f:34:fb:20:c1:e0:ff:08:46:9f:
1e:b6:98:21:a9:6b:8e:99:3e:8c:f8:ec:39:9a:6d:46:19:e5:
fe:84:64:cf
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAT72WTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZGI2N2M1YzdmYTdmZTI0OTJlZWMzN2NmNDI3NjQyYjcxZDQyNWIwMB4XDTIyMDEw
MTEzMDUzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjU0YjBhZWU5NmJk
ZWZjNzBjY2E4M2YzY2NkMWY3NTJlODYyOTcwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLMS75f6mw4Jl7SPnp6qMJWMiOTerxYqOP2dmCAqwEJlR5q
pTVxX0HQ0uudwX9KV+RqKKCKnF0ONresEonCQbVxrMltGNbvL6LbS+74GxklWqrg
kOwnp5Wxh3GlYC+Gm0B53KOOu66N/syb+AeDtdQ8bxR+voTfRH0+JhgXrtwubPiz
duo6j3A+tSzc/iAJjlG9bQ5rncCWRmH6/xyUpQ9Lew/E5jpbqWJN+KItQya9E+SP
EbBxNsr65x5+ic21dPUu2wOAv5L0bsWytzPCCXMbCqq120dGd2Qp635aypq75+Te
bkWkdKU9n0tCJOY8dilamaz2RutIDejzXb7yi/8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRlSwrulr3vxwzKg/PM0fdS6GKXATAfBgNVHSMEGDAWgBQNtnxcf6f+JJLu
w3z0J2QrcdQlsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RiWjhYSC1uX2lTUzdzTjg5Q2RrSzNIVUpiQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvMGYzNzU3LWYwZWQtNGU3ZS05MzI5LWIwM2RmOTk2ZTQ4MS8x
L1pVc0s3cGE5NzhjTXlvUHp6TkgzVXVoaWx3RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
MGYzNzU3LWYwZWQtNGU3ZS05MzI5LWIwM2RmOTk2ZTQ4MS8xL0RiWjhYSC1uX2lT
UzdzTjg5Q2RrSzNIVUpiQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi2OnAMEAS2RSAMEAS2W4jANBgkq
hkiG9w0BAQsFAAOCAQEARMUMqcExubQTLdA/KpBbTFzQgZJjBz6tBVRsVg12nIlQ
vfVt9+KyxYwCtUto++C98kbtKhwCgO0XtyoIvgGQ80Rx5pS1YnmH7PDAR69LIZsO
wEVrB3uUAybZ+z272UNENTyIky2XzlrcwOTCmgXuNwETZ2AHc7A4m1aqcXlbyHjC
6Tu4V5gqYqMDBoxoiieCfo4bWFMoFiyfLjHSgViv22ofDAIsu0i1kOsQodMSO9Un
rTM0H9dLFifQFPuayZYMBVfOTej0/fPJZTWviokEmyr8pr7U3u9uBxNJwBoyLdFP
NPsgweD/CEafHraYIalrjpk+jPjsOZptRhnl/oRkzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:57 2024 by rpki-client on console-fra.rpki-client.org