Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Z3h64b-LaqLcFsNYlYjxvyhYrCI.roa
File: Z3h64b-LaqLcFsNYlYjxvyhYrCI.roa (raw, json)
Hash identifier: dbri4RHE7LHP21FuiBhn1jqvPaoLsGpnoRWQxGpsCCw=
Subject key identifier: 67:78:7A:E1:BF:8B:6A:A2:DC:16:C3:58:95:88:F1:BF:28:58:AC:22
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018498E15ADE0125A991E96ADBB29C4372C0
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Z3h64b-LaqLcFsNYlYjxvyhYrCI.roa
Signing time: Mon 21 Nov 2022 06:30:16 +0000
ROA not before: Mon 21 Nov 2022 06:30:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205361
IP address blocks: 45.8.200.0/24 maxlen: 24
5.180.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:98:e1:5a:de:01:25:a9:91:e9:6a:db:b2:9c:43:72:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Nov 21 06:30:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67787ae1bf8b6aa2dc16c3589588f1bf2858ac22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:27:ad:cf:e0:9f:1f:02:65:7a:36:ea:6b:ab:
c9:bf:9b:fb:84:2d:8c:6a:b0:2f:c7:51:25:40:6c:
9a:b2:e2:ae:2a:8e:f4:27:f3:aa:16:d3:2c:c1:2f:
d9:59:ea:c0:86:60:e4:76:ae:7c:a7:4b:53:50:3f:
84:c6:12:31:3f:ac:71:bd:c5:2c:94:43:91:8a:f1:
da:c5:1b:a0:5c:9d:ce:93:06:62:9e:1b:69:88:a3:
e6:bb:02:38:05:86:21:57:c7:a7:60:fe:6a:3c:a5:
b3:a4:6a:fe:4c:31:d8:72:37:f4:70:96:76:17:bc:
97:65:f9:88:99:3b:33:fa:23:f0:03:46:63:af:fa:
f5:3d:e2:d2:9b:74:42:56:a8:08:33:a4:ec:b1:48:
a6:00:75:65:d2:ff:d4:68:68:82:bd:ae:72:27:d5:
3b:e0:66:14:6d:48:4d:84:3e:9e:6f:32:a8:a7:65:
32:64:12:a3:9d:48:f3:38:54:10:b5:1d:b7:e2:ce:
a7:ed:94:f3:d4:27:23:8f:d0:15:b1:6d:3b:18:ca:
e9:f8:83:4d:8c:1d:90:11:16:26:51:be:b5:b2:79:
af:17:90:d2:73:46:85:45:48:61:00:d0:9d:5e:da:
4f:5f:b7:55:c6:df:f4:1c:8d:ac:d8:20:61:b8:bf:
fa:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:78:7A:E1:BF:8B:6A:A2:DC:16:C3:58:95:88:F1:BF:28:58:AC:22
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Z3h64b-LaqLcFsNYlYjxvyhYrCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.48.0/24
45.8.200.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:f2:44:b3:1e:ac:a2:3f:52:bd:04:5b:03:e7:a7:47:67:c4:
99:9c:e5:5d:0f:90:91:d5:27:ea:82:f9:be:e6:2d:c0:c1:2c:
ba:1c:1d:b0:a3:98:c3:47:54:52:70:f4:89:1a:5b:d1:3b:eb:
07:e2:ae:fd:16:49:cb:20:04:2c:d7:41:f4:63:f8:dd:25:59:
ad:39:a9:74:d6:9d:d3:0e:67:1c:79:72:64:16:dc:d1:2a:8b:
5d:e5:63:7b:db:12:ce:61:ae:04:d3:4d:7d:19:21:75:f2:86:
ac:78:de:05:42:80:89:97:4d:8f:b7:fc:a6:7f:6b:8b:39:bf:
49:f8:a7:4b:03:7b:6b:6b:54:72:22:06:50:fc:25:6f:2c:9f:
17:b2:21:13:3c:c5:eb:e0:0d:2a:12:ca:5a:95:6e:cb:4e:c4:
99:e6:e1:14:6e:89:10:8d:2d:34:97:ca:66:06:65:9f:20:2c:
b8:ef:9d:d8:f5:d7:20:f6:3a:4f:96:cf:12:19:e6:62:3e:56:
01:c4:a9:b0:4b:8d:46:f6:0f:98:d4:e0:84:63:eb:d3:d5:d2:
8d:7f:f6:53:dc:ba:9d:5e:c1:80:0d:a3:d4:2d:fb:db:79:ef:
34:3d:23:a3:7d:18:68:01:19:e5:67:4b:a7:29:13:b0:e4:c8:
5a:21:42:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSY4VreASWpkelq27KcQ3LAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjIxMTIxMDYzMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzc4N2FlMWJmOGI2YWEyZGMxNmMzNTg5NTg4ZjFiZjI4NThhYzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyetz+CfHwJlejbqa6vJv5v7hC2M
arAvx1ElQGyasuKuKo70J/OqFtMswS/ZWerAhmDkdq58p0tTUD+ExhIxP6xxvcUs
lEORivHaxRugXJ3OkwZinhtpiKPmuwI4BYYhV8enYP5qPKWzpGr+TDHYcjf0cJZ2
F7yXZfmImTsz+iPwA0Zjr/r1PeLSm3RCVqgIM6TssUimAHVl0v/UaGiCva5yJ9U7
4GYUbUhNhD6ebzKop2UyZBKjnUjzOFQQtR234s6n7ZTz1Ccjj9AVsW07GMrp+INN
jB2QERYmUb61snmvF5DSc0aFRUhhANCdXtpPX7dVxt/0HI2s2CBhuL/6wwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGd4euG/i2qi3BbDWJWI8b8oWKwiMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvWjNoNjRiLUxhcUxjRnNOWWxZanh2eWhZckNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbQwAwQA
LQjIMA0GCSqGSIb3DQEBCwUAA4IBAQB88kSzHqyiP1K9BFsD56dHZ8SZnOVdD5CR
1Sfqgvm+5i3AwSy6HB2wo5jDR1RScPSJGlvRO+sH4q79FknLIAQs10H0Y/jdJVmt
Oal01p3TDmcceXJkFtzRKotd5WN72xLOYa4E0019GSF18oaseN4FQoCJl02Pt/ym
f2uLOb9J+KdLA3tra1RyIgZQ/CVvLJ8XsiETPMXr4A0qEspalW7LTsSZ5uEUbokQ
jS00l8pmBmWfICy4753Y9dcg9jpPls8SGeZiPlYBxKmwS41G9g+Y1OCEY+vT1dKN
f/ZT3LqdXsGADaPULfvbee80PSOjfRhoARnlZ0unKROw5MhaIUKQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:41 2025 by rpki-client