Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/4jBZlpQJGsCaHSDqHaL9KgCr_UE.roa
File: 4jBZlpQJGsCaHSDqHaL9KgCr_UE.roa (raw, json)
Hash identifier: LF8BYgOQvG3wirJOgBeJcmsn6QIVO+abSDzc7Tg3X/s=
Subject key identifier: E2:30:59:96:94:09:1A:C0:9A:1D:20:EA:1D:A2:FD:2A:00:AB:FD:41
Certificate issuer: /CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00
Certificate serial: 01885280AD6E58DD284D3EBDCB8E1B873884
Authority key identifier: 67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/4jBZlpQJGsCaHSDqHaL9KgCr_UE.roa
Signing time: Thu 25 May 2023 10:42:24 +0000
ROA not before: Thu 25 May 2023 10:42:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210920
IP address blocks: 74.220.24.0/21 maxlen: 21
45.157.2.0/24 maxlen: 24
2a10:c882::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:80:ad:6e:58:dd:28:4d:3e:bd:cb:8e:1b:87:38:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00
Validity
Not Before: May 25 10:42:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e230599694091ac09a1d20ea1da2fd2a00abfd41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:48:46:8a:62:ea:47:ea:67:88:51:0f:ed:c6:
d2:1b:9f:e2:69:cb:b7:f2:40:7f:da:82:55:dd:08:
72:7d:24:9a:11:a2:36:f2:e7:75:cc:80:18:97:8d:
c2:21:82:f4:d1:11:88:b7:f1:17:a0:31:71:4c:c6:
8c:e6:f8:ab:d6:9a:97:f6:4c:fa:79:ab:f0:cc:61:
2b:b6:be:f8:ec:3e:9b:de:ac:b3:ea:b9:7a:c0:66:
4e:47:1b:ee:b9:84:c5:8a:77:6e:2e:5f:96:e9:4d:
8c:98:77:51:80:b9:ce:9e:5f:1f:c4:85:f3:17:96:
69:30:31:8f:35:86:4f:fc:09:50:10:a8:85:ab:94:
f8:17:9d:62:02:ec:f0:60:b9:9d:f5:9b:0c:6f:53:
68:80:6d:62:dc:f0:c3:30:1e:46:1b:42:c9:ef:22:
5e:ee:44:f2:13:fb:0e:53:ff:b5:45:2f:b0:2e:21:
bd:c4:2f:c1:bd:23:ba:cb:ed:a5:a9:03:84:1d:61:
9e:2a:85:f9:79:e1:06:8f:1e:91:8a:b6:9b:19:3a:
da:a7:68:e3:e6:cd:5f:64:36:7f:46:4f:8e:0f:90:
80:51:03:a8:96:e0:16:d5:96:70:e8:c8:10:a2:93:
cc:33:b3:cf:f2:80:04:26:1a:67:a5:b8:0c:e1:fd:
7a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:30:59:96:94:09:1A:C0:9A:1D:20:EA:1D:A2:FD:2A:00:AB:FD:41
X509v3 Authority Key Identifier:
keyid:67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/4jBZlpQJGsCaHSDqHaL9KgCr_UE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.2.0/24
74.220.24.0/21
IPv6:
2a10:c882::/32
Signature Algorithm: sha256WithRSAEncryption
8e:0a:2e:6b:ef:74:e6:ad:c5:b7:62:56:79:c6:72:d4:23:39:
1f:e4:ef:96:59:7d:5c:30:c5:36:55:88:9c:0e:69:09:10:2c:
96:48:7f:71:be:f9:52:2b:5e:f6:1b:eb:46:71:fb:e0:ba:21:
f9:e5:99:fd:20:e2:bb:29:16:1b:8d:f0:43:41:2b:d7:d4:c3:
41:2a:aa:db:c7:f4:cb:10:cc:76:05:4a:5e:1e:c8:14:53:f7:
4e:d6:95:6e:5c:89:a9:2d:d2:74:34:8c:f9:50:9b:6a:cb:c4:
48:cc:48:61:93:04:4e:cd:08:cb:08:a1:62:29:cb:95:68:8a:
84:63:a9:51:07:a8:46:8a:87:5a:16:cf:6e:59:cd:53:09:f6:
ca:96:3a:eb:01:f0:fe:8e:6e:4f:3b:61:86:9d:3d:11:1d:ed:
86:39:c7:2c:ce:03:73:05:fb:92:eb:8e:6e:d1:e1:a2:0c:e9:
e2:c0:55:7f:f0:8a:70:c3:5c:ac:12:ec:ca:49:36:ac:4c:96:
37:a1:4d:40:70:b4:d1:3b:d2:75:66:fd:a5:b8:68:be:d1:f4:
ed:43:fd:7b:f3:26:ab:80:03:3d:7d:4e:36:84:36:c4:06:23:
7c:3c:4d:4d:43:60:86:1b:af:91:a5:ee:f6:e5:af:e8:d7:c3:
fe:4f:d5:4d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYhSgK1uWN0oTT69y44bhziEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZTI0YzcyODRlZjQ4ODdlNDVkNGNjZDliZGU2NzljZDlh
YjRmMDAwHhcNMjMwNTI1MTA0MjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjMwNTk5Njk0MDkxYWMwOWExZDIwZWExZGEyZmQyYTAwYWJmZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEhGimLqR+pniFEP7cbSG5/iacu3
8kB/2oJV3QhyfSSaEaI28ud1zIAYl43CIYL00RGIt/EXoDFxTMaM5vir1pqX9kz6
eavwzGErtr747D6b3qyz6rl6wGZORxvuuYTFinduLl+W6U2MmHdRgLnOnl8fxIXz
F5ZpMDGPNYZP/AlQEKiFq5T4F51iAuzwYLmd9ZsMb1NogG1i3PDDMB5GG0LJ7yJe
7kTyE/sOU/+1RS+wLiG9xC/BvSO6y+2lqQOEHWGeKoX5eeEGjx6RirabGTrap2jj
5s1fZDZ/Rk+OD5CAUQOoluAW1ZZw6MgQopPMM7PP8oAEJhpnpbgM4f16MQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOIwWZaUCRrAmh0g6h2i/SoAq/1BMB8GA1UdIwQY
MBaAFGfiTHKE70iH5F1MzZveZ5zZq08AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzct
MDM3NWE5YzMyYjAwLzEvNGpCWmxwUUpHc0NhSFNEcUhhTDlLZ0NyX1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzctMDM3NWE5YzMyYjAw
LzEvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALZ0CAwQD
StwYMA0EAgACMAcDBQAqEMiCMA0GCSqGSIb3DQEBCwUAA4IBAQCOCi5r73TmrcW3
YlZ5xnLUIzkf5O+WWX1cMMU2VYicDmkJECyWSH9xvvlSK172G+tGcfvguiH55Zn9
IOK7KRYbjfBDQSvX1MNBKqrbx/TLEMx2BUpeHsgUU/dO1pVuXImpLdJ0NIz5UJtq
y8RIzEhhkwROzQjLCKFiKcuVaIqEY6lRB6hGiodaFs9uWc1TCfbKljrrAfD+jm5P
O2GGnT0RHe2GOccszgNzBfuS645u0eGiDOniwFV/8Ipww1ysEuzKSTasTJY3oU1A
cLTRO9J1Zv2luGi+0fTtQ/178yargAM9fU42hDbEBiN8PE1NQ2CGG6+Rpe725a/o
18P+T9VN
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:41:50 2025 by rpki-client