Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/mzdfVWvj-CZcdIeLh3IcbiYsi8A.roa
File: mzdfVWvj-CZcdIeLh3IcbiYsi8A.roa (raw, json)
Hash identifier: ov0oRQdiOKzNwsKaBZvKnu/Qii0X+vCtU7MGPDhkFTI=
Subject key identifier: 9B:37:5F:55:6B:E3:F8:26:5C:74:87:8B:87:72:1C:6E:26:2C:8B:C0
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 0183889B15F025BDDBE38C5DFE6AF9D9271F
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/mzdfVWvj-CZcdIeLh3IcbiYsi8A.roa
Signing time: Thu 29 Sep 2022 09:36:48 +0000
ROA not before: Thu 29 Sep 2022 09:36:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60423
IP address blocks: 5.145.119.0/24 maxlen: 24
185.24.252.0/24 maxlen: 24
5.145.117.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
2a04:2f00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:88:9b:15:f0:25:bd:db:e3:8c:5d:fe:6a:f9:d9:27:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: Sep 29 09:36:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b375f556be3f8265c74878b87721c6e262c8bc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:55:89:e1:ac:5f:6f:81:0a:64:1a:81:14:a4:
67:8b:10:99:23:13:85:84:fd:8d:c4:be:36:45:26:
4b:3a:45:d8:5e:56:64:b8:fd:1b:9c:f8:03:cf:11:
72:19:66:66:de:fd:80:ca:47:03:e6:22:dd:8f:4f:
e1:87:6e:34:5a:1a:97:16:a5:4d:f2:33:33:e6:71:
b1:05:9e:7c:73:87:b0:84:df:5e:de:87:84:6d:85:
44:86:03:34:97:27:2e:be:68:2e:13:a4:4a:6d:6b:
32:8a:0e:6d:dc:b6:45:ed:63:09:d7:53:88:fc:4b:
22:1f:76:69:4c:1c:91:4b:48:93:80:90:05:a6:0a:
9c:91:f9:08:69:0f:92:26:cb:c8:0b:8f:d0:59:ac:
cf:66:aa:69:0e:60:cd:9e:5f:09:3d:bc:b1:0f:5f:
9b:8d:34:fa:c8:57:f1:e3:e6:29:a6:61:8c:d1:db:
4f:7a:ea:c8:ed:4e:ac:ac:93:3a:09:be:68:17:5b:
21:88:f7:95:cc:f4:16:33:8c:14:e0:c5:e6:2f:9c:
84:5a:43:b6:75:3b:00:2b:52:f6:7c:f4:b6:f1:19:
f3:4c:16:5e:89:56:aa:d2:0a:08:a0:43:f0:d6:ca:
7a:34:93:c5:5b:a1:c5:dc:69:3a:79:fc:a1:2f:9f:
63:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:37:5F:55:6B:E3:F8:26:5C:74:87:8B:87:72:1C:6E:26:2C:8B:C0
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/mzdfVWvj-CZcdIeLh3IcbiYsi8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.117.0-5.145.119.255
185.24.252.0/24
IPv6:
2a04:2f00::/48
Signature Algorithm: sha256WithRSAEncryption
96:fb:2c:d0:81:d8:62:9f:fd:6c:12:83:42:02:05:27:6a:5a:
7d:ce:64:1a:1e:6c:99:aa:33:b8:ae:3e:b8:73:78:f4:93:73:
e7:7d:f8:f7:3e:de:ad:39:cf:60:5c:45:64:21:03:29:9e:4e:
1f:3e:23:f3:5d:fd:65:a6:46:0f:65:eb:d6:d0:8c:af:61:b3:
56:6b:e7:1a:cb:02:b3:83:76:ff:5b:a4:8a:bd:2e:df:1a:0b:
b3:6d:72:a2:ea:ad:11:e6:62:2b:aa:57:c5:27:25:9f:78:1c:
ee:41:dc:9b:2e:79:f9:c7:23:2f:7e:12:40:3e:af:c6:66:0f:
80:99:6b:83:2a:c8:a9:10:e8:ed:0a:11:e2:cb:9c:02:3d:16:
25:cf:36:30:c8:88:62:17:01:58:c6:0e:3c:29:22:93:90:77:
ac:fd:fc:ee:40:11:37:c3:3b:65:11:57:b7:aa:3f:7c:b8:d5:
d9:04:ec:ad:bd:9d:df:ab:48:8f:b9:fd:77:76:40:ef:c7:33:
e0:46:36:49:c7:1e:85:50:0a:93:4a:4a:24:20:2b:ab:ab:91:
69:a3:85:95:94:9d:48:d4:9e:4f:4d:e9:86:13:e3:04:0e:60:
fc:52:3a:03:37:b9:2f:bc:ad:78:7f:a7:ff:7f:d6:19:75:bc:
1d:73:cf:05
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYOImxXwJb3b44xd/mr52ScfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjIwOTI5MDkzNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjM3NWY1NTZiZTNmODI2NWM3NDg3OGI4NzcyMWM2ZTI2MmM4YmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFWJ4axfb4EKZBqBFKRnixCZIxOF
hP2NxL42RSZLOkXYXlZkuP0bnPgDzxFyGWZm3v2AykcD5iLdj0/hh240WhqXFqVN
8jMz5nGxBZ58c4ewhN9e3oeEbYVEhgM0lycuvmguE6RKbWsyig5t3LZF7WMJ11OI
/EsiH3ZpTByRS0iTgJAFpgqckfkIaQ+SJsvIC4/QWazPZqppDmDNnl8JPbyxD1+b
jTT6yFfx4+YppmGM0dtPeurI7U6srJM6Cb5oF1shiPeVzPQWM4wU4MXmL5yEWkO2
dTsAK1L2fPS28RnzTBZeiVaq0goIoEPw1sp6NJPFW6HF3Gk6efyhL59j8wIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJs3X1Vr4/gmXHSHi4dyHG4mLIvAMB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvbXpkZlZXdmotQ1pjZEllTGgzSWNiaVlzaThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAAFkXUD
BAMFkXADBAC5GPwwDwQCAAIwCQMHACoELwAAADANBgkqhkiG9w0BAQsFAAOCAQEA
lvss0IHYYp/9bBKDQgIFJ2pafc5kGh5smaozuK4+uHN49JNz53349z7erTnPYFxF
ZCEDKZ5OHz4j8139ZaZGD2Xr1tCMr2GzVmvnGssCs4N2/1ukir0u3xoLs21youqt
EeZiK6pXxScln3gc7kHcmy55+ccjL34SQD6vxmYPgJlrgyrIqRDo7QoR4sucAj0W
Jc82MMiIYhcBWMYOPCkik5B3rP387kARN8M7ZRFXt6o/fLjV2QTsrb2d36tIj7n9
d3ZA78cz4EY2SccehVAKk0pKJCArq6uRaaOFlZSdSNSeT03phhPjBA5g/FI6Aze5
L7yteH+n/3/WGXW8HXPPBQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:09:54 2025 by rpki-client