Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e92c49-bd4a-4e8d-bbf6-4e223917b860/1/08ZOo8-oVzZQudYk63-HT8Q9CTo.roa
File: 08ZOo8-oVzZQudYk63-HT8Q9CTo.roa (raw, json)
Hash identifier: cQogK7HtWRoZP8uMGQZZqZ6l4yTcoDLNoZBl/U4IGZw=
Subject key identifier: D3:C6:4E:A3:CF:A8:57:36:50:B9:D6:24:EB:7F:87:4F:C4:3D:09:3A
Certificate issuer: /CN=2719412918a6627f99cce55c7aca139057b8574e
Certificate serial: 018AC087741819CC7F62B3D8C5A1CE8B2EF2
Authority key identifier: 27:19:41:29:18:A6:62:7F:99:CC:E5:5C:7A:CA:13:90:57:B8:57:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JxlBKRimYn-ZzOVcesoTkFe4V04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e92c49-bd4a-4e8d-bbf6-4e223917b860/1/08ZOo8-oVzZQudYk63-HT8Q9CTo.roa
Signing time: Sat 23 Sep 2023 05:33:37 +0000
ROA not before: Sat 23 Sep 2023 05:33:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 194.50.0.0/24 maxlen: 24
45.149.61.0/24 maxlen: 24
45.149.62.0/24 maxlen: 24
45.149.62.0/23 maxlen: 23
45.149.63.0/24 maxlen: 24
45.149.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c0:87:74:18:19:cc:7f:62:b3:d8:c5:a1:ce:8b:2e:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2719412918a6627f99cce55c7aca139057b8574e
Validity
Not Before: Sep 23 05:33:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3c64ea3cfa8573650b9d624eb7f874fc43d093a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b3:ca:a8:f9:59:d8:2d:18:1c:ac:f5:c2:a8:
c9:32:b5:d0:90:bf:b2:24:4a:76:94:cb:c2:73:b7:
82:74:7d:22:0d:52:09:b5:e4:92:d8:59:34:99:e4:
65:07:8b:10:1f:07:b3:0e:de:79:06:69:29:80:47:
61:fe:21:b3:8e:27:ff:80:e1:aa:f8:8e:bf:0f:bf:
1c:3e:9e:40:f9:cf:1f:cc:3c:d7:d3:06:a4:32:dd:
ec:de:73:f1:35:3b:04:0c:d6:dc:3a:10:29:66:f5:
f7:b8:78:ff:ba:49:d1:e6:6f:f3:c1:32:e8:47:28:
6e:71:59:01:56:ee:39:55:8c:83:b1:67:06:3a:cd:
c9:85:64:f6:18:dd:52:05:3c:86:92:3b:08:93:4f:
1b:27:65:00:2f:fc:43:99:67:53:d4:80:de:28:c1:
61:12:66:a1:dc:cc:83:4c:05:39:10:dd:c9:2c:a5:
40:35:77:62:22:f5:4d:00:c5:54:63:3d:cb:35:f3:
ad:15:1d:ca:2b:ad:82:e9:de:14:dd:4f:d3:e1:ad:
2a:3a:78:4a:dd:06:1e:49:ee:19:ab:62:6c:a7:bb:
e2:46:a7:7d:16:00:38:14:20:27:31:f8:eb:da:93:
8d:8f:f7:14:1b:4e:c9:37:86:44:14:13:32:44:e5:
fe:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C6:4E:A3:CF:A8:57:36:50:B9:D6:24:EB:7F:87:4F:C4:3D:09:3A
X509v3 Authority Key Identifier:
keyid:27:19:41:29:18:A6:62:7F:99:CC:E5:5C:7A:CA:13:90:57:B8:57:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JxlBKRimYn-ZzOVcesoTkFe4V04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e92c49-bd4a-4e8d-bbf6-4e223917b860/1/08ZOo8-oVzZQudYk63-HT8Q9CTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e92c49-bd4a-4e8d-bbf6-4e223917b860/1/JxlBKRimYn-ZzOVcesoTkFe4V04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.60.0/22
194.50.0.0/24
Signature Algorithm: sha256WithRSAEncryption
24:cf:8a:db:df:be:60:fc:51:b9:c1:ad:69:89:51:81:e8:cb:
c0:51:51:24:0a:71:06:bd:5d:4b:34:12:a4:9c:c4:b3:c9:5e:
e4:22:03:e8:7f:77:c1:d8:dd:b0:92:f1:4a:2d:14:aa:07:20:
3f:83:35:2d:e2:83:df:50:be:6d:a5:6e:1c:d8:b2:dd:c8:d3:
8d:a9:e9:d3:f8:c5:c8:70:b9:a8:6d:8b:bf:0b:8b:49:31:0d:
ae:5b:cd:c3:e3:30:b2:ff:93:9a:41:b1:ee:5b:ff:93:6c:ca:
d4:71:02:bd:24:69:8e:65:5e:07:38:71:a5:ab:20:a2:c7:98:
ea:68:17:f3:47:69:10:3a:85:27:2c:d5:93:0a:55:03:a3:e8:
c6:ab:3c:de:97:de:c8:79:71:f0:ee:2c:d6:c0:77:a3:f6:96:
a7:f2:bf:70:8a:91:a7:06:64:cc:47:d8:bb:c2:58:75:a9:32:
cf:43:e6:5e:4d:36:01:b0:59:77:dd:40:cb:9c:46:c1:24:18:
ef:38:6f:81:56:82:c0:c1:ac:12:0c:12:cc:07:b1:48:d3:27:
3d:75:c0:7c:fb:73:1f:25:a3:0c:b1:e4:df:c3:4a:31:19:90:
b1:aa:a6:3c:39:a0:74:31:aa:8d:5d:48:30:19:18:47:2d:ac:
c9:23:e1:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrAh3QYGcx/YrPYxaHOiy7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MTk0MTI5MThhNjYyN2Y5OWNjZTU1YzdhY2ExMzkwNTdi
ODU3NGUwHhcNMjMwOTIzMDUzMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2M2NGVhM2NmYTg1NzM2NTBiOWQ2MjRlYjdmODc0ZmM0M2QwOTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbPKqPlZ2C0YHKz1wqjJMrXQkL+y
JEp2lMvCc7eCdH0iDVIJteSS2Fk0meRlB4sQHwezDt55BmkpgEdh/iGzjif/gOGq
+I6/D78cPp5A+c8fzDzX0wakMt3s3nPxNTsEDNbcOhApZvX3uHj/uknR5m/zwTLo
RyhucVkBVu45VYyDsWcGOs3JhWT2GN1SBTyGkjsIk08bJ2UAL/xDmWdT1IDeKMFh
Emah3MyDTAU5EN3JLKVANXdiIvVNAMVUYz3LNfOtFR3KK62C6d4U3U/T4a0qOnhK
3QYeSe4Zq2Jsp7viRqd9FgA4FCAnMfjr2pONj/cUG07JN4ZEFBMyROX+pQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNPGTqPPqFc2ULnWJOt/h0/EPQk6MB8GA1UdIwQY
MBaAFCcZQSkYpmJ/mczlXHrKE5BXuFdOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnhsQktSaW1Zbi1aek9WY2Vzb1RrRmU0VjA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lOTJjNDktYmQ0YS00ZThkLWJiZjYt
NGUyMjM5MTdiODYwLzEvMDhaT284LW9WelpRdWRZazYzLUhUOFE5Q1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lOTJjNDktYmQ0YS00ZThkLWJiZjYtNGUyMjM5MTdiODYw
LzEvSnhsQktSaW1Zbi1aek9WY2Vzb1RrRmU0VjA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZU8AwQA
wjIAMA0GCSqGSIb3DQEBCwUAA4IBAQAkz4rb375g/FG5wa1piVGB6MvAUVEkCnEG
vV1LNBKknMSzyV7kIgPof3fB2N2wkvFKLRSqByA/gzUt4oPfUL5tpW4c2LLdyNON
qenT+MXIcLmobYu/C4tJMQ2uW83D4zCy/5OaQbHuW/+TbMrUcQK9JGmOZV4HOHGl
qyCix5jqaBfzR2kQOoUnLNWTClUDo+jGqzzel97IeXHw7izWwHej9pan8r9wipGn
BmTMR9i7wlh1qTLPQ+ZeTTYBsFl33UDLnEbBJBjvOG+BVoLAwawSDBLMB7FI0yc9
dcB8+3MfJaMMseTfw0oxGZCxqqY8OaB0MaqNXUgwGRhHLazJI+Hg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:21 2025 by rpki-client