Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/712f03-afe9-4f65-acec-67cfe3067b2a/1/zeIEQpbGACB2JxNaC_E7id3jY7I.roa
File: zeIEQpbGACB2JxNaC_E7id3jY7I.roa (raw, json)
Hash identifier: Nq4TRMqJHOQcJOVKgNFNS6LKF+PmoVq8v7YomAWG1N8=
Subject key identifier: CD:E2:04:42:96:C6:00:20:76:27:13:5A:0B:F1:3B:89:DD:E3:63:B2
Certificate issuer: /CN=8f8685dbadffb01ddcce6c4d82a97f33c040ed2d
Certificate serial: 0743C115
Authority key identifier: 8F:86:85:DB:AD:FF:B0:1D:DC:CE:6C:4D:82:A9:7F:33:C0:40:ED:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j4aF263_sB3czmxNgql_M8BA7S0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/712f03-afe9-4f65-acec-67cfe3067b2a/1/zeIEQpbGACB2JxNaC_E7id3jY7I.roa
Signing time: Sat 01 Jan 2022 12:02:20 +0000
ROA not before: Sat 01 Jan 2022 12:02:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208262
IP address blocks: 45.150.136.0/22 maxlen: 22
2a0f:c600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121880853 (0x743c115)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f8685dbadffb01ddcce6c4d82a97f33c040ed2d
Validity
Not Before: Jan 1 12:02:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cde2044296c600207627135a0bf13b89dde363b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:99:c7:fa:29:87:6e:10:88:a5:82:f9:81:16:
d6:b9:fd:98:38:56:44:f0:73:67:a9:09:a5:d9:2f:
f0:a1:3d:49:01:0f:b3:91:66:5e:7c:b7:c7:58:33:
dd:4b:66:14:99:2a:84:4c:af:a1:56:e9:d9:4d:27:
a7:e1:95:30:fd:8a:65:c2:3c:c8:b4:59:b4:34:ed:
e6:e7:64:87:4f:1c:7b:88:73:a5:64:8d:d9:fd:0e:
c3:b8:15:9d:63:71:6a:b8:92:6b:09:57:87:0b:e6:
67:62:c8:5a:67:70:43:e0:3e:d9:18:99:7d:90:39:
d3:b9:64:b7:2e:4c:64:33:bb:ff:dd:e5:0c:ea:6a:
35:ea:1c:4b:36:36:a0:34:c9:f0:5b:0e:5d:24:83:
ff:9e:7d:e0:6f:ee:53:01:b2:21:66:ed:ea:8e:4d:
e3:d2:ee:40:e5:56:2b:2a:77:96:e4:84:bf:e4:52:
5a:e7:03:59:bd:06:dc:45:f7:a5:d3:6f:2a:a6:90:
20:73:5d:51:5d:6c:8b:39:ed:ec:e6:cc:6d:da:4a:
e8:ef:c0:a8:7a:08:89:79:5a:03:1f:6e:3d:e4:5d:
86:78:8e:eb:51:07:f2:53:f2:4c:93:af:4c:b2:cd:
57:0f:01:b0:71:af:bd:a1:f1:de:e9:1e:3c:4f:43:
7e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:E2:04:42:96:C6:00:20:76:27:13:5A:0B:F1:3B:89:DD:E3:63:B2
X509v3 Authority Key Identifier:
keyid:8F:86:85:DB:AD:FF:B0:1D:DC:CE:6C:4D:82:A9:7F:33:C0:40:ED:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j4aF263_sB3czmxNgql_M8BA7S0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/712f03-afe9-4f65-acec-67cfe3067b2a/1/zeIEQpbGACB2JxNaC_E7id3jY7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/712f03-afe9-4f65-acec-67cfe3067b2a/1/j4aF263_sB3czmxNgql_M8BA7S0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.136.0/22
IPv6:
2a0f:c600::/29
Signature Algorithm: sha256WithRSAEncryption
9b:9e:a4:5c:fb:53:b5:06:d5:5c:0c:56:6a:65:3a:02:41:eb:
ad:a0:88:d8:d2:b5:05:bc:e7:ec:22:57:48:24:71:42:9f:49:
20:9a:61:8a:6b:c8:7a:a0:4c:f1:01:93:79:a9:0e:c7:45:53:
6d:26:7e:cc:a9:b9:22:80:9f:a4:61:03:b7:94:a2:dc:7c:8c:
a5:c7:a7:5a:b5:ca:98:e5:3d:ac:49:72:7d:9a:ab:54:35:ca:
8d:86:16:c9:c0:ea:10:f2:a9:e9:90:ad:61:c7:51:34:e7:59:
76:f8:f7:45:36:23:9d:41:4d:6b:2c:de:74:61:14:00:9f:05:
00:f7:57:78:d7:28:f2:74:f1:a2:ab:93:f6:70:c7:89:c7:cb:
30:6e:30:b8:42:f4:5f:a7:18:77:ff:56:05:03:a8:db:cd:4f:
1e:30:78:69:ad:f1:27:fe:c9:74:57:9c:0b:1a:18:04:c4:f6:
c2:60:03:9b:94:39:91:49:73:26:9f:40:79:34:60:69:5e:2d:
eb:28:8b:d7:88:b8:5f:f0:a7:cc:3f:50:fd:f7:42:03:4d:fc:
2f:b0:8b:2f:62:ee:cf:56:3d:18:0a:1a:0c:18:42:df:5f:85:
47:bf:af:5d:9f:cd:ad:7c:6a:a9:5e:55:96:9c:c4:ae:a4:35:
7f:76:be:40
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB0PBFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Zjg2ODVkYmFkZmZiMDFkZGNjZTZjNGQ4MmE5N2YzM2MwNDBlZDJkMB4XDTIyMDEw
MTEyMDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RlMjA0NDI5NmM2
MDAyMDc2MjcxMzVhMGJmMTNiODlkZGUzNjNiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMiZx/oph24QiKWC+YEW1rn9mDhWRPBzZ6kJpdkv8KE9SQEP
s5FmXny3x1gz3UtmFJkqhEyvoVbp2U0np+GVMP2KZcI8yLRZtDTt5udkh08ce4hz
pWSN2f0Ow7gVnWNxariSawlXhwvmZ2LIWmdwQ+A+2RiZfZA507lkty5MZDO7/93l
DOpqNeocSzY2oDTJ8FsOXSSD/5594G/uUwGyIWbt6o5N49LuQOVWKyp3luSEv+RS
WucDWb0G3EX3pdNvKqaQIHNdUV1siznt7ObMbdpK6O/AqHoIiXlaAx9uPeRdhniO
61EH8lPyTJOvTLLNVw8BsHGvvaHx3ukePE9DftsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTN4gRClsYAIHYnE1oL8TuJ3eNjsjAfBgNVHSMEGDAWgBSPhoXbrf+wHdzO
bE2CqX8zwEDtLTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2o0YUYyNjNfc0IzY3pteE5ncWxfTThCQTdTMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvNzEyZjAzLWFmZTktNGY2NS1hY2VjLTY3Y2ZlMzA2N2IyYS8x
L3plSUVRcGJHQUNCMkp4TmFDX0U3aWQzalk3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
NzEyZjAzLWFmZTktNGY2NS1hY2VjLTY3Y2ZlMzA2N2IyYS8xL2o0YUYyNjNfc0Iz
Y3pteE5ncWxfTThCQTdTMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2WiDANBAIAAjAHAwUDKg/GADAN
BgkqhkiG9w0BAQsFAAOCAQEAm56kXPtTtQbVXAxWamU6AkHrraCI2NK1Bbzn7CJX
SCRxQp9JIJphimvIeqBM8QGTeakOx0VTbSZ+zKm5IoCfpGEDt5Si3HyMpcenWrXK
mOU9rElyfZqrVDXKjYYWycDqEPKp6ZCtYcdRNOdZdvj3RTYjnUFNayzedGEUAJ8F
APdXeNco8nTxoquT9nDHicfLMG4wuEL0X6cYd/9WBQOo281PHjB4aa3xJ/7JdFec
CxoYBMT2wmADm5Q5kUlzJp9AeTRgaV4t6yiL14i4X/CnzD9Q/fdCA038L7CLL2Lu
z1Y9GAoaDBhC31+FR7+vXZ/NrXxqqV5VlpzErqQ1f3a+QA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:21:19 2025 by rpki-client