Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/zsIPvc2SvcS1wiebz8nPGOfkKNk.roa
File: zsIPvc2SvcS1wiebz8nPGOfkKNk.roa (raw, json)
Hash identifier: 7LTKKbK3uY0IsbUniXIPzs9HmHhQtrv6bU+X+oI0CvU=
Subject key identifier: CE:C2:0F:BD:CD:92:BD:C4:B5:C2:27:9B:CF:C9:CF:18:E7:E4:28:D9
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 01843C08F46016EC49F7F681425A6E8B46EE
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/zsIPvc2SvcS1wiebz8nPGOfkKNk.roa
Signing time: Thu 03 Nov 2022 05:48:50 +0000
ROA not before: Thu 03 Nov 2022 05:48:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201364
IP address blocks: 45.147.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:08:f4:60:16:ec:49:f7:f6:81:42:5a:6e:8b:46:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Nov 3 05:48:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cec20fbdcd92bdc4b5c2279bcfc9cf18e7e428d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f6:a0:50:45:8a:ab:8f:af:39:ee:c4:43:a2:
63:91:cf:c2:ea:a9:ea:9a:5c:74:0e:1a:cb:56:35:
2f:7e:c2:6b:94:ca:ac:06:0d:b2:f2:92:6b:17:0d:
14:74:36:1a:c1:fb:a9:d2:aa:2c:93:d7:b6:7a:64:
cd:49:43:08:3c:db:5e:32:3d:93:43:6b:a8:2a:56:
fd:7b:2a:ef:69:db:f8:64:52:9e:15:42:d5:64:b3:
b7:21:bc:9b:bc:cc:97:ef:4d:7d:9c:2a:8c:b6:f2:
bf:12:81:f7:36:28:e7:71:94:4f:64:ef:16:72:cc:
bf:da:4d:bd:28:05:f0:d2:cc:cd:24:53:27:6d:24:
3b:b3:cc:62:c5:6e:1d:08:7c:e0:46:f9:9d:5b:c8:
35:67:a9:57:ab:ad:85:5d:88:f3:8f:6e:29:6f:c1:
3a:19:a8:5e:76:47:ae:9d:7a:9d:30:da:fc:d6:b0:
09:b1:33:2c:13:40:52:a2:97:38:61:ce:3a:c0:24:
45:69:2d:ee:cd:ee:8a:ca:6e:2a:a6:c9:76:50:20:
21:7e:9d:70:ff:1b:3d:e3:ac:f4:5d:33:fd:17:f2:
d0:de:8b:78:7f:9f:99:23:0a:48:42:4e:1a:aa:58:
3c:5e:42:77:f8:c2:16:59:9b:11:18:9f:45:e0:75:
f1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C2:0F:BD:CD:92:BD:C4:B5:C2:27:9B:CF:C9:CF:18:E7:E4:28:D9
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/zsIPvc2SvcS1wiebz8nPGOfkKNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.45.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:a2:d2:a2:0c:8c:ff:ea:b8:ab:4f:1c:a0:e5:39:00:0c:48:
31:f6:05:79:a7:26:a0:93:4a:89:34:cb:e2:45:1f:7a:bb:dc:
f1:a3:3b:4d:e8:06:0e:2a:af:ea:3b:fa:43:36:2b:1c:fd:d2:
5e:61:13:ac:d9:cd:87:ce:ec:b9:e6:52:4f:4e:7a:67:94:0b:
96:6f:eb:d8:82:5c:26:14:08:1f:da:ea:26:30:06:3a:d1:5f:
bc:af:2e:4b:d8:dc:d2:23:57:43:99:9c:9f:1f:90:33:53:09:
82:56:36:f9:cc:52:de:7c:16:7b:a9:06:3c:10:3a:6f:f0:47:
80:ae:e3:52:bb:ad:5c:0a:20:61:43:73:7a:78:5b:d6:d9:61:
bb:9d:58:d3:c7:f7:66:ad:cf:09:aa:73:7b:f4:c2:a8:94:58:
40:60:27:85:06:e9:02:26:1a:bf:3b:13:0f:62:bc:d6:19:1b:
bd:df:d7:a8:29:9a:4a:9d:c1:be:d3:a6:dd:d7:25:f3:64:1f:
52:51:e2:7b:01:ce:10:2a:a2:f0:11:72:b9:2d:c5:9c:c7:ef:
c1:ca:da:35:f4:22:93:66:c0:28:3e:8d:01:96:3f:ef:9e:88:
45:83:17:e6:f9:39:57:65:74:50:93:9c:fb:5a:cd:64:36:7d:
a4:3f:b7:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ8CPRgFuxJ9/aBQlpui0buMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjIxMTAzMDU0ODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWMyMGZiZGNkOTJiZGM0YjVjMjI3OWJjZmM5Y2YxOGU3ZTQyOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfagUEWKq4+vOe7EQ6Jjkc/C6qnq
mlx0DhrLVjUvfsJrlMqsBg2y8pJrFw0UdDYawfup0qosk9e2emTNSUMIPNteMj2T
Q2uoKlb9eyrvadv4ZFKeFULVZLO3IbybvMyX7019nCqMtvK/EoH3NijncZRPZO8W
csy/2k29KAXw0szNJFMnbSQ7s8xixW4dCHzgRvmdW8g1Z6lXq62FXYjzj24pb8E6
GahedkeunXqdMNr81rAJsTMsE0BSopc4Yc46wCRFaS3uze6Kym4qpsl2UCAhfp1w
/xs946z0XTP9F/LQ3ot4f5+ZIwpIQk4aqlg8XkJ3+MIWWZsRGJ9F4HXx0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM7CD73Nkr3EtcInm8/Jzxjn5CjZMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvenNJUHZjMlN2Y1Mxd2llYno4blBHT2ZrS05rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZMtMA0G
CSqGSIb3DQEBCwUAA4IBAQA7otKiDIz/6rirTxyg5TkADEgx9gV5pyagk0qJNMvi
RR96u9zxoztN6AYOKq/qO/pDNisc/dJeYROs2c2Hzuy55lJPTnpnlAuWb+vYglwm
FAgf2uomMAY60V+8ry5L2NzSI1dDmZyfH5AzUwmCVjb5zFLefBZ7qQY8EDpv8EeA
ruNSu61cCiBhQ3N6eFvW2WG7nVjTx/dmrc8JqnN79MKolFhAYCeFBukCJhq/OxMP
YrzWGRu939eoKZpKncG+06bd1yXzZB9SUeJ7Ac4QKqLwEXK5LcWcx+/Byto19CKT
ZsAoPo0Blj/vnohFgxfm+TlXZXRQk5z7Ws1kNn2kP7eQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:35 2025 by rpki-client