Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/zLbAH6w6TL6J311gC5FYlM-QUIM.roa
File: zLbAH6w6TL6J311gC5FYlM-QUIM.roa (raw, json)
Hash identifier: ut4nRM9DCgxPuJGv3WWdtgb9k+xJWBkIA/yHgzjHvnA=
Subject key identifier: CC:B6:C0:1F:AC:3A:4C:BE:89:DF:5D:60:0B:91:58:94:CF:90:50:83
Certificate issuer: /CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56
Certificate serial: 018726BD5ACA7C1DAB432479B5DDE3900186
Authority key identifier: C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/zLbAH6w6TL6J311gC5FYlM-QUIM.roa
Signing time: Tue 28 Mar 2023 05:42:36 +0000
ROA not before: Tue 28 Mar 2023 05:42:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49810
IP address blocks: 45.84.147.0/24 maxlen: 24
2a04:d202::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:26:bd:5a:ca:7c:1d:ab:43:24:79:b5:dd:e3:90:01:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56
Validity
Not Before: Mar 28 05:42:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccb6c01fac3a4cbe89df5d600b915894cf905083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:42:fd:1f:01:ac:1f:a5:a6:f1:f0:0b:79:eb:
c8:68:fc:5b:10:91:53:ed:f4:b4:1e:ca:5c:70:34:
82:d1:b0:54:d9:fb:0e:38:c5:c7:c0:04:e7:da:b0:
21:40:e8:c3:71:02:5f:22:a4:b2:e3:13:14:8e:ad:
9e:49:f9:d3:bd:a5:75:f9:18:82:c8:4a:b4:d9:e1:
5e:e8:b1:19:92:83:44:27:75:0e:d1:2c:b2:db:18:
88:05:57:44:0e:0c:40:a0:1c:13:43:0d:cf:66:0c:
b3:9c:a3:3f:80:f5:7d:50:a4:3a:3b:79:e2:52:98:
99:f4:9f:ff:46:b6:4d:cf:c6:4c:b5:45:e5:8d:19:
31:72:c1:01:52:bd:ae:85:8c:de:7d:8e:b5:2b:97:
18:6a:9f:5c:ae:c6:7c:40:99:c9:e6:fd:1d:56:49:
5a:43:af:a0:d2:96:68:95:f6:4f:4b:0b:eb:87:a1:
13:ea:70:bf:60:94:9b:57:aa:8d:0f:c5:b3:bd:3c:
4d:bc:6c:d4:51:01:3a:88:34:d9:61:38:d8:64:f0:
c2:6d:5c:74:50:a6:34:ea:dd:fe:54:d6:c3:2d:6b:
c7:9f:2f:39:24:40:63:f8:3d:dd:3e:39:f5:f8:d6:
ad:48:67:7f:12:c4:89:d3:24:c5:62:16:b8:7f:36:
d4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B6:C0:1F:AC:3A:4C:BE:89:DF:5D:60:0B:91:58:94:CF:90:50:83
X509v3 Authority Key Identifier:
keyid:C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/zLbAH6w6TL6J311gC5FYlM-QUIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/wtgszwyN6n1_atcujmJGLXviDVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.147.0/24
IPv6:
2a04:d202::/32
Signature Algorithm: sha256WithRSAEncryption
aa:b0:59:ab:60:f5:9b:a6:21:b0:20:68:b3:33:b3:e4:98:8d:
1a:1f:bb:cb:0e:70:47:a9:0c:33:16:31:21:ec:d4:c6:ee:dc:
9c:c6:d5:14:98:cb:15:48:b1:58:5b:36:08:e2:33:59:45:d6:
7e:39:ab:de:e2:08:fe:c7:2d:fb:15:d5:f0:ad:c6:7b:6f:2b:
6a:90:17:81:2e:cb:65:20:96:87:26:b7:0e:5b:68:4d:ca:a3:
0a:b4:f4:24:99:d0:68:92:26:40:97:e8:02:3f:05:b8:03:cd:
7a:30:70:a5:98:b3:02:db:73:4f:62:5a:72:3a:ec:b3:b5:20:
c6:cd:0b:33:34:65:df:33:67:f6:d2:fb:ca:a4:53:34:1c:e1:
64:92:9c:c6:7b:31:7a:4b:ef:ee:69:87:c6:3f:0d:b1:cd:41:
63:ce:54:3f:d4:a8:5b:90:e9:c2:25:b2:1e:f0:b7:2c:f5:0b:
93:c6:ae:7c:83:a6:2d:4b:c5:95:18:91:25:44:bc:95:4b:4d:
6a:04:ea:46:ec:12:00:c5:3a:7a:57:c6:25:87:59:f0:96:2b:
1a:82:62:29:8b:54:3b:3c:72:9b:a2:c4:86:fc:f0:98:c9:58:
fd:09:3f:59:d6:28:61:90:40:dd:f8:d9:38:e4:49:26:67:27:
44:3c:5a:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYcmvVrKfB2rQyR5td3jkAGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDgyY2NmMGM4ZGVhN2Q3ZjZhZDcyZThlNjI0NjJkN2Jl
MjBkNTYwHhcNMjMwMzI4MDU0MjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2I2YzAxZmFjM2E0Y2JlODlkZjVkNjAwYjkxNTg5NGNmOTA1MDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkL9HwGsH6Wm8fALeevIaPxbEJFT
7fS0HspccDSC0bBU2fsOOMXHwATn2rAhQOjDcQJfIqSy4xMUjq2eSfnTvaV1+RiC
yEq02eFe6LEZkoNEJ3UO0Syy2xiIBVdEDgxAoBwTQw3PZgyznKM/gPV9UKQ6O3ni
UpiZ9J//RrZNz8ZMtUXljRkxcsEBUr2uhYzefY61K5cYap9crsZ8QJnJ5v0dVkla
Q6+g0pZolfZPSwvrh6ET6nC/YJSbV6qND8WzvTxNvGzUUQE6iDTZYTjYZPDCbVx0
UKY06t3+VNbDLWvHny85JEBj+D3dPjn1+NatSGd/EsSJ0yTFYha4fzbUZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMy2wB+sOky+id9dYAuRWJTPkFCDMB8GA1UdIwQY
MBaAFMLYLM8Mjep9f2rXLo5iRi174g1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3Rnc3p3eU42bjFfYXRjdWptSkdMWHZpRFZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zMjc5NTItNGM2Ni00Yjk1LWI2ZGUt
NDMxMThlNDk2ZDQwLzEvekxiQUg2dzZUTDZKMzExZ0M1RllsTS1RVUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zMjc5NTItNGM2Ni00Yjk1LWI2ZGUtNDMxMThlNDk2ZDQw
LzEvd3Rnc3p3eU42bjFfYXRjdWptSkdMWHZpRFZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVSTMA0E
AgACMAcDBQAqBNICMA0GCSqGSIb3DQEBCwUAA4IBAQCqsFmrYPWbpiGwIGizM7Pk
mI0aH7vLDnBHqQwzFjEh7NTG7tycxtUUmMsVSLFYWzYI4jNZRdZ+Oave4gj+xy37
FdXwrcZ7bytqkBeBLstlIJaHJrcOW2hNyqMKtPQkmdBokiZAl+gCPwW4A816MHCl
mLMC23NPYlpyOuyztSDGzQszNGXfM2f20vvKpFM0HOFkkpzGezF6S+/uaYfGPw2x
zUFjzlQ/1KhbkOnCJbIe8Lcs9QuTxq58g6YtS8WVGJElRLyVS01qBOpG7BIAxTp6
V8Ylh1nwlisagmIpi1Q7PHKbosSG/PCYyVj9CT9Z1ihhkEDd+Nk45EkmZydEPFo+
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:47:53 2025 by rpki-client