Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/ZeL0zHqfm_CnJ6749Ypg7tt14KM.roa
File: ZeL0zHqfm_CnJ6749Ypg7tt14KM.roa (raw, json)
Hash identifier: B8MV1gcMgK18g8X4PqgzrszyxCOaSWHAua+RgQfRQ9I=
Subject key identifier: 65:E2:F4:CC:7A:9F:9B:F0:A7:27:AE:F8:F5:8A:60:EE:DB:75:E0:A3
Certificate issuer: /CN=938ee951cdabc3ce805ec8df0bf3403bdfa9c657
Certificate serial: 0189D5A3F3CE2B7DAB3B87068A6CBCEA8640
Authority key identifier: 93:8E:E9:51:CD:AB:C3:CE:80:5E:C8:DF:0B:F3:40:3B:DF:A9:C6:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k47pUc2rw86AXsjfC_NAO9-pxlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/ZeL0zHqfm_CnJ6749Ypg7tt14KM.roa
Signing time: Tue 08 Aug 2023 14:53:59 +0000
ROA not before: Tue 08 Aug 2023 14:53:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208206
IP address blocks: 45.154.20.0/22 maxlen: 24
185.181.12.0/22 maxlen: 24
2a0f:9f00::/29 maxlen: 48
2a0a:bb80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d5:a3:f3:ce:2b:7d:ab:3b:87:06:8a:6c:bc:ea:86:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=938ee951cdabc3ce805ec8df0bf3403bdfa9c657
Validity
Not Before: Aug 8 14:53:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65e2f4cc7a9f9bf0a727aef8f58a60eedb75e0a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:32:62:c8:72:ce:15:d4:fa:fe:d6:94:c4:78:
35:d2:21:20:9f:7d:0a:97:e7:29:8b:e4:a2:92:e9:
76:b9:eb:29:40:dc:cc:2f:80:d0:7a:e4:a5:5c:17:
08:68:1f:9c:07:d4:9f:b7:29:54:9f:f6:29:fd:69:
91:a6:21:33:2b:cd:69:6c:34:bb:d9:7b:62:c1:6a:
8c:c2:09:99:d7:1a:c3:e7:92:16:b4:59:fb:66:25:
4b:a4:22:1b:e9:0d:b7:95:6b:41:8d:b5:61:59:53:
a1:42:f5:df:0b:17:07:8f:51:9e:91:b7:d2:c3:b3:
66:48:de:dd:1a:93:ec:0f:95:ab:e8:92:ec:ca:82:
80:2e:26:22:fe:83:19:30:8a:02:85:04:a7:81:69:
e5:ac:3a:80:d0:da:c4:02:b3:2f:0a:77:7e:0f:c5:
84:82:88:f1:6d:d9:34:e9:cb:e7:cc:35:02:2e:a8:
2c:5a:7b:e0:b7:37:7e:3a:0a:22:93:06:31:9d:52:
61:34:be:dd:a8:e6:ac:0a:c9:ff:96:59:e5:5d:4d:
0f:ed:bc:74:25:9c:12:96:e7:42:44:c8:0e:3c:f0:
82:1f:a5:79:af:66:3e:65:a1:75:20:a5:df:89:fa:
86:e4:17:72:fd:63:0e:d2:e8:bb:bd:7e:76:a7:90:
34:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E2:F4:CC:7A:9F:9B:F0:A7:27:AE:F8:F5:8A:60:EE:DB:75:E0:A3
X509v3 Authority Key Identifier:
keyid:93:8E:E9:51:CD:AB:C3:CE:80:5E:C8:DF:0B:F3:40:3B:DF:A9:C6:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k47pUc2rw86AXsjfC_NAO9-pxlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/ZeL0zHqfm_CnJ6749Ypg7tt14KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/k47pUc2rw86AXsjfC_NAO9-pxlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.20.0/22
185.181.12.0/22
IPv6:
2a0a:bb80::/29
2a0f:9f00::/29
Signature Algorithm: sha256WithRSAEncryption
3a:0a:fc:c0:66:4e:4b:13:63:9b:b7:89:10:d7:1b:9a:ca:88:
df:ed:f0:9d:32:5c:30:ae:0a:52:b0:a7:78:90:d4:1d:2f:44:
0c:65:57:b4:02:2c:cb:af:b6:12:8c:bd:e8:1e:81:f1:26:8a:
65:9e:61:5b:1e:92:1e:c5:ce:db:68:ce:61:43:76:f0:2a:9d:
49:5f:31:b4:d8:b4:93:04:ea:37:e9:8e:d8:e7:3b:10:60:ec:
7f:ce:8b:fd:57:ac:a5:9b:ca:58:d9:d0:7e:08:cb:5e:e8:98:
5d:de:e3:ab:46:59:4f:a7:62:7e:38:23:2c:61:fa:68:4b:1a:
53:94:bd:4a:2a:4d:c4:28:b2:a7:17:15:c6:98:71:c9:72:5d:
3a:29:d8:66:a1:6d:d8:d2:e9:3c:38:5e:e5:1b:bf:49:79:e9:
39:b2:3a:e2:b7:68:50:ff:51:c4:21:85:11:70:73:7f:4d:68:
75:e7:55:3d:84:c7:b8:62:58:8e:e7:2c:83:36:b0:25:4b:de:
8b:41:8a:77:ef:da:30:0c:56:01:8a:26:01:06:32:78:ab:b7:
44:85:67:d6:28:19:3e:b5:34:35:bd:70:44:0b:4d:77:29:26:
3f:7b:4b:8b:4d:80:53:20:88:c2:69:6a:04:1c:da:db:ab:84:
b1:d9:c0:ec
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYnVo/POK32rO4cGimy86oZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzOGVlOTUxY2RhYmMzY2U4MDVlYzhkZjBiZjM0MDNiZGZh
OWM2NTcwHhcNMjMwODA4MTQ1MzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWUyZjRjYzdhOWY5YmYwYTcyN2FlZjhmNThhNjBlZWRiNzVlMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzJiyHLOFdT6/taUxHg10iEgn30K
l+cpi+Sikul2uespQNzML4DQeuSlXBcIaB+cB9SftylUn/Yp/WmRpiEzK81pbDS7
2XtiwWqMwgmZ1xrD55IWtFn7ZiVLpCIb6Q23lWtBjbVhWVOhQvXfCxcHj1GekbfS
w7NmSN7dGpPsD5Wr6JLsyoKALiYi/oMZMIoChQSngWnlrDqA0NrEArMvCnd+D8WE
gojxbdk06cvnzDUCLqgsWnvgtzd+OgoikwYxnVJhNL7dqOasCsn/llnlXU0P7bx0
JZwSludCRMgOPPCCH6V5r2Y+ZaF1IKXfifqG5Bdy/WMO0ui7vX52p5A0WQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGXi9Mx6n5vwpyeu+PWKYO7bdeCjMB8GA1UdIwQY
MBaAFJOO6VHNq8POgF7I3wvzQDvfqcZXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazQ3cFVjMnJ3ODZBWHNqZkNfTkFPOS1weGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9hOGZlNWItNmFjZS00MjM2LThhOTAt
ZTBmNWQ4NmUzN2EzLzEvWmVMMHpIcWZtX0NuSjY3NDlZcGc3dHQxNEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9hOGZlNWItNmFjZS00MjM2LThhOTAtZTBmNWQ4NmUzN2Ez
LzEvazQ3cFVjMnJ3ODZBWHNqZkNfTkFPOS1weGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLZoUAwQC
ubUMMBQEAgACMA4DBQMqCruAAwUDKg+fADANBgkqhkiG9w0BAQsFAAOCAQEAOgr8
wGZOSxNjm7eJENcbmsqI3+3wnTJcMK4KUrCneJDUHS9EDGVXtAIsy6+2Eoy96B6B
8SaKZZ5hWx6SHsXO22jOYUN28CqdSV8xtNi0kwTqN+mO2Oc7EGDsf86L/VespZvK
WNnQfgjLXuiYXd7jq0ZZT6difjgjLGH6aEsaU5S9SipNxCiypxcVxphxyXJdOinY
ZqFt2NLpPDhe5Ru/SXnpObI64rdoUP9RxCGFEXBzf01odedVPYTHuGJYjucsgzaw
JUvei0GKd+/aMAxWAYomAQYyeKu3RIVn1igZPrU0Nb1wRAtNdykmP3tLi02AUyCI
wmlqBBza26uEsdnA7A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:22 2025 by rpki-client