Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/sZ4CiMKVvgFjMp230IeuZhOrF7A.roa
File: sZ4CiMKVvgFjMp230IeuZhOrF7A.roa (raw, json)
Hash identifier: ARZXagxNCYUA0yy/SHU8xdMoQ5ajd0DuCwL2su1r1z4=
Subject key identifier: B1:9E:02:88:C2:95:BE:01:63:32:9D:B7:D0:87:AE:66:13:AB:17:B0
Certificate issuer: /CN=667d377dd4c830c246cb48a934699699e4b37741
Certificate serial: 018A6D4468505F1A9EA0750875B9D17C0D50
Authority key identifier: 66:7D:37:7D:D4:C8:30:C2:46:CB:48:A9:34:69:96:99:E4:B3:77:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zn03fdTIMMJGy0ipNGmWmeSzd0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/sZ4CiMKVvgFjMp230IeuZhOrF7A.roa
Signing time: Thu 07 Sep 2023 01:31:54 +0000
ROA not before: Thu 07 Sep 2023 01:31:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43619
IP address blocks: 45.66.108.0/22 maxlen: 24
2a09:6842::/32 maxlen: 48
2a09:6841::/32 maxlen: 48
2a09:6843::/32 maxlen: 48
2a09:6840::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6d:44:68:50:5f:1a:9e:a0:75:08:75:b9:d1:7c:0d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=667d377dd4c830c246cb48a934699699e4b37741
Validity
Not Before: Sep 7 01:31:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b19e0288c295be0163329db7d087ae6613ab17b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e5:e4:4a:a9:70:a4:9b:66:68:ad:ce:a6:cf:
da:27:dd:3a:f3:b2:6d:29:b1:c4:7c:c5:d2:13:66:
fc:be:a3:4b:6a:80:58:ee:60:ce:cb:31:6c:0a:a3:
5f:4a:f3:7d:6f:6b:51:97:b8:b7:b9:e4:55:f9:53:
cb:87:7f:56:76:28:c9:33:95:60:7c:93:2f:15:03:
22:7e:36:c5:05:24:a6:e1:da:10:de:19:05:bb:b7:
cb:5e:1d:4a:01:10:ff:70:25:da:61:64:96:c8:ed:
a9:cf:b6:fe:eb:46:ef:93:3d:fd:7e:6e:9a:4c:15:
09:ce:ea:d3:15:4a:d4:62:80:61:00:a6:4e:7b:97:
64:a4:6e:4b:9d:fc:fc:44:20:1c:79:30:bf:58:2b:
53:e6:cc:61:51:3a:3d:28:1b:2e:d2:c6:7d:ec:61:
ad:18:ec:ea:1d:cd:1b:5c:17:7b:9f:f1:3e:3b:a8:
c1:25:7a:9e:ef:6a:22:1a:a9:97:c4:97:9a:23:42:
b7:d4:be:a0:f3:62:fc:7d:33:43:e4:b8:c7:19:02:
b4:ff:d7:ee:cf:dc:89:d7:83:c3:e3:77:04:23:49:
7d:46:f5:00:c6:7a:76:95:ce:88:94:7e:a9:c9:9a:
39:20:2c:ae:c9:0c:d9:37:e9:b6:44:f6:cc:66:e1:
86:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:9E:02:88:C2:95:BE:01:63:32:9D:B7:D0:87:AE:66:13:AB:17:B0
X509v3 Authority Key Identifier:
keyid:66:7D:37:7D:D4:C8:30:C2:46:CB:48:A9:34:69:96:99:E4:B3:77:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zn03fdTIMMJGy0ipNGmWmeSzd0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/sZ4CiMKVvgFjMp230IeuZhOrF7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/Zn03fdTIMMJGy0ipNGmWmeSzd0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.108.0/22
IPv6:
2a09:6840::/30
Signature Algorithm: sha256WithRSAEncryption
2f:b4:18:0d:dd:47:0d:e6:35:32:5d:5a:05:79:4f:a4:c2:6a:
0c:c4:f1:fe:64:98:9c:b4:58:ad:57:7b:10:29:44:83:71:2e:
f2:63:87:14:06:d0:86:5a:9d:53:fa:22:0b:0d:4f:4c:92:24:
86:7c:52:5d:02:41:ff:1b:58:d3:30:6f:3c:b9:87:c8:39:60:
6f:99:32:09:cf:da:6a:9c:77:f2:a2:14:4e:14:f3:83:cc:7f:
d3:43:90:e6:a9:db:ee:43:40:25:69:54:37:ea:0d:1d:3b:6a:
72:71:59:aa:76:81:f4:22:28:ae:16:ac:a3:4e:f0:3b:6a:7d:
20:7e:4d:ee:71:70:36:2e:38:cc:3d:e9:ba:cd:b8:45:c6:7e:
b7:53:16:54:5e:d8:ca:e4:04:ed:cf:5f:24:39:cf:1d:f7:78:
ed:86:6c:f9:bd:6d:c5:0e:a9:ce:f9:40:63:bc:c9:e5:c6:4d:
28:0d:2f:4d:f3:39:ff:72:bc:24:36:ca:ab:b7:a6:d9:8f:ad:
ec:2a:94:a0:51:45:3d:d0:4e:bb:c1:2a:f4:b9:5a:2d:5c:a7:
69:56:ed:7b:35:62:8a:6e:e0:ea:b7:ba:55:71:4b:f8:41:74:
fa:4c:74:70:28:6e:99:c3:9b:ac:a0:3a:75:d3:92:0b:a0:68:
c6:51:30:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYptRGhQXxqeoHUIdbnRfA1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2N2QzNzdkZDRjODMwYzI0NmNiNDhhOTM0Njk5Njk5ZTRi
Mzc3NDEwHhcNMjMwOTA3MDEzMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTllMDI4OGMyOTViZTAxNjMzMjlkYjdkMDg3YWU2NjEzYWIxN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+XkSqlwpJtmaK3Ops/aJ90687Jt
KbHEfMXSE2b8vqNLaoBY7mDOyzFsCqNfSvN9b2tRl7i3ueRV+VPLh39WdijJM5Vg
fJMvFQMifjbFBSSm4doQ3hkFu7fLXh1KARD/cCXaYWSWyO2pz7b+60bvkz39fm6a
TBUJzurTFUrUYoBhAKZOe5dkpG5Lnfz8RCAceTC/WCtT5sxhUTo9KBsu0sZ97GGt
GOzqHc0bXBd7n/E+O6jBJXqe72oiGqmXxJeaI0K31L6g82L8fTND5LjHGQK0/9fu
z9yJ14PD43cEI0l9RvUAxnp2lc6IlH6pyZo5ICyuyQzZN+m2RPbMZuGGBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLGeAojClb4BYzKdt9CHrmYTqxewMB8GA1UdIwQY
MBaAFGZ9N33UyDDCRstIqTRplpnks3dBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm4wM2ZkVElNTUpHeTBpcE5HbVdtZVN6ZDBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9lNjgxMmUtOTZhNC00OGI0LWFiNjEt
MTIxZmY0NjAxOGYzLzEvc1o0Q2lNS1Z2Z0ZqTXAyMzBJZXVaaE9yRjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9lNjgxMmUtOTZhNC00OGI0LWFiNjEtMTIxZmY0NjAxOGYz
LzEvWm4wM2ZkVElNTUpHeTBpcE5HbVdtZVN6ZDBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUJsMA0E
AgACMAcDBQIqCWhAMA0GCSqGSIb3DQEBCwUAA4IBAQAvtBgN3UcN5jUyXVoFeU+k
wmoMxPH+ZJictFitV3sQKUSDcS7yY4cUBtCGWp1T+iILDU9MkiSGfFJdAkH/G1jT
MG88uYfIOWBvmTIJz9pqnHfyohROFPODzH/TQ5DmqdvuQ0AlaVQ36g0dO2pycVmq
doH0IiiuFqyjTvA7an0gfk3ucXA2LjjMPem6zbhFxn63UxZUXtjK5ATtz18kOc8d
93jthmz5vW3FDqnO+UBjvMnlxk0oDS9N8zn/crwkNsqrt6bZj63sKpSgUUU90E67
wSr0uVotXKdpVu17NWKKbuDqt7pVcUv4QXT6THRwKG6Zw5usoDp105ILoGjGUTBO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:18 2025 by rpki-client