Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/zuUxCi8_mb2WVTp6zpQU_VsJDVA.roa
File: zuUxCi8_mb2WVTp6zpQU_VsJDVA.roa (raw, json)
Hash identifier: 3XOuUUNvsaiyDe2JdYi6sRG5HJEFr1I9cxSl+Suvc7w=
Subject key identifier: CE:E5:31:0A:2F:3F:99:BD:96:55:3A:7A:CE:94:14:FD:5B:09:0D:50
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 0183A70DFB83D12E302C28FD70038FFBE846
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/zuUxCi8_mb2WVTp6zpQU_VsJDVA.roa
Signing time: Wed 05 Oct 2022 07:30:54 +0000
ROA not before: Wed 05 Oct 2022 07:30:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210703
IP address blocks: 45.156.144.0/24 maxlen: 24
45.156.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a7:0d:fb:83:d1:2e:30:2c:28:fd:70:03:8f:fb:e8:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Oct 5 07:30:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cee5310a2f3f99bd96553a7ace9414fd5b090d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9a:3b:26:09:bf:5d:37:d9:e8:27:1a:81:45:
b5:c5:71:43:9e:37:e9:73:d3:94:71:e7:5a:a1:2f:
02:75:d3:d7:e7:76:d5:3d:b2:09:3b:3b:54:a6:3c:
8a:8e:fa:74:b9:56:bb:05:7a:b2:fd:b4:ec:c7:5e:
ff:bf:0f:bf:e8:6e:26:13:5d:46:c6:73:fa:f3:bb:
43:a8:22:4b:45:5e:5f:34:9e:45:79:2b:4a:2e:aa:
23:52:21:9e:6a:90:9b:f9:fd:05:f8:21:3f:97:36:
fb:ef:6d:a6:10:e8:54:e3:66:a5:b9:77:84:23:13:
37:c8:72:77:67:a4:63:3c:f4:7c:3b:5e:0c:6c:71:
54:90:e4:1d:8c:7f:92:bf:ef:7d:b4:7c:b8:66:9b:
4a:f0:e8:03:9d:2f:12:b3:70:9c:56:bd:14:6d:9a:
f7:1a:b3:dd:3b:54:bf:32:95:1d:6a:3f:77:0c:37:
4b:4d:f0:a5:62:31:56:5b:ae:ba:e2:66:fe:0f:c6:
7d:08:18:5c:81:ac:68:23:05:ac:a1:22:29:b9:b2:
cc:06:da:b6:c3:0d:bf:7d:56:de:a5:62:e7:3e:18:
db:51:6c:fa:90:d2:4f:0b:f7:ef:bd:51:3f:24:83:
1e:98:72:59:c2:48:00:f3:f4:1c:87:72:39:1a:f7:
c8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E5:31:0A:2F:3F:99:BD:96:55:3A:7A:CE:94:14:FD:5B:09:0D:50
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/zuUxCi8_mb2WVTp6zpQU_VsJDVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.144.0/24
45.156.147.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:f3:1e:45:c4:c1:f3:02:b5:34:ec:08:f4:01:d8:97:6a:d3:
71:e6:72:1b:fa:a2:b8:c2:5d:08:d0:75:d8:d9:ee:f3:ba:72:
a0:99:67:46:39:0b:bb:72:d5:6d:d7:86:5b:9a:64:bf:e2:6d:
f7:8d:8d:59:6b:59:19:1c:90:10:b3:4f:cc:a0:7d:12:be:c0:
a6:57:7d:e4:ca:89:4f:f3:3e:eb:bd:08:90:ef:64:3d:a2:85:
3c:e9:35:f9:93:15:d7:4d:82:b0:ce:4a:cf:16:70:00:ea:83:
3f:3a:9b:a5:bc:04:8c:93:84:0b:c0:74:10:a4:7e:da:1b:b5:
75:57:b0:4c:0d:81:6d:77:aa:b5:8e:45:8f:14:99:7a:9d:af:
b2:1c:be:35:9a:81:ba:45:2f:0b:a4:81:b4:53:14:d7:a7:5c:
ef:d6:b6:eb:e9:d6:86:ef:a6:9c:47:60:7e:86:97:b5:3f:93:
5d:44:2b:e4:01:04:39:f5:f8:45:8e:d5:a1:ae:1d:68:5d:63:
b6:d9:04:ed:88:bf:29:ff:45:59:20:5c:0c:b3:65:92:61:55:
20:9a:e7:4f:b8:11:62:b9:8e:0f:ae:6b:06:05:65:22:97:2e:
ba:90:4b:8c:7a:35:83:71:b4:f3:aa:0d:8c:a8:4b:8f:cd:e7:
1d:43:43:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYOnDfuD0S4wLCj9cAOP++hGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjIxMDA1MDczMDU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWU1MzEwYTJmM2Y5OWJkOTY1NTNhN2FjZTk0MTRmZDViMDkwZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJo7Jgm/XTfZ6CcagUW1xXFDnjfp
c9OUcedaoS8CddPX53bVPbIJOztUpjyKjvp0uVa7BXqy/bTsx17/vw+/6G4mE11G
xnP687tDqCJLRV5fNJ5FeStKLqojUiGeapCb+f0F+CE/lzb7722mEOhU42aluXeE
IxM3yHJ3Z6RjPPR8O14MbHFUkOQdjH+Sv+99tHy4ZptK8OgDnS8Ss3CcVr0UbZr3
GrPdO1S/MpUdaj93DDdLTfClYjFWW6664mb+D8Z9CBhcgaxoIwWsoSIpubLMBtq2
ww2/fVbepWLnPhjbUWz6kNJPC/fvvVE/JIMemHJZwkgA8/Qch3I5GvfI1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM7lMQovP5m9llU6es6UFP1bCQ1QMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvenVVeENpOF9tYjJXVlRwNnpwUVVfVnNKRFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZyQAwQA
LZyTMA0GCSqGSIb3DQEBCwUAA4IBAQBN8x5FxMHzArU07Aj0AdiXatNx5nIb+qK4
wl0I0HXY2e7zunKgmWdGOQu7ctVt14ZbmmS/4m33jY1Za1kZHJAQs0/MoH0SvsCm
V33kyolP8z7rvQiQ72Q9ooU86TX5kxXXTYKwzkrPFnAA6oM/OpulvASMk4QLwHQQ
pH7aG7V1V7BMDYFtd6q1jkWPFJl6na+yHL41moG6RS8LpIG0UxTXp1zv1rbr6daG
76acR2B+hpe1P5NdRCvkAQQ59fhFjtWhrh1oXWO22QTtiL8p/0VZIFwMs2WSYVUg
mudPuBFiuY4PrmsGBWUily66kEuMejWDcbTzqg2MqEuPzecdQ0OA
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:25:01 2025 by rpki-client