Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/5at-GMe5w7a35I8gSBVKJzCiYb8.roa
File: 5at-GMe5w7a35I8gSBVKJzCiYb8.roa (raw, json)
Hash identifier: 4p1The6Nth8ydMq2pYJpexS7lgUl8wGZJifB/h66SNw=
Subject key identifier: E5:AB:7E:18:C7:B9:C3:B6:B7:E4:8F:20:48:15:4A:27:30:A2:61:BF
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 01856F94DA2DC0D05A879B183111F0EBD174
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/5at-GMe5w7a35I8gSBVKJzCiYb8.roa
Signing time: Sun 01 Jan 2023 23:05:04 +0000
ROA not before: Sun 01 Jan 2023 23:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42831
IP address blocks: 45.43.64.0/23 maxlen: 24
45.43.86.0/24 maxlen: 24
107.181.128.0/22 maxlen: 24
107.181.152.0/24 maxlen: 24
107.181.154.0/24 maxlen: 24
107.181.153.0/24 maxlen: 24
198.105.109.0/24 maxlen: 24
198.105.108.0/24 maxlen: 24
198.105.111.0/24 maxlen: 24
89.33.6.0/23 maxlen: 24
2a05:9f40:1f::/48 maxlen: 48
2a05:9f44:2a05::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:da:2d:c0:d0:5a:87:9b:18:31:11:f0:eb:d1:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 23:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5ab7e18c7b9c3b6b7e48f2048154a2730a261bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e6:7c:42:ac:24:64:c5:53:c5:02:b6:4f:0a:
45:62:40:e0:d5:65:28:d9:07:c0:08:19:14:20:36:
80:19:0c:c7:fb:d5:53:5a:2f:90:39:6e:bf:b6:ae:
7f:8a:e2:83:c3:13:7f:b8:ed:26:24:09:29:b5:9b:
dc:fa:1b:d5:12:a8:57:da:13:4b:e7:3f:38:d1:c8:
a0:84:53:9c:0c:b9:d1:f7:a9:86:04:87:8b:49:d8:
d1:9b:5b:8d:e7:fa:ea:99:82:b8:c7:51:59:27:88:
7d:bb:95:72:07:ff:23:16:d8:b5:1a:89:81:91:b7:
fb:41:61:a5:f2:0b:b4:dc:89:84:28:23:b0:12:83:
05:3c:64:71:0d:b7:2c:a7:f6:1d:81:6f:00:94:2f:
81:60:2c:1a:c7:3b:1d:d4:25:26:b9:fd:51:be:63:
cc:74:ef:a9:dc:e2:83:51:c8:fc:04:cd:43:e0:01:
d9:ff:bc:b8:28:00:fd:76:24:52:1a:f9:97:8b:b9:
a2:18:eb:8f:3f:58:73:98:83:d4:c8:48:bc:58:0c:
2c:ec:fe:4d:a1:c6:32:8d:db:cd:a6:ca:cf:5e:c6:
ec:d2:05:a5:e8:4c:b5:6f:70:6a:95:4b:45:e7:40:
80:12:45:f7:5e:b9:af:7e:5c:ac:51:b0:a3:39:a8:
fd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AB:7E:18:C7:B9:C3:B6:B7:E4:8F:20:48:15:4A:27:30:A2:61:BF
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/5at-GMe5w7a35I8gSBVKJzCiYb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/23
45.43.86.0/24
89.33.6.0/23
107.181.128.0/22
107.181.152.0-107.181.154.255
198.105.108.0/23
198.105.111.0/24
IPv6:
2a05:9f40:1f::/48
2a05:9f44:2a05::/48
Signature Algorithm: sha256WithRSAEncryption
62:9b:f4:f6:1b:02:d9:db:a5:32:69:9c:06:b7:8b:a3:51:00:
6c:87:2a:fa:9c:cb:fd:9f:31:a1:19:af:7b:1c:c9:64:1a:e5:
68:8d:92:25:b4:7b:97:c9:69:7b:ef:b9:8f:17:20:b4:b2:3c:
55:91:61:ff:88:41:48:e5:ed:f9:14:26:18:95:45:d7:78:3a:
bd:8f:b3:bb:4c:83:7c:c5:2e:42:85:3b:85:6a:63:04:31:1a:
93:75:44:19:3e:6e:7d:ca:4b:09:75:dd:9f:55:b2:3d:2d:5a:
95:c7:18:55:ea:19:22:ad:b0:fe:60:68:e9:81:d0:9e:55:64:
41:c8:00:5c:21:92:f2:44:21:57:51:4c:08:4b:51:c5:6c:0b:
50:6b:28:76:7d:de:16:02:5b:c8:ee:33:7f:9a:63:0b:f9:89:
df:36:7b:d6:a8:fe:f9:0c:d7:52:c0:99:be:ab:59:e9:6e:0b:
4b:b4:8c:23:35:4d:f7:0e:ba:3a:46:fc:12:96:5e:3c:46:9f:
09:44:3e:88:cb:ec:6b:e9:7a:42:7d:37:9f:c0:81:56:8e:ea:
45:d3:97:88:89:58:4d:d6:2e:81:2c:cd:19:04:de:49:a6:c0:
5b:bc:b2:ef:12:2c:bf:d6:e0:03:42:f3:33:7c:27:50:cd:af:
33:73:eb:5c
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYVvlNotwNBah5sYMRHw69F0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwMTAxMjMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWFiN2UxOGM3YjljM2I2YjdlNDhmMjA0ODE1NGEyNzMwYTI2MWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+Z8QqwkZMVTxQK2TwpFYkDg1WUo
2QfACBkUIDaAGQzH+9VTWi+QOW6/tq5/iuKDwxN/uO0mJAkptZvc+hvVEqhX2hNL
5z840cighFOcDLnR96mGBIeLSdjRm1uN5/rqmYK4x1FZJ4h9u5VyB/8jFti1GomB
kbf7QWGl8gu03ImEKCOwEoMFPGRxDbcsp/YdgW8AlC+BYCwaxzsd1CUmuf1RvmPM
dO+p3OKDUcj8BM1D4AHZ/7y4KAD9diRSGvmXi7miGOuPP1hzmIPUyEi8WAws7P5N
ocYyjdvNpsrPXsbs0gWl6Ey1b3BqlUtF50CAEkX3XrmvflysUbCjOaj90wIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFOWrfhjHucO2t+SPIEgVSicwomG/MB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvNWF0LUdNZTV3N2EzNUk4Z1NCVktKekNpWWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA4BAIAATAyAwQBLStAAwQA
LStWAwQBWSEGAwQCa7WAMAwDBANrtZgDBABrtZoDBAHGaWwDBADGaW8wGAQCAAIw
EgMHACoFn0AAHwMHACoFn0QqBTANBgkqhkiG9w0BAQsFAAOCAQEAYpv09hsC2dul
MmmcBreLo1EAbIcq+pzL/Z8xoRmvexzJZBrlaI2SJbR7l8lpe++5jxcgtLI8VZFh
/4hBSOXt+RQmGJVF13g6vY+zu0yDfMUuQoU7hWpjBDEak3VEGT5ufcpLCXXdn1Wy
PS1alccYVeoZIq2w/mBo6YHQnlVkQcgAXCGS8kQhV1FMCEtRxWwLUGsodn3eFgJb
yO4zf5pjC/mJ3zZ71qj++QzXUsCZvqtZ6W4LS7SMIzVN9w66Okb8EpZePEafCUQ+
iMvsa+l6Qn03n8CBVo7qRdOXiIlYTdYugSzNGQTeSabAW7yy7xIsv9bgA0LzM3wn
UM2vM3PrXA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:41:41 2025 by rpki-client