Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tx8ELksr0KlZ8CUFOXwshInQqm4.roa
File: tx8ELksr0KlZ8CUFOXwshInQqm4.roa (raw, json)
Hash identifier: qbdL58FcNIu2vUDo873oIN4/KpSByyfwJ/BMMLxAT68=
Subject key identifier: B7:1F:04:2E:4B:2B:D0:A9:59:F0:25:05:39:7C:2C:84:89:D0:AA:6E
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018743BE8EBADC1D00A89B0AC05058E8CA5F
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tx8ELksr0KlZ8CUFOXwshInQqm4.roa
Signing time: Sun 02 Apr 2023 20:52:54 +0000
ROA not before: Sun 02 Apr 2023 20:52:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200131
IP address blocks: 45.8.200.0/24 maxlen: 24
5.180.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:43:be:8e:ba:dc:1d:00:a8:9b:0a:c0:50:58:e8:ca:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 2 20:52:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b71f042e4b2bd0a959f02505397c2c8489d0aa6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:87:0f:d2:65:33:b1:63:fe:0e:f6:d2:3f:55:
18:a0:d5:9c:ec:fe:51:8d:f2:44:96:b4:71:d6:8a:
b4:68:2e:c5:9f:b7:7f:e0:b0:99:17:c5:39:90:52:
64:5f:34:a9:71:ae:e8:ed:3f:ba:0f:d5:31:7d:6f:
40:fa:56:99:ee:ec:b2:2d:2d:23:28:ac:42:98:d9:
a3:c2:5c:fd:28:cd:93:55:cc:a4:79:1e:87:26:92:
29:a8:27:e6:74:3d:80:96:97:c9:34:17:92:a0:5b:
65:61:62:94:e3:89:d1:ee:3d:b5:f0:aa:8c:ba:d0:
18:10:d6:82:2c:e6:0e:5d:cc:2d:19:9d:49:9f:27:
9a:23:56:e1:fa:92:05:b2:25:25:80:1c:1b:42:b5:
60:84:bc:11:f1:5f:e3:dd:b0:1f:fe:39:b0:85:88:
6b:5e:ef:61:70:30:21:41:59:d3:d0:0e:9b:82:59:
f5:36:4d:d8:e4:94:15:af:fa:a9:ea:3f:27:91:64:
12:4e:90:8e:c9:f2:8f:d2:d1:99:b3:29:f4:bf:91:
b8:9e:72:a9:b1:88:87:ed:8f:bd:f3:ab:c9:18:49:
2f:b3:60:43:23:c8:61:66:15:fd:52:66:91:80:dd:
25:68:45:d9:4c:74:8e:e8:43:95:68:19:40:46:79:
2f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:1F:04:2E:4B:2B:D0:A9:59:F0:25:05:39:7C:2C:84:89:D0:AA:6E
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tx8ELksr0KlZ8CUFOXwshInQqm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.48.0/24
45.8.200.0/24
Signature Algorithm: sha256WithRSAEncryption
66:77:fd:44:fa:ab:ca:f2:f3:20:0c:bc:f6:d6:d8:0c:9c:94:
04:8e:55:d8:19:16:7e:28:98:58:0c:32:ea:e3:9f:fe:b7:7f:
39:fe:f7:89:49:33:35:47:cd:11:f0:7f:df:94:ec:85:18:9a:
04:12:7d:c9:e4:ac:17:ac:67:d3:0f:6c:3d:ef:92:4b:cc:7f:
1e:09:06:8c:62:2d:5e:29:a4:81:63:40:63:c1:21:09:bd:58:
fd:15:94:f4:22:fc:77:2f:af:2c:87:68:7d:6c:ed:85:d9:22:
f6:0f:47:48:28:b8:5b:4d:5a:db:93:c8:6a:2b:11:96:f0:a0:
69:f4:6a:1f:3f:80:f6:32:33:5a:00:dd:90:14:af:cf:50:1f:
9e:69:8d:36:a5:1d:d6:0c:65:58:84:1a:2d:ff:61:2b:3c:28:
f0:b1:fb:34:01:61:49:a2:a1:00:ab:f5:56:8c:23:6c:eb:43:
67:99:f6:2f:86:bf:a9:58:cf:ff:f6:f0:23:98:ef:7f:c9:4e:
39:20:ab:90:a1:3d:50:31:e9:09:cc:c9:7f:9d:10:f0:d5:f5:
6b:9b:98:ce:7a:e9:b3:f6:5f:0b:2a:34:9f:52:87:00:9e:e6:
0f:68:c8:b6:b9:6b:d3:be:55:73:b6:00:c6:d2:b1:b8:5b:c9:
42:21:83:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdDvo663B0AqJsKwFBY6MpfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNDAyMjA1MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzFmMDQyZTRiMmJkMGE5NTlmMDI1MDUzOTdjMmM4NDg5ZDBhYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4cP0mUzsWP+DvbSP1UYoNWc7P5R
jfJElrRx1oq0aC7Fn7d/4LCZF8U5kFJkXzSpca7o7T+6D9UxfW9A+laZ7uyyLS0j
KKxCmNmjwlz9KM2TVcykeR6HJpIpqCfmdD2AlpfJNBeSoFtlYWKU44nR7j218KqM
utAYENaCLOYOXcwtGZ1JnyeaI1bh+pIFsiUlgBwbQrVghLwR8V/j3bAf/jmwhYhr
Xu9hcDAhQVnT0A6bgln1Nk3Y5JQVr/qp6j8nkWQSTpCOyfKP0tGZsyn0v5G4nnKp
sYiH7Y+986vJGEkvs2BDI8hhZhX9UmaRgN0laEXZTHSO6EOVaBlARnkviQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLcfBC5LK9CpWfAlBTl8LISJ0KpuMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvdHg4RUxrc3IwS2xaOENVRk9Yd3NoSW5RcW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbQwAwQA
LQjIMA0GCSqGSIb3DQEBCwUAA4IBAQBmd/1E+qvK8vMgDLz21tgMnJQEjlXYGRZ+
KJhYDDLq45/+t385/veJSTM1R80R8H/flOyFGJoEEn3J5KwXrGfTD2w975JLzH8e
CQaMYi1eKaSBY0BjwSEJvVj9FZT0Ivx3L68sh2h9bO2F2SL2D0dIKLhbTVrbk8hq
KxGW8KBp9GofP4D2MjNaAN2QFK/PUB+eaY02pR3WDGVYhBot/2ErPCjwsfs0AWFJ
oqEAq/VWjCNs60NnmfYvhr+pWM//9vAjmO9/yU45IKuQoT1QMekJzMl/nRDw1fVr
m5jOeumz9l8LKjSfUocAnuYPaMi2uWvTvlVztgDG0rG4W8lCIYOY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:20 2025 by rpki-client