Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/1-9P7pABpO0J1pMgupaGaBWCd_38.roa
File: 1-9P7pABpO0J1pMgupaGaBWCd_38.roa (raw, json)
Hash identifier: JQNqlAItEky0qBCuGVUgfVmNUrRjwN7TSn1tPMtBHs0=
Subject key identifier: FB:D3:FB:A4:00:69:3B:42:75:A4:C8:2E:A5:A1:9A:05:60:9D:FF:7F
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018BBD0D260F9275C4A340B4E9B07A879773
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/1-9P7pABpO0J1pMgupaGaBWCd_38.roa
Signing time: Sat 11 Nov 2023 06:23:57 +0000
ROA not before: Sat 11 Nov 2023 06:23:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211376
IP address blocks: 5.180.107.0/24 maxlen: 24
45.131.1.114/32 maxlen: 32
194.116.228.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
194.116.228.174/32 maxlen: 32
45.131.1.0/24 maxlen: 24
45.141.150.0/24 maxlen: 24
2a0f:b700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bd:0d:26:0f:92:75:c4:a3:40:b4:e9:b0:7a:87:97:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Nov 11 06:23:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbd3fba400693b4275a4c82ea5a19a05609dff7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4e:ac:e6:b9:88:c7:c1:9e:52:2d:64:18:44:
fc:ad:4d:1e:97:2d:0f:a2:8e:ec:13:e2:3f:8b:74:
12:e1:36:9b:fa:db:4a:d4:f6:09:4c:f8:0b:75:8d:
50:e7:60:00:d1:d2:46:f8:34:0a:c3:76:93:e2:24:
82:24:f8:cd:d5:36:a9:e5:6f:8a:ef:88:ba:6d:c7:
f5:90:78:d2:03:e3:e4:11:33:59:68:07:ce:98:85:
4d:83:e0:97:38:7a:31:79:3e:15:6a:ea:ec:57:01:
db:67:e0:db:9a:04:93:cf:7b:40:34:58:41:c9:9c:
ce:ad:6e:10:35:63:11:be:1d:f6:ab:9b:43:b0:bc:
22:a8:02:f1:8d:1a:8e:43:26:9b:23:5b:40:15:77:
6c:9c:81:d3:f7:9f:13:c8:74:31:95:39:e1:bb:39:
fa:32:d3:09:cd:13:f0:0a:35:44:1c:0b:03:3f:59:
f3:1b:12:a1:fc:24:70:8b:14:98:0c:e9:30:bb:c6:
11:d8:3b:1f:32:26:38:1a:c2:79:75:88:fe:1e:64:
df:a5:fd:e3:3e:b7:fc:da:fb:4a:a0:70:0e:9a:3e:
c0:2d:f4:9b:56:4d:c3:0d:87:b3:2f:8a:ac:c8:e4:
c9:2c:6a:bc:81:87:d3:6f:5f:53:f6:02:b5:08:5a:
d6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D3:FB:A4:00:69:3B:42:75:A4:C8:2E:A5:A1:9A:05:60:9D:FF:7F
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/1-9P7pABpO0J1pMgupaGaBWCd_38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.107.0/24
45.131.1.0/24
45.136.5.0/24
45.141.150.0/24
194.116.228.0/24
194.146.26.0/24
IPv6:
2a0f:b700::/29
Signature Algorithm: sha256WithRSAEncryption
a1:ef:9d:a5:30:ce:7b:6c:42:2e:44:6f:47:4c:bd:7c:ea:be:
ce:8d:2d:11:d8:52:97:eb:ab:d5:56:09:dc:66:d6:2f:fc:03:
5e:b1:fc:4d:78:8c:57:cb:95:45:2c:22:2a:7e:0a:d9:f6:64:
25:45:72:92:49:82:e6:d4:36:e8:61:67:ea:b5:52:10:5b:8c:
2c:15:fb:ef:84:4e:b2:d6:c0:2f:84:3c:00:d2:7d:dc:d8:77:
f6:84:03:b6:e2:a1:bd:84:d7:66:e9:c0:63:52:7b:a5:33:34:
e6:9b:39:ee:dc:ff:b5:6c:a4:b4:45:65:47:4b:9c:d7:9b:95:
e0:50:d0:43:3d:57:02:14:af:b7:e8:37:3c:89:d5:d2:52:a8:
da:0e:bb:f9:9a:23:e2:66:1b:73:fb:7e:83:b3:55:d5:39:e4:
10:c3:62:76:09:a7:a0:b0:4f:ae:c8:01:3f:ef:d8:11:0c:29:
28:82:e5:d3:e9:63:05:91:5c:19:be:c0:a5:96:2c:59:29:6c:
88:c0:a7:58:51:aa:cb:9a:85:e4:4e:f4:39:1d:33:c9:0b:68:
26:70:94:3d:37:b8:6f:2d:bb:9b:90:d0:a9:d2:35:af:ba:73:
38:09:d8:65:e2:17:d3:90:dc:d1:a8:cd:a6:6a:3f:b9:46:bb:
54:c5:b4:42
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYu9DSYPknXEo0C06bB6h5dzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjMxMTExMDYyMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmQzZmJhNDAwNjkzYjQyNzVhNGM4MmVhNWExOWEwNTYwOWRmZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE6s5rmIx8GeUi1kGET8rU0ely0P
oo7sE+I/i3QS4Tab+ttK1PYJTPgLdY1Q52AA0dJG+DQKw3aT4iSCJPjN1Tap5W+K
74i6bcf1kHjSA+PkETNZaAfOmIVNg+CXOHoxeT4VaursVwHbZ+DbmgSTz3tANFhB
yZzOrW4QNWMRvh32q5tDsLwiqALxjRqOQyabI1tAFXdsnIHT958TyHQxlTnhuzn6
MtMJzRPwCjVEHAsDP1nzGxKh/CRwixSYDOkwu8YR2DsfMiY4GsJ5dYj+HmTfpf3j
Prf82vtKoHAOmj7ALfSbVk3DDYezL4qsyOTJLGq8gYfTb19T9gK1CFrWHQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPvT+6QAaTtCdaTILqWhmgVgnf9/MB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvMS05UDdwQUJwTzBKMXBNZ3VwYUdhQldDZF8zOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGIvOGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFi
MC8xL1NBWHhmQzF4TTlMYTA2amZmalV4WGpmdlhhOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAAW0awME
AC2DAQMEAC2IBQMEAC2NlgMEAMJ05AMEAMKSGjANBAIAAjAHAwUDKg+3ADANBgkq
hkiG9w0BAQsFAAOCAQEAoe+dpTDOe2xCLkRvR0y9fOq+zo0tEdhSl+ur1VYJ3GbW
L/wDXrH8TXiMV8uVRSwiKn4K2fZkJUVykkmC5tQ26GFn6rVSEFuMLBX774ROstbA
L4Q8ANJ93Nh39oQDtuKhvYTXZunAY1J7pTM05ps57tz/tWyktEVlR0uc15uV4FDQ
Qz1XAhSvt+g3PInV0lKo2g67+Zoj4mYbc/t+g7NV1TnkEMNidgmnoLBPrsgBP+/Y
EQwpKILl0+ljBZFcGb7ApZYsWSlsiMCnWFGqy5qF5E70OR0zyQtoJnCUPTe4by27
m5DQqdI1r7pzOAnYZeIX05Dc0ajNpmo/uUa7VMW0Qg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:14 2025 by rpki-client