Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/23mGO6tbQ48wWRd5HPhgMV3ze3k.roa
File: 23mGO6tbQ48wWRd5HPhgMV3ze3k.roa (raw, json)
Hash identifier: u9rerfyl68HDFjHvow++y8MdhdcJ3CtxIVHUprNodvw=
Subject key identifier: DB:79:86:3B:AB:5B:43:8F:30:59:17:79:1C:F8:60:31:5D:F3:7B:79
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 07AD1B8D
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/23mGO6tbQ48wWRd5HPhgMV3ze3k.roa
Signing time: Tue 15 Feb 2022 06:33:03 +0000
ROA not before: Tue 15 Feb 2022 06:33:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211376
IP address blocks: 45.147.44.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.131.1.114/32 maxlen: 32
194.116.228.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
194.116.228.174/32 maxlen: 32
45.131.1.0/24 maxlen: 24
2a0f:b700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128785293 (0x7ad1b8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Feb 15 06:33:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db79863bab5b438f305917791cf860315df37b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:43:1c:fe:56:d3:eb:49:3f:a0:ab:80:6c:c4:
80:d0:4e:dd:f7:2b:29:85:df:59:a0:87:ec:39:43:
da:84:56:b1:5a:5c:86:60:90:ef:48:38:f8:6c:0d:
82:f7:4e:06:fd:10:ce:d7:fb:06:4c:03:9d:c9:88:
61:b9:50:6f:23:1d:b1:bf:e9:8b:36:70:5b:23:d5:
fe:13:e5:bb:d8:ba:54:79:cf:dc:21:b0:2b:63:97:
c9:b2:7d:da:26:b8:62:18:fb:ec:07:e6:c3:8d:29:
3a:bb:5e:e5:0f:73:56:93:10:49:48:90:58:42:09:
65:41:88:03:50:ad:76:49:e8:d6:fb:bd:27:e8:9b:
ea:01:ef:2f:3a:c7:19:08:d6:54:93:2e:4c:3b:32:
1b:96:67:3c:6d:6a:d9:5d:fe:a0:21:e7:28:44:b0:
56:76:fe:bc:91:a9:cf:8f:4e:96:79:88:4e:93:44:
88:7e:e0:34:13:13:32:f8:62:87:b6:d0:7d:6f:ec:
8e:8c:e7:f5:b7:60:68:75:14:76:66:ce:60:d8:27:
65:d2:a3:1f:87:93:ef:22:19:cf:ce:5d:01:0f:ec:
9d:ee:cc:03:52:9b:ab:55:bb:e1:da:a3:12:ae:21:
18:a9:bc:83:48:db:42:15:f2:9a:be:cc:58:a2:74:
e0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:79:86:3B:AB:5B:43:8F:30:59:17:79:1C:F8:60:31:5D:F3:7B:79
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/23mGO6tbQ48wWRd5HPhgMV3ze3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.107.0/24
45.131.1.0/24
45.136.5.0/24
45.147.44.0/24
194.116.228.0/24
IPv6:
2a0f:b700::/29
Signature Algorithm: sha256WithRSAEncryption
45:c0:63:ad:e8:c1:e6:0e:bd:ae:a7:39:8d:1a:48:d7:f6:ab:
5c:94:14:c8:76:76:ac:9b:43:7b:d8:0c:9a:3d:4e:09:29:61:
0e:72:32:34:90:b3:a4:03:9a:96:7e:e9:31:d5:09:4a:53:1c:
ff:00:96:b2:0a:69:37:ed:e3:d7:60:01:31:2e:e6:08:98:55:
75:18:0b:4d:37:59:47:b5:15:de:af:10:a9:d5:ad:b6:4c:1d:
5c:3b:57:f5:95:fb:9e:66:20:23:3f:21:bf:41:7d:de:42:eb:
d2:19:c3:61:73:5c:02:43:3d:f1:f7:e7:a8:e0:47:9c:9e:05:
fe:e7:5b:ce:27:4d:b8:37:e8:1e:79:c1:6d:cc:44:bf:0d:03:
17:f5:d9:fa:f8:b8:34:f9:98:8f:b3:ca:12:da:16:52:f4:c7:
4c:24:45:b6:bb:31:82:1c:4b:a9:d6:cb:94:9b:19:aa:e2:6c:
69:cb:62:38:a7:a7:19:65:c8:ec:22:de:41:45:18:1f:93:ac:
d3:8f:1d:98:01:c6:f6:0b:52:e9:49:6f:c8:e8:71:f0:1d:f7:
fe:5f:8f:9c:9b:f1:ea:72:e1:2a:c2:f7:d8:6d:07:2d:1f:7c:
3e:16:8f:51:20:99:45:e5:65:67:e8:0d:9b:bc:df:19:e8:bf:
5e:65:56:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEB60bjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ODA1ZjE3YzJkNzEzM2QyZGFkM2E4ZGY3ZTM1MzE1ZTM3ZWY1ZGFmMB4XDTIyMDIx
NTA2MzMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI3OTg2M2JhYjVi
NDM4ZjMwNTkxNzc5MWNmODYwMzE1ZGYzN2I3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANFDHP5W0+tJP6CrgGzEgNBO3fcrKYXfWaCH7DlD2oRWsVpc
hmCQ70g4+GwNgvdOBv0Qztf7BkwDncmIYblQbyMdsb/pizZwWyPV/hPlu9i6VHnP
3CGwK2OXybJ92ia4Yhj77Afmw40pOrte5Q9zVpMQSUiQWEIJZUGIA1Ctdkno1vu9
J+ib6gHvLzrHGQjWVJMuTDsyG5ZnPG1q2V3+oCHnKESwVnb+vJGpz49OlnmITpNE
iH7gNBMTMvhih7bQfW/sjozn9bdgaHUUdmbOYNgnZdKjH4eT7yIZz85dAQ/sne7M
A1Kbq1W74dqjEq4hGKm8g0jbQhXymr7MWKJ04O8CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTbeYY7q1tDjzBZF3kc+GAxXfN7eTAfBgNVHSMEGDAWgBRIBfF8LXEz0trT
qN9+NTFeN+9drzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NBWHhmQzF4TTlMYTA2amZmalV4WGpmdlhhOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvOGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8x
LzIzbUdPNnRiUTQ4d1dSZDVIUGhnTVYzemUzay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
OGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8xL1NBWHhmQzF4TTlM
YTA2amZmalV4WGpmdlhhOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAAW0awMEAC2DAQMEAC2IBQMEAC2T
LAMEAMJ05DANBAIAAjAHAwUDKg+3ADANBgkqhkiG9w0BAQsFAAOCAQEARcBjrejB
5g69rqc5jRpI1/arXJQUyHZ2rJtDe9gMmj1OCSlhDnIyNJCzpAOaln7pMdUJSlMc
/wCWsgppN+3j12ABMS7mCJhVdRgLTTdZR7UV3q8QqdWttkwdXDtX9ZX7nmYgIz8h
v0F93kLr0hnDYXNcAkM98ffnqOBHnJ4F/udbzidNuDfoHnnBbcxEvw0DF/XZ+vi4
NPmYj7PKEtoWUvTHTCRFtrsxghxLqdbLlJsZquJsactiOKenGWXI7CLeQUUYH5Os
048dmAHG9gtS6UlvyOhx8B33/l+PnJvx6nLhKsL32G0HLR98PhaPUSCZReVlZ+gN
m7zfGei/XmVWpQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:13 2025 by rpki-client