Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/2mFzNbm7vTXA5KZdeH40uFTGAvE.roa
File: 2mFzNbm7vTXA5KZdeH40uFTGAvE.roa (raw, json)
Hash identifier: X9IPlLp3O7BEauarAxq8xlxUu3zOJkWyfAke5sBSDaA=
Subject key identifier: DA:61:73:35:B9:BB:BD:35:C0:E4:A6:5D:78:7E:34:B8:54:C6:02:F1
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018B59254239146839F611D4A5F7F9209F82
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/2mFzNbm7vTXA5KZdeH40uFTGAvE.roa
Signing time: Sun 22 Oct 2023 20:48:15 +0000
ROA not before: Sun 22 Oct 2023 20:48:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47436
IP address blocks: 45.147.45.0/24 maxlen: 24
5.180.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:59:25:42:39:14:68:39:f6:11:d4:a5:f7:f9:20:9f:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Oct 22 20:48:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da617335b9bbbd35c0e4a65d787e34b854c602f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c5:28:1b:90:47:66:ec:fb:75:3d:59:4b:3d:
67:22:85:c7:92:38:5e:28:c3:30:00:94:6b:7d:8d:
9a:bb:ef:fc:b6:54:c3:24:ed:96:c3:f3:29:4c:24:
25:09:99:02:56:9f:8b:5b:00:5e:03:91:14:c7:23:
88:2b:b5:a7:de:31:34:6b:1d:9f:84:f2:ff:e8:57:
ca:8a:a4:11:b8:45:b5:88:e3:30:3d:c4:b4:be:54:
08:6d:c2:51:b3:b0:13:c2:61:41:21:00:9d:94:cc:
c3:33:3a:15:5e:8e:c9:98:bf:c4:19:16:5b:7d:18:
9a:3c:fd:d2:32:7a:66:3b:9d:92:07:8e:34:24:92:
8e:1d:d5:67:93:e0:53:ac:7c:07:d1:9c:e6:2b:92:
0c:68:70:ab:61:ff:de:6c:52:fd:2a:a0:ee:d1:4e:
2c:f1:85:52:da:fc:90:95:33:39:14:bb:ae:90:dd:
f7:b8:25:a4:55:39:e1:66:15:b9:49:88:3d:c8:fb:
59:7e:c1:68:76:8c:ee:f0:b9:39:11:aa:09:c4:f2:
45:04:17:9c:ec:91:76:2c:e1:c6:e6:e0:e6:b9:57:
30:23:96:e5:c7:41:90:bc:d1:1a:15:27:39:35:9b:
46:0b:e4:db:52:79:c1:66:5e:01:05:f4:2c:d7:d5:
68:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:61:73:35:B9:BB:BD:35:C0:E4:A6:5D:78:7E:34:B8:54:C6:02:F1
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/2mFzNbm7vTXA5KZdeH40uFTGAvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.104.0/24
45.147.45.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:c5:29:59:3c:1f:71:15:cd:c8:db:21:f1:61:06:68:78:03:
b0:ab:c4:81:49:b3:cd:df:d6:26:d2:a7:f5:14:25:87:10:db:
d3:20:95:6b:85:8e:7c:04:b6:9f:9e:ef:21:58:ac:49:11:25:
75:7a:71:2b:68:ae:da:43:28:c9:e9:20:7b:dd:12:91:55:7c:
d6:a1:32:db:3c:d3:9a:7c:f0:02:49:41:6b:ac:ac:f2:00:71:
da:bd:89:ac:e1:ff:e5:e6:fc:eb:bc:ac:c2:a2:62:ba:68:b6:
0e:af:ca:52:c6:07:b6:e6:73:5d:1d:c1:42:63:5a:40:ea:c0:
f6:25:d5:13:bd:87:ba:11:c1:24:0c:d6:c4:fa:1f:d3:9d:16:
03:1b:e6:81:51:f1:a1:3b:28:84:1d:09:f9:c5:e3:76:25:02:
9b:76:85:ea:4f:b6:fc:dc:67:e2:fb:ad:b5:de:70:22:15:9f:
4b:03:92:f0:eb:a2:f4:fc:1b:fd:55:1c:7d:5a:99:ec:4b:ca:
96:89:2f:e3:f1:c3:37:36:de:74:97:ee:6e:15:29:6a:df:4a:
4a:51:3a:92:1b:8f:8d:4b:ac:d9:42:95:57:a1:53:54:9c:06:
a1:50:20:7c:ab:bc:b2:c3:15:8a:71:09:b9:98:0c:eb:53:68:
2f:fa:3e:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtZJUI5FGg59hHUpff5IJ+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjMxMDIyMjA0ODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTYxNzMzNWI5YmJiZDM1YzBlNGE2NWQ3ODdlMzRiODU0YzYwMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8UoG5BHZuz7dT1ZSz1nIoXHkjhe
KMMwAJRrfY2au+/8tlTDJO2Ww/MpTCQlCZkCVp+LWwBeA5EUxyOIK7Wn3jE0ax2f
hPL/6FfKiqQRuEW1iOMwPcS0vlQIbcJRs7ATwmFBIQCdlMzDMzoVXo7JmL/EGRZb
fRiaPP3SMnpmO52SB440JJKOHdVnk+BTrHwH0ZzmK5IMaHCrYf/ebFL9KqDu0U4s
8YVS2vyQlTM5FLuukN33uCWkVTnhZhW5SYg9yPtZfsFodozu8Lk5EaoJxPJFBBec
7JF2LOHG5uDmuVcwI5blx0GQvNEaFSc5NZtGC+TbUnnBZl4BBfQs19Vo6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNphczW5u701wOSmXXh+NLhUxgLxMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvMm1Gek5ibTd2VFhBNUtaZGVINDB1RlRHQXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbRoAwQA
LZMtMA0GCSqGSIb3DQEBCwUAA4IBAQBexSlZPB9xFc3I2yHxYQZoeAOwq8SBSbPN
39Ym0qf1FCWHENvTIJVrhY58BLafnu8hWKxJESV1enEraK7aQyjJ6SB73RKRVXzW
oTLbPNOafPACSUFrrKzyAHHavYms4f/l5vzrvKzComK6aLYOr8pSxge25nNdHcFC
Y1pA6sD2JdUTvYe6EcEkDNbE+h/TnRYDG+aBUfGhOyiEHQn5xeN2JQKbdoXqT7b8
3Gfi+6213nAiFZ9LA5Lw66L0/Bv9VRx9WpnsS8qWiS/j8cM3Nt50l+5uFSlq30pK
UTqSG4+NS6zZQpVXoVNUnAahUCB8q7yywxWKcQm5mAzrU2gv+j4Q
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:16 2025 by rpki-client