Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/7H_zcXLvt-QM0klqMvcsYWlmWK4.roa
File: 7H_zcXLvt-QM0klqMvcsYWlmWK4.roa (raw, json)
Hash identifier: 2WO3ScJdUa9tmAtFdvUnEyzOR/0eQb9wZBCQBBeHt48=
Subject key identifier: EC:7F:F3:71:72:EF:B7:E4:0C:D2:49:6A:32:F7:2C:61:69:66:58:AE
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 01843C08F4D5BF2EDCEE7DD70CCF8FF75D77
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/7H_zcXLvt-QM0klqMvcsYWlmWK4.roa
Signing time: Thu 03 Nov 2022 05:48:50 +0000
ROA not before: Thu 03 Nov 2022 05:48:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 45.141.150.0/24 maxlen: 24
5.180.104.0/24 maxlen: 24
194.116.229.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:08:f4:d5:bf:2e:dc:ee:7d:d7:0c:cf:8f:f7:5d:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Nov 3 05:48:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec7ff37172efb7e40cd2496a32f72c61696658ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a2:fe:8c:70:0c:ce:4a:a3:3d:ba:18:f7:35:
73:49:1d:d6:37:6d:71:03:9b:75:5c:66:98:49:36:
51:82:5e:23:83:02:5f:9b:c3:2d:e3:55:77:70:36:
44:a0:e2:71:77:25:48:f6:65:08:07:78:cf:cc:de:
ab:34:47:b7:ba:fd:2b:5b:08:2f:32:05:38:45:4d:
9e:5e:d6:a9:2e:0c:07:49:3a:dd:b4:95:2c:5b:87:
b7:0f:35:1c:48:c1:ca:e1:29:64:5c:96:e8:8d:7f:
71:59:39:4f:1a:cc:f4:a1:7f:68:8f:46:8e:f5:d3:
92:38:a6:38:56:c9:57:f8:f2:52:d6:44:77:93:57:
d4:7e:c8:63:59:0c:45:a3:35:50:a4:d0:03:ee:1f:
ee:b0:0d:1f:67:4a:bb:07:f0:f9:66:b8:4e:2a:c0:
df:51:8e:17:09:ae:2b:79:17:78:c7:17:8d:c1:16:
1c:b4:0a:79:67:e5:90:63:56:ec:84:85:d9:20:a0:
54:35:39:17:ae:da:7c:d5:69:bb:2b:7e:4e:28:24:
f2:ea:11:11:7d:1e:54:52:1a:37:7d:2a:53:c0:ee:
5d:4e:6f:09:45:6f:da:46:8a:a5:e9:3f:56:29:61:
9a:7c:8a:30:86:51:5c:7c:1f:0e:ec:89:dd:3f:77:
07:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:7F:F3:71:72:EF:B7:E4:0C:D2:49:6A:32:F7:2C:61:69:66:58:AE
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/7H_zcXLvt-QM0klqMvcsYWlmWK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.104.0/24
45.131.2.0/24
45.141.150.0/24
77.83.200.0/22
194.116.229.0/24
194.116.236.0/23
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
Signature Algorithm: sha256WithRSAEncryption
76:ee:1c:ea:d6:b5:b7:7b:d6:9b:2c:70:a6:19:70:e6:f3:94:
78:a1:2e:d1:3e:e6:d8:30:e1:8c:6e:4e:56:fe:dd:5c:b9:07:
55:19:c0:30:a3:4c:c1:88:90:3e:c0:bc:38:7b:50:4a:8f:59:
93:8b:d2:a9:ee:37:c2:19:9d:4f:23:b3:f4:b8:ad:0a:f2:99:
a1:54:12:0a:01:e0:50:77:14:ac:f2:3b:3c:27:95:2e:ac:f8:
da:3f:47:8e:89:c3:a8:fe:c5:8c:88:38:82:4e:a3:76:85:b4:
8e:eb:82:82:f9:53:86:e0:59:c2:ca:97:c1:70:9c:b3:1b:05:
10:b7:e5:09:c3:30:da:47:37:43:58:6a:cb:c6:4d:1c:ee:57:
59:ad:8b:64:b0:56:d2:31:75:19:08:74:4a:15:10:bd:63:ad:
85:8e:4b:fa:eb:5a:8f:7f:32:d9:4a:a4:a0:d4:ae:cf:c0:82:
3e:9f:82:30:12:57:bb:3c:f4:c4:76:8c:2d:0b:32:1a:a9:a3:
d3:bb:c9:e1:2c:80:f3:47:37:c4:d2:85:23:b8:bc:99:cd:de:
a0:09:3e:dc:b2:ac:13:b2:b3:0f:f5:34:65:fe:d1:8c:83:b6:
58:01:b2:4d:1c:0f:1c:a5:93:e1:a5:17:15:ba:64:48:a4:e8:
21:dc:b1:80
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYQ8CPTVvy7c7n3XDM+P9113MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjIxMTAzMDU0ODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzdmZjM3MTcyZWZiN2U0MGNkMjQ5NmEzMmY3MmM2MTY5NjY1OGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKL+jHAMzkqjPboY9zVzSR3WN21x
A5t1XGaYSTZRgl4jgwJfm8Mt41V3cDZEoOJxdyVI9mUIB3jPzN6rNEe3uv0rWwgv
MgU4RU2eXtapLgwHSTrdtJUsW4e3DzUcSMHK4SlkXJbojX9xWTlPGsz0oX9oj0aO
9dOSOKY4VslX+PJS1kR3k1fUfshjWQxFozVQpNAD7h/usA0fZ0q7B/D5ZrhOKsDf
UY4XCa4reRd4xxeNwRYctAp5Z+WQY1bshIXZIKBUNTkXrtp81Wm7K35OKCTy6hER
fR5UUho3fSpTwO5dTm8JRW/aRoql6T9WKWGafIowhlFcfB8O7IndP3cH1QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFOx/83Fy77fkDNJJajL3LGFpZliuMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvN0hfemNYTHZ0LVFNMGtscU12Y3NZV2xtV0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQABbRoAwQA
LYMCAwQALY2WAwQCTVPIAwQAwnTlAwQBwnTsAwQAwpIkAwQAwpIvMA0EAgACMAcD
BQMqCYeAMA0GCSqGSIb3DQEBCwUAA4IBAQB27hzq1rW3e9abLHCmGXDm85R4oS7R
PubYMOGMbk5W/t1cuQdVGcAwo0zBiJA+wLw4e1BKj1mTi9Kp7jfCGZ1PI7P0uK0K
8pmhVBIKAeBQdxSs8js8J5UurPjaP0eOicOo/sWMiDiCTqN2hbSO64KC+VOG4FnC
ypfBcJyzGwUQt+UJwzDaRzdDWGrLxk0c7ldZrYtksFbSMXUZCHRKFRC9Y62Fjkv6
61qPfzLZSqSg1K7PwII+n4IwEle7PPTEdowtCzIaqaPTu8nhLIDzRzfE0oUjuLyZ
zd6gCT7csqwTsrMP9TRl/tGMg7ZYAbJNHA8cpZPhpRcVumRIpOgh3LGA
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:43 2025 by rpki-client