Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/85Oz7fXsVRkGp1zrCay7fh5nfXM.roa
File: 85Oz7fXsVRkGp1zrCay7fh5nfXM.roa (raw, json)
Hash identifier: NvMBCq0AEA0UF0WN9MHTJ9Dvw6QeNNeoI9lolhUSS8k=
Subject key identifier: F3:93:B3:ED:F5:EC:55:19:06:A7:5C:EB:09:AC:BB:7E:1E:67:7D:73
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018A9582C6018402B8E3FA1ABE03A5D56728
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/85Oz7fXsVRkGp1zrCay7fh5nfXM.roa
Signing time: Thu 14 Sep 2023 21:04:50 +0000
ROA not before: Thu 14 Sep 2023 21:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197555
IP address blocks: 5.180.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:95:82:c6:01:84:02:b8:e3:fa:1a:be:03:a5:d5:67:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Sep 14 21:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f393b3edf5ec551906a75ceb09acbb7e1e677d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4a:3f:ed:c9:c9:0e:24:f6:a9:12:4c:a5:ba:
87:4d:45:49:d3:1b:89:c1:84:c4:77:9c:8e:6c:68:
89:44:b0:89:91:a9:7f:5b:38:6c:e4:a1:ed:5f:14:
24:24:bb:bc:db:5f:75:6b:19:c0:65:3d:19:a5:d1:
3f:de:9b:1c:c7:05:a7:ad:28:81:5c:82:38:68:95:
b5:67:9d:4d:71:95:d4:6a:35:e9:17:ca:39:19:e5:
d6:93:ea:d2:cf:f6:fe:9b:13:42:88:fd:b2:c3:30:
e2:62:cc:18:41:e9:3f:7a:4e:5f:a6:ae:76:60:54:
d5:d7:0c:04:82:55:91:6c:52:7f:72:79:83:0a:e0:
e3:28:12:df:4f:38:df:08:35:3f:7c:6b:f8:3a:91:
6a:72:ec:3b:d7:02:17:a3:78:5e:ac:c4:52:b2:97:
c5:0c:5f:69:21:06:eb:72:61:e9:d0:46:07:86:8b:
33:a7:6d:f5:a2:82:d7:2b:0b:6a:ce:31:96:58:f4:
bf:45:91:15:93:06:ba:da:4a:c7:81:6a:98:13:54:
e8:84:ec:4e:b9:fb:50:0b:a7:1d:eb:66:db:17:d0:
d1:d9:9b:8b:9a:19:ba:95:00:72:e2:32:50:5b:fa:
17:98:41:ad:2c:2a:6c:f7:f1:c5:32:34:bb:e4:f3:
6e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:93:B3:ED:F5:EC:55:19:06:A7:5C:EB:09:AC:BB:7E:1E:67:7D:73
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/85Oz7fXsVRkGp1zrCay7fh5nfXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:3b:b8:72:91:0f:ce:8f:2c:4e:35:3b:b1:ca:4b:02:f1:fb:
b4:01:c7:91:20:fb:fa:a4:71:57:54:36:99:4f:28:50:bd:63:
04:b8:06:58:49:0f:59:ec:6a:e7:4e:eb:0a:3e:9d:01:17:1f:
b6:86:5b:ba:61:f4:cd:38:43:31:fa:42:45:25:83:c1:ce:56:
d1:64:88:a4:5b:1a:6d:57:04:0a:46:a9:18:cc:3c:39:83:f4:
cf:66:d5:60:5c:cd:bd:19:5f:c2:b9:b7:cf:62:df:2d:b8:2e:
3f:44:7c:90:84:1b:3f:d8:91:5a:de:62:19:9e:ca:c0:a5:20:
73:93:5d:fc:c5:b0:98:de:ff:8d:cf:bb:53:12:4b:c7:e5:18:
5a:fc:96:73:55:fd:d0:02:ed:cf:55:9c:cb:62:ee:4a:40:85:
05:15:75:eb:18:66:6a:9c:dd:40:85:ba:01:7d:ed:e6:60:0e:
41:6e:b6:4b:d0:ea:7e:aa:c0:4f:1c:c4:4c:96:cd:34:ae:0c:
fa:b4:aa:41:2e:bc:35:56:47:dc:59:87:96:43:41:36:fb:4e:
2d:a9:77:65:eb:7e:91:4c:68:8f:0a:8e:1d:6c:2f:92:f0:75:
22:9d:ed:6c:29:76:1b:5c:04:14:95:f6:c1:e8:a5:1e:ce:56:
b5:f7:42:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqVgsYBhAK44/oavgOl1WcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjMwOTE0MjEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzkzYjNlZGY1ZWM1NTE5MDZhNzVjZWIwOWFjYmI3ZTFlNjc3ZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUo/7cnJDiT2qRJMpbqHTUVJ0xuJ
wYTEd5yObGiJRLCJkal/Wzhs5KHtXxQkJLu82191axnAZT0ZpdE/3pscxwWnrSiB
XII4aJW1Z51NcZXUajXpF8o5GeXWk+rSz/b+mxNCiP2ywzDiYswYQek/ek5fpq52
YFTV1wwEglWRbFJ/cnmDCuDjKBLfTzjfCDU/fGv4OpFqcuw71wIXo3herMRSspfF
DF9pIQbrcmHp0EYHhoszp231ooLXKwtqzjGWWPS/RZEVkwa62krHgWqYE1TohOxO
uftQC6cd62bbF9DR2ZuLmhm6lQBy4jJQW/oXmEGtLCps9/HFMjS75PNuzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPOTs+317FUZBqdc6wmsu34eZ31zMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvODVPejdmWHNWUmtHcDF6ckNheTdmaDVuZlhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbRpMA0G
CSqGSIb3DQEBCwUAA4IBAQAdO7hykQ/OjyxONTuxyksC8fu0AceRIPv6pHFXVDaZ
TyhQvWMEuAZYSQ9Z7GrnTusKPp0BFx+2hlu6YfTNOEMx+kJFJYPBzlbRZIikWxpt
VwQKRqkYzDw5g/TPZtVgXM29GV/CubfPYt8tuC4/RHyQhBs/2JFa3mIZnsrApSBz
k138xbCY3v+Nz7tTEkvH5Rha/JZzVf3QAu3PVZzLYu5KQIUFFXXrGGZqnN1AhboB
fe3mYA5BbrZL0Op+qsBPHMRMls00rgz6tKpBLrw1VkfcWYeWQ0E2+04tqXdl636R
TGiPCo4dbC+S8HUine1sKXYbXAQUlfbB6KUezla190I8
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:35 2025 by rpki-client