Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/Cqo2kfaz_TpjM-E6X3uXcd_ZUM0.roa
File: Cqo2kfaz_TpjM-E6X3uXcd_ZUM0.roa (raw, json)
Hash identifier: A5WVEsKcWt1L/Z/7qRZwikv4anY0BGCJi5mQP7569Ok=
Subject key identifier: 0A:AA:36:91:F6:B3:FD:3A:63:33:E1:3A:5F:7B:97:71:DF:D9:50:CD
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018C18D6864E8A2AB08FD93FA8121856D6A5
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/Cqo2kfaz_TpjM-E6X3uXcd_ZUM0.roa
Signing time: Wed 29 Nov 2023 02:09:21 +0000
ROA not before: Wed 29 Nov 2023 02:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.107.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
5.180.104.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.116.229.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:18:d6:86:4e:8a:2a:b0:8f:d9:3f:a8:12:18:56:d6:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Nov 29 02:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0aaa3691f6b3fd3a6333e13a5f7b9771dfd950cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fa:17:4c:eb:d2:1b:7a:3c:78:27:4b:bb:13:
0f:87:9f:db:93:02:fa:85:21:50:a2:fa:05:31:4b:
45:a9:b5:8e:51:44:67:c3:1b:57:8b:41:cc:08:b3:
f9:8c:eb:91:ee:3b:c2:c4:38:09:4c:12:64:2d:c4:
ee:b7:b5:74:4f:fc:1e:06:bf:fc:c7:6c:05:a5:0f:
4d:fc:24:33:a8:18:98:82:57:c5:66:9a:89:a1:93:
23:85:3f:2d:99:05:6a:ef:02:c6:11:68:f8:06:42:
52:1a:38:49:e0:e9:b7:ca:2b:4f:91:32:25:6e:37:
75:a9:4f:81:3b:15:9d:fc:e8:f7:03:26:4d:6f:16:
8b:d8:2b:2e:64:db:1a:a8:45:ef:01:06:de:08:f5:
c4:2d:53:31:71:01:ee:c1:c4:67:48:4f:48:e0:c6:
07:bf:3c:dc:17:a7:9a:7f:59:9a:44:a3:45:5f:4a:
5c:cc:3f:57:f5:16:d6:0d:26:c5:b4:70:d0:12:fa:
4e:e7:3f:e7:b0:69:fb:77:e4:1e:74:ac:6a:ce:5d:
6b:df:77:07:90:90:5a:da:ca:9a:aa:0d:8d:0a:c7:
ff:11:45:f9:f7:58:51:6e:26:0f:27:2e:75:78:c7:
47:d3:74:22:0b:83:88:2a:b4:87:6e:28:21:f8:75:
fb:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AA:36:91:F6:B3:FD:3A:63:33:E1:3A:5F:7B:97:71:DF:D9:50:CD
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/Cqo2kfaz_TpjM-E6X3uXcd_ZUM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.104.0/24
5.180.107.0/24
45.131.0.0/23
45.136.5.0/24
45.141.148.0/24
45.147.44.0/24
77.83.200.0/22
194.116.228.0/23
194.116.236.0/23
194.146.26.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
Signature Algorithm: sha256WithRSAEncryption
76:58:46:ad:02:e8:de:6a:f6:90:72:d3:e8:f8:d1:56:af:1f:
f9:c1:81:89:af:9b:0b:f3:8e:bb:94:ab:65:e9:70:39:2c:eb:
a8:11:c4:b9:d3:b3:5a:dd:83:e9:24:69:3e:db:75:50:cb:03:
a7:73:0c:bc:30:63:e7:53:0a:a8:01:71:de:6c:c3:ea:53:45:
78:1d:3a:78:7f:f3:70:b2:ab:ac:5d:39:e1:de:bb:3d:68:eb:
48:ea:24:8c:a5:65:e2:50:20:41:a0:5d:1b:f3:3d:b0:ab:18:
68:9d:c1:51:e3:e5:be:a5:4f:f1:f9:aa:5c:06:ef:77:57:b1:
f7:c9:78:06:9a:b6:ba:5a:3b:33:a0:49:78:26:1c:0d:c3:ac:
a8:e9:b9:5d:2d:0c:a3:f3:0c:9a:4c:43:ad:0b:03:7a:dc:f9:
fc:95:93:fa:99:a9:ea:50:81:01:a2:69:fa:a1:4e:b8:1f:a6:
cf:c3:29:7c:6b:d0:35:61:1e:f8:93:81:01:de:2d:d3:a8:f4:
5c:71:df:7a:20:f8:c0:5b:3b:d8:90:5b:f3:50:1b:36:69:a1:
74:c7:61:df:c1:eb:7d:b8:6a:9d:80:53:b9:95:4a:99:0b:19:
36:df:52:dd:57:7c:7b:99:b7:c3:4a:47:79:2f:b6:2c:9b:c0:
2c:0a:52:b9
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYwY1oZOiiqwj9k/qBIYVtalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjMxMTI5MDIwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWFhMzY5MWY2YjNmZDNhNjMzM2UxM2E1ZjdiOTc3MWRmZDk1MGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPoXTOvSG3o8eCdLuxMPh5/bkwL6
hSFQovoFMUtFqbWOUURnwxtXi0HMCLP5jOuR7jvCxDgJTBJkLcTut7V0T/weBr/8
x2wFpQ9N/CQzqBiYglfFZpqJoZMjhT8tmQVq7wLGEWj4BkJSGjhJ4Om3yitPkTIl
bjd1qU+BOxWd/Oj3AyZNbxaL2CsuZNsaqEXvAQbeCPXELVMxcQHuwcRnSE9I4MYH
vzzcF6eaf1maRKNFX0pczD9X9RbWDSbFtHDQEvpO5z/nsGn7d+QedKxqzl1r33cH
kJBa2sqaqg2NCsf/EUX591hRbiYPJy51eMdH03QiC4OIKrSHbigh+HX7VwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFAqqNpH2s/06YzPhOl97l3Hf2VDNMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvQ3FvMmtmYXpfVHBqTS1FNlgzdVhjZF9aVU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQABbRoAwQA
BbRrAwQBLYMAAwQALYgFAwQALY2UAwQALZMsAwQCTVPIAwQBwnTkAwQBwnTsAwQA
wpIaAwQAwpIkAwQAwpIvMA0EAgACMAcDBQMqCYeAMA0GCSqGSIb3DQEBCwUAA4IB
AQB2WEatAujeavaQctPo+NFWrx/5wYGJr5sL8467lKtl6XA5LOuoEcS507Na3YPp
JGk+23VQywOncwy8MGPnUwqoAXHebMPqU0V4HTp4f/NwsqusXTnh3rs9aOtI6iSM
pWXiUCBBoF0b8z2wqxhoncFR4+W+pU/x+apcBu93V7H3yXgGmra6WjszoEl4JhwN
w6yo6bldLQyj8wyaTEOtCwN63Pn8lZP6manqUIEBomn6oU64H6bPwyl8a9A1YR74
k4EB3i3TqPRccd96IPjAWzvYkFvzUBs2aaF0x2Hfwet9uGqdgFO5lUqZCxk231Ld
V3x7mbfDSkd5L7Ysm8AsClK5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:18 2025 by rpki-client