Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/U2v0pWIJ1Wdei7PcRPxJOIIx7bA.roa
File: U2v0pWIJ1Wdei7PcRPxJOIIx7bA.roa (raw, json)
Hash identifier: iqmrcKREFKHGEkU0OW8xaVRJ5u9Uldpma5ufH+ctuFI=
Subject key identifier: 53:6B:F4:A5:62:09:D5:67:5E:8B:B3:DC:44:FC:49:38:82:31:ED:B0
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 01842C74EDB51CF7FAF465DEDD440F92B97C
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/U2v0pWIJ1Wdei7PcRPxJOIIx7bA.roa
Signing time: Mon 31 Oct 2022 05:12:51 +0000
ROA not before: Mon 31 Oct 2022 05:12:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48678
IP address blocks: 5.180.106.0/24 maxlen: 24
45.147.46.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
5.180.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2c:74:ed:b5:1c:f7:fa:f4:65:de:dd:44:0f:92:b9:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Oct 31 05:12:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=536bf4a56209d5675e8bb3dc44fc49388231edb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:1a:33:a1:13:7a:71:49:76:26:6a:be:6d:93:
a7:2a:b7:30:c6:66:2b:3d:66:bc:57:ba:53:c5:fa:
bc:03:32:f1:3b:b7:c8:ef:67:be:64:fd:10:3c:9e:
a4:dc:d1:17:ff:87:82:86:3b:b0:76:cd:b6:e7:e9:
9f:79:59:4f:bb:3c:a5:59:63:3a:b5:09:2f:18:44:
19:59:f8:53:31:8f:76:6d:e2:e9:84:4a:c2:89:81:
22:81:72:41:99:87:0c:77:dc:fc:3a:0d:b6:dd:20:
2c:94:0d:4c:3d:f0:6a:86:28:4c:06:ae:06:33:79:
9b:95:52:2a:22:b8:6b:e2:95:45:6e:06:e2:6c:94:
b8:d8:4d:fd:ed:c9:60:38:c1:3c:9a:c8:7c:27:df:
e6:35:ba:97:dd:5f:67:42:2f:c4:4c:04:38:b4:b8:
19:9a:e2:dd:de:ff:61:90:69:85:7e:20:7f:31:10:
c4:81:76:33:0b:94:b1:78:db:8c:46:1b:78:36:49:
d5:70:e4:35:27:ad:83:33:2d:68:4a:b1:79:3b:9f:
ee:6a:b9:01:93:ce:0b:2c:1b:53:3a:34:5d:8d:80:
97:d5:bb:16:cc:78:84:f6:af:84:51:f7:7e:2c:32:
ab:a5:a3:79:cd:f2:75:0e:ce:f6:d3:51:de:dc:f3:
56:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:6B:F4:A5:62:09:D5:67:5E:8B:B3:DC:44:FC:49:38:82:31:ED:B0
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/U2v0pWIJ1Wdei7PcRPxJOIIx7bA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0-5.180.106.255
45.136.4.0/24
45.147.46.0/24
Signature Algorithm: sha256WithRSAEncryption
85:dc:71:ff:d3:54:b3:95:a9:f4:6b:83:e3:8d:7c:ee:a7:78:
56:54:95:ba:d7:28:a4:57:77:5c:13:62:f2:15:3c:4f:5f:eb:
a5:c3:74:d3:e3:a2:29:3e:93:00:da:aa:e8:f2:02:0f:4b:65:
84:06:39:be:18:94:64:61:c9:67:39:ce:45:79:6c:29:d3:a0:
04:ff:59:9a:93:67:de:6d:1e:f3:c1:ac:f0:3c:59:5d:d7:96:
e8:09:ef:0a:a4:c3:dc:bc:9f:4b:5f:79:1c:25:b3:d0:30:70:
94:0b:81:a0:5b:c3:18:80:28:eb:bb:d3:c2:97:09:9b:0f:da:
1f:d4:4d:da:14:3d:a9:1c:74:04:1a:af:f0:85:aa:ed:d5:e8:
d4:06:ac:bb:4e:bb:24:42:51:6e:64:53:9e:0d:2c:54:e8:0b:
ae:78:44:3f:59:47:e3:27:e6:3e:00:de:90:4a:3c:73:a2:bd:
dd:fb:83:db:a5:63:b5:ff:6c:23:73:a1:5c:05:fd:f3:ec:13:
45:11:0b:39:71:e1:38:0a:5d:58:99:e6:1a:49:88:11:d4:75:
29:a4:b7:a2:e2:3e:bb:b6:cd:fa:a1:7c:37:4e:ad:f1:5c:b3:
b2:6e:0a:00:4a:e0:d5:5c:cc:f6:ee:da:6e:e1:0c:34:11:fe:
7f:b8:ed:8d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYQsdO21HPf69GXe3UQPkrl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjIxMDMxMDUxMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzZiZjRhNTYyMDlkNTY3NWU4YmIzZGM0NGZjNDkzODgyMzFlZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRozoRN6cUl2Jmq+bZOnKrcwxmYr
PWa8V7pTxfq8AzLxO7fI72e+ZP0QPJ6k3NEX/4eChjuwds225+mfeVlPuzylWWM6
tQkvGEQZWfhTMY92beLphErCiYEigXJBmYcMd9z8Og223SAslA1MPfBqhihMBq4G
M3mblVIqIrhr4pVFbgbibJS42E397clgOME8msh8J9/mNbqX3V9nQi/ETAQ4tLgZ
muLd3v9hkGmFfiB/MRDEgXYzC5SxeNuMRht4NknVcOQ1J62DMy1oSrF5O5/uarkB
k84LLBtTOjRdjYCX1bsWzHiE9q+EUfd+LDKrpaN5zfJ1Ds7201He3PNWCQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFNr9KViCdVnXouz3ET8STiCMe2wMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvVTJ2MHBXSUoxV2RlaTdQY1JQeEpPSUl4N2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAFtGkD
BAAFtGoDBAAtiAQDBAAtky4wDQYJKoZIhvcNAQELBQADggEBAIXccf/TVLOVqfRr
g+ONfO6neFZUlbrXKKRXd1wTYvIVPE9f66XDdNPjoik+kwDaqujyAg9LZYQGOb4Y
lGRhyWc5zkV5bCnToAT/WZqTZ95tHvPBrPA8WV3XlugJ7wqkw9y8n0tfeRwls9Aw
cJQLgaBbwxiAKOu708KXCZsP2h/UTdoUPakcdAQar/CFqu3V6NQGrLtOuyRCUW5k
U54NLFToC654RD9ZR+Mn5j4A3pBKPHOivd37g9ulY7X/bCNzoVwF/fPsE0URCzlx
4TgKXViZ5hpJiBHUdSmkt6LiPru2zfqhfDdOrfFcs7JuCgBK4NVczPbu2m7hDDQR
/n+47Y0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:33 2025 by rpki-client