Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/dgEwLCCyFw_yhqbDjUKUdZ6vFKI.roa
File: dgEwLCCyFw_yhqbDjUKUdZ6vFKI.roa (raw, json)
Hash identifier: x+wtvRXRCI66jkWW2JdD1QiCm3DZ40yD8QAeiqVmgXw=
Subject key identifier: 76:01:30:2C:20:B2:17:0F:F2:86:A6:C3:8D:42:94:75:9E:AF:14:A2
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 0188860A1E86AB53899210E2A0E64E461404
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/dgEwLCCyFw_yhqbDjUKUdZ6vFKI.roa
Signing time: Sun 04 Jun 2023 10:53:10 +0000
ROA not before: Sun 04 Jun 2023 10:53:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211376
IP address blocks: 45.147.44.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.131.1.114/32 maxlen: 32
194.116.228.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
194.116.228.174/32 maxlen: 32
45.131.1.0/24 maxlen: 24
45.141.150.0/24 maxlen: 24
2a0f:b700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:86:0a:1e:86:ab:53:89:92:10:e2:a0:e6:4e:46:14:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jun 4 10:53:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7601302c20b2170ff286a6c38d4294759eaf14a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:45:0e:1f:2e:07:93:f8:3d:14:95:8b:e8:57:
cb:eb:71:7c:26:24:a8:71:da:af:b6:b8:6a:84:69:
8c:dd:bc:b2:54:10:fd:42:b1:af:a9:2b:ba:4d:e7:
ad:1c:ac:ab:79:29:d5:7a:0f:15:48:08:88:87:51:
1f:57:f8:8e:32:86:83:4f:bf:cb:53:2f:1a:9d:90:
74:f9:99:f9:7f:9d:ad:e7:98:54:ea:d5:63:38:5f:
f4:5b:09:e8:50:52:de:a3:e7:16:cf:ac:e9:e2:89:
82:ff:14:40:d9:c9:22:62:24:42:d4:f2:db:32:ef:
af:4a:12:1c:80:0b:f8:2e:2b:0b:72:6e:1d:73:f8:
4e:f5:79:4a:fe:fa:7d:da:18:15:55:35:07:ab:69:
23:2d:0b:99:7f:7e:64:45:5a:63:77:bb:6e:2e:31:
1c:ce:c5:47:03:61:fe:38:ec:c6:4f:d0:ab:74:62:
10:25:f8:b3:87:3c:5b:32:56:cf:9a:32:1a:05:13:
1e:e8:ce:f3:65:90:1e:6f:a3:b1:f3:3e:5e:fe:fd:
f1:d7:85:32:1c:75:14:fc:ee:62:33:49:1b:41:43:
ff:1d:a3:f4:cc:4e:7f:0c:c7:c9:20:de:22:77:02:
38:90:ad:35:ba:ce:6e:9c:8f:34:00:0d:4f:45:e4:
d6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:01:30:2C:20:B2:17:0F:F2:86:A6:C3:8D:42:94:75:9E:AF:14:A2
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/dgEwLCCyFw_yhqbDjUKUdZ6vFKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.107.0/24
45.131.1.0/24
45.136.5.0/24
45.141.150.0/24
45.147.44.0/24
194.116.228.0/24
194.146.26.0/24
IPv6:
2a0f:b700::/29
Signature Algorithm: sha256WithRSAEncryption
55:6a:bc:42:34:7a:f6:89:de:00:6b:75:ac:79:0d:cb:e8:49:
db:c6:aa:79:aa:ee:8f:a2:21:cf:35:9e:d0:81:9a:40:0a:37:
fa:23:80:82:7f:66:ef:b4:87:c4:e9:f7:bf:82:b6:a8:aa:52:
f9:46:dd:cd:2d:d4:ad:26:a5:42:5d:19:c0:be:d9:35:c2:f9:
1a:eb:94:e3:23:19:20:eb:ab:a3:66:32:9d:a1:14:13:da:8e:
78:de:a0:ef:43:5f:bb:83:87:da:88:0f:2a:37:a9:6b:62:43:
f2:b3:74:81:ca:69:ec:96:5c:92:cf:7c:e0:ba:9f:cf:2a:99:
57:0d:4a:0f:4d:7a:da:63:2e:14:dd:db:ae:75:dd:98:ff:d7:
59:cf:e2:a5:d0:ec:75:7c:5e:c3:57:17:d8:3b:b9:ca:6b:99:
2b:81:a9:51:3a:ea:cb:98:63:55:ec:51:3e:0b:5e:df:d2:d7:
28:c1:5a:f3:38:d9:f0:dd:ad:2a:0c:f4:a6:f7:84:93:55:fe:
6c:22:57:de:04:82:04:76:5d:7d:65:0f:68:8a:19:89:16:53:
b5:d6:90:f1:70:bb:db:c0:47:fd:4d:fe:f2:c4:75:95:e0:37:
d2:89:1c:4f:08:2d:18:f7:8b:70:ed:4b:7e:9e:c0:62:f5:22:
be:41:de:64
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYiGCh6Gq1OJkhDioOZORhQEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjMwNjA0MTA1MzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjAxMzAyYzIwYjIxNzBmZjI4NmE2YzM4ZDQyOTQ3NTllYWYxNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEUOHy4Hk/g9FJWL6FfL63F8JiSo
cdqvtrhqhGmM3byyVBD9QrGvqSu6TeetHKyreSnVeg8VSAiIh1EfV/iOMoaDT7/L
Uy8anZB0+Zn5f52t55hU6tVjOF/0WwnoUFLeo+cWz6zp4omC/xRA2ckiYiRC1PLb
Mu+vShIcgAv4LisLcm4dc/hO9XlK/vp92hgVVTUHq2kjLQuZf35kRVpjd7tuLjEc
zsVHA2H+OOzGT9CrdGIQJfizhzxbMlbPmjIaBRMe6M7zZZAeb6Ox8z5e/v3x14Uy
HHUU/O5iM0kbQUP/HaP0zE5/DMfJIN4idwI4kK01us5unI80AA1PReTWvQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHYBMCwgshcP8oamw41ClHWerxSiMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvZGdFd0xDQ3lGd195aHFiRGpVS1VkWjZ2RktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQABbRrAwQA
LYMBAwQALYgFAwQALY2WAwQALZMsAwQAwnTkAwQAwpIaMA0EAgACMAcDBQMqD7cA
MA0GCSqGSIb3DQEBCwUAA4IBAQBVarxCNHr2id4Aa3WseQ3L6Enbxqp5qu6PoiHP
NZ7QgZpACjf6I4CCf2bvtIfE6fe/graoqlL5Rt3NLdStJqVCXRnAvtk1wvka65Tj
Ixkg66ujZjKdoRQT2o543qDvQ1+7g4faiA8qN6lrYkPys3SBymnsllySz3zgup/P
KplXDUoPTXraYy4U3duudd2Y/9dZz+Kl0Ox1fF7DVxfYO7nKa5krgalROurLmGNV
7FE+C17f0tcowVrzONnw3a0qDPSm94STVf5sIlfeBIIEdl19ZQ9oihmJFlO11pDx
cLvbwEf9Tf7yxHWV4DfSiRxPCC0Y94tw7Ut+nsBi9SK+Qd5k
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:24 2025 by rpki-client