Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/lkzkKcd87mO_WNodHmyZ_fG5F4Y.roa
File: lkzkKcd87mO_WNodHmyZ_fG5F4Y.roa (raw, json)
Hash identifier: a7b3wW49Q13JuTGWSTU9STDXInrSmYhulwFxNiPFN+Q=
Subject key identifier: 96:4C:E4:29:C7:7C:EE:63:BF:58:DA:1D:1E:6C:99:FD:F1:B9:17:86
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018A8A2BA2A866FCAEB56DB9B15A26C69E3E
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/lkzkKcd87mO_WNodHmyZ_fG5F4Y.roa
Signing time: Tue 12 Sep 2023 16:13:50 +0000
ROA not before: Tue 12 Sep 2023 16:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48678
IP address blocks: 5.180.106.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8a:2b:a2:a8:66:fc:ae:b5:6d:b9:b1:5a:26:c6:9e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Sep 12 16:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=964ce429c77cee63bf58da1d1e6c99fdf1b91786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ca:d4:b2:d7:ce:3f:5d:56:5c:f3:24:9c:01:
95:28:fc:f4:7a:89:4d:b4:45:d3:40:bf:9e:32:cb:
c3:c3:b6:e5:2c:4d:a3:da:6f:f1:60:72:bc:76:34:
be:ad:a6:81:ba:34:1b:a7:3f:99:68:06:7e:1b:9e:
54:b7:01:02:8a:14:5c:b6:5c:d4:a7:d2:6b:4f:de:
29:d5:30:28:f5:69:a1:00:9a:15:0e:7c:e7:cd:c0:
77:e6:27:d5:f2:c6:dc:bd:78:f9:1b:87:49:eb:b9:
bd:25:ba:5f:6a:46:d8:c1:92:67:b0:ea:64:e7:70:
f4:48:b3:86:78:09:1c:c5:b5:a2:b2:47:b3:f9:c8:
fa:b7:56:db:ca:f9:1b:50:3e:e9:54:7f:ad:dc:3d:
c7:65:a4:85:09:cb:44:5b:0b:ca:f2:07:b6:bc:d4:
7b:c7:49:cd:1c:a7:39:9b:84:89:fd:a3:f9:e8:13:
73:2c:ab:75:cb:cc:6a:27:56:b8:6a:2f:f4:01:fd:
98:99:0d:44:2b:61:06:d4:75:0e:dd:bc:a0:ae:ab:
e1:4b:f0:b1:35:98:78:24:df:64:e8:c2:3d:ae:a5:
3a:30:c9:5f:6f:03:19:05:6f:46:89:e6:6a:4d:99:
71:25:8e:5b:b2:c4:24:0c:4d:c2:6b:fe:61:09:e1:
19:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:4C:E4:29:C7:7C:EE:63:BF:58:DA:1D:1E:6C:99:FD:F1:B9:17:86
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/lkzkKcd87mO_WNodHmyZ_fG5F4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.106.0/24
45.136.4.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:2b:a6:f2:b9:5c:ff:08:a2:1f:79:b5:c2:02:8b:0e:6f:46:
c6:af:fc:1a:d6:ec:bb:b0:7e:dd:d8:eb:a2:a5:f6:6f:cc:2a:
de:f3:b8:39:1f:09:c4:5f:35:7e:22:7b:d2:f1:fd:75:65:99:
89:3f:cc:f6:9b:4d:55:49:b1:06:4c:20:b0:17:19:81:62:ab:
61:a3:25:f2:65:a2:01:be:28:1f:a0:ae:a3:bf:39:a6:18:1b:
1a:29:4e:5c:19:ae:c3:16:70:2e:54:c1:3d:5a:14:ba:c8:8e:
f2:43:54:25:d2:dc:9a:16:f8:63:99:66:3e:85:c3:0f:c1:5f:
88:82:d6:ac:1d:52:eb:6c:25:f5:33:02:3a:95:51:de:79:4c:
0c:e0:c6:03:a6:6c:e1:7b:06:bb:f5:57:7a:ce:77:c8:25:d1:
89:67:97:66:25:c3:19:70:a8:0c:19:8a:c8:75:94:df:0c:7e:
c9:80:8f:5d:ab:37:54:1d:cc:ca:81:81:18:f9:75:28:2c:8a:
e9:a6:ad:af:cd:a8:53:24:df:ba:78:ad:4b:4f:97:7f:bb:5c:
2a:c4:74:c5:72:cb:93:d8:92:cb:22:ac:71:d8:c2:7d:15:1b:
73:22:99:fd:b4:52:40:1e:a5:57:77:65:ed:5c:7b:b2:e3:01:
8e:f3:8f:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqKK6KoZvyutW25sVomxp4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjMwOTEyMTYxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjRjZTQyOWM3N2NlZTYzYmY1OGRhMWQxZTZjOTlmZGYxYjkxNzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcrUstfOP11WXPMknAGVKPz0eolN
tEXTQL+eMsvDw7blLE2j2m/xYHK8djS+raaBujQbpz+ZaAZ+G55UtwECihRctlzU
p9JrT94p1TAo9WmhAJoVDnznzcB35ifV8sbcvXj5G4dJ67m9JbpfakbYwZJnsOpk
53D0SLOGeAkcxbWiskez+cj6t1bbyvkbUD7pVH+t3D3HZaSFCctEWwvK8ge2vNR7
x0nNHKc5m4SJ/aP56BNzLKt1y8xqJ1a4ai/0Af2YmQ1EK2EG1HUO3bygrqvhS/Cx
NZh4JN9k6MI9rqU6MMlfbwMZBW9GieZqTZlxJY5bssQkDE3Ca/5hCeEZ8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJZM5CnHfO5jv1jaHR5smf3xuReGMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvbGt6a0tjZDg3bU9fV05vZEhteVpfZkc1RjRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbRqAwQA
LYgEMA0GCSqGSIb3DQEBCwUAA4IBAQCaK6byuVz/CKIfebXCAosOb0bGr/wa1uy7
sH7d2OuipfZvzCre87g5HwnEXzV+InvS8f11ZZmJP8z2m01VSbEGTCCwFxmBYqth
oyXyZaIBvigfoK6jvzmmGBsaKU5cGa7DFnAuVME9WhS6yI7yQ1Ql0tyaFvhjmWY+
hcMPwV+IgtasHVLrbCX1MwI6lVHeeUwM4MYDpmzhewa79Vd6znfIJdGJZ5dmJcMZ
cKgMGYrIdZTfDH7JgI9dqzdUHczKgYEY+XUoLIrppq2vzahTJN+6eK1LT5d/u1wq
xHTFcsuT2JLLIqxx2MJ9FRtzIpn9tFJAHqVXd2XtXHuy4wGO848c
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:00 2025 by rpki-client