Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/xP07oR6VD5g05_cfXn0WvC74aRE.roa
File: xP07oR6VD5g05_cfXn0WvC74aRE.roa (raw, json)
Hash identifier: X3hDtMdXCaXdor3/COxEED3nF7VamMq0PK29Mngc4JI=
Subject key identifier: C4:FD:3B:A1:1E:95:0F:98:34:E7:F7:1F:5E:7D:16:BC:2E:F8:69:11
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 07384C64
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/xP07oR6VD5g05_cfXn0WvC74aRE.roa
Signing time: Sat 01 Jan 2022 14:08:22 +0000
ROA not before: Sat 01 Jan 2022 14:08:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212219
IP address blocks: 45.136.4.0/24 maxlen: 24
45.141.151.0/24 maxlen: 24
5.180.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121130084 (0x7384c64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jan 1 14:08:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4fd3ba11e950f9834e7f71f5e7d16bc2ef86911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:17:dd:b3:bd:8d:e8:72:54:96:4d:5a:6b:99:
75:25:d8:0e:09:bb:ac:ce:2c:80:9f:57:2f:ac:d0:
c0:01:d1:9a:fb:7a:d5:c7:8d:f2:c5:3b:1d:2b:9a:
d9:7b:86:8f:3c:3e:cd:58:80:e2:b7:bd:4b:0e:85:
10:34:e9:db:f5:b3:e7:8f:59:50:2e:b9:9b:1d:ac:
17:fe:b6:4a:ed:4d:38:81:f5:f9:34:3c:86:dc:01:
01:3e:62:96:40:8a:3e:23:53:5a:b0:ed:66:2a:84:
8d:15:0b:51:32:b2:0a:ec:a8:02:c9:b7:94:72:c7:
da:c0:82:55:9b:0e:20:56:07:74:ef:81:cc:05:7f:
e1:95:d8:45:60:89:70:1f:f5:60:20:87:d0:cc:21:
3e:ad:fe:bd:b0:53:1a:20:f3:c4:83:83:57:e7:58:
a0:fa:4e:ba:3f:a3:36:47:17:e6:ac:37:cc:81:41:
af:36:92:a6:2d:a5:d0:2f:32:5f:99:4c:36:9b:84:
a4:e7:7c:ec:5e:d4:8e:db:73:c4:78:b7:4b:70:23:
29:47:1c:da:a0:82:ed:53:61:dc:60:4c:ed:ca:45:
4d:86:bc:49:fc:09:69:58:fe:4c:6d:6a:bf:c1:7d:
10:ca:54:15:78:96:5b:c5:aa:42:a3:54:c5:34:b7:
00:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:FD:3B:A1:1E:95:0F:98:34:E7:F7:1F:5E:7D:16:BC:2E:F8:69:11
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/xP07oR6VD5g05_cfXn0WvC74aRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0/24
45.136.4.0/24
45.141.151.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:bf:03:a3:64:ce:59:07:1e:64:d5:55:f2:e1:1a:48:08:a9:
42:ef:53:c1:88:b7:ba:40:3a:a2:bb:72:3b:02:d6:a7:e8:f7:
17:19:90:ce:fd:46:bc:45:9b:c4:8b:80:cd:90:43:84:50:d4:
64:74:4f:89:43:be:42:9d:56:79:92:3a:12:19:78:b8:0c:a8:
00:8b:d7:d5:6a:51:47:3b:9e:ef:91:66:65:89:f6:31:6e:a9:
44:cb:be:49:b4:aa:8b:4c:6e:fb:10:e6:c9:8f:62:d7:87:c1:
40:ba:a1:58:b8:b4:8f:20:bc:ac:f3:e6:38:a5:2f:8e:72:cd:
18:3e:59:7c:24:36:00:41:9a:ec:2b:78:92:b4:57:e4:e4:3d:
ae:93:b3:6d:14:58:b2:ec:0f:4c:77:64:50:66:f9:f2:57:fd:
b3:42:0a:ad:85:c8:8d:6a:f5:d5:32:2f:b2:83:72:e6:2e:b0:
f6:2b:5d:eb:f3:d5:cc:2a:88:67:a0:3d:5c:2d:19:30:35:d9:
a4:eb:7d:55:6b:2d:a9:3d:c8:b2:21:f9:99:bd:5f:10:3f:2c:
75:d5:8b:d3:18:08:a9:d7:fd:9c:4f:a0:fa:35:b3:d8:dc:a6:
f1:13:c5:88:32:bb:ad:87:33:e8:53:e7:fa:ca:1c:ba:11:32:
ff:8f:3a:9f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBzhMZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ODA1ZjE3YzJkNzEzM2QyZGFkM2E4ZGY3ZTM1MzE1ZTM3ZWY1ZGFmMB4XDTIyMDEw
MTE0MDgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRmZDNiYTExZTk1
MGY5ODM0ZTdmNzFmNWU3ZDE2YmMyZWY4NjkxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ0X3bO9jehyVJZNWmuZdSXYDgm7rM4sgJ9XL6zQwAHRmvt6
1ceN8sU7HSua2XuGjzw+zViA4re9Sw6FEDTp2/Wz549ZUC65mx2sF/62Su1NOIH1
+TQ8htwBAT5ilkCKPiNTWrDtZiqEjRULUTKyCuyoAsm3lHLH2sCCVZsOIFYHdO+B
zAV/4ZXYRWCJcB/1YCCH0MwhPq3+vbBTGiDzxIODV+dYoPpOuj+jNkcX5qw3zIFB
rzaSpi2l0C8yX5lMNpuEpOd87F7UjttzxHi3S3AjKUcc2qCC7VNh3GBM7cpFTYa8
SfwJaVj+TG1qv8F9EMpUFXiWW8WqQqNUxTS3AB0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTE/TuhHpUPmDTn9x9efRa8LvhpETAfBgNVHSMEGDAWgBRIBfF8LXEz0trT
qN9+NTFeN+9drzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NBWHhmQzF4TTlMYTA2amZmalV4WGpmdlhhOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvOGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8x
L3hQMDdvUjZWRDVnMDVfY2ZYbjBXdkM3NGFSRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
OGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8xL1NBWHhmQzF4TTlM
YTA2amZmalV4WGpmdlhhOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAAW0aQMEAC2IBAMEAC2NlzANBgkq
hkiG9w0BAQsFAAOCAQEAO78Do2TOWQceZNVV8uEaSAipQu9TwYi3ukA6ortyOwLW
p+j3FxmQzv1GvEWbxIuAzZBDhFDUZHRPiUO+Qp1WeZI6Ehl4uAyoAIvX1WpRRzue
75FmZYn2MW6pRMu+SbSqi0xu+xDmyY9i14fBQLqhWLi0jyC8rPPmOKUvjnLNGD5Z
fCQ2AEGa7Ct4krRX5OQ9rpOzbRRYsuwPTHdkUGb58lf9s0IKrYXIjWr11TIvsoNy
5i6w9itd6/PVzCqIZ6A9XC0ZMDXZpOt9VWstqT3IsiH5mb1fED8sddWL0xgIqdf9
nE+g+jWz2Nym8RPFiDK7rYcz6FPn+socuhEy/486nw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:12 2025 by rpki-client