Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/yIHHnPLFcpSdCbr9TFplmx5_MXs.roa
File: yIHHnPLFcpSdCbr9TFplmx5_MXs.roa (raw, json)
Hash identifier: nkclmrN05iXK3KNbt6ZIgsziTzksBzze2yX00wFJTHw=
Subject key identifier: C8:81:C7:9C:F2:C5:72:94:9D:09:BA:FD:4C:5A:65:9B:1E:7F:31:7B
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 0798AC2C
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/yIHHnPLFcpSdCbr9TFplmx5_MXs.roa
Signing time: Mon 07 Feb 2022 21:00:06 +0000
ROA not before: Mon 07 Feb 2022 21:00:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211376
IP address blocks: 45.147.44.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.131.1.114/32 maxlen: 32
194.116.228.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
2a0f:b700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127446060 (0x798ac2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Feb 7 21:00:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c881c79cf2c572949d09bafd4c5a659b1e7f317b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:72:b1:49:13:26:f8:33:ca:e4:a5:33:76:8a:
aa:13:3f:ef:ba:cd:44:d6:bd:77:78:dd:3d:7a:c0:
7b:96:b7:f8:52:e1:86:d9:44:8f:56:c6:f8:06:7f:
35:83:36:63:50:58:41:58:bc:9c:8d:46:df:9a:aa:
d4:cb:05:1a:53:27:e1:ae:a5:48:24:4d:49:7e:af:
bc:4b:01:09:b4:58:34:c3:ee:88:0e:fa:c9:f9:c1:
6e:de:f9:be:07:cb:d9:75:d5:a5:92:57:1b:3a:08:
db:6d:ed:3d:aa:2b:16:92:f4:11:14:49:98:b1:f4:
ff:a1:fc:95:9b:70:88:71:ce:47:a1:1d:d8:f1:db:
71:fb:d3:6f:e6:ab:12:99:56:da:31:a9:b9:37:b0:
a5:b2:8e:76:fe:8f:f4:7e:8c:df:dc:43:4b:9e:77:
22:07:21:4f:a4:13:85:02:ae:9e:5b:63:f7:88:8e:
b8:8d:05:46:f3:a6:d8:fe:86:09:59:69:a6:03:7e:
9c:e4:e2:31:0d:79:5b:ee:b3:cc:88:eb:10:26:3e:
ee:de:4a:94:c1:53:3b:00:bc:99:3d:20:15:30:bd:
47:6e:17:d1:5b:bf:61:9e:f7:31:27:b2:0c:fa:8c:
ba:e6:eb:3d:a4:49:d7:2d:50:48:70:f7:4e:55:3b:
85:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:81:C7:9C:F2:C5:72:94:9D:09:BA:FD:4C:5A:65:9B:1E:7F:31:7B
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/yIHHnPLFcpSdCbr9TFplmx5_MXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.107.0/24
45.131.1.0/24
45.136.5.0/24
45.147.44.0/24
194.116.228.0/24
IPv6:
2a0f:b700::/29
Signature Algorithm: sha256WithRSAEncryption
41:ef:3f:25:2a:8f:a5:7b:09:75:14:54:06:66:76:4c:c0:2c:
fa:34:ac:f0:24:ce:ee:a7:00:96:cf:92:ce:75:03:ef:6e:b7:
39:d3:1f:c5:f5:10:d3:59:57:56:be:05:82:d2:17:9d:ea:f5:
df:48:91:4c:19:68:47:2b:21:52:d9:a8:9a:19:52:84:ad:d6:
4a:69:ef:d3:a6:61:e9:9c:f2:3e:b9:7b:da:f4:fe:64:6e:7a:
58:89:ec:1f:b9:d3:64:59:86:82:33:44:d4:e2:8b:8d:11:df:
2c:b0:9a:ad:ad:38:eb:c5:ce:07:0e:5a:56:15:0d:00:0f:6e:
d9:e9:f2:8a:b4:13:aa:4f:7d:c6:e6:4f:51:9b:3c:c7:c6:90:
c3:5a:f1:fd:02:46:6d:5d:92:7c:c8:bb:98:4c:22:98:b5:ac:
73:a8:40:88:2e:63:63:05:8c:46:9d:5b:5b:6f:1b:2b:34:38:
19:6e:fa:23:72:95:2e:00:a1:7e:f2:fd:d4:e9:74:2b:18:c1:
fa:6c:62:b5:c4:7e:11:45:d2:26:df:60:fb:97:a0:be:7a:83:
17:0c:bb:34:a0:82:a3:e1:d8:b1:c4:8a:00:51:97:0e:fe:d0:
ab:d8:7c:dc:1f:53:b5:91:53:e9:d1:42:5a:91:34:02:12:06:
57:5a:6a:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEB5isLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ODA1ZjE3YzJkNzEzM2QyZGFkM2E4ZGY3ZTM1MzE1ZTM3ZWY1ZGFmMB4XDTIyMDIw
NzIxMDAwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg4MWM3OWNmMmM1
NzI5NDlkMDliYWZkNGM1YTY1OWIxZTdmMzE3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxysUkTJvgzyuSlM3aKqhM/77rNRNa9d3jdPXrAe5a3+FLh
htlEj1bG+AZ/NYM2Y1BYQVi8nI1G35qq1MsFGlMn4a6lSCRNSX6vvEsBCbRYNMPu
iA76yfnBbt75vgfL2XXVpZJXGzoI223tPaorFpL0ERRJmLH0/6H8lZtwiHHOR6Ed
2PHbcfvTb+arEplW2jGpuTewpbKOdv6P9H6M39xDS553IgchT6QThQKunltj94iO
uI0FRvOm2P6GCVlppgN+nOTiMQ15W+6zzIjrECY+7t5KlMFTOwC8mT0gFTC9R24X
0Vu/YZ73MSeyDPqMuubrPaRJ1y1QSHD3TlU7hQsCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTIgcec8sVylJ0Juv1MWmWbHn8xezAfBgNVHSMEGDAWgBRIBfF8LXEz0trT
qN9+NTFeN+9drzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NBWHhmQzF4TTlMYTA2amZmalV4WGpmdlhhOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvOGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8x
L3lJSEhuUExGY3BTZENicjlURnBsbXg1X01Ycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
OGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8xL1NBWHhmQzF4TTlM
YTA2amZmalV4WGpmdlhhOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAAW0awMEAC2DAQMEAC2IBQMEAC2T
LAMEAMJ05DANBAIAAjAHAwUDKg+3ADANBgkqhkiG9w0BAQsFAAOCAQEAQe8/JSqP
pXsJdRRUBmZ2TMAs+jSs8CTO7qcAls+SznUD7263OdMfxfUQ01lXVr4FgtIXner1
30iRTBloRyshUtmomhlShK3WSmnv06Zh6ZzyPrl72vT+ZG56WInsH7nTZFmGgjNE
1OKLjRHfLLCara0468XOBw5aVhUNAA9u2enyirQTqk99xuZPUZs8x8aQw1rx/QJG
bV2SfMi7mEwimLWsc6hAiC5jYwWMRp1bW28bKzQ4GW76I3KVLgChfvL91Ol0KxjB
+mxitcR+EUXSJt9g+5egvnqDFwy7NKCCo+HYscSKAFGXDv7Qq9h83B9TtZFT6dFC
WpE0AhIGV1pq0A==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:03 2025 by rpki-client