Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/zqxfzJRI4IImjlupIMg7aM_5d8o.roa
File: zqxfzJRI4IImjlupIMg7aM_5d8o.roa (raw, json)
Hash identifier: m3K7FxtOv5P7WOWgMrOZvFVpMZg817rM59NbHHKWwEE=
Subject key identifier: CE:AC:5F:CC:94:48:E0:82:26:8E:5B:A9:20:C8:3B:68:CF:F9:77:CA
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 087444C4
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/zqxfzJRI4IImjlupIMg7aM_5d8o.roa
Signing time: Thu 05 May 2022 13:30:43 +0000
ROA not before: Thu 05 May 2022 13:30:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.106.0/24 maxlen: 24
45.141.150.0/24 maxlen: 24
45.147.46.0/24 maxlen: 24
194.116.229.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
45.136.6.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141837508 (0x87444c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: May 5 13:30:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ceac5fcc9448e082268e5ba920c83b68cff977ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a8:ac:84:40:5c:b4:de:d4:e1:be:a0:cb:ae:
5d:a5:53:0f:52:5c:2b:36:bc:f7:30:95:c7:e0:e1:
98:e2:07:b5:85:23:26:75:0c:7a:b9:00:f6:4a:ab:
ac:8b:de:84:d5:e7:77:18:34:3c:99:11:13:00:c4:
df:0c:5c:81:1c:e1:d2:3e:9d:2c:e4:d7:a6:78:b0:
5a:96:ac:52:23:9c:5a:3e:f7:00:3e:d8:37:c0:21:
44:77:14:3b:4e:9c:30:09:ea:43:9e:77:04:9f:d4:
0d:ca:42:3b:e0:82:8c:56:e4:11:1a:90:1d:ba:3f:
d9:09:1c:e8:3c:22:f1:6a:4d:ad:cd:33:16:36:90:
ce:bf:99:78:b3:18:9b:7a:3d:87:a8:fd:26:81:d1:
7d:f6:79:cb:47:e0:e4:f9:c8:02:b8:fc:79:3d:b9:
e3:9e:63:2e:e1:a1:56:23:79:8a:fc:50:b4:c7:c5:
70:64:3d:f2:ac:90:76:4c:e5:1d:b9:0c:41:a2:96:
4c:bf:3a:af:d5:36:02:85:7d:57:4a:39:1e:53:43:
5a:eb:50:ca:b0:e9:57:b3:d8:43:19:89:89:ba:b8:
04:2d:2d:97:c6:e0:88:3d:30:14:cb:b5:0d:aa:84:
4b:56:75:09:28:0b:e1:0c:ad:cd:bb:38:a0:41:d3:
2d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AC:5F:CC:94:48:E0:82:26:8E:5B:A9:20:C8:3B:68:CF:F9:77:CA
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/zqxfzJRI4IImjlupIMg7aM_5d8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.106.0/24
45.131.2.0/24
45.136.6.0/24
45.141.150.0/24
45.147.46.0/24
77.83.200.0/22
194.116.229.0/24
194.116.236.0/23
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
Signature Algorithm: sha256WithRSAEncryption
37:f6:92:0d:71:db:e4:59:54:a8:46:96:5d:7d:e4:13:f4:c2:
84:b6:b5:05:bb:1c:5e:52:0b:07:e2:ab:13:2c:d9:3e:0e:81:
2c:f6:a4:00:22:77:ca:9d:88:0e:22:79:57:aa:98:1e:2d:e7:
c6:5a:86:3f:9b:42:3a:e5:96:a9:da:1c:57:c0:f3:31:62:bc:
82:c8:88:b3:7c:08:48:d2:b7:96:77:17:38:bc:9b:2f:b3:32:
ca:a9:37:0f:6d:a3:b0:19:d9:59:ed:c5:af:d5:9f:22:4d:85:
1c:f8:08:d6:ad:6c:61:84:1f:32:fa:3b:f6:44:3d:8b:f5:31:
e4:a4:28:34:1d:82:89:e0:c1:53:cd:c4:35:35:58:fa:02:39:
c9:1b:6a:42:6a:a6:7b:6f:44:45:87:98:f9:7f:62:9e:a5:98:
74:9b:2e:11:97:22:7c:9e:ea:6c:e4:cd:c0:d8:af:87:c3:9d:
e6:7a:3d:f9:a3:bf:cd:cc:ff:ac:4c:36:13:9e:57:66:58:d5:
8e:5a:c8:d9:fd:a0:1d:b4:cb:b9:05:be:84:cf:ad:e9:44:0f:
db:cf:a9:53:91:a0:6e:a4:f9:e8:1c:d0:95:3c:1f:0b:64:52:
8c:5a:2c:50:bf:03:38:82:bf:47:a9:f2:20:01:63:b1:97:a1:
6e:96:3e:51
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIECHRExDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ODA1ZjE3YzJkNzEzM2QyZGFkM2E4ZGY3ZTM1MzE1ZTM3ZWY1ZGFmMB4XDTIyMDUw
NTEzMzA0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2VhYzVmY2M5NDQ4
ZTA4MjI2OGU1YmE5MjBjODNiNjhjZmY5NzdjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOorIRAXLTe1OG+oMuuXaVTD1JcKza89zCVx+DhmOIHtYUj
JnUMerkA9kqrrIvehNXndxg0PJkREwDE3wxcgRzh0j6dLOTXpniwWpasUiOcWj73
AD7YN8AhRHcUO06cMAnqQ553BJ/UDcpCO+CCjFbkERqQHbo/2Qkc6Dwi8WpNrc0z
FjaQzr+ZeLMYm3o9h6j9JoHRffZ5y0fg5PnIArj8eT25455jLuGhViN5ivxQtMfF
cGQ98qyQdkzlHbkMQaKWTL86r9U2AoV9V0o5HlNDWutQyrDpV7PYQxmJibq4BC0t
l8bgiD0wFMu1DaqES1Z1CSgL4Qytzbs4oEHTLVsCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBTOrF/MlEjggiaOW6kgyDtoz/l3yjAfBgNVHSMEGDAWgBRIBfF8LXEz0trT
qN9+NTFeN+9drzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NBWHhmQzF4TTlMYTA2amZmalV4WGpmdlhhOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvOGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8x
L3pxeGZ6SlJJNElJbWpsdXBJTWc3YU1fNWQ4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
OGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8xL1NBWHhmQzF4TTlM
YTA2amZmalV4WGpmdlhhOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEAAW0agMEAC2DAgMEAC2IBgMEAC2N
lgMEAC2TLgMEAk1TyAMEAMJ05QMEAcJ07AMEAMKSJAMEAMKSLzANBAIAAjAHAwUD
KgmHgDANBgkqhkiG9w0BAQsFAAOCAQEAN/aSDXHb5FlUqEaWXX3kE/TChLa1Bbsc
XlILB+KrEyzZPg6BLPakACJ3yp2IDiJ5V6qYHi3nxlqGP5tCOuWWqdocV8DzMWK8
gsiIs3wISNK3lncXOLybL7Myyqk3D22jsBnZWe3Fr9WfIk2FHPgI1q1sYYQfMvo7
9kQ9i/Ux5KQoNB2CieDBU83ENTVY+gI5yRtqQmqme29ERYeY+X9inqWYdJsuEZci
fJ7qbOTNwNivh8Od5no9+aO/zcz/rEw2E55XZljVjlrI2f2gHbTLuQW+hM+t6UQP
28+pU5GgbqT56BzQlTwfC2RSjFosUL8DOIK/R6nyIAFjsZehbpY+UQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:40 2025 by rpki-client