Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/2h7_lMxPklO-0KXURUkdcK8CMpw.roa
File: 2h7_lMxPklO-0KXURUkdcK8CMpw.roa (raw, json)
Hash identifier: qKRMQDAoN6JOYzE/j0D4AlzjI7YsFN6SHkR7cRs/QzU=
Subject key identifier: DA:1E:FF:94:CC:4F:92:53:BE:D0:A5:D4:45:49:1D:70:AF:02:32:9C
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 0194126BC056124BF6DE38445A23CBAD5612
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/2h7_lMxPklO-0KXURUkdcK8CMpw.roa
Signing time: Sun 29 Dec 2024 12:37:18 +0000
ROA not before: Sun 29 Dec 2024 12:37:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49847
IP address blocks: 5.160.160.0/24 maxlen: 24
5.160.161.0/24 maxlen: 24
5.160.164.0/24 maxlen: 24
5.160.165.0/24 maxlen: 24
46.209.54.0/24 maxlen: 24
46.209.55.0/24 maxlen: 24
46.209.178.0/24 maxlen: 24
46.209.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:12:6b:c0:56:12:4b:f6:de:38:44:5a:23:cb:ad:56:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Dec 29 12:37:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da1eff94cc4f9253bed0a5d445491d70af02329c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2a:94:af:f7:b7:95:21:5f:0b:49:2f:be:03:
2d:ae:00:66:c7:30:bb:de:93:a9:2a:1a:cc:c0:73:
ae:86:fc:c9:90:53:ff:58:7d:21:d9:5f:51:b5:c5:
74:1d:a2:66:c5:7f:c7:0f:21:58:84:73:bd:b6:14:
64:05:fe:8c:bc:08:5c:9f:11:b3:cd:6e:ec:9b:c1:
ac:37:ea:38:34:76:5f:f4:b1:86:82:23:34:d1:f6:
90:dc:ae:bf:19:b1:5c:25:3e:4a:7c:e3:19:26:b0:
74:80:e8:9f:9a:4f:a0:fe:d7:5f:43:fe:2f:e9:e9:
5e:2c:b0:e8:b7:83:46:2f:af:d7:55:28:00:a3:9d:
f1:a5:b2:20:7e:94:07:7f:71:1b:69:6b:90:8d:05:
62:af:58:26:c1:93:0a:8e:e7:2d:de:30:c7:bd:da:
b8:af:48:1d:d9:2d:4e:03:b5:1a:f0:69:c7:e8:1b:
3e:26:ad:51:2d:21:62:01:8d:37:93:1f:0a:7d:0b:
e8:33:36:7c:da:63:49:dc:88:38:6a:8e:b3:2c:fd:
cb:c5:94:d1:a5:3b:29:0c:93:a0:66:2f:2b:7a:a7:
70:a3:92:7b:02:c3:b6:f3:5d:23:3f:9b:0b:b0:0d:
cc:d6:cf:b4:62:71:d6:3d:1c:74:5e:5c:8a:2c:67:
ca:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1E:FF:94:CC:4F:92:53:BE:D0:A5:D4:45:49:1D:70:AF:02:32:9C
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/2h7_lMxPklO-0KXURUkdcK8CMpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.160.0/23
5.160.164.0/23
46.209.54.0/23
46.209.178.0/23
Signature Algorithm: sha256WithRSAEncryption
57:ba:cf:3a:49:d2:e7:1a:46:f1:fc:2e:7b:38:1a:d0:35:3a:
25:d2:76:2d:c3:78:f8:73:9a:cb:05:f4:26:94:83:3f:72:44:
0b:34:5e:ea:84:15:47:c0:bb:ed:1e:2a:db:7b:c4:77:6b:c1:
f7:83:22:28:2e:55:61:27:2b:3a:de:92:5e:a1:06:d2:78:de:
2a:20:f7:c3:16:14:28:3e:ed:39:52:f2:b1:e0:1a:22:28:64:
0f:52:7a:97:7a:98:85:05:da:07:c9:09:12:20:ee:a8:f5:6a:
57:cc:a4:44:28:6b:b9:91:c6:54:f4:37:f9:b8:29:21:86:25:
6f:ff:8c:f7:e9:35:b7:58:b5:8c:28:90:61:b5:78:c7:9d:4c:
17:5b:f7:3e:e3:4a:6b:1a:4c:c9:3f:e5:ac:54:8a:5b:aa:80:
b5:58:ab:b0:32:6c:16:c2:32:01:11:aa:14:3e:38:a5:9d:96:
f6:eb:27:b6:61:34:71:a1:f8:b6:cf:f1:1e:52:10:64:ff:35:
14:c5:99:47:a1:27:78:ed:e9:90:7c:b6:e3:c6:40:95:1e:1f:
6c:ec:04:38:26:80:5b:08:5c:54:74:d3:9e:9d:c5:2a:91:07:
f6:be:4b:15:54:f4:c6:be:28:d3:0e:e6:2a:61:d1:a8:f8:5f:
c5:51:74:00
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQSa8BWEkv23jhEWiPLrVYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjQxMjI5MTIzNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTFlZmY5NGNjNGY5MjUzYmVkMGE1ZDQ0NTQ5MWQ3MGFmMDIzMjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiqUr/e3lSFfC0kvvgMtrgBmxzC7
3pOpKhrMwHOuhvzJkFP/WH0h2V9RtcV0HaJmxX/HDyFYhHO9thRkBf6MvAhcnxGz
zW7sm8GsN+o4NHZf9LGGgiM00faQ3K6/GbFcJT5KfOMZJrB0gOifmk+g/tdfQ/4v
6eleLLDot4NGL6/XVSgAo53xpbIgfpQHf3EbaWuQjQVir1gmwZMKjuct3jDHvdq4
r0gd2S1OA7Ua8GnH6Bs+Jq1RLSFiAY03kx8KfQvoMzZ82mNJ3Ig4ao6zLP3LxZTR
pTspDJOgZi8reqdwo5J7AsO2810jP5sLsA3M1s+0YnHWPRx0XlyKLGfKsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNoe/5TMT5JTvtCl1EVJHXCvAjKcMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvMmg3X2xNeFBrbE8tMEtYVVJVa2RjSzhDTXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBaCgAwQB
BaCkAwQBLtE2AwQBLtGyMA0GCSqGSIb3DQEBCwUAA4IBAQBXus86SdLnGkbx/C57
OBrQNTol0nYtw3j4c5rLBfQmlIM/ckQLNF7qhBVHwLvtHirbe8R3a8H3gyIoLlVh
Jys63pJeoQbSeN4qIPfDFhQoPu05UvKx4BoiKGQPUnqXepiFBdoHyQkSIO6o9WpX
zKREKGu5kcZU9Df5uCkhhiVv/4z36TW3WLWMKJBhtXjHnUwXW/c+40prGkzJP+Ws
VIpbqoC1WKuwMmwWwjIBEaoUPjilnZb26ye2YTRxofi2z/EeUhBk/zUUxZlHoSd4
7emQfLbjxkCVHh9s7AQ4JoBbCFxUdNOencUqkQf2vksVVPTGvijTDuYqYdGo+F/F
UXQA
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:29:09 2025 by rpki-client