Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/HIV5DEHbJ1BZtIVb1rBNYszKywk.roa
File: HIV5DEHbJ1BZtIVb1rBNYszKywk.roa (raw, json)
Hash identifier: pQwLhpbt5HbafvI3B7G1sOjFUM0vR0/WRSR6ErCFvNM=
Subject key identifier: 1C:85:79:0C:41:DB:27:50:59:B4:85:5B:D6:B0:4D:62:CC:CA:CB:09
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 0194126D97D731397274BBC4874AC4ECAEB3
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/HIV5DEHbJ1BZtIVb1rBNYszKywk.roa
Signing time: Sun 29 Dec 2024 12:39:19 +0000
ROA not before: Sun 29 Dec 2024 12:39:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62157
IP address blocks: 5.160.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:12:6d:97:d7:31:39:72:74:bb:c4:87:4a:c4:ec:ae:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Dec 29 12:39:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c85790c41db275059b4855bd6b04d62cccacb09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f7:f7:97:cf:42:5b:19:ea:cc:d7:ea:e5:74:
65:3f:05:94:19:00:06:91:4b:d8:08:2f:b1:f9:de:
45:fe:40:af:e5:2e:90:ec:56:46:f4:6f:07:2b:af:
21:a5:6b:13:fe:28:3a:5b:7d:cb:f3:66:7a:53:fd:
21:78:fb:f0:e1:fc:aa:2e:4c:fc:47:a3:0c:3f:ad:
f5:a5:93:eb:44:e3:f6:47:ab:e0:56:8d:39:81:b4:
23:0f:22:0d:2a:0f:3e:66:91:4d:ab:28:89:aa:97:
49:75:ee:4d:86:37:22:21:bf:94:f4:00:3a:25:c9:
fd:4f:bb:27:ee:a0:c7:4a:8c:62:88:73:96:25:d3:
4f:0a:e7:5f:74:eb:e6:bd:a2:2c:79:a8:be:95:44:
98:81:d3:3a:5e:11:f1:a7:b2:fb:29:25:dc:b9:e6:
f2:31:d4:70:ce:87:dd:45:4a:81:87:49:4a:08:64:
90:2f:0b:c4:ae:99:48:ea:68:49:c4:cd:a6:51:fe:
5d:e4:62:95:75:35:ad:54:09:a2:94:fd:81:36:34:
70:33:1a:0b:a3:9c:b7:37:24:84:9b:b0:d5:82:bf:
85:b6:66:a4:1c:27:26:fd:8b:b2:36:37:14:c4:2d:
72:16:04:7e:7c:98:af:92:86:54:df:f0:3e:27:f8:
27:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:85:79:0C:41:DB:27:50:59:B4:85:5B:D6:B0:4D:62:CC:CA:CB:09
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/HIV5DEHbJ1BZtIVb1rBNYszKywk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.55.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:87:4a:5b:b2:7c:2d:cf:d3:ed:13:70:a7:d4:5a:71:da:8e:
56:15:0e:42:5c:4c:0e:95:55:1e:cc:1a:83:9b:94:e3:cb:e1:
17:cd:c0:f8:b2:8d:96:a6:6a:ac:3e:dd:d6:9e:d2:b1:5d:db:
51:27:32:63:62:7c:17:76:ab:f2:cf:70:0a:47:10:2d:6d:b9:
04:00:77:7b:20:0d:d2:c8:0e:e4:99:93:21:26:58:ac:5b:d0:
e1:41:20:d2:7a:19:48:ed:32:0f:b9:f9:14:71:7e:a9:73:32:
3f:3d:55:af:37:5e:cd:bd:21:bd:32:c5:68:b1:ec:a0:4d:77:
75:76:b9:0d:c5:c3:41:97:39:c4:89:63:13:a2:b7:dc:26:a6:
25:51:1f:70:bd:5c:81:b4:45:24:ef:af:e8:57:9b:82:3e:1f:
1b:21:ec:bb:ff:63:c5:c6:b4:bc:38:dd:82:5d:85:4f:a5:10:
f7:9b:0e:de:0a:70:22:16:84:a0:45:31:44:62:97:a6:73:1e:
0f:0a:3a:3a:a2:47:82:b7:eb:21:8f:0f:53:3d:08:6e:eb:9c:
42:a2:a9:2d:e9:d2:e0:22:9f:93:e9:92:38:7f:e5:a7:a3:80:
25:a1:66:ea:13:fc:1e:af:d8:4d:7c:d4:6e:2a:1d:f5:b1:a5:
47:23:3c:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQSbZfXMTlydLvEh0rE7K6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjQxMjI5MTIzOTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg1NzkwYzQxZGIyNzUwNTliNDg1NWJkNmIwNGQ2MmNjY2FjYjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/f3l89CWxnqzNfq5XRlPwWUGQAG
kUvYCC+x+d5F/kCv5S6Q7FZG9G8HK68hpWsT/ig6W33L82Z6U/0hePvw4fyqLkz8
R6MMP631pZPrROP2R6vgVo05gbQjDyINKg8+ZpFNqyiJqpdJde5NhjciIb+U9AA6
Jcn9T7sn7qDHSoxiiHOWJdNPCudfdOvmvaIseai+lUSYgdM6XhHxp7L7KSXcueby
MdRwzofdRUqBh0lKCGSQLwvErplI6mhJxM2mUf5d5GKVdTWtVAmilP2BNjRwMxoL
o5y3NySEm7DVgr+FtmakHCcm/YuyNjcUxC1yFgR+fJivkoZU3/A+J/gn7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFByFeQxB2ydQWbSFW9awTWLMyssJMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvSElWNURFSGJKMUJadElWYjFyQk5Zc3pLeXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaA3MA0G
CSqGSIb3DQEBCwUAA4IBAQBah0pbsnwtz9PtE3Cn1Fpx2o5WFQ5CXEwOlVUezBqD
m5Tjy+EXzcD4so2WpmqsPt3WntKxXdtRJzJjYnwXdqvyz3AKRxAtbbkEAHd7IA3S
yA7kmZMhJlisW9DhQSDSehlI7TIPufkUcX6pczI/PVWvN17NvSG9MsVoseygTXd1
drkNxcNBlznEiWMTorfcJqYlUR9wvVyBtEUk76/oV5uCPh8bIey7/2PFxrS8ON2C
XYVPpRD3mw7eCnAiFoSgRTFEYpemcx4PCjo6okeCt+shjw9TPQhu65xCoqkt6dLg
Ip+T6ZI4f+Wno4AloWbqE/wer9hNfNRuKh31saVHIzws
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:33:32 2025 by rpki-client