Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/5DYXLQIBBlVVVADHLcROVRLDUxo.roa
File: 5DYXLQIBBlVVVADHLcROVRLDUxo.roa (raw, json)
Hash identifier: sFCziSKAovI7SiandG4ZWxJHreqjkd5vWbydd03RhoA=
Subject key identifier: E4:36:17:2D:02:01:06:55:55:54:00:C7:2D:C4:4E:55:12:C3:53:1A
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 018570F0A407F3B7FE20596DC2E919617640
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/5DYXLQIBBlVVVADHLcROVRLDUxo.roa
Signing time: Mon 02 Jan 2023 05:24:56 +0000
ROA not before: Mon 02 Jan 2023 05:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36352
IP address blocks: 5.182.102.0/24 maxlen: 24
92.119.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:a4:07:f3:b7:fe:20:59:6d:c2:e9:19:61:76:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Jan 2 05:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e436172d02010655555400c72dc44e5512c3531a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c1:c7:a5:78:53:74:01:4e:37:d8:15:6c:7e:
7f:fc:c9:4a:e9:b6:0a:4b:39:e7:de:31:c3:54:fc:
65:0f:54:a7:ac:3d:79:c1:2c:60:a8:86:d5:15:fe:
bb:81:17:29:d1:c5:15:e0:79:30:b9:cd:2a:a9:e7:
24:43:23:55:d0:9d:a3:86:4a:73:28:1c:ca:ee:a1:
23:bf:65:a2:96:08:23:f7:47:61:cc:68:51:93:1b:
24:a8:ed:77:ab:74:4a:0b:ff:71:62:54:ca:01:30:
1f:a6:64:21:ab:b6:91:bc:96:b5:69:06:33:27:a3:
47:bd:60:a2:e2:d1:ae:45:ca:e3:ee:43:5c:77:96:
d2:23:2a:f3:4e:e9:b5:95:62:1c:f2:bc:0f:c7:8e:
01:49:0f:19:5e:c8:77:e9:45:63:ca:fb:c2:34:cf:
42:eb:5e:04:1e:41:f6:81:60:cb:e6:54:44:28:d0:
eb:dd:f8:ec:40:3b:bc:6d:fe:4e:f9:4d:70:18:04:
a6:63:ba:58:71:62:40:4d:40:7a:13:b4:78:61:84:
f6:a5:a7:54:a3:bd:07:e8:0d:32:1f:45:2d:72:1f:
11:f0:99:b8:ff:e5:f2:e6:d2:cf:9a:20:1f:d4:c0:
65:34:c5:17:ed:8f:48:1c:65:0c:1c:51:ee:77:3d:
f7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:36:17:2D:02:01:06:55:55:54:00:C7:2D:C4:4E:55:12:C3:53:1A
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/5DYXLQIBBlVVVADHLcROVRLDUxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.102.0/24
92.119.182.0/24
Signature Algorithm: sha256WithRSAEncryption
35:bd:9c:18:9d:bd:b8:af:7b:58:46:55:dd:46:61:10:09:e3:
46:36:27:55:45:69:99:59:ee:1a:05:5e:f8:10:8b:6b:a4:21:
ce:50:69:23:67:bb:d9:3e:b3:c6:54:04:2a:01:bd:3e:8a:a3:
ff:a0:2a:ab:e8:1f:24:ca:2e:f0:28:de:10:37:29:23:46:6f:
41:0f:51:6e:34:24:62:b5:df:83:0b:20:72:88:31:98:ae:41:
8d:26:69:86:cb:a3:4d:5d:21:db:a1:35:aa:56:0c:54:45:a0:
82:92:ac:11:37:95:79:ec:dc:ba:e2:4e:12:97:3e:b6:9d:03:
4f:8f:de:4c:26:f5:91:66:62:74:24:2d:ef:73:5c:f4:9d:e0:
d2:7e:4c:eb:a6:34:99:64:2e:59:56:b2:e5:03:4c:fd:f9:4c:
e4:07:5a:01:39:eb:37:cd:66:0a:11:7f:4b:00:c7:d9:74:6d:
93:e2:e8:cb:63:e9:21:8a:8d:8f:92:25:03:1d:9d:2a:35:7b:
88:7c:0a:3e:0b:c0:ec:b8:dc:a8:5b:35:41:c7:be:5b:8c:4a:
e2:27:50:c6:61:ce:2e:7e:4f:9a:df:44:76:cf:33:97:03:d7:
9c:1d:b6:66:6e:ee:63:1f:53:38:86:e6:21:4c:fc:7e:0c:d8:
7a:c3:f6:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw8KQH87f+IFltwukZYXZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjMwMTAyMDUyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDM2MTcyZDAyMDEwNjU1NTU1NDAwYzcyZGM0NGU1NTEyYzM1MzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcHHpXhTdAFON9gVbH5//MlK6bYK
Sznn3jHDVPxlD1SnrD15wSxgqIbVFf67gRcp0cUV4Hkwuc0qqeckQyNV0J2jhkpz
KBzK7qEjv2Wilggj90dhzGhRkxskqO13q3RKC/9xYlTKATAfpmQhq7aRvJa1aQYz
J6NHvWCi4tGuRcrj7kNcd5bSIyrzTum1lWIc8rwPx44BSQ8ZXsh36UVjyvvCNM9C
614EHkH2gWDL5lREKNDr3fjsQDu8bf5O+U1wGASmY7pYcWJATUB6E7R4YYT2padU
o70H6A0yH0Utch8R8Jm4/+Xy5tLPmiAf1MBlNMUX7Y9IHGUMHFHudz33IQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOQ2Fy0CAQZVVVQAxy3ETlUSw1MaMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvNURZWExRSUJCbFZWVkFESExjUk9WUkxEVXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbZmAwQA
XHe2MA0GCSqGSIb3DQEBCwUAA4IBAQA1vZwYnb24r3tYRlXdRmEQCeNGNidVRWmZ
We4aBV74EItrpCHOUGkjZ7vZPrPGVAQqAb0+iqP/oCqr6B8kyi7wKN4QNykjRm9B
D1FuNCRitd+DCyByiDGYrkGNJmmGy6NNXSHboTWqVgxURaCCkqwRN5V57Ny64k4S
lz62nQNPj95MJvWRZmJ0JC3vc1z0neDSfkzrpjSZZC5ZVrLlA0z9+UzkB1oBOes3
zWYKEX9LAMfZdG2T4ujLY+khio2PkiUDHZ0qNXuIfAo+C8DsuNyoWzVBx75bjEri
J1DGYc4ufk+a30R2zzOXA9ecHbZmbu5jH1M4huYhTPx+DNh6w/aB
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:08 2025 by rpki-client