Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/n1KmMN4wpr5aKqEcVv0T-lSe33I.roa
File: n1KmMN4wpr5aKqEcVv0T-lSe33I.roa (raw, json)
Hash identifier: IGoTz3wLPpcsx2lkRhd8bzOHIBTvNQi/d+S9KRd//NA=
Subject key identifier: 9F:52:A6:30:DE:30:A6:BE:5A:2A:A1:1C:56:FD:13:FA:54:9E:DF:72
Certificate issuer: /CN=a71cc0d58b16adbbf7fa5c2fdbc3659f9c73c7ba
Certificate serial: 01856DDD6A25A0E897794D8E7E2BFFC1A3B5
Authority key identifier: A7:1C:C0:D5:8B:16:AD:BB:F7:FA:5C:2F:DB:C3:65:9F:9C:73:C7:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxzA1YsWrbv3-lwv28Nln5xzx7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/n1KmMN4wpr5aKqEcVv0T-lSe33I.roa
Signing time: Sun 01 Jan 2023 15:05:05 +0000
ROA not before: Sun 01 Jan 2023 15:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12301
IP address blocks: 5.56.34.0/24 maxlen: 24
5.56.35.0/24 maxlen: 24
2a01:47c2::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:6a:25:a0:e8:97:79:4d:8e:7e:2b:ff:c1:a3:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71cc0d58b16adbbf7fa5c2fdbc3659f9c73c7ba
Validity
Not Before: Jan 1 15:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f52a630de30a6be5a2aa11c56fd13fa549edf72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ec:e5:37:36:fa:18:c8:11:bc:0a:3f:2f:1a:
72:7e:28:ea:09:ef:15:4d:5e:1c:10:7a:8f:cd:87:
b9:83:fc:a2:69:2c:d9:5c:66:f2:4e:74:0b:14:98:
eb:58:16:fd:15:44:28:38:a5:d6:7d:13:66:bd:66:
f2:74:51:5e:3f:09:8d:f0:b8:32:66:a8:a4:c1:62:
36:b2:f2:46:a9:b2:c7:7d:cc:db:11:fd:c8:ba:9b:
a8:a6:d9:2f:25:45:91:eb:64:ae:18:92:29:71:cc:
05:9e:a3:78:6e:d7:3c:d2:8e:ef:51:9d:10:c1:80:
e1:78:db:35:a2:0b:b2:dc:90:21:c3:1c:cc:62:60:
ca:63:27:af:d8:9f:a8:c9:8a:1c:41:9e:01:d1:35:
1b:78:0e:0f:90:1f:29:7f:bf:8f:fb:b9:db:ff:04:
a8:56:5c:fb:6c:dc:99:40:30:cb:4f:34:14:81:94:
c5:f3:36:d0:88:83:33:e7:9b:99:94:f8:79:10:22:
5a:6f:6f:27:5a:b7:64:62:7c:26:e2:ef:43:ac:d4:
69:00:f6:8e:bc:b9:d9:d6:a8:91:07:b1:9d:ab:2f:
b3:13:e7:53:d9:89:14:64:cb:11:68:a6:50:1e:5b:
a0:72:51:42:27:5c:a1:e9:89:f7:eb:4c:88:9f:21:
c6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:52:A6:30:DE:30:A6:BE:5A:2A:A1:1C:56:FD:13:FA:54:9E:DF:72
X509v3 Authority Key Identifier:
keyid:A7:1C:C0:D5:8B:16:AD:BB:F7:FA:5C:2F:DB:C3:65:9F:9C:73:C7:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxzA1YsWrbv3-lwv28Nln5xzx7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/n1KmMN4wpr5aKqEcVv0T-lSe33I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/pxzA1YsWrbv3-lwv28Nln5xzx7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.34.0/23
IPv6:
2a01:47c2::/32
Signature Algorithm: sha256WithRSAEncryption
b1:0b:07:93:48:b4:45:a5:d7:29:c7:74:39:c9:4b:c5:f9:18:
81:0d:66:1a:fe:28:ca:58:48:ea:f5:63:5c:d3:b4:a6:9f:27:
82:e9:d5:df:63:50:cb:88:30:47:eb:d1:43:96:06:d1:9a:fd:
7d:2f:4c:44:75:c3:20:d7:8a:27:12:0f:13:04:89:c6:24:9d:
79:b7:17:29:c4:b8:57:9a:aa:4e:0e:18:28:4a:e4:b7:7a:a6:
89:7b:85:84:36:ac:df:0d:4b:ae:12:ba:60:0a:73:a1:78:a4:
53:7b:6c:5f:fb:62:b9:23:ed:7a:40:d7:04:82:79:5c:24:09:
f4:5a:e2:d3:d1:bc:de:c7:27:e6:38:be:b8:51:79:1e:5c:dd:
db:fd:38:03:75:d3:05:e5:c0:10:c2:48:b2:27:a2:8b:16:76:
58:4a:26:bb:dc:32:c1:f1:82:1c:e8:08:e1:84:44:84:aa:3d:
78:80:3c:8f:48:77:dd:91:f0:9e:dc:a2:48:e9:01:30:c7:9b:
90:63:30:7b:c3:3b:d3:f8:29:a2:0e:6c:2f:38:4b:d2:5a:b0:
bc:fa:3a:ca:a9:d6:86:10:b4:c3:29:74:71:fd:18:19:c6:50:
23:fa:4d:1c:9f:7a:50:0b:3c:e4:d0:93:51:b4:85:86:89:bc:
46:ef:07:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt3WoloOiXeU2Ofiv/waO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWNjMGQ1OGIxNmFkYmJmN2ZhNWMyZmRiYzM2NTlmOWM3
M2M3YmEwHhcNMjMwMTAxMTUwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjUyYTYzMGRlMzBhNmJlNWEyYWExMWM1NmZkMTNmYTU0OWVkZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuezlNzb6GMgRvAo/LxpyfijqCe8V
TV4cEHqPzYe5g/yiaSzZXGbyTnQLFJjrWBb9FUQoOKXWfRNmvWbydFFePwmN8Lgy
ZqikwWI2svJGqbLHfczbEf3IupuoptkvJUWR62SuGJIpccwFnqN4btc80o7vUZ0Q
wYDheNs1oguy3JAhwxzMYmDKYyev2J+oyYocQZ4B0TUbeA4PkB8pf7+P+7nb/wSo
Vlz7bNyZQDDLTzQUgZTF8zbQiIMz55uZlPh5ECJab28nWrdkYnwm4u9DrNRpAPaO
vLnZ1qiRB7Gdqy+zE+dT2YkUZMsRaKZQHlugclFCJ1yh6Yn360yInyHGVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ9SpjDeMKa+WiqhHFb9E/pUnt9yMB8GA1UdIwQY
MBaAFKccwNWLFq279/pcL9vDZZ+cc8e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHh6QTFZc1dyYnYzLWx3djI4TmxuNXh6eDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81ZjVhNjAtOTAyNi00YjY2LWJhYWEt
ZGU2NDBkMDEyMDY1LzEvbjFLbU1ONHdwcjVhS3FFY1Z2MFQtbFNlMzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81ZjVhNjAtOTAyNi00YjY2LWJhYWEtZGU2NDBkMDEyMDY1
LzEvcHh6QTFZc1dyYnYzLWx3djI4TmxuNXh6eDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBBTgiMA0E
AgACMAcDBQAqAUfCMA0GCSqGSIb3DQEBCwUAA4IBAQCxCweTSLRFpdcpx3Q5yUvF
+RiBDWYa/ijKWEjq9WNc07SmnyeC6dXfY1DLiDBH69FDlgbRmv19L0xEdcMg14on
Eg8TBInGJJ15txcpxLhXmqpODhgoSuS3eqaJe4WENqzfDUuuErpgCnOheKRTe2xf
+2K5I+16QNcEgnlcJAn0WuLT0bzexyfmOL64UXkeXN3b/TgDddMF5cAQwkiyJ6KL
FnZYSia73DLB8YIc6AjhhESEqj14gDyPSHfdkfCe3KJI6QEwx5uQYzB7wzvT+Cmi
DmwvOEvSWrC8+jrKqdaGELTDKXRx/RgZxlAj+k0cn3pQCzzk0JNRtIWGibxG7wcj
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:22 2025 by rpki-client