Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/GHXu-ofEbn2ZAS7sEwRjLflRzOs.roa
File: GHXu-ofEbn2ZAS7sEwRjLflRzOs.roa (raw, json)
Hash identifier: Arbwx8UBHUqzhFPF7OhEe7dTLm1q/5aFUaxsAbEN4OQ=
Subject key identifier: 18:75:EE:FA:87:C4:6E:7D:99:01:2E:EC:13:04:63:2D:F9:51:CC:EB
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 0185703986CD681F158490A0927BCF96AF45
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/GHXu-ofEbn2ZAS7sEwRjLflRzOs.roa
Signing time: Mon 02 Jan 2023 02:04:56 +0000
ROA not before: Mon 02 Jan 2023 02:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197595
IP address blocks: 5.133.192.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:86:cd:68:1f:15:84:90:a0:92:7b:cf:96:af:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Jan 2 02:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1875eefa87c46e7d99012eec1304632df951cceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:35:e5:8f:83:51:a6:6e:1b:7c:c8:0c:47:fc:
3e:50:c9:4f:db:23:a8:27:7d:1d:14:41:75:cb:9a:
05:d5:e9:bc:53:05:b6:db:45:9d:7b:bf:18:31:ce:
99:fe:07:89:37:2a:01:63:b4:ea:03:00:dc:b7:15:
87:a6:52:f2:32:7f:b7:cf:6c:f2:08:31:a3:53:f2:
c7:88:ba:53:e0:a4:5b:32:50:c6:88:3d:b1:52:2b:
97:7f:f2:74:20:82:95:ae:3e:8a:f7:cb:d2:90:ae:
ed:6e:ca:91:cb:12:de:f6:cb:e0:c8:dc:2c:b7:49:
5b:c0:34:82:fe:49:00:89:16:f7:93:82:59:ce:de:
85:1d:53:9a:ce:4d:26:bc:80:bf:4b:42:e1:a3:d8:
41:20:b2:c1:42:6f:e8:b3:d6:8b:c9:f7:e3:c2:55:
70:bc:72:97:5d:59:fc:34:9c:e0:9d:fa:67:8d:89:
ee:a7:64:26:0f:f2:f1:cc:60:5c:39:7e:5d:64:00:
8a:c5:9a:23:3d:7d:c7:2e:17:51:92:f1:9c:9e:46:
cb:70:0b:72:c3:a8:ce:6a:28:83:4b:a7:e3:de:49:
ab:98:d7:2d:b8:30:68:39:16:f9:9b:49:ca:27:79:
f2:27:c0:9b:ba:b9:ce:54:89:12:f8:37:39:61:5e:
02:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:75:EE:FA:87:C4:6E:7D:99:01:2E:EC:13:04:63:2D:F9:51:CC:EB
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/GHXu-ofEbn2ZAS7sEwRjLflRzOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.192.0/19
Signature Algorithm: sha256WithRSAEncryption
97:ec:23:55:0d:08:fb:39:8c:f4:90:ed:64:66:1b:cd:24:85:
63:1d:01:bf:60:bd:f0:35:70:c5:74:6e:89:5c:2c:06:4a:d8:
a6:d1:92:73:e2:ac:a6:80:bd:d8:23:7d:6e:f8:5e:2b:4e:51:
71:b6:9f:c3:3a:ab:a5:70:fe:1f:42:f6:fd:67:0b:1c:98:a6:
2f:c5:52:6c:b5:1f:b4:a2:90:11:eb:0f:4a:76:e9:b2:82:5a:
64:6c:ba:cd:e0:25:2f:3d:1f:ec:06:1d:59:24:9d:e0:6f:9c:
01:79:83:11:b3:fc:a4:f0:3c:ec:f6:68:39:79:4b:a1:04:1b:
c1:83:39:9d:3d:cf:d0:d6:7f:cd:1f:b4:88:24:d8:4b:0e:b0:
41:1f:11:11:bc:fb:6a:08:57:ab:c8:c5:51:e8:75:af:3e:e3:
92:ad:30:73:03:aa:a0:f7:ae:c2:d0:18:1d:55:e0:0e:f1:78:
4b:c9:8d:12:df:6a:c7:bb:94:49:85:17:cd:9e:2c:5f:ec:e3:
c7:29:50:98:3f:1d:8a:7b:93:42:be:5a:ec:e3:fc:30:90:93:
b6:a9:f1:37:3f:06:e2:7c:a2:97:14:1e:e4:7c:a0:dd:7d:9d:
88:97:b1:ec:31:3b:51:35:7c:e6:4a:7c:f9:b2:5f:bb:29:a8:
8f:aa:15:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOYbNaB8VhJCgknvPlq9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjMwMTAyMDIwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODc1ZWVmYTg3YzQ2ZTdkOTkwMTJlZWMxMzA0NjMyZGY5NTFjY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDXlj4NRpm4bfMgMR/w+UMlP2yOo
J30dFEF1y5oF1em8UwW220Wde78YMc6Z/geJNyoBY7TqAwDctxWHplLyMn+3z2zy
CDGjU/LHiLpT4KRbMlDGiD2xUiuXf/J0IIKVrj6K98vSkK7tbsqRyxLe9svgyNws
t0lbwDSC/kkAiRb3k4JZzt6FHVOazk0mvIC/S0Lho9hBILLBQm/os9aLyffjwlVw
vHKXXVn8NJzgnfpnjYnup2QmD/LxzGBcOX5dZACKxZojPX3HLhdRkvGcnkbLcAty
w6jOaiiDS6fj3kmrmNctuDBoORb5m0nKJ3nyJ8CburnOVIkS+Dc5YV4CcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBh17vqHxG59mQEu7BMEYy35UczrMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvR0hYdS1vZkVibjJaQVM3c0V3UmpMZmxSek9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFBYXAMA0G
CSqGSIb3DQEBCwUAA4IBAQCX7CNVDQj7OYz0kO1kZhvNJIVjHQG/YL3wNXDFdG6J
XCwGStim0ZJz4qymgL3YI31u+F4rTlFxtp/DOqulcP4fQvb9ZwscmKYvxVJstR+0
opAR6w9KdumyglpkbLrN4CUvPR/sBh1ZJJ3gb5wBeYMRs/yk8Dzs9mg5eUuhBBvB
gzmdPc/Q1n/NH7SIJNhLDrBBHxERvPtqCFeryMVR6HWvPuOSrTBzA6qg967C0Bgd
VeAO8XhLyY0S32rHu5RJhRfNnixf7OPHKVCYPx2Ke5NCvlrs4/wwkJO2qfE3Pwbi
fKKXFB7kfKDdfZ2Il7HsMTtRNXzmSnz5sl+7KaiPqhXQ
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:57:33 2025 by rpki-client