Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ohpeTb6iSuog8Db3qD0UjgKvpLg.roa
File: ohpeTb6iSuog8Db3qD0UjgKvpLg.roa (raw, json)
Hash identifier: MAUPzF0Vzyq2JT7qJxBHPHenHws1X7S7FWiOb1n69F4=
Subject key identifier: A2:1A:5E:4D:BE:A2:4A:EA:20:F0:36:F7:A8:3D:14:8E:02:AF:A4:B8
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 3D4AA91C
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ohpeTb6iSuog8Db3qD0UjgKvpLg.roa
Signing time: Sat 01 Jan 2022 06:55:09 +0000
ROA not before: Sat 01 Jan 2022 06:55:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17819
IP address blocks: 5.152.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1028303132 (0x3d4aa91c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 06:55:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a21a5e4dbea24aea20f036f7a83d148e02afa4b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ae:70:88:d4:74:21:1e:a4:7b:12:77:c1:5d:
ed:c1:25:92:ac:c4:1d:c9:ae:28:c9:50:05:f0:dd:
44:7a:7e:19:fd:fc:1b:2d:1b:c7:49:56:ea:c5:47:
45:50:7e:d2:8b:64:8a:2f:c0:32:ac:29:cd:6d:26:
4c:cf:e5:87:e8:4d:12:7c:ef:f9:07:0c:ec:63:dc:
1d:1d:5a:f8:7e:aa:93:f6:c3:4f:28:fd:86:e4:38:
51:d0:f1:32:29:06:41:71:4b:6b:96:15:59:01:34:
e5:6e:95:dd:c8:e5:cd:77:eb:c0:df:b7:44:75:d9:
a5:74:37:07:de:41:9f:3e:51:ba:f7:ed:a3:ae:ba:
8b:8c:eb:7e:48:08:e6:16:3e:3e:1f:7b:a9:80:f8:
59:95:a9:99:3b:c6:a6:73:56:4a:8e:cc:dc:e4:85:
4c:dc:fa:a6:9b:1c:f8:0b:fd:01:79:5d:8c:a8:31:
d3:ab:fb:d1:22:ba:49:42:b5:c3:db:50:a3:c2:2b:
2f:2c:42:a5:38:ee:c2:ff:97:6e:ed:d2:03:78:d9:
c9:6f:97:04:c5:bf:79:71:6a:8d:e7:7a:92:dc:14:
c6:66:cb:60:67:b2:1c:0a:0b:2a:f7:0f:1d:57:4f:
35:8c:3f:00:ac:04:0b:99:c2:26:2c:d8:84:a9:1c:
bc:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1A:5E:4D:BE:A2:4A:EA:20:F0:36:F7:A8:3D:14:8E:02:AF:A4:B8
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ohpeTb6iSuog8Db3qD0UjgKvpLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.180.0/24
Signature Algorithm: sha256WithRSAEncryption
66:0c:27:79:fc:b7:9b:9e:11:4b:e1:df:23:9c:30:0b:0b:fb:
e1:a1:4d:5d:0e:49:ee:f8:c7:ed:bb:3a:8c:b4:43:fe:fd:96:
a6:2e:a7:1d:98:6c:89:2a:98:cb:fb:ee:a3:b8:ac:44:06:4f:
14:53:10:e1:d3:7a:b3:31:82:58:be:f2:53:dc:37:06:47:5f:
4b:3c:f9:f9:2b:f2:a7:2c:d3:6d:12:d7:de:72:da:74:8b:a1:
9c:20:a6:22:d0:cb:55:d7:0e:2d:9b:3a:18:84:a0:b9:90:35:
3d:4e:ff:16:3e:8a:c3:e3:9d:af:be:d6:8a:4f:e4:0f:53:5c:
7b:7a:80:83:9a:18:62:ee:86:a5:95:ec:8b:6f:ec:fc:99:ca:
2d:cc:06:1b:9b:22:c0:75:71:e6:aa:b5:ba:f7:21:3c:69:83:
ff:8f:c4:99:31:62:d8:57:17:72:df:b0:3d:26:0c:ee:72:7f:
3c:0d:c8:c5:91:0c:41:51:17:07:6a:24:07:36:42:03:5b:19:
da:70:3e:de:4e:76:f5:8c:c6:c6:3e:4d:38:e3:40:07:11:5b:
c2:f2:f9:c6:cb:c1:97:5b:f0:f1:d1:5a:33:cb:0c:7e:3c:d1:
91:ab:53:fa:bd:11:dd:47:9b:47:8d:d4:f0:3e:e2:4b:7d:18:
83:76:68:b1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEPUqpHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTZlZDBmYjdiMzIwODMyYWMxNTgwNTM0YzdiMjYzZjMwNGU5ODFiMB4XDTIyMDEw
MTA2NTUwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTIxYTVlNGRiZWEy
NGFlYTIwZjAzNmY3YTgzZDE0OGUwMmFmYTRiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuucIjUdCEepHsSd8Fd7cElkqzEHcmuKMlQBfDdRHp+Gf38
Gy0bx0lW6sVHRVB+0otkii/AMqwpzW0mTM/lh+hNEnzv+QcM7GPcHR1a+H6qk/bD
Tyj9huQ4UdDxMikGQXFLa5YVWQE05W6V3cjlzXfrwN+3RHXZpXQ3B95Bnz5Ruvft
o666i4zrfkgI5hY+Ph97qYD4WZWpmTvGpnNWSo7M3OSFTNz6ppsc+Av9AXldjKgx
06v70SK6SUK1w9tQo8IrLyxCpTjuwv+Xbu3SA3jZyW+XBMW/eXFqjed6ktwUxmbL
YGeyHAoLKvcPHVdPNYw/AKwEC5nCJizYhKkcvJcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSiGl5NvqJK6iDwNveoPRSOAq+kuDAfBgNVHSMEGDAWgBS6btD7ezIIMqwV
gFNMeyY/ME6YGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VtN1EtM3N5Q0RLc0ZZQlRUSHNtUHpCT21Ccy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvNDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8x
L29ocGVUYjZpU3VvZzhEYjNxRDBVamdLdnBMZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
NDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8xL3VtN1EtM3N5Q0RL
c0ZZQlRUSHNtUHpCT21Ccy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWYtDANBgkqhkiG9w0BAQsFAAOC
AQEAZgwnefy3m54RS+HfI5wwCwv74aFNXQ5J7vjH7bs6jLRD/v2Wpi6nHZhsiSqY
y/vuo7isRAZPFFMQ4dN6szGCWL7yU9w3BkdfSzz5+SvypyzTbRLX3nLadIuhnCCm
ItDLVdcOLZs6GISguZA1PU7/Fj6Kw+Odr77Wik/kD1Nce3qAg5oYYu6GpZXsi2/s
/JnKLcwGG5siwHVx5qq1uvchPGmD/4/EmTFi2FcXct+wPSYM7nJ/PA3IxZEMQVEX
B2okBzZCA1sZ2nA+3k529YzGxj5NOONABxFbwvL5xsvBl1vw8dFaM8sMfjzRkatT
+r0R3UebR43U8D7iS30Yg3ZosQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:53 2025 by rpki-client