Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/2n_RNT5KcHvv6pdHW9dtOpgP0aw.roa
File: 2n_RNT5KcHvv6pdHW9dtOpgP0aw.roa (raw, json)
Hash identifier: OsKvudvXo7ph1NI4QLc0uSgB0qztyDZ1SEXIeLekcaY=
Subject key identifier: DA:7F:D1:35:3E:4A:70:7B:EF:EA:97:47:5B:D7:6D:3A:98:0F:D1:AC
Certificate issuer: /CN=56e3353d5f423ad4271c3261caa543140530bddb
Certificate serial: 018262A60333954C6447D97BEAFBF478B4B5
Authority key identifier: 56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/2n_RNT5KcHvv6pdHW9dtOpgP0aw.roa
Signing time: Wed 03 Aug 2022 07:40:23 +0000
ROA not before: Wed 03 Aug 2022 07:40:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41794
IP address blocks: 5.44.170.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:62:a6:03:33:95:4c:64:47:d9:7b:ea:fb:f4:78:b4:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56e3353d5f423ad4271c3261caa543140530bddb
Validity
Not Before: Aug 3 07:40:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da7fd1353e4a707befea97475bd76d3a980fd1ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:11:77:e7:59:f3:11:51:25:f4:f5:53:3a:79:
6e:37:07:72:b6:4c:5a:9c:3f:53:12:b0:43:01:98:
87:ed:6b:a7:3f:2f:91:9e:83:dd:f3:f3:2f:46:76:
78:a3:af:63:ec:86:b2:73:ba:c9:6f:c8:56:fe:8a:
1a:8b:e1:45:49:c7:64:36:d9:4c:07:c7:57:c8:ea:
6a:71:7f:c5:e7:63:71:4d:e9:e8:34:a8:06:42:f4:
e3:ba:1f:a7:c8:c6:47:d8:8d:5c:06:09:56:f4:67:
14:60:65:66:89:da:2c:5d:7f:10:43:30:28:df:12:
f5:c2:60:7a:e2:11:4e:3e:49:eb:43:61:51:d2:4a:
aa:5e:5a:f2:5e:18:4d:e7:90:94:62:fe:6a:a6:4c:
80:47:1d:93:39:d8:55:72:02:54:d5:06:0a:7c:82:
bd:41:8c:8b:6a:4b:65:f5:16:11:0e:0d:c5:e1:20:
24:88:9b:be:fa:be:14:4a:fe:d9:42:8f:e0:c4:47:
27:00:f7:82:85:7f:42:b2:ef:20:9e:ee:ad:8a:7a:
b4:fe:c7:77:dd:67:a3:cd:7d:0a:b0:ff:5c:b5:4f:
f0:a3:13:a2:7e:49:84:71:f4:37:ef:e1:72:3c:57:
f2:c0:3e:8f:07:d6:54:b3:6c:3f:4f:d1:e0:66:8f:
25:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7F:D1:35:3E:4A:70:7B:EF:EA:97:47:5B:D7:6D:3A:98:0F:D1:AC
X509v3 Authority Key Identifier:
keyid:56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/2n_RNT5KcHvv6pdHW9dtOpgP0aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VuM1PV9COtQnHDJhyqVDFAUwvds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.170.0/23
Signature Algorithm: sha256WithRSAEncryption
26:09:06:06:2b:8c:d3:95:37:f4:a4:70:bb:ba:58:81:94:28:
f8:97:6b:64:3a:c9:3b:a3:96:bd:5e:37:22:82:68:e7:75:6b:
7c:b0:21:1c:2d:35:9c:f1:e5:c9:81:fa:db:2b:3f:ec:33:43:
ba:6c:f4:95:e2:df:ab:5b:1b:43:89:0e:37:21:1a:4e:89:f9:
60:95:e3:53:f4:6b:b3:04:34:e7:eb:ab:59:df:15:47:94:b9:
ad:dd:5f:5b:81:e3:48:b6:de:6b:25:e3:ea:c3:b6:d9:73:1d:
9a:d3:d0:ad:05:ca:82:f0:30:b8:cb:39:1f:b5:f1:6e:18:2f:
49:4a:a5:18:3c:45:c2:50:42:0f:12:06:66:05:2c:d9:24:51:
18:89:b8:f3:18:ac:ab:d4:79:24:bc:3b:bb:31:8e:f5:d2:c9:
93:bc:e8:f1:47:98:22:be:a5:b1:7c:39:8c:65:b1:6c:41:28:
7e:7d:e9:18:b2:fb:7d:ca:cb:b8:b5:5b:0d:b9:ee:84:88:f0:
ed:14:f0:17:a6:61:d0:b6:96:a1:de:ce:d7:cf:9b:66:5e:87:
3e:72:15:aa:9c:da:01:55:7d:0b:b6:ca:40:e1:50:fd:71:0f:
04:3b:d3:7b:10:81:04:19:6b:27:38:4f:cf:0f:7b:70:dc:eb:
78:a2:7f:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJipgMzlUxkR9l76vv0eLS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZTMzNTNkNWY0MjNhZDQyNzFjMzI2MWNhYTU0MzE0MDUz
MGJkZGIwHhcNMjIwODAzMDc0MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTdmZDEzNTNlNGE3MDdiZWZlYTk3NDc1YmQ3NmQzYTk4MGZkMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBF351nzEVEl9PVTOnluNwdytkxa
nD9TErBDAZiH7WunPy+RnoPd8/MvRnZ4o69j7Iayc7rJb8hW/ooai+FFScdkNtlM
B8dXyOpqcX/F52NxTenoNKgGQvTjuh+nyMZH2I1cBglW9GcUYGVmidosXX8QQzAo
3xL1wmB64hFOPknrQ2FR0kqqXlryXhhN55CUYv5qpkyARx2TOdhVcgJU1QYKfIK9
QYyLaktl9RYRDg3F4SAkiJu++r4USv7ZQo/gxEcnAPeChX9Csu8gnu6tinq0/sd3
3WejzX0KsP9ctU/woxOifkmEcfQ37+FyPFfywD6PB9ZUs2w/T9HgZo8lqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNp/0TU+SnB77+qXR1vXbTqYD9GsMB8GA1UdIwQY
MBaAFFbjNT1fQjrUJxwyYcqlQxQFML3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTIt
ZTUyZGEzYjg2NzU0LzEvMm5fUk5UNUtjSHZ2NnBkSFc5ZHRPcGdQMGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTItZTUyZGEzYjg2NzU0
LzEvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBSyqMA0G
CSqGSIb3DQEBCwUAA4IBAQAmCQYGK4zTlTf0pHC7uliBlCj4l2tkOsk7o5a9Xjci
gmjndWt8sCEcLTWc8eXJgfrbKz/sM0O6bPSV4t+rWxtDiQ43IRpOiflgleNT9Guz
BDTn66tZ3xVHlLmt3V9bgeNItt5rJePqw7bZcx2a09CtBcqC8DC4yzkftfFuGC9J
SqUYPEXCUEIPEgZmBSzZJFEYibjzGKyr1HkkvDu7MY710smTvOjxR5givqWxfDmM
ZbFsQSh+fekYsvt9ysu4tVsNue6EiPDtFPAXpmHQtpah3s7Xz5tmXoc+chWqnNoB
VX0LtspA4VD9cQ8EO9N7EIEEGWsnOE/PD3tw3Ot4on8q
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:26 2025 by rpki-client