Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/222376-5cf6-4978-a8a3-d741fb273116/1/5tJwCaat-bsRZt6uwve7naHpKaI.roa
File: 5tJwCaat-bsRZt6uwve7naHpKaI.roa (raw, json)
Hash identifier: hgXEkLzvMcoC+aT0c98gJQ3T5ABrIXb0WGIprlQV5NM=
Subject key identifier: E6:D2:70:09:A6:AD:F9:BB:11:66:DE:AE:C2:F7:BB:9D:A1:E9:29:A2
Certificate issuer: /CN=e74c290b5bccdb7de5383ee45ba615d2f306761f
Certificate serial: 01857246A55ACF528ECC42BAB14F7641619B
Authority key identifier: E7:4C:29:0B:5B:CC:DB:7D:E5:38:3E:E4:5B:A6:15:D2:F3:06:76:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50wpC1vM233lOD7kW6YV0vMGdh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/222376-5cf6-4978-a8a3-d741fb273116/1/5tJwCaat-bsRZt6uwve7naHpKaI.roa
Signing time: Mon 02 Jan 2023 11:38:30 +0000
ROA not before: Mon 02 Jan 2023 11:38:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398273
IP address blocks: 185.34.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:a5:5a:cf:52:8e:cc:42:ba:b1:4f:76:41:61:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e74c290b5bccdb7de5383ee45ba615d2f306761f
Validity
Not Before: Jan 2 11:38:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6d27009a6adf9bb1166deaec2f7bb9da1e929a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c0:5a:43:4c:17:64:c4:8c:08:2e:22:f8:3c:
a3:a7:bb:af:07:ca:73:b9:33:29:ab:9f:06:33:4a:
9a:82:30:24:e8:87:cc:cd:bd:17:2b:19:66:b8:24:
d0:3d:13:f7:1a:38:0c:d6:03:fa:6d:b7:2b:cc:24:
4b:66:45:5c:68:50:1f:07:8d:0d:d4:6e:ac:19:64:
fb:1c:17:e8:d9:e5:6f:23:33:67:ad:b4:fb:51:b6:
13:bc:9f:05:ee:be:0d:bd:f6:a5:ca:d3:22:69:4b:
4d:1a:57:37:f1:06:2e:8d:aa:79:41:d5:9d:62:dc:
1b:3b:d5:61:88:a3:c8:ea:21:6a:bc:2d:22:b4:52:
4c:24:87:a7:ae:63:d6:79:52:83:b0:6c:a4:d9:d1:
7a:a3:9c:3b:f2:86:ba:71:da:37:0b:09:f9:52:e9:
f1:a3:37:b8:7a:e2:73:c2:6e:b9:e7:a8:6a:a8:eb:
f6:fb:c3:f0:47:98:11:f0:f3:cf:e1:3e:f1:fd:29:
e2:b5:ce:a5:37:b1:bd:91:2a:44:ff:b6:ef:b6:ca:
ba:2a:80:a5:2e:68:5b:b6:9d:72:1c:2b:f9:a3:0b:
4c:f7:48:74:2d:fe:42:66:25:c3:c0:1b:5b:ed:33:
9b:6f:b3:72:22:41:5f:1c:66:2e:7d:14:99:a2:82:
6a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D2:70:09:A6:AD:F9:BB:11:66:DE:AE:C2:F7:BB:9D:A1:E9:29:A2
X509v3 Authority Key Identifier:
keyid:E7:4C:29:0B:5B:CC:DB:7D:E5:38:3E:E4:5B:A6:15:D2:F3:06:76:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50wpC1vM233lOD7kW6YV0vMGdh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/222376-5cf6-4978-a8a3-d741fb273116/1/5tJwCaat-bsRZt6uwve7naHpKaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/222376-5cf6-4978-a8a3-d741fb273116/1/50wpC1vM233lOD7kW6YV0vMGdh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.200.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:0a:02:c5:2a:eb:e4:f2:c8:92:81:59:24:fd:03:0e:68:fc:
b0:3d:7b:fc:03:eb:a0:2b:a6:99:63:d4:a8:3f:2a:99:1c:d8:
94:c6:c9:73:51:3d:f3:bb:7e:eb:1b:99:fa:d5:ba:07:67:f4:
1b:f2:bc:d4:0f:84:3a:d3:94:e1:e1:a8:c1:4a:63:5a:79:48:
d9:e9:b9:20:61:f7:8a:de:b8:e8:d9:f8:72:d3:ce:8b:f7:bd:
63:2a:bb:f6:fa:7e:47:5f:02:41:f4:68:9b:50:a9:57:30:db:
e5:11:b9:b2:2b:e6:7a:f1:76:31:11:bb:ae:09:27:89:7c:8c:
39:36:21:9b:c8:df:57:62:ec:85:fa:5c:29:b2:46:45:bd:03:
b0:7b:1a:e1:b9:0a:91:d5:69:11:e7:09:21:60:31:7c:b5:5a:
96:87:b9:60:0e:b1:c4:d4:59:6d:61:52:4f:00:25:70:4b:b7:
8a:a8:12:97:14:20:6c:d4:0b:2d:5d:fb:a8:c8:9c:25:c9:21:
c3:63:75:f2:1b:92:36:bb:13:f7:4f:a1:26:1e:29:62:0d:1b:
15:2d:c7:7c:c7:ed:0c:4e:7e:84:fc:44:f0:c9:9c:70:7c:a2:
56:2e:98:41:b1:47:bf:e6:df:16:a4:08:fe:e7:bc:4c:f1:8a:
fd:30:3c:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRqVaz1KOzEK6sU92QWGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NGMyOTBiNWJjY2RiN2RlNTM4M2VlNDViYTYxNWQyZjMw
Njc2MWYwHhcNMjMwMTAyMTEzODMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQyNzAwOWE2YWRmOWJiMTE2NmRlYWVjMmY3YmI5ZGExZTkyOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicBaQ0wXZMSMCC4i+Dyjp7uvB8pz
uTMpq58GM0qagjAk6IfMzb0XKxlmuCTQPRP3GjgM1gP6bbcrzCRLZkVcaFAfB40N
1G6sGWT7HBfo2eVvIzNnrbT7UbYTvJ8F7r4NvfalytMiaUtNGlc38QYujap5QdWd
YtwbO9VhiKPI6iFqvC0itFJMJIenrmPWeVKDsGyk2dF6o5w78oa6cdo3Cwn5Uunx
oze4euJzwm6556hqqOv2+8PwR5gR8PPP4T7x/Snitc6lN7G9kSpE/7bvtsq6KoCl
Lmhbtp1yHCv5owtM90h0Lf5CZiXDwBtb7TObb7NyIkFfHGYufRSZooJqIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObScAmmrfm7EWbersL3u52h6SmiMB8GA1UdIwQY
MBaAFOdMKQtbzNt95Tg+5FumFdLzBnYfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTB3cEMxdk0yMzNsT0Q3a1c2WVYwdk1HZGg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yMjIzNzYtNWNmNi00OTc4LWE4YTMt
ZDc0MWZiMjczMTE2LzEvNXRKd0NhYXQtYnNSWnQ2dXd2ZTduYUhwS2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yMjIzNzYtNWNmNi00OTc4LWE4YTMtZDc0MWZiMjczMTE2
LzEvNTB3cEMxdk0yMzNsT0Q3a1c2WVYwdk1HZGg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSLIMA0G
CSqGSIb3DQEBCwUAA4IBAQAdCgLFKuvk8siSgVkk/QMOaPywPXv8A+ugK6aZY9So
PyqZHNiUxslzUT3zu37rG5n61boHZ/Qb8rzUD4Q605Th4ajBSmNaeUjZ6bkgYfeK
3rjo2fhy086L971jKrv2+n5HXwJB9GibUKlXMNvlEbmyK+Z68XYxEbuuCSeJfIw5
NiGbyN9XYuyF+lwpskZFvQOwexrhuQqR1WkR5wkhYDF8tVqWh7lgDrHE1FltYVJP
ACVwS7eKqBKXFCBs1AstXfuoyJwlySHDY3XyG5I2uxP3T6EmHiliDRsVLcd8x+0M
Tn6E/ETwyZxwfKJWLphBsUe/5t8WpAj+57xM8Yr9MDyp
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:52 2025 by rpki-client