Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/Rsox1aLktJ37NsY2zhxBAMPh-fQ.roa
File: Rsox1aLktJ37NsY2zhxBAMPh-fQ.roa (raw, json)
Hash identifier: MIzU2DFCTGcgv7BxVB2vGfAwZtabhSl7tFeLekyIwP8=
Subject key identifier: 46:CA:31:D5:A2:E4:B4:9D:FB:36:C6:36:CE:1C:41:00:C3:E1:F9:F4
Certificate issuer: /CN=c42978d532698fb20840f942b0247c01c8f578b2
Certificate serial: 01856FD5059D5FC75D5BFA737844284E7EAC
Authority key identifier: C4:29:78:D5:32:69:8F:B2:08:40:F9:42:B0:24:7C:01:C8:F5:78:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCl41TJpj7IIQPlCsCR8Acj1eLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/Rsox1aLktJ37NsY2zhxBAMPh-fQ.roa
Signing time: Mon 02 Jan 2023 00:15:09 +0000
ROA not before: Mon 02 Jan 2023 00:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209549
IP address blocks: 5.180.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:05:9d:5f:c7:5d:5b:fa:73:78:44:28:4e:7e:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42978d532698fb20840f942b0247c01c8f578b2
Validity
Not Before: Jan 2 00:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46ca31d5a2e4b49dfb36c636ce1c4100c3e1f9f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9b:bd:67:b7:45:61:82:3b:a2:11:be:39:00:
b5:42:48:aa:cb:50:73:d5:25:32:49:68:20:84:67:
b0:df:83:20:e3:6f:7e:48:48:ea:a5:f9:92:53:4e:
54:5a:6b:13:bf:19:ea:49:30:1d:cc:34:d2:6c:41:
32:43:54:98:7f:e4:79:5a:b0:a3:d3:d1:64:45:7e:
24:62:62:b5:fd:1d:a7:13:3f:de:5f:5d:a6:17:75:
0d:57:8e:61:de:44:50:53:a0:9b:64:44:ef:bd:2e:
07:34:0f:f8:2a:60:df:9d:cf:8e:77:3a:22:58:26:
c2:26:8b:7a:44:f2:74:d2:c8:db:b5:99:3a:ff:fd:
8f:ad:a0:d3:ab:31:86:f6:9f:86:3a:b7:e8:e3:c1:
68:1a:78:70:8b:cc:e0:91:47:61:0a:20:b6:2e:93:
b7:9b:2e:77:19:ef:47:07:b6:8b:cc:d3:5e:7f:cd:
ba:5f:86:07:ea:55:f0:e7:c0:97:69:ff:af:7d:cb:
64:27:92:3f:f5:67:9c:c2:74:7b:7e:e3:20:03:bf:
18:82:9a:98:e9:49:f0:62:8a:79:64:3d:f0:a9:c6:
eb:59:67:3e:78:b8:29:0a:65:5d:ae:c0:b2:e7:e6:
f9:5a:33:71:11:23:61:ef:57:32:32:1a:2a:e3:a7:
51:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:CA:31:D5:A2:E4:B4:9D:FB:36:C6:36:CE:1C:41:00:C3:E1:F9:F4
X509v3 Authority Key Identifier:
keyid:C4:29:78:D5:32:69:8F:B2:08:40:F9:42:B0:24:7C:01:C8:F5:78:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCl41TJpj7IIQPlCsCR8Acj1eLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/Rsox1aLktJ37NsY2zhxBAMPh-fQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/xCl41TJpj7IIQPlCsCR8Acj1eLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.124.0/24
Signature Algorithm: sha256WithRSAEncryption
80:f3:bb:70:c5:5d:95:c0:9b:d5:88:ac:01:5b:e5:2b:21:ec:
2e:ef:d4:b3:0b:e5:b6:81:73:44:98:24:4f:0e:69:9f:f3:40:
2d:c4:e4:5e:ca:5f:2d:b6:6e:81:e5:54:f3:84:0b:37:d9:91:
1e:c9:4f:dd:a2:94:64:91:cd:2e:26:32:4b:62:db:2e:47:90:
e7:40:87:00:6c:08:bb:45:87:12:79:a6:6f:0e:76:a7:ca:7c:
29:9c:5c:64:be:6f:be:31:ec:23:ba:5a:ce:0b:5b:26:0b:1b:
55:58:7e:f1:e7:b1:0f:fe:1c:a6:5f:a6:93:f4:82:4b:e1:bf:
15:27:16:61:05:54:64:a6:a7:4e:dc:98:64:30:6b:a2:64:81:
8e:63:af:6f:e3:e1:92:7b:d0:c4:c1:c7:8d:b0:c3:2a:e0:b4:
f6:c7:80:57:b2:13:40:a8:17:b1:1f:76:dd:fe:e6:39:44:11:
fb:b9:0a:d2:35:45:a0:d2:4d:fd:fb:e0:84:27:3c:85:b6:c5:
0e:75:b4:49:63:94:c9:d9:6a:0e:3b:23:d7:50:b1:84:80:69:
2e:ef:67:73:0a:92:4a:b2:82:d6:95:79:f9:bd:fa:58:89:5d:
dc:69:5a:a3:93:1b:f8:d6:bf:3f:90:e5:6e:22:df:42:81:02:
b5:f5:80:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1QWdX8ddW/pzeEQoTn6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Mjk3OGQ1MzI2OThmYjIwODQwZjk0MmIwMjQ3YzAxYzhm
NTc4YjIwHhcNMjMwMTAyMDAxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmNhMzFkNWEyZTRiNDlkZmIzNmM2MzZjZTFjNDEwMGMzZTFmOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZu9Z7dFYYI7ohG+OQC1Qkiqy1Bz
1SUySWgghGew34Mg429+SEjqpfmSU05UWmsTvxnqSTAdzDTSbEEyQ1SYf+R5WrCj
09FkRX4kYmK1/R2nEz/eX12mF3UNV45h3kRQU6CbZETvvS4HNA/4KmDfnc+Odzoi
WCbCJot6RPJ00sjbtZk6//2PraDTqzGG9p+GOrfo48FoGnhwi8zgkUdhCiC2LpO3
my53Ge9HB7aLzNNef826X4YH6lXw58CXaf+vfctkJ5I/9WecwnR7fuMgA78YgpqY
6UnwYop5ZD3wqcbrWWc+eLgpCmVdrsCy5+b5WjNxESNh71cyMhoq46dRZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEbKMdWi5LSd+zbGNs4cQQDD4fn0MB8GA1UdIwQY
MBaAFMQpeNUyaY+yCED5QrAkfAHI9XiyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENsNDFUSnBqN0lJUVBsQ3NDUjhBY2oxZUxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lZGQ3YWYtMmZmMC00NWRjLWIxNGIt
NzdkNTE2YmU3YTg3LzEvUnNveDFhTGt0SjM3TnNZMnpoeEJBTVBoLWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lZGQ3YWYtMmZmMC00NWRjLWIxNGItNzdkNTE2YmU3YTg3
LzEveENsNDFUSnBqN0lJUVBsQ3NDUjhBY2oxZUxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbR8MA0G
CSqGSIb3DQEBCwUAA4IBAQCA87twxV2VwJvViKwBW+UrIewu79SzC+W2gXNEmCRP
Dmmf80AtxOReyl8ttm6B5VTzhAs32ZEeyU/dopRkkc0uJjJLYtsuR5DnQIcAbAi7
RYcSeaZvDnanynwpnFxkvm++MewjulrOC1smCxtVWH7x57EP/hymX6aT9IJL4b8V
JxZhBVRkpqdO3JhkMGuiZIGOY69v4+GSe9DEwceNsMMq4LT2x4BXshNAqBexH3bd
/uY5RBH7uQrSNUWg0k39++CEJzyFtsUOdbRJY5TJ2WoOOyPXULGEgGku72dzCpJK
soLWlXn5vfpYiV3caVqjkxv41r8/kOVuIt9CgQK19YAo
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:35:46 2025 by rpki-client