Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/Nipi0hWCu7Q4zNVbL160DsMQrRE.roa
File: Nipi0hWCu7Q4zNVbL160DsMQrRE.roa (raw, json)
Hash identifier: FKSxVb4XIs80voX+pN2PzUo2VTv84cn/fgQ12BOVUEw=
Subject key identifier: 36:2A:62:D2:15:82:BB:B4:38:CC:D5:5B:2F:5E:B4:0E:C3:10:AD:11
Certificate issuer: /CN=056006f2a1840900c753628121b3fb7ec5bd89e9
Certificate serial: 01889118F608FBC8396B6F01DA17E45A6BA6
Authority key identifier: 05:60:06:F2:A1:84:09:00:C7:53:62:81:21:B3:FB:7E:C5:BD:89:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWAG8qGECQDHU2KBIbP7fsW9iek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/Nipi0hWCu7Q4zNVbL160DsMQrRE.roa
Signing time: Tue 06 Jun 2023 14:25:12 +0000
ROA not before: Tue 06 Jun 2023 14:25:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62005
IP address blocks: 5.42.221.0/24 maxlen: 24
2a12:c740::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:91:18:f6:08:fb:c8:39:6b:6f:01:da:17:e4:5a:6b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=056006f2a1840900c753628121b3fb7ec5bd89e9
Validity
Not Before: Jun 6 14:25:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=362a62d21582bbb438ccd55b2f5eb40ec310ad11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:9c:f5:82:65:96:28:d6:c3:c4:6b:91:99:6b:
fa:4c:74:9e:45:ec:8f:db:47:47:78:a8:9d:5d:68:
ce:99:11:fb:5e:f1:c7:f3:1b:d0:cc:b4:2f:5e:2f:
87:9a:a0:fb:74:8d:27:4b:63:d0:e2:9b:1b:2e:2c:
7b:24:f3:b2:24:df:4c:e7:be:f7:39:cd:46:29:97:
b5:83:2e:92:13:c4:ee:dc:e9:1a:f8:37:3b:f6:86:
ee:91:8d:ba:18:47:47:76:6a:2e:1c:8d:c2:84:e9:
65:7e:de:5e:0f:14:2c:5d:2c:e5:22:c3:ee:7b:ed:
51:82:b2:7b:de:0f:e6:c3:4e:03:2f:fc:89:f9:08:
71:c2:ca:d3:bf:70:de:8e:73:5b:78:59:80:95:13:
35:81:2f:2f:a3:d9:0a:f1:90:48:72:94:b9:d6:fe:
63:ac:54:59:af:e7:eb:27:9f:f5:ef:a2:40:47:62:
57:b8:2f:40:99:a6:27:fa:62:2d:34:c0:89:95:e0:
55:e0:85:7b:17:79:f2:29:e4:ef:be:40:11:2b:e5:
3b:71:31:89:71:4a:b7:6c:f9:66:30:2f:a8:51:b2:
61:0d:a5:99:76:a8:2d:3c:f6:d0:a5:f0:c8:cc:1c:
69:e9:18:6b:16:56:d9:f8:db:53:40:6a:b6:a6:c2:
89:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:2A:62:D2:15:82:BB:B4:38:CC:D5:5B:2F:5E:B4:0E:C3:10:AD:11
X509v3 Authority Key Identifier:
keyid:05:60:06:F2:A1:84:09:00:C7:53:62:81:21:B3:FB:7E:C5:BD:89:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWAG8qGECQDHU2KBIbP7fsW9iek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/Nipi0hWCu7Q4zNVbL160DsMQrRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/BWAG8qGECQDHU2KBIbP7fsW9iek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.221.0/24
IPv6:
2a12:c740::/48
Signature Algorithm: sha256WithRSAEncryption
16:88:ff:f1:7e:b7:42:1e:9f:ea:e0:28:67:b6:e2:fe:2b:69:
38:62:49:f5:0c:c1:b8:b9:f9:82:93:3b:86:fc:71:db:da:2c:
e1:89:05:b9:67:45:a5:ca:83:77:37:23:f1:71:a9:16:11:12:
be:19:c1:81:ba:de:c6:79:b2:cf:c1:d3:08:0e:86:77:89:a7:
76:9a:45:17:76:34:59:ac:58:0f:9c:24:1f:f5:42:64:82:96:
24:41:be:93:83:01:80:6a:c2:a8:13:23:ed:f8:dd:de:e9:d1:
16:bd:9d:54:d2:f5:1d:8a:5b:e8:4f:c7:9b:d2:37:2c:ef:99:
b5:e2:d4:bb:f6:7f:2f:98:2f:a0:f8:4d:10:9f:e8:35:ee:53:
bc:e9:84:1d:7d:3d:50:b4:65:2b:20:8e:c9:07:c2:cf:22:61:
19:bb:31:78:c2:88:c6:ea:e4:ac:5f:b0:1c:cd:bc:91:d3:11:
ad:bd:80:9c:30:08:05:4f:81:71:39:0d:e9:5e:44:a9:4b:b4:
80:26:e3:a4:72:c6:89:fe:82:12:a1:ce:66:7d:56:67:47:6d:
19:a8:a7:17:98:67:49:d8:c4:c3:f4:57:b9:41:62:02:4a:6a:
3f:77:80:de:f1:74:f9:bc:03:56:5e:7f:b2:35:8d:61:f4:00:
9b:09:d3:5f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiRGPYI+8g5a28B2hfkWmumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjAwNmYyYTE4NDA5MDBjNzUzNjI4MTIxYjNmYjdlYzVi
ZDg5ZTkwHhcNMjMwNjA2MTQyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjJhNjJkMjE1ODJiYmI0MzhjY2Q1NWIyZjVlYjQwZWMzMTBhZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pz1gmWWKNbDxGuRmWv6THSeReyP
20dHeKidXWjOmRH7XvHH8xvQzLQvXi+HmqD7dI0nS2PQ4psbLix7JPOyJN9M5773
Oc1GKZe1gy6SE8Tu3Oka+Dc79obukY26GEdHdmouHI3ChOllft5eDxQsXSzlIsPu
e+1RgrJ73g/mw04DL/yJ+QhxwsrTv3DejnNbeFmAlRM1gS8vo9kK8ZBIcpS51v5j
rFRZr+frJ5/176JAR2JXuC9AmaYn+mItNMCJleBV4IV7F3nyKeTvvkARK+U7cTGJ
cUq3bPlmMC+oUbJhDaWZdqgtPPbQpfDIzBxp6RhrFlbZ+NtTQGq2psKJUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDYqYtIVgru0OMzVWy9etA7DEK0RMB8GA1UdIwQY
MBaAFAVgBvKhhAkAx1NigSGz+37FvYnpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldBRzhxR0VDUURIVTJLQkliUDdmc1c5aWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81NzMyZDMtYTUzYy00MWY3LWE2MjMt
NTViM2U2NDc2YTdiLzEvTmlwaTBoV0N1N1E0ek5WYkwxNjBEc01RclJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81NzMyZDMtYTUzYy00MWY3LWE2MjMtNTViM2U2NDc2YTdi
LzEvQldBRzhxR0VDUURIVTJLQkliUDdmc1c5aWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABSrdMA8E
AgACMAkDBwAqEsdAAAAwDQYJKoZIhvcNAQELBQADggEBABaI//F+t0Ien+rgKGe2
4v4raThiSfUMwbi5+YKTO4b8cdvaLOGJBblnRaXKg3c3I/FxqRYREr4ZwYG63sZ5
ss/B0wgOhneJp3aaRRd2NFmsWA+cJB/1QmSCliRBvpODAYBqwqgTI+343d7p0Ra9
nVTS9R2KW+hPx5vSNyzvmbXi1Lv2fy+YL6D4TRCf6DXuU7zphB19PVC0ZSsgjskH
ws8iYRm7MXjCiMbq5KxfsBzNvJHTEa29gJwwCAVPgXE5DeleRKlLtIAm46Ryxon+
ghKhzmZ9VmdHbRmopxeYZ0nYxMP0V7lBYgJKaj93gN7xdPm8A1Zef7I1jWH0AJsJ
018=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:31 2025 by rpki-client