Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/5Aimb2A3-JXK5cCX6nsA8m-X7_g.roa
File: 5Aimb2A3-JXK5cCX6nsA8m-X7_g.roa (raw, json)
Hash identifier: hF4wzRlHAamG0XleIGVMSItFktF1api2C8YzQBeSR78=
Subject key identifier: E4:08:A6:6F:60:37:F8:95:CA:E5:C0:97:EA:7B:00:F2:6F:97:EF:F8
Certificate issuer: /CN=a7112b35c77a4b16fbeb56121c974d59d566784b
Certificate serial: 01857102E49B7848E76A5DDBA46B6F7B162E
Authority key identifier: A7:11:2B:35:C7:7A:4B:16:FB:EB:56:12:1C:97:4D:59:D5:66:78:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/5Aimb2A3-JXK5cCX6nsA8m-X7_g.roa
Signing time: Mon 02 Jan 2023 05:44:53 +0000
ROA not before: Mon 02 Jan 2023 05:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31086
IP address blocks: 193.17.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:e4:9b:78:48:e7:6a:5d:db:a4:6b:6f:7b:16:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7112b35c77a4b16fbeb56121c974d59d566784b
Validity
Not Before: Jan 2 05:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e408a66f6037f895cae5c097ea7b00f26f97eff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:15:18:05:a3:d6:7d:13:80:a6:06:38:04:ea:
c6:bf:29:87:66:7c:d6:f7:40:4f:59:b2:c4:1d:a8:
19:e5:1a:41:e5:a4:1b:c5:35:32:1a:8f:d0:5f:f8:
a5:fe:4c:72:9a:c1:95:ef:ad:e1:84:2a:c3:cb:a6:
10:df:9a:7a:7f:c2:84:fc:d9:aa:12:52:d8:39:e9:
7f:de:b0:a4:07:6d:19:8e:6f:64:8e:91:c5:a9:84:
b7:67:9c:9c:b8:fa:cd:2b:82:63:6e:aa:76:4f:ce:
36:c3:2d:3b:fd:04:ab:54:fd:f7:1c:bf:4b:65:84:
80:88:5f:ae:fe:f0:e8:09:17:6a:78:1d:9d:99:4c:
f5:55:be:d6:cf:a5:91:ec:48:dd:1b:c7:8e:c7:c9:
b7:e3:ee:b1:b7:ec:3c:35:57:72:c0:55:c0:4b:2f:
c0:7d:f6:5f:7d:98:80:7e:db:12:cf:b2:67:b9:f5:
60:1a:dd:3f:60:83:e6:b9:52:6c:d9:62:dd:25:31:
a6:63:f5:e6:97:73:b1:e4:c7:53:bd:37:ad:a2:e4:
ab:15:49:89:ea:f2:27:c8:e3:17:d6:70:97:90:5a:
bd:3b:70:65:b4:9a:87:e5:fb:d0:f8:fc:2c:84:4e:
3c:6b:8c:e4:48:21:b0:e9:2b:49:6b:ad:69:58:7e:
fa:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:08:A6:6F:60:37:F8:95:CA:E5:C0:97:EA:7B:00:F2:6F:97:EF:F8
X509v3 Authority Key Identifier:
keyid:A7:11:2B:35:C7:7A:4B:16:FB:EB:56:12:1C:97:4D:59:D5:66:78:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/5Aimb2A3-JXK5cCX6nsA8m-X7_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.45.0/24
Signature Algorithm: sha256WithRSAEncryption
43:9a:20:9b:e8:73:b8:c4:e6:c4:42:e7:3c:4f:34:e0:ad:82:
51:a8:b4:f4:8d:b6:3e:10:81:bd:43:5b:64:6b:87:17:3e:34:
0b:ad:f0:96:2d:d2:01:f8:41:9d:44:12:14:4b:dd:da:ce:38:
e0:65:ad:d7:f4:79:3a:e5:76:f1:81:08:e5:f8:d4:e7:d7:4d:
85:9f:37:ef:a9:05:40:36:a1:dd:ce:14:d9:0d:6e:b8:5b:18:
6f:44:39:ce:ce:16:32:3f:47:3b:e4:d0:a8:5f:f7:ab:8e:0b:
0e:0f:1f:23:29:ac:52:85:f2:1b:28:db:1a:34:8c:09:07:f6:
3d:bb:28:a6:25:eb:f6:fd:f3:99:09:96:2c:0c:4f:f8:dd:69:
f4:9f:a7:1e:2c:80:c1:d4:c3:5a:19:b0:94:fb:b6:87:38:7f:
ca:5a:0a:3c:f1:70:c8:56:94:7c:88:11:e6:03:2c:59:dc:5c:
82:76:12:d0:c8:d9:4a:b8:7b:6c:86:ea:d7:24:d6:40:55:b4:
0a:21:40:16:23:7c:69:0d:bc:2a:2a:9a:62:8b:7e:6b:ed:c8:
d0:60:d7:28:08:ca:96:5a:16:dd:38:67:73:3a:df:a7:9b:3e:
47:f9:ab:6c:e7:63:d0:29:d6:29:b7:5e:60:88:2b:cd:e4:73:
5e:99:c9:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAuSbeEjnal3bpGtvexYuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTEyYjM1Yzc3YTRiMTZmYmViNTYxMjFjOTc0ZDU5ZDU2
Njc4NGIwHhcNMjMwMTAyMDU0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDA4YTY2ZjYwMzdmODk1Y2FlNWMwOTdlYTdiMDBmMjZmOTdlZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBUYBaPWfROApgY4BOrGvymHZnzW
90BPWbLEHagZ5RpB5aQbxTUyGo/QX/il/kxymsGV763hhCrDy6YQ35p6f8KE/Nmq
ElLYOel/3rCkB20Zjm9kjpHFqYS3Z5ycuPrNK4Jjbqp2T842wy07/QSrVP33HL9L
ZYSAiF+u/vDoCRdqeB2dmUz1Vb7Wz6WR7EjdG8eOx8m34+6xt+w8NVdywFXASy/A
ffZffZiAftsSz7JnufVgGt0/YIPmuVJs2WLdJTGmY/Xml3Ox5MdTvTetouSrFUmJ
6vInyOMX1nCXkFq9O3BltJqH5fvQ+PwshE48a4zkSCGw6StJa61pWH768wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQIpm9gN/iVyuXAl+p7APJvl+/4MB8GA1UdIwQY
MBaAFKcRKzXHeksW++tWEhyXTVnVZnhLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83MWNiZTUtNGEyOS00NTY3LWExZmEt
Nzg4ODQyODIyNWI0LzEvNUFpbWIyQTMtSlhLNWNDWDZuc0E4bS1YN19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83MWNiZTUtNGEyOS00NTY3LWExZmEtNzg4ODQyODIyNWI0
LzEvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwREtMA0G
CSqGSIb3DQEBCwUAA4IBAQBDmiCb6HO4xObEQuc8TzTgrYJRqLT0jbY+EIG9Q1tk
a4cXPjQLrfCWLdIB+EGdRBIUS93azjjgZa3X9Hk65XbxgQjl+NTn102FnzfvqQVA
NqHdzhTZDW64WxhvRDnOzhYyP0c75NCoX/erjgsODx8jKaxShfIbKNsaNIwJB/Y9
uyimJev2/fOZCZYsDE/43Wn0n6ceLIDB1MNaGbCU+7aHOH/KWgo88XDIVpR8iBHm
AyxZ3FyCdhLQyNlKuHtshurXJNZAVbQKIUAWI3xpDbwqKppii35r7cjQYNcoCMqW
WhbdOGdzOt+nmz5H+ats52PQKdYpt15giCvN5HNemcke
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:11 2025 by rpki-client