Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/RpyoiUPc71SDJtFWLx4otoPVnss.roa
File: RpyoiUPc71SDJtFWLx4otoPVnss.roa (raw, json)
Hash identifier: iGniP1Np7brE5VPcrTls6vEwNBYTOA5fnkrlQQiJGXI=
Subject key identifier: 46:9C:A8:89:43:DC:EF:54:83:26:D1:56:2F:1E:28:B6:83:D5:9E:CB
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 01856F798F7B13FBDE51DC63CD25BDB07E2A
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/RpyoiUPc71SDJtFWLx4otoPVnss.roa
Signing time: Sun 01 Jan 2023 22:35:15 +0000
ROA not before: Sun 01 Jan 2023 22:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 65724
IP address blocks: 160.218.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:8f:7b:13:fb:de:51:dc:63:cd:25:bd:b0:7e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Jan 1 22:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=469ca88943dcef548326d1562f1e28b683d59ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:33:4e:ee:c3:6b:f3:a4:f1:ad:b6:cf:f0:4d:
d6:d7:8a:a5:fc:fb:93:eb:64:14:49:17:ba:6c:1d:
db:59:62:c8:a5:3f:77:80:f6:ad:01:fd:c1:a1:e2:
11:1f:ca:97:be:8b:91:da:63:79:7d:1b:59:71:d8:
96:56:02:e6:3a:c3:4a:ea:5d:7e:9f:41:1e:10:6a:
7a:4d:36:e6:28:a2:03:b1:f5:ef:81:2b:ef:a2:71:
fe:87:5a:f4:b7:ef:0d:a8:a5:5f:b7:0a:8d:c8:41:
2a:e2:f1:ec:e0:07:9e:24:c7:19:c2:1d:f4:71:d5:
e9:ff:77:d7:f5:f3:65:6c:11:cd:8c:51:27:7a:7f:
21:3b:32:02:68:6c:33:90:08:91:87:ba:27:a4:2d:
cf:8b:a8:15:5f:d4:7b:7e:cc:09:e0:73:53:56:9c:
ac:d4:97:34:b5:32:cc:d7:b4:44:80:99:a0:cf:31:
b9:85:97:2e:39:bf:50:3b:9e:65:6d:06:70:6a:66:
f0:5e:45:85:ef:9d:60:2f:52:57:35:82:27:ac:9d:
81:7c:44:2d:e2:5d:f3:a6:78:63:74:7b:3d:f3:2a:
10:00:00:1a:6c:cc:ff:b6:ef:9c:c0:88:0b:46:a0:
b2:a7:06:0e:ba:6d:e1:27:0d:e6:7e:6c:5f:bd:42:
6c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:9C:A8:89:43:DC:EF:54:83:26:D1:56:2F:1E:28:B6:83:D5:9E:CB
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/RpyoiUPc71SDJtFWLx4otoPVnss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.218.244.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:46:e6:47:83:b4:a2:56:4b:d5:30:18:d4:c5:f8:7e:fe:f6:
34:72:6a:ef:32:9f:bb:7d:f5:eb:c2:68:7c:05:ca:82:8d:00:
9c:24:80:b4:34:f7:f7:3a:77:28:ed:b2:ee:43:6c:87:db:e5:
70:cf:76:c1:6c:95:89:80:02:7f:8c:a0:43:ca:8d:3b:4b:7b:
b5:a0:3a:14:d8:e2:76:47:48:52:4b:ec:b7:9b:45:0e:1c:14:
fb:18:4c:13:40:c7:1f:1d:36:37:e0:40:e2:48:8c:75:5e:51:
98:04:c7:05:43:30:98:99:e4:36:ef:0d:8f:74:bf:32:24:04:
2b:e0:a2:86:a1:b4:6f:eb:84:24:df:91:90:c1:cc:11:cc:d9:
d6:09:90:af:f1:84:99:d0:d6:c5:06:a0:20:f9:ae:56:5a:4b:
db:42:a3:43:a5:58:8b:2c:51:3d:99:8d:dc:07:b2:b6:25:cf:
87:3c:83:60:2f:c4:2e:cc:0f:c8:4c:6b:62:12:67:36:21:69:
27:0d:dd:5a:20:5e:a7:44:94:df:e4:65:27:9a:33:e6:a4:90:
c9:2e:b6:52:de:7f:8d:72:79:fe:2d:5a:27:45:de:17:4e:a5:
26:62:14:4e:d9:cd:0f:4b:82:f9:3c:8e:4d:d8:71:1c:dd:f0:
51:24:c2:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveY97E/veUdxjzSW9sH4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjMwMTAxMjIzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjljYTg4OTQzZGNlZjU0ODMyNmQxNTYyZjFlMjhiNjgzZDU5ZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDNO7sNr86TxrbbP8E3W14ql/PuT
62QUSRe6bB3bWWLIpT93gPatAf3BoeIRH8qXvouR2mN5fRtZcdiWVgLmOsNK6l1+
n0EeEGp6TTbmKKIDsfXvgSvvonH+h1r0t+8NqKVftwqNyEEq4vHs4AeeJMcZwh30
cdXp/3fX9fNlbBHNjFEnen8hOzICaGwzkAiRh7onpC3Pi6gVX9R7fswJ4HNTVpys
1Jc0tTLM17REgJmgzzG5hZcuOb9QO55lbQZwambwXkWF751gL1JXNYInrJ2BfEQt
4l3zpnhjdHs98yoQAAAabMz/tu+cwIgLRqCypwYOum3hJw3mfmxfvUJskwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEacqIlD3O9UgybRVi8eKLaD1Z7LMB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvUnB5b2lVUGM3MVNESnRGV0x4NG90b1BWbnNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoNr0MA0G
CSqGSIb3DQEBCwUAA4IBAQCwRuZHg7SiVkvVMBjUxfh+/vY0cmrvMp+7ffXrwmh8
BcqCjQCcJIC0NPf3Onco7bLuQ2yH2+Vwz3bBbJWJgAJ/jKBDyo07S3u1oDoU2OJ2
R0hSS+y3m0UOHBT7GEwTQMcfHTY34EDiSIx1XlGYBMcFQzCYmeQ27w2PdL8yJAQr
4KKGobRv64Qk35GQwcwRzNnWCZCv8YSZ0NbFBqAg+a5WWkvbQqNDpViLLFE9mY3c
B7K2Jc+HPINgL8QuzA/ITGtiEmc2IWknDd1aIF6nRJTf5GUnmjPmpJDJLrZS3n+N
cnn+LVonRd4XTqUmYhRO2c0PS4L5PI5N2HEc3fBRJMKK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:19 2025 by rpki-client