Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/5wUl41ISwzMSgRA28rnPTEWqv9k.roa
File: 5wUl41ISwzMSgRA28rnPTEWqv9k.roa (raw, json)
Hash identifier: 1pWY7f629jGEIS9VYx/qrKOkyNM/5RhNsEYSZX0iudk=
Subject key identifier: E7:05:25:E3:52:12:C3:33:12:81:10:36:F2:B9:CF:4C:45:AA:BF:D9
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 01861D9E27D6E30EE4CF62B93428D6229C2A
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/5wUl41ISwzMSgRA28rnPTEWqv9k.roa
Signing time: Sat 04 Feb 2023 18:09:09 +0000
ROA not before: Sat 04 Feb 2023 18:09:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62027
IP address blocks: 185.97.134.0/24 maxlen: 24
185.97.135.0/24 maxlen: 24
2a00:cee5::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:1d:9e:27:d6:e3:0e:e4:cf:62:b9:34:28:d6:22:9c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Feb 4 18:09:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e70525e35212c33312811036f2b9cf4c45aabfd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5f:3a:98:68:10:a1:be:d4:db:d4:81:1e:32:
22:13:a3:f0:18:01:19:23:ac:fe:14:f1:e4:75:76:
9a:b0:9e:c2:0d:69:c6:3d:1b:98:c3:7b:eb:27:52:
9f:50:2b:3f:25:d7:35:91:e2:4e:f6:06:8f:ad:b0:
3c:3d:f3:ce:52:b7:29:82:19:71:07:52:8b:ca:71:
7a:b7:f1:32:41:1a:c7:bf:b9:4f:ec:ab:b9:be:e1:
2b:29:cb:23:25:21:95:c7:67:c1:47:74:c4:88:53:
2c:cd:45:d9:39:19:2e:cf:26:60:33:16:71:a8:e7:
0f:1f:dd:3c:b3:53:d4:04:a7:df:bb:ee:24:99:bf:
b4:e1:f9:90:29:e6:7c:2b:b6:e4:b2:4c:a4:75:fe:
69:66:43:e0:a3:ef:c7:89:52:16:d2:63:da:e7:b3:
2e:d5:14:f0:7f:b5:1b:c7:bf:40:b6:bc:cd:d0:4f:
79:8f:de:11:6b:6d:ca:91:64:b2:a4:09:74:29:23:
99:b0:62:1a:f1:34:3c:44:37:bb:95:cc:b7:9d:2d:
23:f2:7e:0c:03:c3:b7:e5:15:14:39:3c:fb:fa:a4:
f0:6f:7c:f7:55:59:78:9e:41:2f:8b:fd:8d:cf:ae:
d6:a1:b8:eb:7e:6e:af:a2:c9:35:c9:2a:1e:e5:70:
d9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:05:25:E3:52:12:C3:33:12:81:10:36:F2:B9:CF:4C:45:AA:BF:D9
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/5wUl41ISwzMSgRA28rnPTEWqv9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.134.0/23
IPv6:
2a00:cee5::/32
Signature Algorithm: sha256WithRSAEncryption
4f:bd:8a:f7:eb:56:82:b6:5b:c6:1d:8a:9a:35:a3:e2:dd:d9:
4e:20:a6:5c:ac:04:95:0b:b4:b8:9e:60:0d:04:8b:fc:9e:4c:
12:54:19:e3:a0:cd:b7:ab:f6:e8:be:69:25:40:02:4c:fa:10:
e1:06:61:96:1c:70:f6:87:cb:2a:11:72:29:54:e8:4a:1c:ee:
39:d7:ff:a2:f6:d7:0c:5f:1c:7e:a4:f2:ce:eb:e6:15:1e:6b:
d7:1e:f9:27:8e:f5:d5:65:91:90:57:1b:6a:db:1b:2b:44:fe:
62:ff:02:7c:da:d5:98:7b:67:91:35:e7:93:cf:49:b5:5c:81:
4b:c4:88:2b:14:bc:42:34:b4:ae:23:36:ae:14:a9:16:ca:cb:
ed:80:a3:fe:b1:03:3f:d2:d8:32:0c:31:c6:9a:67:fd:32:98:
0e:e4:71:5c:e0:68:df:a4:67:c0:06:09:40:ca:0d:ab:69:74:
91:3d:73:43:61:e9:81:89:a2:bd:23:80:f7:fa:21:f8:2a:e7:
55:b6:da:2c:57:bf:af:0f:52:a8:4a:28:f9:8b:3c:55:a4:c4:
b9:65:fe:9c:ab:08:f9:6b:ba:15:e6:07:0d:0f:74:1b:b4:09:
6a:17:e9:9e:bf:c0:5b:ff:25:49:0f:50:61:44:b8:12:6b:bf:
61:10:3b:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYYdnifW4w7kz2K5NCjWIpwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjMwMjA0MTgwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzA1MjVlMzUyMTJjMzMzMTI4MTEwMzZmMmI5Y2Y0YzQ1YWFiZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjl86mGgQob7U29SBHjIiE6PwGAEZ
I6z+FPHkdXaasJ7CDWnGPRuYw3vrJ1KfUCs/Jdc1keJO9gaPrbA8PfPOUrcpghlx
B1KLynF6t/EyQRrHv7lP7Ku5vuErKcsjJSGVx2fBR3TEiFMszUXZORkuzyZgMxZx
qOcPH908s1PUBKffu+4kmb+04fmQKeZ8K7bkskykdf5pZkPgo+/HiVIW0mPa57Mu
1RTwf7Ubx79AtrzN0E95j94Ra23KkWSypAl0KSOZsGIa8TQ8RDe7lcy3nS0j8n4M
A8O35RUUOTz7+qTwb3z3VVl4nkEvi/2Nz67Wobjrfm6vosk1ySoe5XDZFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOcFJeNSEsMzEoEQNvK5z0xFqr/ZMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvNXdVbDQxSVN3ek1TZ1JBMjhyblBURVdxdjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuWGGMA0E
AgACMAcDBQAqAM7lMA0GCSqGSIb3DQEBCwUAA4IBAQBPvYr361aCtlvGHYqaNaPi
3dlOIKZcrASVC7S4nmANBIv8nkwSVBnjoM23q/bovmklQAJM+hDhBmGWHHD2h8sq
EXIpVOhKHO451/+i9tcMXxx+pPLO6+YVHmvXHvknjvXVZZGQVxtq2xsrRP5i/wJ8
2tWYe2eRNeeTz0m1XIFLxIgrFLxCNLSuIzauFKkWysvtgKP+sQM/0tgyDDHGmmf9
MpgO5HFc4GjfpGfABglAyg2raXSRPXNDYemBiaK9I4D3+iH4KudVttosV7+vD1Ko
Sij5izxVpMS5Zf6cqwj5a7oV5gcND3QbtAlqF+mev8Bb/yVJD1BhRLgSa79hEDun
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:13 2025 by rpki-client