Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/HFfX9o4I4CbCJfOCZzLuW2WzjLc.roa
File: HFfX9o4I4CbCJfOCZzLuW2WzjLc.roa (raw, json)
Hash identifier: R9tK24QoYyCv0BK4fUe0Lufg7NJVOM2QWG6vJLR3t9c=
Subject key identifier: 1C:57:D7:F6:8E:08:E0:26:C2:25:F3:82:67:32:EE:5B:65:B3:8C:B7
Certificate issuer: /CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Certificate serial: 0188D44B973055AE8A3F1568341AFDCDE3D7
Authority key identifier: 96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/HFfX9o4I4CbCJfOCZzLuW2WzjLc.roa
Signing time: Mon 19 Jun 2023 15:35:03 +0000
ROA not before: Mon 19 Jun 2023 15:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 5.42.80.0/21 maxlen: 21
5.42.94.0/23 maxlen: 23
5.42.72.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d4:4b:97:30:55:ae:8a:3f:15:68:34:1a:fd:cd:e3:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Validity
Not Before: Jun 19 15:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c57d7f68e08e026c225f3826732ee5b65b38cb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e9:13:ee:45:c1:18:9a:91:a1:aa:74:08:5b:
11:41:0e:73:77:84:b3:6d:19:f5:84:a5:22:23:60:
ae:af:78:e3:3e:75:26:bd:78:35:cc:57:d9:5d:2b:
d5:c0:e5:cc:09:d2:c9:bf:ea:ba:d0:ef:c3:83:59:
75:8b:cb:29:58:fc:a8:30:81:4c:ec:e8:da:50:8e:
98:1f:5a:0a:17:29:4c:9c:76:b1:4c:bd:87:11:d4:
24:ab:70:37:e9:f3:46:84:78:ff:15:0d:f6:d6:dd:
58:30:0c:a6:bb:cd:bf:23:94:87:f7:67:5d:c8:7f:
a3:ca:21:43:ff:be:b4:71:eb:4c:c9:12:ff:57:51:
59:5f:25:b7:82:bf:64:1b:b1:9e:e0:c4:a5:a9:8b:
f2:da:2d:18:46:10:6e:8a:98:68:83:2f:70:a5:63:
79:c6:23:8f:ab:66:f8:bc:a8:41:02:04:1b:e8:74:
b7:ed:ac:d5:f8:da:84:7b:aa:18:86:23:09:0c:6f:
57:68:47:b2:ad:be:8d:fa:1a:ea:63:fe:fe:e9:21:
96:19:6b:73:8a:80:8e:15:79:a0:2d:68:54:ae:df:
32:93:db:01:6c:0f:4f:b2:77:b9:0e:80:b9:f7:36:
6c:0d:12:56:43:70:45:ae:35:43:d1:d7:72:ad:a2:
6a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:57:D7:F6:8E:08:E0:26:C2:25:F3:82:67:32:EE:5B:65:B3:8C:B7
X509v3 Authority Key Identifier:
keyid:96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/HFfX9o4I4CbCJfOCZzLuW2WzjLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/lgYvXdsY-W14SSs1ONd0XMRxSiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.72.0-5.42.87.255
5.42.94.0/23
Signature Algorithm: sha256WithRSAEncryption
58:b6:41:e0:75:78:2d:ea:39:72:c7:9f:92:85:6e:ff:d2:33:
ad:c4:e1:20:74:b6:01:e1:f2:22:ea:6d:6e:c8:6b:87:35:0f:
02:d7:a6:df:8c:bf:d8:f4:3b:84:48:cd:5f:e6:9f:27:88:79:
4d:73:39:43:fd:23:b1:38:5a:86:49:11:bf:72:c2:9d:c9:93:
5c:ca:c3:2d:9b:49:03:ba:97:09:51:1b:27:c8:4e:f8:af:64:
72:8f:3a:72:12:1e:5f:cd:15:23:51:c1:af:98:6a:4b:81:d8:
c9:32:71:5d:bb:d7:09:0d:f3:f5:c8:32:6c:37:9d:b9:2a:19:
eb:7c:f2:75:23:f6:77:b3:c8:de:2b:cb:8e:92:25:67:a8:67:
2d:aa:0d:71:bd:db:90:a0:71:91:e6:3a:8c:e8:fe:65:16:3a:
12:b0:b8:0b:fd:02:03:21:82:e4:9e:be:1e:85:ec:db:c0:15:
3b:e8:65:08:21:f5:4d:41:32:2c:94:68:e9:c5:70:46:30:ec:
76:99:bc:b0:b9:e5:09:16:ff:9f:b1:72:c5:e5:d3:d8:4f:ed:
06:fd:b2:ee:31:89:e8:c7:4d:01:08:09:80:f5:8b:91:53:5e:
32:2d:5a:f9:a9:ca:0f:60:a9:4b:da:12:d3:bb:24:9c:7e:67:
f2:94:dd:5b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYjUS5cwVa6KPxVoNBr9zePXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MDYyZjVkZGIxOGY5NmQ3ODQ5MmIzNTM4ZDc3NDVjYzQ3
MTRhMjYwHhcNMjMwNjE5MTUzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzU3ZDdmNjhlMDhlMDI2YzIyNWYzODI2NzMyZWU1YjY1YjM4Y2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+kT7kXBGJqRoap0CFsRQQ5zd4Sz
bRn1hKUiI2Cur3jjPnUmvXg1zFfZXSvVwOXMCdLJv+q60O/Dg1l1i8spWPyoMIFM
7OjaUI6YH1oKFylMnHaxTL2HEdQkq3A36fNGhHj/FQ321t1YMAymu82/I5SH92dd
yH+jyiFD/760cetMyRL/V1FZXyW3gr9kG7Ge4MSlqYvy2i0YRhBuiphogy9wpWN5
xiOPq2b4vKhBAgQb6HS37azV+NqEe6oYhiMJDG9XaEeyrb6N+hrqY/7+6SGWGWtz
ioCOFXmgLWhUrt8yk9sBbA9Psne5DoC59zZsDRJWQ3BFrjVD0ddyraJqzQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBxX1/aOCOAmwiXzgmcy7ltls4y3MB8GA1UdIwQY
MBaAFJYGL13bGPlteEkrNTjXdFzEcUomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmIt
M2ZjYjVmM2YzYzU5LzEvSEZmWDlvNEk0Q2JDSmZPQ1p6THVXMld6akxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmItM2ZjYjVmM2YzYzU5
LzEvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAMFKkgD
BAMFKlADBAEFKl4wDQYJKoZIhvcNAQELBQADggEBAFi2QeB1eC3qOXLHn5KFbv/S
M63E4SB0tgHh8iLqbW7Ia4c1DwLXpt+Mv9j0O4RIzV/mnyeIeU1zOUP9I7E4WoZJ
Eb9ywp3Jk1zKwy2bSQO6lwlRGyfITvivZHKPOnISHl/NFSNRwa+YakuB2MkycV27
1wkN8/XIMmw3nbkqGet88nUj9nezyN4ry46SJWeoZy2qDXG925CgcZHmOozo/mUW
OhKwuAv9AgMhguSevh6F7NvAFTvoZQgh9U1BMiyUaOnFcEYw7HaZvLC55QkW/5+x
csXl09hP7Qb9su4xiejHTQEICYD1i5FTXjItWvmpyg9gqUvaEtO7JJx+Z/KU3Vs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:29 2025 by rpki-client