Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/5RPYW11rTMKm5lsYIyFit8xthbM.roa
File: 5RPYW11rTMKm5lsYIyFit8xthbM.roa (raw, json)
Hash identifier: 2J9KX5SBbNBf71v2YuoY1SZX11yC5UNY1Ef6R5Dx3c4=
Subject key identifier: E5:13:D8:5B:5D:6B:4C:C2:A6:E6:5B:18:23:21:62:B7:CC:6D:85:B3
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 0183AEB8D8D6ACA6FDAEFA33BF7A6C444A22
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/5RPYW11rTMKm5lsYIyFit8xthbM.roa
Signing time: Thu 06 Oct 2022 19:14:53 +0000
ROA not before: Thu 06 Oct 2022 19:14:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59645
IP address blocks: 195.191.196.0/23 maxlen: 24
2a06:d1c0:dead::/48 maxlen: 48
2a06:d1c0:deae::/48 maxlen: 48
2a06:d1c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ae:b8:d8:d6:ac:a6:fd:ae:fa:33:bf:7a:6c:44:4a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Oct 6 19:14:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e513d85b5d6b4cc2a6e65b18232162b7cc6d85b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c7:ca:ed:1f:ed:61:95:0e:61:63:da:b5:eb:
37:5f:b8:82:b5:04:82:4a:2f:fc:02:f0:0f:50:25:
6d:14:f8:71:5e:2d:b1:f5:b4:f3:de:a9:f5:1d:5f:
e5:34:61:cf:a7:f2:16:a8:a1:2d:b5:6d:70:29:d5:
5c:d8:50:54:cb:98:0e:bd:e2:76:5d:50:ad:ab:89:
ca:0c:57:3f:92:88:2a:07:a6:90:ce:b9:63:34:bb:
2f:40:5d:14:96:2a:f7:0c:e2:07:93:70:5d:e5:6e:
19:ee:d4:03:4c:0f:c5:8b:fb:b2:d5:ef:8d:75:8e:
51:22:4f:ae:da:6c:b0:04:dc:dc:a3:47:01:92:ce:
7a:9e:8e:19:97:e5:fb:23:47:55:43:99:ca:3e:bb:
15:88:fd:b6:4f:12:f4:24:eb:e1:d5:13:c1:b2:1c:
fc:4a:be:1d:d3:f8:b9:96:07:3c:b6:e1:e0:3d:ac:
32:d3:cc:3a:fd:df:c2:fc:8a:b9:25:db:be:1e:25:
bd:29:8b:14:06:b7:86:7f:13:3c:ac:0d:f9:af:e2:
c2:54:52:5c:b2:c3:49:09:94:e8:42:18:6b:f0:e4:
ee:b1:c6:0d:e0:3f:81:11:37:22:7c:15:43:ce:fb:
f4:e1:19:3c:b1:08:f5:d4:00:bd:da:be:b9:48:dd:
48:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:13:D8:5B:5D:6B:4C:C2:A6:E6:5B:18:23:21:62:B7:CC:6D:85:B3
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/5RPYW11rTMKm5lsYIyFit8xthbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.196.0/23
IPv6:
2a06:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:ae:d3:57:88:f4:be:c5:98:d0:2a:57:c7:e7:c7:64:0f:07:
b9:ec:1d:c9:55:4c:ac:1b:46:cb:f6:b0:db:d5:52:1a:d7:59:
b2:bf:79:08:35:bc:23:05:f0:b7:b5:24:bf:11:76:5e:2c:28:
be:f1:d5:8f:58:12:87:ed:fb:94:40:df:2e:a3:e8:86:2a:ba:
c7:a4:ec:b6:57:a6:ad:52:22:f0:2d:88:3b:ee:25:2f:aa:09:
65:3b:3b:9f:54:54:1b:dd:83:83:8d:a1:2d:c2:b6:58:d9:9e:
b8:86:3e:57:c4:ed:0a:79:51:20:a2:b9:0d:ef:3f:84:f6:e3:
e6:d5:3a:6f:b5:49:4c:d1:1e:19:2a:14:cd:d7:0c:fd:c1:27:
3b:6c:11:8c:0d:0e:ce:cc:03:84:58:cf:65:2a:70:e8:29:aa:
e2:80:f1:bc:1c:41:8d:00:ab:3d:0c:11:61:07:3b:b8:0b:f0:
3f:d9:96:ad:9b:ef:98:1f:b2:b3:3c:51:5f:aa:96:e0:84:ba:
03:86:fc:42:43:0e:4e:b9:ea:22:7e:62:e9:a6:cf:14:40:7b:
02:9f:0c:a2:92:28:a1:8c:be:f1:a0:d9:64:c9:90:8a:f7:67:
0a:b2:31:a9:4f:ce:e7:0f:d0:d3:dc:5d:07:fa:90:81:46:59:
36:d1:00:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYOuuNjWrKb9rvozv3psREoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjIxMDA2MTkxNDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTEzZDg1YjVkNmI0Y2MyYTZlNjViMTgyMzIxNjJiN2NjNmQ4NWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosfK7R/tYZUOYWPates3X7iCtQSC
Si/8AvAPUCVtFPhxXi2x9bTz3qn1HV/lNGHPp/IWqKEttW1wKdVc2FBUy5gOveJ2
XVCtq4nKDFc/kogqB6aQzrljNLsvQF0Ulir3DOIHk3Bd5W4Z7tQDTA/Fi/uy1e+N
dY5RIk+u2mywBNzco0cBks56no4Zl+X7I0dVQ5nKPrsViP22TxL0JOvh1RPBshz8
Sr4d0/i5lgc8tuHgPawy08w6/d/C/Iq5Jdu+HiW9KYsUBreGfxM8rA35r+LCVFJc
ssNJCZToQhhr8OTuscYN4D+BETcifBVDzvv04Rk8sQj11AC92r65SN1I6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOUT2Ftda0zCpuZbGCMhYrfMbYWzMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvNVJQWVcxMXJUTUttNWxzWUl5Rml0OHh0aGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBw7/EMA0E
AgACMAcDBQMqBtHAMA0GCSqGSIb3DQEBCwUAA4IBAQCNrtNXiPS+xZjQKlfH58dk
Dwe57B3JVUysG0bL9rDb1VIa11myv3kINbwjBfC3tSS/EXZeLCi+8dWPWBKH7fuU
QN8uo+iGKrrHpOy2V6atUiLwLYg77iUvqgllOzufVFQb3YODjaEtwrZY2Z64hj5X
xO0KeVEgorkN7z+E9uPm1TpvtUlM0R4ZKhTN1wz9wSc7bBGMDQ7OzAOEWM9lKnDo
KarigPG8HEGNAKs9DBFhBzu4C/A/2Zatm++YH7KzPFFfqpbghLoDhvxCQw5Oueoi
fmLpps8UQHsCnwyikiihjL7xoNlkyZCK92cKsjGpT87nD9DT3F0H+pCBRlk20QDX
-----END CERTIFICATE-----
Generated at Thu Mar 13 08:42:16 2025 by rpki-client