Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/0e_h4uEbL3gPMKlUOAyXtQZUPwA.roa
File: 0e_h4uEbL3gPMKlUOAyXtQZUPwA.roa (raw, json)
Hash identifier: EdMU0uvBd6BdeEi2vuuTtj7NS6FWpLk16Xk4O9F4v5Q=
Subject key identifier: D1:EF:E1:E2:E1:1B:2F:78:0F:30:A9:54:38:0C:97:B5:06:54:3F:00
Certificate issuer: /CN=b14aba8b60749393478e83c360e6cbd75d156f89
Certificate serial: 01876FD3E4A361306A8A7031B11B1FB93F1D
Authority key identifier: B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/0e_h4uEbL3gPMKlUOAyXtQZUPwA.roa
Signing time: Tue 11 Apr 2023 10:19:30 +0000
ROA not before: Tue 11 Apr 2023 10:19:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210020
IP address blocks: 188.124.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6f:d3:e4:a3:61:30:6a:8a:70:31:b1:1b:1f:b9:3f:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aba8b60749393478e83c360e6cbd75d156f89
Validity
Not Before: Apr 11 10:19:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1efe1e2e11b2f780f30a954380c97b506543f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a4:02:a1:16:c2:a1:cb:f4:44:a4:57:5e:18:
74:00:73:65:ea:df:a3:bc:e8:9b:88:85:6e:71:56:
ff:30:b7:2b:64:ca:a2:3d:1b:06:cb:e5:bf:d0:b5:
6b:3b:3e:6d:1c:df:7d:bc:81:77:1f:05:fe:d7:9f:
10:d8:2d:d0:3c:74:c1:6a:2d:3f:67:27:cf:72:34:
34:cb:77:5b:d3:37:58:94:99:11:5f:e1:40:b5:2a:
bb:b1:3a:d3:48:04:33:68:53:05:58:d2:44:77:e1:
2c:94:5d:54:bd:40:5d:01:90:95:06:1e:74:77:81:
3d:a1:0a:bc:1f:f1:2d:af:5b:4b:eb:66:06:9d:d1:
b9:d5:e4:c8:e3:41:df:12:69:be:f9:ab:8b:9a:c6:
14:ee:eb:8a:8d:7c:75:34:0d:90:34:59:11:05:f1:
fb:e7:a0:f7:e6:45:39:72:ff:74:a0:ca:8b:84:fc:
89:80:a0:78:42:2e:6d:bd:cc:45:33:13:13:7c:85:
14:e2:eb:9e:f8:76:03:9d:7c:c5:ea:53:65:1f:35:
53:0b:26:eb:df:9c:1e:df:01:61:02:f4:6d:83:a1:
20:14:2d:fe:3e:30:87:d8:7c:8a:53:70:af:42:fb:
e4:e0:5c:71:98:77:2a:9f:fa:db:f6:1e:fc:92:39:
e8:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:EF:E1:E2:E1:1B:2F:78:0F:30:A9:54:38:0C:97:B5:06:54:3F:00
X509v3 Authority Key Identifier:
keyid:B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/0e_h4uEbL3gPMKlUOAyXtQZUPwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.124.5.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:f3:eb:c2:fc:0e:a4:18:19:43:e1:d5:c4:8b:33:ef:2f:d6:
08:2a:96:6e:88:73:88:34:e5:70:83:b9:90:22:87:2c:6f:d0:
3b:58:cf:f7:17:74:48:72:cd:ca:59:1b:a0:89:a5:b6:6e:0e:
d2:44:0c:87:24:73:e2:23:a4:63:99:cb:92:fd:5e:bb:a6:aa:
33:39:d7:a3:3b:b9:43:90:ef:5d:5f:dd:65:83:f5:9f:25:7a:
f8:c2:c3:2b:4b:da:10:ff:63:4b:05:0d:50:8a:d2:07:56:45:
16:54:a4:d3:fb:d7:55:34:70:78:1d:83:a5:60:a7:69:37:da:
34:8a:31:2a:10:31:3f:14:74:82:7e:73:b7:8d:f2:06:a1:c9:
18:a2:da:4c:66:59:09:66:4a:7c:0f:85:aa:94:b4:da:f7:b9:
e8:fb:50:f7:bb:df:4a:ef:43:9d:fc:24:da:a5:8c:6a:d2:05:
00:23:aa:75:68:f1:c4:17:36:04:4f:cf:3d:90:09:0b:70:22:
ea:80:f7:cc:18:55:30:2a:13:45:ea:73:9f:70:af:bb:9f:74:
14:72:f5:c4:cd:00:6e:59:9b:5c:9f:b5:9d:5f:5d:ad:85:0d:
f2:71:4c:9a:26:df:71:2b:f7:07:e7:48:9d:3a:6c:43:15:16:
5c:53:e8:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdv0+SjYTBqinAxsRsfuT8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFiYThiNjA3NDkzOTM0NzhlODNjMzYwZTZjYmQ3NWQx
NTZmODkwHhcNMjMwNDExMTAxOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWVmZTFlMmUxMWIyZjc4MGYzMGE5NTQzODBjOTdiNTA2NTQzZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6QCoRbCocv0RKRXXhh0AHNl6t+j
vOibiIVucVb/MLcrZMqiPRsGy+W/0LVrOz5tHN99vIF3HwX+158Q2C3QPHTBai0/
ZyfPcjQ0y3db0zdYlJkRX+FAtSq7sTrTSAQzaFMFWNJEd+EslF1UvUBdAZCVBh50
d4E9oQq8H/Etr1tL62YGndG51eTI40HfEmm++auLmsYU7uuKjXx1NA2QNFkRBfH7
56D35kU5cv90oMqLhPyJgKB4Qi5tvcxFMxMTfIUU4uue+HYDnXzF6lNlHzVTCybr
35we3wFhAvRtg6EgFC3+PjCH2HyKU3CvQvvk4FxxmHcqn/rb9h78kjnogwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHv4eLhGy94DzCpVDgMl7UGVD8AMB8GA1UdIwQY
MBaAFLFKuotgdJOTR46Dw2Dmy9ddFW+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYt
Y2Y2YzMwNTIxMmViLzEvMGVfaDR1RWJMM2dQTUtsVU9BeVh0UVpVUHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYtY2Y2YzMwNTIxMmVi
LzEvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvHwFMA0G
CSqGSIb3DQEBCwUAA4IBAQAa8+vC/A6kGBlD4dXEizPvL9YIKpZuiHOINOVwg7mQ
Iocsb9A7WM/3F3RIcs3KWRugiaW2bg7SRAyHJHPiI6RjmcuS/V67pqozOdejO7lD
kO9dX91lg/WfJXr4wsMrS9oQ/2NLBQ1QitIHVkUWVKTT+9dVNHB4HYOlYKdpN9o0
ijEqEDE/FHSCfnO3jfIGockYotpMZlkJZkp8D4WqlLTa97no+1D3u99K70Od/CTa
pYxq0gUAI6p1aPHEFzYET889kAkLcCLqgPfMGFUwKhNF6nOfcK+7n3QUcvXEzQBu
WZtcn7WdX12thQ3ycUyaJt9xK/cH50idOmxDFRZcU+jg
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:49:03 2025 by rpki-client