Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/5hLQ54_OiZ-145RYW5WLI7Tzvq8.roa
File: 5hLQ54_OiZ-145RYW5WLI7Tzvq8.roa (raw, json)
Hash identifier: eXCTkRmXD/kX/i2Wsm5ovnG1R00Lx+oj3omzsZGJW8A=
Subject key identifier: E6:12:D0:E7:8F:CE:89:9F:B5:E3:94:58:5B:95:8B:23:B4:F3:BE:AF
Certificate issuer: /CN=554adb72b82ecfafc5705e25febcab5c82d76ee6
Certificate serial: 0184CD3D953049421AD0FE6A9078C2FCE4F7
Authority key identifier: 55:4A:DB:72:B8:2E:CF:AF:C5:70:5E:25:FE:BC:AB:5C:82:D7:6E:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VUrbcrguz6_FcF4l_ryrXILXbuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/5hLQ54_OiZ-145RYW5WLI7Tzvq8.roa
Signing time: Thu 01 Dec 2022 10:31:15 +0000
ROA not before: Thu 01 Dec 2022 10:31:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16210
IP address blocks: 217.18.96.0/19 maxlen: 20
217.18.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:3d:95:30:49:42:1a:d0:fe:6a:90:78:c2:fc:e4:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=554adb72b82ecfafc5705e25febcab5c82d76ee6
Validity
Not Before: Dec 1 10:31:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e612d0e78fce899fb5e394585b958b23b4f3beaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:86:0e:27:9e:ca:32:d0:52:c9:53:2f:6f:ac:
b5:9f:0f:af:12:13:74:1a:99:71:6f:d2:51:8f:0b:
5a:f7:d1:21:c6:4f:e6:c7:72:da:50:b0:f8:c1:b4:
fc:5b:05:13:ff:1a:a5:99:82:f9:8c:a4:68:06:0a:
83:6b:00:0e:20:65:b4:a9:c6:dc:eb:84:1a:6c:f0:
2d:f2:11:b2:db:3a:9a:2b:5c:12:9e:e5:66:16:79:
75:1e:7a:19:8d:4f:99:61:0c:a2:ac:af:b1:35:d6:
79:aa:00:bb:0b:07:51:bd:d8:bb:74:26:47:c3:de:
ab:02:70:09:39:de:c7:23:23:0f:f2:c8:13:dd:83:
32:34:e2:00:56:0c:2d:e1:64:1e:f1:1c:70:d4:42:
29:8f:75:16:34:c9:8f:a3:61:b2:73:3b:73:46:4d:
f4:8b:5f:ee:4e:ce:f1:4a:3b:70:b6:89:0c:81:d1:
76:ae:78:23:1c:f4:d2:2c:0d:ab:9a:b0:10:29:1c:
6f:6e:cc:bc:6a:66:1b:29:fd:d1:6a:85:d0:bb:03:
da:a7:e5:98:e2:8c:6f:d3:9a:d9:37:ef:62:76:71:
3d:07:0f:f0:5c:4c:e4:0c:12:43:dd:a9:2c:c8:03:
ae:3d:7f:f1:fb:d0:a1:e6:3a:56:9c:f9:a3:81:b2:
cd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:12:D0:E7:8F:CE:89:9F:B5:E3:94:58:5B:95:8B:23:B4:F3:BE:AF
X509v3 Authority Key Identifier:
keyid:55:4A:DB:72:B8:2E:CF:AF:C5:70:5E:25:FE:BC:AB:5C:82:D7:6E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VUrbcrguz6_FcF4l_ryrXILXbuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/5hLQ54_OiZ-145RYW5WLI7Tzvq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/VUrbcrguz6_FcF4l_ryrXILXbuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.96.0/19
Signature Algorithm: sha256WithRSAEncryption
b6:92:75:e0:32:3e:0b:5c:64:33:5e:8e:cc:c6:d6:7d:44:e5:
21:8c:17:df:d1:cf:70:79:32:55:5c:52:bb:cc:53:80:32:84:
3b:f3:c3:2a:b1:45:40:6a:35:a4:f1:7c:b9:04:9c:d7:af:4c:
3b:45:2a:9c:f7:5d:54:54:4f:77:ca:de:79:0d:e4:87:17:e6:
32:cc:14:8f:d8:03:de:7e:8e:47:df:17:d3:c1:f5:6a:7c:f9:
75:a7:d3:71:0a:1e:1b:8c:75:a8:a3:62:d2:12:bb:94:d0:c8:
c2:cb:72:49:eb:ec:83:0b:4c:70:18:38:da:7b:e6:8a:e3:ae:
1d:82:a5:c3:bd:94:e3:a7:1c:a2:6b:63:18:d7:07:a8:30:8c:
45:a0:f2:f6:e3:e8:ba:1d:c5:0d:78:a1:e4:ed:ed:bf:68:ef:
b9:74:20:52:52:53:80:9f:c3:8b:a8:b5:fb:f9:c6:43:b9:4e:
ed:f5:64:a4:26:af:bf:f9:60:89:2a:1a:a6:eb:2f:cf:15:0c:
76:65:df:54:af:70:d2:a5:48:b1:f8:92:56:35:79:46:bc:0c:
04:79:77:38:1f:37:82:99:6b:07:b5:85:55:9c:bb:cc:a7:41:
03:92:86:b9:89:b3:b1:b3:13:62:d4:f1:89:ac:81:e1:d6:1f:
65:ba:40:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTNPZUwSUIa0P5qkHjC/OT3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NGFkYjcyYjgyZWNmYWZjNTcwNWUyNWZlYmNhYjVjODJk
NzZlZTYwHhcNMjIxMjAxMTAzMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjEyZDBlNzhmY2U4OTlmYjVlMzk0NTg1Yjk1OGIyM2I0ZjNiZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYYOJ57KMtBSyVMvb6y1nw+vEhN0
Gplxb9JRjwta99Ehxk/mx3LaULD4wbT8WwUT/xqlmYL5jKRoBgqDawAOIGW0qcbc
64QabPAt8hGy2zqaK1wSnuVmFnl1HnoZjU+ZYQyirK+xNdZ5qgC7CwdRvdi7dCZH
w96rAnAJOd7HIyMP8sgT3YMyNOIAVgwt4WQe8Rxw1EIpj3UWNMmPo2GycztzRk30
i1/uTs7xSjtwtokMgdF2rngjHPTSLA2rmrAQKRxvbsy8amYbKf3RaoXQuwPap+WY
4oxv05rZN+9idnE9Bw/wXEzkDBJD3aksyAOuPX/x+9Ch5jpWnPmjgbLNIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOYS0OePzomfteOUWFuViyO0876vMB8GA1UdIwQY
MBaAFFVK23K4Ls+vxXBeJf68q1yC127mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlVyYmNyZ3V6Nl9GY0Y0bF9yeXJYSUxYYnVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi81ZTM4OTUtYWU5NS00M2UyLWI3YTEt
NzU4NjNmNDM0NzZhLzEvNWhMUTU0X09pWi0xNDVSWVc1V0xJN1R6dnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi81ZTM4OTUtYWU5NS00M2UyLWI3YTEtNzU4NjNmNDM0NzZh
LzEvVlVyYmNyZ3V6Nl9GY0Y0bF9yeXJYSUxYYnVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF2RJgMA0G
CSqGSIb3DQEBCwUAA4IBAQC2knXgMj4LXGQzXo7MxtZ9ROUhjBff0c9weTJVXFK7
zFOAMoQ788MqsUVAajWk8Xy5BJzXr0w7RSqc911UVE93yt55DeSHF+YyzBSP2APe
fo5H3xfTwfVqfPl1p9NxCh4bjHWoo2LSEruU0MjCy3JJ6+yDC0xwGDjae+aK464d
gqXDvZTjpxyia2MY1weoMIxFoPL24+i6HcUNeKHk7e2/aO+5dCBSUlOAn8OLqLX7
+cZDuU7t9WSkJq+/+WCJKhqm6y/PFQx2Zd9Ur3DSpUix+JJWNXlGvAwEeXc4HzeC
mWsHtYVVnLvMp0EDkoa5ibOxsxNi1PGJrIHh1h9lukAR
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:11 2025 by rpki-client