Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/FW2SaDAtWrAG2RgKqLkgabvNnqk.roa
File: FW2SaDAtWrAG2RgKqLkgabvNnqk.roa (raw, json)
Hash identifier: Zs/5JYGaUqPP/sa37ACJVU2GpGpcL+jpycClcf/S8RA=
Subject key identifier: 15:6D:92:68:30:2D:5A:B0:06:D9:18:0A:A8:B9:20:69:BB:CD:9E:A9
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018571F104AC86421867989C3CB1B425CAB9
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/FW2SaDAtWrAG2RgKqLkgabvNnqk.roa
Signing time: Mon 02 Jan 2023 10:04:58 +0000
ROA not before: Mon 02 Jan 2023 10:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204774
IP address blocks: 5.154.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f1:04:ac:86:42:18:67:98:9c:3c:b1:b4:25:ca:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 10:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=156d9268302d5ab006d9180aa8b92069bbcd9ea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:79:6c:ba:2f:c5:f5:1b:2c:45:be:cd:92:17:
5b:7b:7c:cb:3c:74:35:ad:32:d4:24:de:31:de:42:
6e:89:00:90:6a:5c:ea:93:b8:c5:71:8d:2e:a4:8e:
c1:54:72:2f:7a:26:97:6b:f9:5b:50:b4:dd:73:5f:
16:ed:ea:4c:f9:e6:b7:07:b5:7f:15:15:70:a2:23:
f7:61:15:dc:a3:95:dd:97:26:5d:a6:0d:74:74:ce:
f9:11:03:94:50:86:2b:0b:7a:a2:88:e8:08:65:8e:
bc:b8:4f:98:cb:69:41:73:ae:c1:86:36:03:4b:00:
c7:2d:e8:4d:9b:9a:da:28:09:00:1f:4b:57:7d:2f:
66:d2:6d:59:e4:ac:a4:58:ed:55:05:10:c4:c3:b2:
a5:70:9e:45:ea:66:30:9f:f8:f8:c3:6d:af:f5:1e:
6e:c7:bb:5a:fd:8a:e3:99:16:7a:f6:ff:6c:f6:47:
b5:b6:ee:4a:7c:2c:17:2d:d5:1a:5b:7c:a5:94:b4:
7a:0a:1b:e0:41:8b:87:c8:0c:ee:3d:1a:7b:03:5c:
0d:e8:3b:38:c1:9e:bc:90:ff:77:52:a7:d7:2b:48:
54:d5:85:ef:a8:b6:c5:0f:f9:e0:70:ea:4c:97:a0:
3d:6e:87:0f:1b:8e:0f:b3:0c:4b:74:cb:84:f7:b5:
4c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:6D:92:68:30:2D:5A:B0:06:D9:18:0A:A8:B9:20:69:BB:CD:9E:A9
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/FW2SaDAtWrAG2RgKqLkgabvNnqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.75.0/24
Signature Algorithm: sha256WithRSAEncryption
39:0f:fe:97:d0:ae:a0:3c:bd:50:e8:7f:fa:05:d2:7b:19:30:
dc:b9:7f:42:b4:c8:78:4c:c8:70:d5:ef:6b:c0:f0:4f:6b:dd:
93:59:a4:40:f9:cc:fd:d9:41:30:2a:0d:17:09:10:8c:9b:ef:
79:b8:d7:f1:e8:85:73:17:12:44:7c:e2:fb:cc:67:b8:14:de:
b4:36:86:0d:9a:87:c8:c0:ae:3f:3c:13:16:9e:2b:22:78:b3:
58:fc:37:1b:a5:2b:bd:68:d4:8c:74:a4:56:98:33:07:54:09:
31:4a:fe:3b:a7:3f:4d:6e:a1:48:82:46:54:d9:2f:c7:ed:2d:
90:68:8b:56:26:ac:2f:52:d7:47:35:c8:8d:4a:34:66:e8:4d:
f7:3e:ea:91:17:12:18:03:3c:b8:8b:ee:d8:21:ee:bc:28:df:
e1:0b:69:c3:fd:4c:37:34:74:04:53:f1:20:48:c2:b2:4d:16:
a8:13:ff:4b:52:0a:c5:37:7c:54:8c:de:16:97:17:22:7c:cd:
e2:ab:2f:4f:2f:cb:9d:57:84:f8:28:d5:a2:58:91:0b:c9:b8:
fc:78:9b:31:9e:42:44:23:40:f8:bc:1d:b8:79:2e:08:c0:d7:
b3:9f:10:20:95:11:43:94:9f:47:bc:c4:d6:e3:05:e1:8c:b0:
23:41:27:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8QSshkIYZ5icPLG0Jcq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTZkOTI2ODMwMmQ1YWIwMDZkOTE4MGFhOGI5MjA2OWJiY2Q5ZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXlsui/F9RssRb7Nkhdbe3zLPHQ1
rTLUJN4x3kJuiQCQalzqk7jFcY0upI7BVHIveiaXa/lbULTdc18W7epM+ea3B7V/
FRVwoiP3YRXco5XdlyZdpg10dM75EQOUUIYrC3qiiOgIZY68uE+Yy2lBc67BhjYD
SwDHLehNm5raKAkAH0tXfS9m0m1Z5KykWO1VBRDEw7KlcJ5F6mYwn/j4w22v9R5u
x7ta/YrjmRZ69v9s9ke1tu5KfCwXLdUaW3yllLR6ChvgQYuHyAzuPRp7A1wN6Ds4
wZ68kP93UqfXK0hU1YXvqLbFD/ngcOpMl6A9bocPG44PswxLdMuE97VMlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBVtkmgwLVqwBtkYCqi5IGm7zZ6pMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvRlcyU2FEQXRXckFHMlJnS3FMa2dhYnZObnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZpLMA0G
CSqGSIb3DQEBCwUAA4IBAQA5D/6X0K6gPL1Q6H/6BdJ7GTDcuX9CtMh4TMhw1e9r
wPBPa92TWaRA+cz92UEwKg0XCRCMm+95uNfx6IVzFxJEfOL7zGe4FN60NoYNmofI
wK4/PBMWnisieLNY/DcbpSu9aNSMdKRWmDMHVAkxSv47pz9NbqFIgkZU2S/H7S2Q
aItWJqwvUtdHNciNSjRm6E33PuqRFxIYAzy4i+7YIe68KN/hC2nD/Uw3NHQEU/Eg
SMKyTRaoE/9LUgrFN3xUjN4WlxcifM3iqy9PL8udV4T4KNWiWJELybj8eJsxnkJE
I0D4vB24eS4IwNeznxAglRFDlJ9HvMTW4wXhjLAjQSdT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:39 2025 by rpki-client