Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/30a309-b18e-4f27-8e7e-e7b372e4c7c5/1/Ui5R5nciKaN6lSeNvDmp4wNk-lQ.roa
File: Ui5R5nciKaN6lSeNvDmp4wNk-lQ.roa (raw, json)
Hash identifier: 5yYBWxOIdfhzt4Vt3mowshuar6jrMOjK4Km2/zEOfSA=
Subject key identifier: 52:2E:51:E6:77:22:29:A3:7A:95:27:8D:BC:39:A9:E3:03:64:FA:54
Certificate issuer: /CN=5bc1503610bf82d8687b7aefb879a6578704f32a
Certificate serial: 038849
Authority key identifier: 5B:C1:50:36:10:BF:82:D8:68:7B:7A:EF:B8:79:A6:57:87:04:F3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W8FQNhC_gthoe3rvuHmmV4cE8yo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/30a309-b18e-4f27-8e7e-e7b372e4c7c5/1/Ui5R5nciKaN6lSeNvDmp4wNk-lQ.roa
Signing time: Fri 20 May 2022 13:34:29 +0000
ROA not before: Fri 20 May 2022 13:34:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60609
IP address blocks: 185.132.140.0/24 maxlen: 24
185.132.141.0/24 maxlen: 24
185.132.142.0/24 maxlen: 24
185.132.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 231497 (0x38849)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bc1503610bf82d8687b7aefb879a6578704f32a
Validity
Not Before: May 20 13:34:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=522e51e6772229a37a95278dbc39a9e30364fa54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b5:58:9c:5a:d1:ce:04:a4:e7:a2:be:08:d4:
e9:65:d0:62:2b:d1:f8:ae:41:dc:88:ce:04:0a:8a:
6c:82:d5:84:39:2e:38:ed:89:96:d9:cc:c7:42:d7:
28:2f:1b:7b:22:95:30:a1:3a:af:61:6e:d8:fd:31:
85:7b:8b:cd:8e:4f:a3:f5:ff:a1:8e:01:51:02:30:
43:e7:63:1e:39:d7:d0:63:35:b1:de:e7:c7:3b:75:
9e:80:ab:7c:a2:60:ee:bd:5d:0e:1d:27:d5:8c:f8:
65:bc:26:8d:49:5a:55:6f:2c:ff:4e:12:1f:b4:dc:
4e:bc:a4:c5:61:5b:02:2c:41:6b:3f:74:79:47:3a:
67:a5:26:d3:94:15:41:32:bf:ad:ee:f9:b7:73:0f:
76:e1:39:0b:ec:8c:35:c7:52:23:76:71:d0:06:c6:
77:20:3a:e3:0f:e7:b6:a1:87:d4:21:5d:df:68:28:
5d:79:4c:6c:43:fc:3d:1f:76:07:ed:af:62:fe:ae:
57:24:55:76:6e:ee:e0:07:fc:03:dd:98:ab:fa:84:
47:62:39:ce:91:ad:d4:48:5c:c7:a9:85:73:12:47:
e5:f9:d6:c5:27:c3:1b:1c:09:cd:e2:7a:52:be:d5:
ee:9c:5c:12:23:7f:20:95:4e:a9:03:46:50:b2:70:
a1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:2E:51:E6:77:22:29:A3:7A:95:27:8D:BC:39:A9:E3:03:64:FA:54
X509v3 Authority Key Identifier:
keyid:5B:C1:50:36:10:BF:82:D8:68:7B:7A:EF:B8:79:A6:57:87:04:F3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W8FQNhC_gthoe3rvuHmmV4cE8yo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/30a309-b18e-4f27-8e7e-e7b372e4c7c5/1/Ui5R5nciKaN6lSeNvDmp4wNk-lQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/30a309-b18e-4f27-8e7e-e7b372e4c7c5/1/W8FQNhC_gthoe3rvuHmmV4cE8yo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.140.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:5b:6c:52:a3:eb:00:2a:58:11:eb:6d:ac:a7:75:94:d1:de:
70:ce:76:4b:f3:22:a5:2c:3f:b8:2c:f4:08:c8:03:28:15:81:
25:5b:ec:4f:55:76:77:95:65:f0:05:0b:7e:df:5c:f5:bd:5f:
7e:bb:2a:25:dc:ee:f0:e7:ee:18:dc:fd:46:c2:89:31:67:98:
58:10:83:da:79:63:32:38:c4:c9:45:74:1c:93:0a:a7:48:ec:
b8:f9:81:3e:63:c7:ed:1d:5e:57:2f:35:ad:03:d5:81:2c:fd:
3e:97:9c:3b:5d:9d:71:41:f2:52:cb:99:8a:f9:1a:88:c5:21:
9e:42:f8:e3:63:f4:08:eb:74:64:62:75:b3:a6:c4:10:54:93:
b5:60:f4:b2:45:87:85:a1:43:54:34:01:72:a2:e6:ed:c9:e9:
59:f8:18:16:7d:b6:05:64:3e:2f:1e:58:d9:a8:b4:33:46:72:
9e:97:42:4a:bb:88:80:4f:78:9a:a3:ed:2c:bb:3a:ec:eb:93:
b2:c5:6e:eb:e0:31:5a:7c:69:3f:23:fa:27:2a:3c:71:e7:c6:
63:cf:92:f3:f8:23:64:3d:09:c4:55:a2:f1:b0:a9:5f:a8:b9:
48:0c:e1:94:49:23:33:ff:45:6e:35:e3:0f:74:d5:29:8e:28:
b3:65:93:d0
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDA4hJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVi
YzE1MDM2MTBiZjgyZDg2ODdiN2FlZmI4NzlhNjU3ODcwNGYzMmEwHhcNMjIwNTIw
MTMzNDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1MjJlNTFlNjc3MjIy
OWEzN2E5NTI3OGRiYzM5YTllMzAzNjRmYTU0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA7bVYnFrRzgSk56K+CNTpZdBiK9H4rkHciM4ECopsgtWEOS44
7YmW2czHQtcoLxt7IpUwoTqvYW7Y/TGFe4vNjk+j9f+hjgFRAjBD52MeOdfQYzWx
3ufHO3WegKt8omDuvV0OHSfVjPhlvCaNSVpVbyz/ThIftNxOvKTFYVsCLEFrP3R5
RzpnpSbTlBVBMr+t7vm3cw924TkL7Iw1x1IjdnHQBsZ3IDrjD+e2oYfUIV3faChd
eUxsQ/w9H3YH7a9i/q5XJFV2bu7gB/wD3Zir+oRHYjnOka3USFzHqYVzEkfl+dbF
J8MbHAnN4npSvtXunFwSI38glU6pA0ZQsnCh4wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFFIuUeZ3IimjepUnjbw5qeMDZPpUMB8GA1UdIwQYMBaAFFvBUDYQv4LYaHt6
77h5pleHBPMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VzhGUU5oQ19ndGhvZTNydnVIbW1WNGNFOHlvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Ny8zMGEzMDktYjE4ZS00ZjI3LThlN2UtZTdiMzcyZTRjN2M1LzEv
VWk1UjVuY2lLYU42bFNlTnZEbXA0d05rLWxRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8z
MGEzMDktYjE4ZS00ZjI3LThlN2UtZTdiMzcyZTRjN2M1LzEvVzhGUU5oQ19ndGhv
ZTNydnVIbW1WNGNFOHlvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYSMMA0GCSqGSIb3DQEBCwUAA4IB
AQAtW2xSo+sAKlgR622sp3WU0d5wznZL8yKlLD+4LPQIyAMoFYElW+xPVXZ3lWXw
BQt+31z1vV9+uyol3O7w5+4Y3P1GwokxZ5hYEIPaeWMyOMTJRXQckwqnSOy4+YE+
Y8ftHV5XLzWtA9WBLP0+l5w7XZ1xQfJSy5mK+RqIxSGeQvjjY/QI63RkYnWzpsQQ
VJO1YPSyRYeFoUNUNAFyoubtyelZ+BgWfbYFZD4vHljZqLQzRnKel0JKu4iAT3ia
o+0suzrs65OyxW7r4DFafGk/I/onKjxx58Zjz5Lz+CNkPQnEVaLxsKlfqLlIDOGU
SSMz/0VuNeMPdNUpjiizZZPQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:00 2025 by rpki-client