Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/hC5qYghcH_l_kRqptbkvpFHTaAA.roa
File: hC5qYghcH_l_kRqptbkvpFHTaAA.roa (raw, json)
Hash identifier: 3nWlEyAO5XjNl01pwy7ISne8e1TGppRUTMMLQJ+Tn4E=
Subject key identifier: 84:2E:6A:62:08:5C:1F:F9:7F:91:1A:A9:B5:B9:2F:A4:51:D3:68:00
Certificate issuer: /CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Certificate serial: 1E7984
Authority key identifier: B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/hC5qYghcH_l_kRqptbkvpFHTaAA.roa
Signing time: Sat 01 Jan 2022 01:51:28 +0000
ROA not before: Sat 01 Jan 2022 01:51:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 185.15.100.0/22 maxlen: 22
5.152.168.0/21 maxlen: 21
5.8.184.0/21 maxlen: 21
37.1.176.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1997188 (0x1e7984)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Validity
Not Before: Jan 1 01:51:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=842e6a62085c1ff97f911aa9b5b92fa451d36800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5e:be:da:2e:e6:71:53:5f:74:ab:2b:37:ac:
33:70:72:fa:0a:25:85:68:3f:ac:d2:6c:bb:f6:c4:
2a:da:ef:51:f9:5b:f1:66:0d:5f:e6:29:48:02:06:
35:78:54:d8:61:e7:e4:47:14:98:9a:2e:e6:01:f1:
5b:2d:e7:a7:68:11:87:d5:06:79:94:a7:99:df:4c:
5d:f3:9a:05:46:ba:af:71:ce:2b:79:04:81:ff:ab:
a8:c8:cc:12:75:19:c1:d8:54:04:29:04:da:7c:01:
ae:57:24:f9:44:a2:ce:2b:28:a1:0b:01:63:c0:33:
33:75:f4:64:f0:b6:e8:92:c6:7e:b2:da:2b:50:3e:
86:c8:03:b7:8d:63:24:7c:63:bb:cb:64:55:04:89:
e3:4d:16:4e:9a:16:60:71:71:d3:65:89:5f:05:5d:
37:89:6c:2a:11:6e:46:e1:a2:bd:90:af:cf:00:f4:
70:b2:22:d4:df:7f:62:12:c0:cb:8b:11:9c:57:0a:
b3:6f:7c:77:ba:ab:c6:35:04:ec:2d:19:9b:47:3d:
de:76:c8:05:23:ce:43:8f:db:42:9e:3b:ab:01:e6:
ea:9a:3e:55:e2:39:9e:5b:fe:9c:e2:65:2d:4e:1d:
c1:ba:3e:0f:4f:b1:ac:a8:c6:1c:d3:b8:90:84:86:
f5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:2E:6A:62:08:5C:1F:F9:7F:91:1A:A9:B5:B9:2F:A4:51:D3:68:00
X509v3 Authority Key Identifier:
keyid:B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/hC5qYghcH_l_kRqptbkvpFHTaAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/saibZ8Zt6_Xe0_KIC7SUHTBBElc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.184.0/21
5.152.168.0/21
37.1.176.0/21
185.15.100.0/22
Signature Algorithm: sha256WithRSAEncryption
67:92:22:66:4e:32:b2:34:32:5c:62:c2:9c:ac:fc:94:06:e4:
85:41:b5:74:96:49:4d:8d:80:aa:13:ef:03:4e:2a:df:9c:1d:
1c:cf:94:66:d5:cd:53:65:88:66:58:47:26:d4:06:c7:ae:e7:
81:5e:54:55:37:e3:42:aa:f7:05:10:a9:cb:9f:5c:c9:28:22:
9c:7d:bf:63:3a:34:98:54:bf:71:31:21:bb:01:3a:fd:f2:24:
e2:37:d2:a9:7a:d7:8e:86:1e:f2:6f:a1:87:d0:d9:ad:ee:0b:
0f:3d:99:dc:0b:f3:a8:da:6c:ca:aa:0c:17:f9:56:49:05:5e:
03:e8:3f:5a:57:fd:66:80:88:4d:05:48:d3:1c:83:2b:f1:c8:
d8:3d:10:f1:e1:37:15:58:0a:1c:f1:35:0e:f5:52:cf:fe:20:
50:ab:36:bf:11:d8:d2:88:74:7d:8b:2f:a5:59:22:21:46:9a:
96:1f:b8:12:0b:e2:0d:ec:d0:6e:64:cb:77:43:bf:2f:90:1e:
7e:e5:17:e0:fc:3b:f3:cd:3d:ec:67:be:5f:11:cc:56:a2:9c:
39:e0:93:41:ea:66:6c:35:a4:9f:3a:c6:c1:54:63:4c:13:08:
1d:e0:48:43:ed:cf:a7:70:fa:78:c4:65:fa:bb:ba:a2:81:61:
20:48:af:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDHnmEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIx
YTg5YjY3YzY2ZGViZjVkZWQzZjI4ODBiYjQ5NDFkMzA0MTEyNTcwHhcNMjIwMTAx
MDE1MTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4NDJlNmE2MjA4NWMx
ZmY5N2Y5MTFhYTliNWI5MmZhNDUxZDM2ODAwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqV6+2i7mcVNfdKsrN6wzcHL6CiWFaD+s0my79sQq2u9R+Vvx
Zg1f5ilIAgY1eFTYYefkRxSYmi7mAfFbLeenaBGH1QZ5lKeZ30xd85oFRrqvcc4r
eQSB/6uoyMwSdRnB2FQEKQTafAGuVyT5RKLOKyihCwFjwDMzdfRk8LboksZ+stor
UD6GyAO3jWMkfGO7y2RVBInjTRZOmhZgcXHTZYlfBV03iWwqEW5G4aK9kK/PAPRw
siLU339iEsDLixGcVwqzb3x3uqvGNQTsLRmbRz3edsgFI85Dj9tCnjurAebqmj5V
4jmeW/6c4mUtTh3Buj4PT7GsqMYc07iQhIb13QIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFIQuamIIXB/5f5EaqbW5L6RR02gAMB8GA1UdIwQYMBaAFLGom2fGbev13tPy
iAu0lB0wQRJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
c2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTctMjEwMGJmMGYxNDBhLzEv
aEM1cVlnaGNIX2xfa1JxcHRia3ZwRkhUYUFBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9i
YzRkN2ItM2NiNy00ZjMzLTg5ZTctMjEwMGJmMGYxNDBhLzEvc2FpYlo4WnQ2X1hl
MF9LSUM3U1VIVEJCRWxjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBQi4AwQDBZioAwQDJQGwAwQCuQ9k
MA0GCSqGSIb3DQEBCwUAA4IBAQBnkiJmTjKyNDJcYsKcrPyUBuSFQbV0lklNjYCq
E+8DTirfnB0cz5Rm1c1TZYhmWEcm1AbHrueBXlRVN+NCqvcFEKnLn1zJKCKcfb9j
OjSYVL9xMSG7ATr98iTiN9KpeteOhh7yb6GH0Nmt7gsPPZncC/Oo2mzKqgwX+VZJ
BV4D6D9aV/1mgIhNBUjTHIMr8cjYPRDx4TcVWAoc8TUO9VLP/iBQqza/EdjSiHR9
iy+lWSIhRpqWH7gSC+IN7NBuZMt3Q78vkB5+5Rfg/DvzzT3sZ75fEcxWopw54JNB
6mZsNaSfOsbBVGNMEwgd4EhD7c+ncPp4xGX6u7qigWEgSK/j
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:47 2025 by rpki-client