Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/cpEQsaOdqT7THgu2bAYRqawAZiQ.roa
File: cpEQsaOdqT7THgu2bAYRqawAZiQ.roa (raw, json)
Hash identifier: UJKTGwLAVgoPyw4pT0+aMtw6m2/HQYnXbNM2JtQgoi0=
Subject key identifier: 72:91:10:B1:A3:9D:A9:3E:D3:1E:0B:B6:6C:06:11:A9:AC:00:66:24
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 01843D2D014FDEDC18A099062E012F5CF262
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/cpEQsaOdqT7THgu2bAYRqawAZiQ.roa
Signing time: Thu 03 Nov 2022 11:07:50 +0000
ROA not before: Thu 03 Nov 2022 11:07:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398465
IP address blocks: 5.134.84.0/23 maxlen: 23
5.134.86.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3d:2d:01:4f:de:dc:18:a0:99:06:2e:01:2f:5c:f2:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Nov 3 11:07:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=729110b1a39da93ed31e0bb66c0611a9ac006624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:71:81:c6:ff:d8:cb:72:c0:06:86:47:e6:07:
bf:90:89:88:c6:87:20:79:55:b4:e9:32:a7:31:2d:
4b:f7:10:0d:98:d7:41:3b:8a:74:47:12:36:a0:72:
24:c8:70:0f:ab:c5:52:ba:28:c9:63:5c:b5:cd:d4:
56:86:df:38:2a:a2:9c:ae:d3:66:c8:58:dc:e6:77:
7a:c4:f2:87:a7:a7:b1:4a:c5:b6:1c:f5:5e:68:07:
d7:4e:e0:2d:98:99:35:a4:72:4c:be:77:9c:1f:ca:
69:73:84:52:af:1d:46:00:92:67:94:88:f6:5d:63:
f0:63:3e:1c:66:6b:de:ac:bb:18:f0:1a:52:99:e0:
55:5a:bc:04:9f:b4:94:05:83:ef:34:08:24:f3:33:
5a:70:55:87:d5:30:3d:e3:c1:56:da:90:24:7b:2b:
cb:50:04:4f:a1:fc:6e:eb:aa:a3:ca:d0:86:fb:f1:
b8:66:15:91:25:d3:ce:da:ea:04:07:90:4d:58:16:
e6:a8:23:54:22:cf:a8:34:43:35:ea:98:33:b2:54:
65:04:d9:42:56:35:cc:09:25:af:24:43:38:a1:c9:
3c:87:bc:0b:a7:73:8a:ab:7d:b2:ca:a0:8a:97:16:
ab:99:aa:c8:94:22:09:ba:45:94:2b:62:a7:1f:00:
5f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:91:10:B1:A3:9D:A9:3E:D3:1E:0B:B6:6C:06:11:A9:AC:00:66:24
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/cpEQsaOdqT7THgu2bAYRqawAZiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.84.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:74:a6:36:37:c3:bf:9f:4c:34:6f:e7:e1:d3:86:6a:24:db:
25:ba:09:08:17:c1:11:65:a4:13:73:03:78:af:a3:2a:72:05:
31:88:9d:cf:e4:71:9f:e2:2b:26:56:5e:90:bb:2d:93:4d:61:
9d:a1:a7:55:92:1a:4c:02:2c:08:ad:48:6d:22:2f:c6:6b:c5:
0b:c0:0b:97:76:9a:51:ca:35:0b:78:96:ae:46:32:c6:a5:99:
9a:6c:a6:6b:ee:41:15:c4:f9:61:8a:22:d0:ec:56:19:a5:0c:
0d:ee:87:4c:97:fc:8e:f9:a3:88:be:fb:14:fd:df:29:cb:fa:
fa:c4:27:cd:4d:d9:40:09:2d:14:0a:dc:a0:bc:6e:7a:bf:ec:
1e:50:ab:35:4a:9e:56:7e:3a:bc:b1:fa:20:c7:e3:dc:7f:b9:
a6:3c:2a:3a:d6:96:71:05:62:9f:9b:ac:cb:37:34:0a:d4:e6:
13:84:8f:57:47:38:4c:be:28:51:2b:64:e1:3e:30:56:b3:dc:
c1:1f:54:4a:87:03:be:0a:23:0e:56:6a:6f:1c:be:05:cd:b3:
67:46:c3:f6:ff:33:29:3f:d0:15:94:18:a3:f8:6c:f5:36:9b:
ec:cc:24:a1:15:23:06:89:74:a8:4e:ed:0d:e3:3b:1b:32:9b:
c7:ef:31:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ9LQFP3twYoJkGLgEvXPJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjIxMTAzMTEwNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjkxMTBiMWEzOWRhOTNlZDMxZTBiYjY2YzA2MTFhOWFjMDA2NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynGBxv/Yy3LABoZH5ge/kImIxocg
eVW06TKnMS1L9xANmNdBO4p0RxI2oHIkyHAPq8VSuijJY1y1zdRWht84KqKcrtNm
yFjc5nd6xPKHp6exSsW2HPVeaAfXTuAtmJk1pHJMvnecH8ppc4RSrx1GAJJnlIj2
XWPwYz4cZmverLsY8BpSmeBVWrwEn7SUBYPvNAgk8zNacFWH1TA948FW2pAkeyvL
UARPofxu66qjytCG+/G4ZhWRJdPO2uoEB5BNWBbmqCNUIs+oNEM16pgzslRlBNlC
VjXMCSWvJEM4ock8h7wLp3OKq32yyqCKlxarmarIlCIJukWUK2KnHwBfiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKRELGjnak+0x4LtmwGEamsAGYkMB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvY3BFUXNhT2RxVDdUSGd1MmJBWVJxYXdBWmlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBYZUMA0G
CSqGSIb3DQEBCwUAA4IBAQBadKY2N8O/n0w0b+fh04ZqJNslugkIF8ERZaQTcwN4
r6MqcgUxiJ3P5HGf4ismVl6Quy2TTWGdoadVkhpMAiwIrUhtIi/Ga8ULwAuXdppR
yjULeJauRjLGpZmabKZr7kEVxPlhiiLQ7FYZpQwN7odMl/yO+aOIvvsU/d8py/r6
xCfNTdlACS0UCtygvG56v+weUKs1Sp5Wfjq8sfogx+Pcf7mmPCo61pZxBWKfm6zL
NzQK1OYThI9XRzhMvihRK2ThPjBWs9zBH1RKhwO+CiMOVmpvHL4FzbNnRsP2/zMp
P9AVlBij+Gz1NpvszCShFSMGiXSoTu0N4zsbMpvH7zFx
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:33:55 2025 by rpki-client