Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/hB76lkQhNsJY3aPlBC3q1IEEY5E.roa
File: hB76lkQhNsJY3aPlBC3q1IEEY5E.roa (raw, json)
Hash identifier: yc3FB9u5x4VoHBwZBR2/cdRYGA2TusUvsEvWAkp/gBI=
Subject key identifier: 84:1E:FA:96:44:21:36:C2:58:DD:A3:E5:04:2D:EA:D4:81:04:63:91
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 018572BA7809C603BDC9DABCAC9B8042A132
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/hB76lkQhNsJY3aPlBC3q1IEEY5E.roa
Signing time: Mon 02 Jan 2023 13:45:01 +0000
ROA not before: Mon 02 Jan 2023 13:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 5.134.84.0/22 maxlen: 24
5.134.84.0/23 maxlen: 23
5.134.86.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:78:09:c6:03:bd:c9:da:bc:ac:9b:80:42:a1:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Jan 2 13:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=841efa96442136c258dda3e5042dead481046391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2d:3d:1c:3e:cd:2f:81:69:94:08:5f:ae:b1:
90:7e:b8:cb:05:4b:69:f9:de:41:a0:6a:b1:6f:d3:
88:c1:ea:87:25:28:fc:54:3b:ba:e5:f6:6b:55:eb:
79:19:b6:8b:da:3f:0c:04:bd:b2:01:2e:65:e7:fb:
48:28:8c:66:b9:ec:9a:52:c3:27:30:db:79:23:0e:
33:cb:81:10:86:73:0e:fd:8e:91:ad:3d:10:ad:17:
2c:88:22:e1:95:58:b1:1c:2f:de:f9:38:e9:24:c9:
fb:27:b8:91:6e:9b:ba:87:52:c5:72:0e:48:16:09:
61:94:f7:e5:12:82:fd:8f:d6:84:fb:b3:9f:d7:57:
e9:e0:97:46:f0:c5:d7:f8:da:2c:5c:01:a8:8c:6c:
ba:c1:c0:de:f1:f1:e3:23:4b:6c:55:d8:9b:8e:25:
9e:a2:2b:86:0e:f8:cc:47:61:ff:08:23:81:12:73:
d7:08:22:49:5b:d1:20:d1:90:a9:ec:39:80:48:73:
3a:8a:d2:be:02:88:9c:2d:6e:44:61:00:b0:60:9b:
3a:6f:cd:80:21:89:4d:92:7c:3b:ea:ed:3c:b1:f9:
2a:52:89:85:89:dd:ec:b5:f5:68:c8:95:a4:54:8a:
a9:7d:32:8e:f2:63:cd:02:b8:c9:b0:3b:92:bd:e6:
07:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:1E:FA:96:44:21:36:C2:58:DD:A3:E5:04:2D:EA:D4:81:04:63:91
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/hB76lkQhNsJY3aPlBC3q1IEEY5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.84.0/22
Signature Algorithm: sha256WithRSAEncryption
24:58:0b:eb:85:53:6f:02:0f:70:c6:bd:16:74:79:eb:ad:23:
73:fd:9f:3e:3d:b6:41:99:b5:9d:79:22:b0:e8:fd:06:27:4b:
de:c8:74:27:b9:7c:8e:e1:e8:c8:c3:e9:81:ef:9b:2a:17:d2:
fe:2d:62:b0:6d:eb:56:05:35:10:d2:d9:df:c4:f2:39:57:0c:
14:4a:46:bc:6c:29:8d:b3:b2:01:77:80:24:81:0c:a6:25:4d:
15:76:1c:f3:8c:e8:c3:ca:2d:8c:eb:d1:a3:ee:23:58:0b:8b:
c9:e8:b7:85:21:98:d0:84:2d:5a:a0:6d:43:eb:37:af:04:ad:
c0:ab:d1:63:ef:fb:7c:21:34:9d:d1:be:b8:b9:0d:b7:a8:c1:
cc:5d:7e:81:71:c5:a5:f4:3e:b1:7e:bd:f2:82:eb:eb:62:ca:
93:76:ae:1b:12:25:e5:d5:ac:99:16:bc:d4:39:b6:b8:2d:94:
6d:85:58:49:4e:33:65:86:5c:f0:af:f8:dd:ef:36:9c:92:8e:
40:41:c5:be:34:86:89:69:f4:62:06:24:23:92:65:b5:ce:5c:
65:bd:d1:23:42:24:aa:3e:3d:e0:56:9b:bd:b4:20:94:fa:38:
21:85:87:44:88:a7:f9:64:52:26:65:54:b2:32:09:59:cf:4d:
2c:43:b5:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyungJxgO9ydq8rJuAQqEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjMwMTAyMTM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDFlZmE5NjQ0MjEzNmMyNThkZGEzZTUwNDJkZWFkNDgxMDQ2MzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti09HD7NL4FplAhfrrGQfrjLBUtp
+d5BoGqxb9OIweqHJSj8VDu65fZrVet5GbaL2j8MBL2yAS5l5/tIKIxmueyaUsMn
MNt5Iw4zy4EQhnMO/Y6RrT0QrRcsiCLhlVixHC/e+TjpJMn7J7iRbpu6h1LFcg5I
FglhlPflEoL9j9aE+7Of11fp4JdG8MXX+NosXAGojGy6wcDe8fHjI0tsVdibjiWe
oiuGDvjMR2H/CCOBEnPXCCJJW9Eg0ZCp7DmASHM6itK+AoicLW5EYQCwYJs6b82A
IYlNknw76u08sfkqUomFid3stfVoyJWkVIqpfTKO8mPNArjJsDuSveYH3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQe+pZEITbCWN2j5QQt6tSBBGORMB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvaEI3NmxrUWhOc0pZM2FQbEJDM3ExSUVFWTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBYZUMA0G
CSqGSIb3DQEBCwUAA4IBAQAkWAvrhVNvAg9wxr0WdHnrrSNz/Z8+PbZBmbWdeSKw
6P0GJ0veyHQnuXyO4ejIw+mB75sqF9L+LWKwbetWBTUQ0tnfxPI5VwwUSka8bCmN
s7IBd4AkgQymJU0VdhzzjOjDyi2M69Gj7iNYC4vJ6LeFIZjQhC1aoG1D6zevBK3A
q9Fj7/t8ITSd0b64uQ23qMHMXX6BccWl9D6xfr3yguvrYsqTdq4bEiXl1ayZFrzU
Oba4LZRthVhJTjNlhlzwr/jd7zacko5AQcW+NIaJafRiBiQjkmW1zlxlvdEjQiSq
Pj3gVpu9tCCU+jghhYdEiKf5ZFImZVSyMglZz00sQ7VS
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:19:36 2025 by rpki-client