Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/0D1lXxFXLz2cuITCf7O9dt4ETk8.roa
File: 0D1lXxFXLz2cuITCf7O9dt4ETk8.roa (raw, json)
Hash identifier: 2l3qdDr0zL9Xon7MtvSRaKcVIM+/Ez3ul0Nu5rewuvA=
Subject key identifier: D0:3D:65:5F:11:57:2F:3D:9C:B8:84:C2:7F:B3:BD:76:DE:04:4E:4F
Certificate issuer: /CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Certificate serial: 01856D8AF68D3B147203DF22998B4E99AAD9
Authority key identifier: AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/0D1lXxFXLz2cuITCf7O9dt4ETk8.roa
Signing time: Sun 01 Jan 2023 13:35:01 +0000
ROA not before: Sun 01 Jan 2023 13:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56595
IP address blocks: 5.175.60.0/24 maxlen: 24
5.175.62.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:f6:8d:3b:14:72:03:df:22:99:8b:4e:99:aa:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Validity
Not Before: Jan 1 13:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d03d655f11572f3d9cb884c27fb3bd76de044e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:46:26:e0:1f:28:92:0f:0a:62:20:aa:94:cb:
b8:42:ea:f1:a2:80:e8:5a:81:cc:ee:17:42:5b:0e:
b6:1a:f5:9a:84:c5:5e:72:d2:c2:6c:b0:b3:d3:3a:
01:46:48:34:15:2b:b6:88:9c:bc:6c:d8:34:c5:5d:
ed:91:64:49:a8:a7:11:aa:b2:73:fc:2c:89:14:90:
b7:14:22:33:46:ca:4a:d0:67:17:fd:3e:6f:da:79:
44:de:48:f5:1b:9c:4a:29:04:b1:ff:9b:46:83:6a:
35:37:32:54:ac:c2:1b:c5:d8:a3:be:b3:2e:1c:18:
8c:7c:5c:e5:a0:e7:e9:a6:fc:2e:42:e6:d5:ef:41:
50:d4:48:c2:6f:d4:17:c1:6a:13:4f:ca:ef:bb:a6:
62:81:6b:a0:93:18:78:b6:a6:cb:78:88:e1:1c:45:
7b:60:a1:fa:f7:3a:f6:0e:10:20:ca:33:b3:4b:6c:
4c:64:6a:3e:af:b5:fb:ec:66:9c:26:e2:ad:6c:47:
36:87:7c:6b:33:62:9a:a1:0a:34:17:25:f2:1d:d5:
c7:74:ee:c4:b5:53:24:c5:94:e7:e3:db:d4:eb:d5:
fe:d2:ed:c7:00:ca:d0:17:3a:bf:42:23:bd:ef:39:
e0:6f:49:3f:6d:c2:b8:0f:c0:6c:cf:a2:22:dc:d9:
11:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:3D:65:5F:11:57:2F:3D:9C:B8:84:C2:7F:B3:BD:76:DE:04:4E:4F
X509v3 Authority Key Identifier:
keyid:AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/0D1lXxFXLz2cuITCf7O9dt4ETk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/qlTEdj6gGMPccCA9BO_nH9SxsGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.60.0/24
5.175.62.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:f7:0d:36:fe:6b:c6:8d:f2:14:56:54:1a:5c:85:5a:ee:83:
6d:b9:6e:77:92:f6:c6:71:7a:34:f5:fb:50:2f:02:ed:85:d0:
9c:32:7b:6e:a1:63:13:83:6c:8a:05:94:57:44:4c:c7:36:92:
d9:1d:e9:7c:36:aa:c6:6f:62:dc:85:66:99:84:74:23:6f:86:
0b:f7:eb:83:0a:c4:53:2c:0f:74:f5:47:33:f9:a9:e6:7f:ef:
ec:a9:27:62:10:55:ad:30:76:2e:5a:ff:5b:60:37:59:48:14:
48:e3:5d:5e:03:37:4e:d1:b4:90:6c:aa:f0:de:58:19:dc:35:
45:c5:13:a3:8e:76:f0:01:fb:bf:22:4d:3c:81:b3:29:36:86:
9d:ec:c7:71:df:38:9e:df:e1:ac:37:0c:ae:4e:90:c1:e2:32:
e3:1c:0d:02:e9:d8:cf:67:e5:aa:79:b7:a4:6f:67:a6:20:bc:
75:29:ac:9e:48:7f:ab:c3:00:85:a9:d1:32:96:48:87:fa:58:
f0:8c:2a:e5:5f:4b:d9:a2:39:36:b7:81:95:a6:f7:b4:eb:2e:
e9:03:ac:5c:ca:0c:e5:19:b5:e3:8b:87:5e:5d:5f:b8:6c:77:
22:37:80:f3:1b:82:85:76:14:a4:b4:36:9e:98:ce:af:7a:2f:
db:48:8a:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtivaNOxRyA98imYtOmarZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNTRjNDc2M2VhMDE4YzNkYzcwMjAzZDA0ZWZlNzFmZDRi
MWIwNjYwHhcNMjMwMTAxMTMzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDNkNjU1ZjExNTcyZjNkOWNiODg0YzI3ZmIzYmQ3NmRlMDQ0ZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0Ym4B8okg8KYiCqlMu4QurxooDo
WoHM7hdCWw62GvWahMVectLCbLCz0zoBRkg0FSu2iJy8bNg0xV3tkWRJqKcRqrJz
/CyJFJC3FCIzRspK0GcX/T5v2nlE3kj1G5xKKQSx/5tGg2o1NzJUrMIbxdijvrMu
HBiMfFzloOfppvwuQubV70FQ1EjCb9QXwWoTT8rvu6ZigWugkxh4tqbLeIjhHEV7
YKH69zr2DhAgyjOzS2xMZGo+r7X77GacJuKtbEc2h3xrM2KaoQo0FyXyHdXHdO7E
tVMkxZTn49vU69X+0u3HAMrQFzq/QiO97zngb0k/bcK4D8Bsz6Ii3NkRawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNA9ZV8RVy89nLiEwn+zvXbeBE5PMB8GA1UdIwQY
MBaAFKpUxHY+oBjD3HAgPQTv5x/UsbBmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQt
ZGUzNzY3M2M0MDljLzEvMEQxbFh4RlhMejJjdUlUQ2Y3TzlkdDRFVGs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQtZGUzNzY3M2M0MDlj
LzEvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABa88AwQA
Ba8+MA0GCSqGSIb3DQEBCwUAA4IBAQCi9w02/mvGjfIUVlQaXIVa7oNtuW53kvbG
cXo09ftQLwLthdCcMntuoWMTg2yKBZRXREzHNpLZHel8NqrGb2LchWaZhHQjb4YL
9+uDCsRTLA909Ucz+anmf+/sqSdiEFWtMHYuWv9bYDdZSBRI411eAzdO0bSQbKrw
3lgZ3DVFxROjjnbwAfu/Ik08gbMpNoad7Mdx3zie3+GsNwyuTpDB4jLjHA0C6djP
Z+Wqebekb2emILx1KayeSH+rwwCFqdEylkiH+ljwjCrlX0vZojk2t4GVpve06y7p
A6xcygzlGbXji4deXV+4bHciN4DzG4KFdhSktDaemM6vei/bSIqb
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:58 2025 by rpki-client