Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/5mlDVxqiRtbFNRgeeL1vXxJjabw.roa
File: 5mlDVxqiRtbFNRgeeL1vXxJjabw.roa (raw, json)
Hash identifier: dg2ugsTuTEl0RIQW3BVW6JwzEhUihNIC1FHULd2vmqQ=
Subject key identifier: E6:69:43:57:1A:A2:46:D6:C5:35:18:1E:78:BD:6F:5F:12:63:69:BC
Certificate issuer: /CN=37c48b789cc7ffe7be09444643fdb86bdb573f7d
Certificate serial: 01856E5D69F85097377DCDDF565BC81BB113
Authority key identifier: 37:C4:8B:78:9C:C7:FF:E7:BE:09:44:46:43:FD:B8:6B:DB:57:3F:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N8SLeJzH_-e-CURGQ_24a9tXP30.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/5mlDVxqiRtbFNRgeeL1vXxJjabw.roa
Signing time: Sun 01 Jan 2023 17:24:53 +0000
ROA not before: Sun 01 Jan 2023 17:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202373
IP address blocks: 194.55.96.0/22 maxlen: 22
194.55.97.0/24 maxlen: 24
194.55.98.0/24 maxlen: 24
2a0c:cac6:1000::/36 maxlen: 36
2a0c:cac6:2000::/36 maxlen: 36
2a0c:cac0::/29 maxlen: 29
2a0c:cac2::/32 maxlen: 32
2a0c:cac1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:69:f8:50:97:37:7d:cd:df:56:5b:c8:1b:b1:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37c48b789cc7ffe7be09444643fdb86bdb573f7d
Validity
Not Before: Jan 1 17:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e66943571aa246d6c535181e78bd6f5f126369bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:67:8b:b5:26:fc:a0:15:35:b4:50:d3:33:7f:
9f:5b:e4:ec:28:86:ea:88:e7:e3:27:aa:48:c5:a6:
5b:cf:d3:ef:a0:dc:5e:19:87:e7:43:50:41:87:b1:
e5:84:38:93:d9:5d:a7:9d:f6:55:0e:b4:4a:6a:c6:
85:a0:6b:7d:e4:31:54:76:0b:fc:90:35:50:26:1a:
08:53:05:a8:3d:a7:21:c7:57:e8:f8:47:7d:c0:7b:
83:8d:a7:9d:09:21:d7:1e:da:fc:d4:a4:8e:c5:02:
98:3e:5b:06:12:63:69:92:ef:f9:0a:a2:2b:d5:b3:
01:2d:80:27:24:6c:02:89:d9:ba:e9:b1:ec:8a:86:
5d:6e:89:4b:1c:e2:e8:1d:2f:48:8b:6e:d6:f7:52:
41:d9:fb:66:c0:c2:f7:75:24:5b:5b:44:0c:4e:00:
53:00:86:b6:83:bc:8b:fd:c6:d5:3a:97:82:a3:37:
d9:39:56:4b:73:af:4e:28:4b:48:44:33:b1:9c:d2:
76:12:7c:fe:53:a8:75:d1:6f:18:7e:e4:88:24:2c:
93:c8:fd:7f:4b:f4:2e:e9:36:cd:53:1f:cc:ed:ff:
66:d2:fa:52:33:f4:ac:5e:3c:32:57:29:80:ed:84:
33:0e:1c:41:cf:08:ed:e3:73:0c:a4:da:56:9c:fc:
7f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:69:43:57:1A:A2:46:D6:C5:35:18:1E:78:BD:6F:5F:12:63:69:BC
X509v3 Authority Key Identifier:
keyid:37:C4:8B:78:9C:C7:FF:E7:BE:09:44:46:43:FD:B8:6B:DB:57:3F:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N8SLeJzH_-e-CURGQ_24a9tXP30.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/5mlDVxqiRtbFNRgeeL1vXxJjabw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/N8SLeJzH_-e-CURGQ_24a9tXP30.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.96.0/22
IPv6:
2a0c:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
4d:a0:b4:90:90:2d:d9:b3:23:48:08:e9:4d:57:82:25:aa:0a:
23:e0:f6:26:67:3a:27:f2:a3:1a:7d:e0:f4:b1:67:56:6c:42:
cb:58:ed:e6:f8:99:21:ae:9f:cd:47:d4:f4:11:e5:0d:7f:57:
40:fd:63:62:1b:b1:ab:58:01:b4:07:a1:32:17:a3:fa:49:9d:
9a:b7:3a:a1:88:59:4a:88:e1:cf:4b:e1:4b:0f:ef:b4:3e:92:
f2:b8:e9:b7:97:76:f8:e1:44:48:83:5f:ca:6c:aa:5f:9e:63:
d1:58:95:2a:5d:14:99:8d:94:1b:fd:cb:e7:3f:ef:36:88:36:
f3:a2:f3:62:2c:84:13:34:c6:0e:7b:cb:ed:3d:33:81:ed:bc:
76:46:db:97:e4:4f:9a:ca:0f:ed:7f:bc:e0:23:91:6e:8c:88:
f7:55:69:9d:6d:ec:8d:d0:d6:28:26:91:b6:75:7c:03:cb:4c:
e3:75:f3:66:fc:62:57:4a:20:91:a5:0a:56:c1:24:bb:ed:ee:
60:6e:32:5f:46:a9:6a:b1:e0:5e:58:ce:c5:7d:63:f3:af:43:
f2:27:b9:7a:3d:c6:19:55:03:c6:a9:16:58:48:84:f2:54:b8:
38:a5:02:da:e6:7f:4e:ce:73:33:4e:9b:63:e2:71:50:5b:6e:
21:68:66:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuXWn4UJc3fc3fVlvIG7ETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3YzQ4Yjc4OWNjN2ZmZTdiZTA5NDQ0NjQzZmRiODZiZGI1
NzNmN2QwHhcNMjMwMTAxMTcyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjY5NDM1NzFhYTI0NmQ2YzUzNTE4MWU3OGJkNmY1ZjEyNjM2OWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WeLtSb8oBU1tFDTM3+fW+TsKIbq
iOfjJ6pIxaZbz9PvoNxeGYfnQ1BBh7HlhDiT2V2nnfZVDrRKasaFoGt95DFUdgv8
kDVQJhoIUwWoPachx1fo+Ed9wHuDjaedCSHXHtr81KSOxQKYPlsGEmNpku/5CqIr
1bMBLYAnJGwCidm66bHsioZdbolLHOLoHS9Ii27W91JB2ftmwML3dSRbW0QMTgBT
AIa2g7yL/cbVOpeCozfZOVZLc69OKEtIRDOxnNJ2Enz+U6h10W8YfuSIJCyTyP1/
S/Qu6TbNUx/M7f9m0vpSM/SsXjwyVymA7YQzDhxBzwjt43MMpNpWnPx/0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOZpQ1caokbWxTUYHni9b18SY2m8MB8GA1UdIwQY
MBaAFDfEi3icx//nvglERkP9uGvbVz99MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjhTTGVKekhfLWUtQ1VSR1FfMjRhOXRYUDMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xZDU3NWQtN2IyMi00N2M3LWExN2Ut
OGExMzZjYjBkZDVjLzEvNW1sRFZ4cWlSdGJGTlJnZWVMMXZYeEpqYWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8xZDU3NWQtN2IyMi00N2M3LWExN2UtOGExMzZjYjBkZDVj
LzEvTjhTTGVKekhfLWUtQ1VSR1FfMjRhOXRYUDMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwjdgMA0E
AgACMAcDBQMqDMrAMA0GCSqGSIb3DQEBCwUAA4IBAQBNoLSQkC3ZsyNICOlNV4Il
qgoj4PYmZzon8qMafeD0sWdWbELLWO3m+Jkhrp/NR9T0EeUNf1dA/WNiG7GrWAG0
B6EyF6P6SZ2atzqhiFlKiOHPS+FLD++0PpLyuOm3l3b44URIg1/KbKpfnmPRWJUq
XRSZjZQb/cvnP+82iDbzovNiLIQTNMYOe8vtPTOB7bx2RtuX5E+ayg/tf7zgI5Fu
jIj3VWmdbeyN0NYoJpG2dXwDy0zjdfNm/GJXSiCRpQpWwSS77e5gbjJfRqlqseBe
WM7FfWPzr0PyJ7l6PcYZVQPGqRZYSITyVLg4pQLa5n9OznMzTptj4nFQW24haGa1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:18 2025 by rpki-client