Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/5EO1SqMrInSBShC-rDPQlZOaUnQ.roa
File: 5EO1SqMrInSBShC-rDPQlZOaUnQ.roa (raw, json)
Hash identifier: CCySq8+olQGDmeWnfFSbLZWCm7wsYJW6WDeaXKVEV5E=
Subject key identifier: E4:43:B5:4A:A3:2B:22:74:81:4A:10:BE:AC:33:D0:95:93:9A:52:74
Certificate issuer: /CN=658290fe9814fcb062ab71e32ec1f96da9973a33
Certificate serial: 01856D5D260F03191742099ADD4CEF6B3775
Authority key identifier: 65:82:90:FE:98:14:FC:B0:62:AB:71:E3:2E:C1:F9:6D:A9:97:3A:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYKQ_pgU_LBiq3HjLsH5bamXOjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/5EO1SqMrInSBShC-rDPQlZOaUnQ.roa
Signing time: Sun 01 Jan 2023 12:44:59 +0000
ROA not before: Sun 01 Jan 2023 12:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58005
IP address blocks: 185.38.120.0/22 maxlen: 22
2a04:6fb0::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:26:0f:03:19:17:42:09:9a:dd:4c:ef:6b:37:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=658290fe9814fcb062ab71e32ec1f96da9973a33
Validity
Not Before: Jan 1 12:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e443b54aa32b2274814a10beac33d095939a5274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:4d:d6:d7:0b:71:7e:af:92:fd:d9:fb:35:36:
ca:eb:69:1f:72:2b:a1:82:ef:5f:2b:79:6e:58:b6:
3c:13:75:0d:57:a5:9c:61:2e:f9:f5:e9:f2:eb:68:
01:3c:6f:21:fc:ab:7c:2f:13:04:84:d5:84:35:b3:
6e:fe:37:9b:31:f2:cc:a9:ff:02:cd:0e:cc:96:7a:
9e:61:ba:b7:4b:f1:00:4f:32:72:8c:a2:f1:dd:69:
99:6f:37:d2:7f:71:59:19:24:62:6d:3d:d2:97:cc:
ed:8b:6b:06:93:97:2c:97:7c:fe:33:80:c0:e9:8b:
77:3a:10:49:8a:7d:a2:aa:1b:e3:4b:15:6e:01:69:
3c:4f:38:8e:6d:8d:a6:63:3d:42:92:00:32:6c:51:
89:cf:ad:6e:f5:13:a2:8e:4d:bd:00:fe:ee:c4:47:
e5:b1:25:44:34:e5:b4:dd:7f:05:32:39:a1:5e:a9:
5d:89:c8:8c:b6:54:98:2e:fe:8f:f0:a6:58:80:fe:
f4:d7:55:bc:61:1b:79:92:7b:4f:d7:44:65:8b:f5:
96:ea:95:c9:1a:80:01:77:47:47:42:67:98:b9:ae:
37:f6:9f:da:fb:af:f1:1e:be:cb:d0:26:eb:c0:ff:
19:b8:40:9d:9e:a9:4c:bc:a1:46:62:14:c9:0e:bb:
b3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:43:B5:4A:A3:2B:22:74:81:4A:10:BE:AC:33:D0:95:93:9A:52:74
X509v3 Authority Key Identifier:
keyid:65:82:90:FE:98:14:FC:B0:62:AB:71:E3:2E:C1:F9:6D:A9:97:3A:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYKQ_pgU_LBiq3HjLsH5bamXOjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/5EO1SqMrInSBShC-rDPQlZOaUnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/ZYKQ_pgU_LBiq3HjLsH5bamXOjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.120.0/22
IPv6:
2a04:6fb0::/31
Signature Algorithm: sha256WithRSAEncryption
52:64:9d:d2:9e:eb:ae:b3:ff:e5:dd:73:cd:02:d1:79:c8:5f:
d7:f2:0e:ab:eb:51:97:1d:5c:6a:c7:6e:32:f0:96:f8:40:a9:
cb:b1:50:2b:45:c3:58:36:4e:55:77:d7:a0:64:0c:3a:83:bf:
d5:dc:8b:d7:e4:d5:58:31:09:19:d1:0f:ca:cf:21:1d:d5:5a:
3e:b1:b0:67:99:ba:8a:78:62:89:70:dd:cf:c8:33:0e:58:b8:
76:a7:66:5b:d3:b0:77:f5:c0:fd:ca:44:c5:98:26:6e:7e:c3:
46:7c:8d:aa:dc:9f:9a:db:b7:a9:c5:f4:93:a8:46:f4:a5:32:
95:a0:61:66:b4:85:cd:41:f9:ae:18:84:47:7a:f8:5d:8f:f4:
7d:79:61:65:2c:73:7d:3e:a7:d2:a2:c1:ca:eb:85:9b:10:68:
05:d2:2e:3a:fc:67:74:00:05:44:25:40:1b:d0:42:66:51:a7:
84:59:3b:0e:6d:52:33:61:cf:85:3c:ff:67:40:8b:ba:6f:ef:
c3:35:db:26:73:bc:46:aa:7a:f8:f3:27:74:db:6e:d2:6b:b9:
ee:cf:11:94:16:5c:8f:1c:d9:27:cf:f0:68:cf:ad:14:03:33:
e4:77:25:ce:9f:5c:87:e9:82:f7:66:b2:71:6b:e2:10:3f:91:
ac:39:55:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtXSYPAxkXQgma3Uzvazd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODI5MGZlOTgxNGZjYjA2MmFiNzFlMzJlYzFmOTZkYTk5
NzNhMzMwHhcNMjMwMTAxMTI0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDQzYjU0YWEzMmIyMjc0ODE0YTEwYmVhYzMzZDA5NTkzOWE1Mjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAik3W1wtxfq+S/dn7NTbK62kfciuh
gu9fK3luWLY8E3UNV6WcYS759eny62gBPG8h/Kt8LxMEhNWENbNu/jebMfLMqf8C
zQ7MlnqeYbq3S/EATzJyjKLx3WmZbzfSf3FZGSRibT3Sl8zti2sGk5csl3z+M4DA
6Yt3OhBJin2iqhvjSxVuAWk8TziObY2mYz1CkgAybFGJz61u9ROijk29AP7uxEfl
sSVENOW03X8FMjmhXqldiciMtlSYLv6P8KZYgP7011W8YRt5kntP10Rli/WW6pXJ
GoABd0dHQmeYua439p/a+6/xHr7L0CbrwP8ZuECdnqlMvKFGYhTJDruzkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFORDtUqjKyJ0gUoQvqwz0JWTmlJ0MB8GA1UdIwQY
MBaAFGWCkP6YFPywYqtx4y7B+W2plzozMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllLUV9wZ1VfTEJpcTNIakxzSDViYW1YT2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDNiMTMtYzRhMS00MWMwLWE4Mzkt
YWVkZTNmZmE0NDU3LzEvNUVPMVNxTXJJblNCU2hDLXJEUFFsWk9hVW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDNiMTMtYzRhMS00MWMwLWE4MzktYWVkZTNmZmE0NDU3
LzEvWllLUV9wZ1VfTEJpcTNIakxzSDViYW1YT2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSZ4MA0E
AgACMAcDBQEqBG+wMA0GCSqGSIb3DQEBCwUAA4IBAQBSZJ3Snuuus//l3XPNAtF5
yF/X8g6r61GXHVxqx24y8Jb4QKnLsVArRcNYNk5Vd9egZAw6g7/V3IvX5NVYMQkZ
0Q/KzyEd1Vo+sbBnmbqKeGKJcN3PyDMOWLh2p2Zb07B39cD9ykTFmCZufsNGfI2q
3J+a27epxfSTqEb0pTKVoGFmtIXNQfmuGIRHevhdj/R9eWFlLHN9PqfSosHK64Wb
EGgF0i46/Gd0AAVEJUAb0EJmUaeEWTsObVIzYc+FPP9nQIu6b+/DNdsmc7xGqnr4
8yd0227Sa7nuzxGUFlyPHNknz/Boz60UAzPkdyXOn1yH6YL3ZrJxa+IQP5GsOVVD
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:29:32 2025 by rpki-client