Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/hrp3E2MiBRZUrZ2VIPaajCgmIcw.roa
File: hrp3E2MiBRZUrZ2VIPaajCgmIcw.roa (raw, json)
Hash identifier: VbSFuNRVq3JIgpIgh+GRaaUqkrtHYicsouCKNHd72Yg=
Subject key identifier: 86:BA:77:13:63:22:05:16:54:AD:9D:95:20:F6:9A:8C:28:26:21:CC
Certificate issuer: /CN=5bf81435ed13789895f375dc34d04ce91aca4744
Certificate serial: 018506CF1738E4AC41F384A5B395434DFF42
Authority key identifier: 5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/hrp3E2MiBRZUrZ2VIPaajCgmIcw.roa
Signing time: Mon 12 Dec 2022 14:48:33 +0000
ROA not before: Mon 12 Dec 2022 14:48:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3308
IP address blocks: 158.233.228.0/24 maxlen: 24
158.233.229.0/24 maxlen: 24
158.233.242.0/24 maxlen: 24
158.233.246.0/24 maxlen: 24
158.233.244.0/24 maxlen: 24
158.233.245.0/24 maxlen: 24
158.233.243.0/24 maxlen: 24
158.233.251.0/24 maxlen: 24
158.233.250.0/24 maxlen: 24
158.233.248.0/24 maxlen: 24
158.233.249.0/24 maxlen: 24
158.233.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:cf:17:38:e4:ac:41:f3:84:a5:b3:95:43:4d:ff:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf81435ed13789895f375dc34d04ce91aca4744
Validity
Not Before: Dec 12 14:48:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86ba77136322051654ad9d9520f69a8c282621cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:67:36:37:21:2a:66:46:c0:a0:c5:9e:d8:cb:
cc:bb:02:11:4a:ce:ff:9d:c0:21:91:7d:3d:23:4c:
66:25:d7:5d:45:81:af:66:59:a8:eb:bc:36:95:e4:
07:74:59:77:09:d7:9c:92:fa:61:9b:a0:27:93:4c:
15:4c:1b:cb:3f:cf:24:e7:f0:27:04:7c:ca:ac:cf:
67:72:ba:6b:8f:bd:4e:64:cd:f5:1d:8a:30:71:cf:
e2:01:65:31:9f:5d:00:5d:fe:bf:da:b6:8f:52:28:
6f:30:25:af:15:06:78:24:a0:0e:4c:00:bc:d8:db:
b8:05:a2:cd:f1:04:cf:2a:c3:ee:d1:88:23:69:2b:
08:f7:b9:a4:ca:03:8a:69:1f:af:a3:33:ab:4f:0e:
55:14:60:d1:03:46:76:10:9a:0c:3a:17:0a:bd:d8:
1d:27:8f:f1:48:34:0f:91:3c:a6:f9:e8:24:4e:d2:
e4:28:14:32:41:2a:80:3f:46:96:2c:28:03:04:52:
83:a3:41:43:3d:ff:5d:6a:11:75:68:e8:bc:e2:c2:
01:c5:93:15:e1:2a:a0:eb:7e:85:54:09:3a:1e:b2:
e3:8c:43:f6:24:29:e6:db:68:8b:2c:8f:cf:75:e1:
c0:a6:60:9d:d5:d2:51:f6:84:01:32:2a:1b:c3:e9:
7b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BA:77:13:63:22:05:16:54:AD:9D:95:20:F6:9A:8C:28:26:21:CC
X509v3 Authority Key Identifier:
keyid:5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/hrp3E2MiBRZUrZ2VIPaajCgmIcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/W_gUNe0TeJiV83XcNNBM6RrKR0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.233.228.0/23
158.233.242.0-158.233.251.255
Signature Algorithm: sha256WithRSAEncryption
4f:be:eb:93:b7:82:72:47:76:fd:df:1b:3b:e5:a2:c5:79:83:
c7:9b:34:c2:e7:74:75:ee:a8:f9:36:63:11:e2:a6:f6:91:83:
cc:24:31:8a:b0:66:01:74:48:94:23:11:25:9f:21:5b:61:ad:
9a:78:69:02:6e:03:b2:9d:64:94:10:6f:79:88:f4:b8:3b:56:
6e:c7:f3:c5:6f:19:dd:7a:42:19:9f:1e:e9:0a:d0:72:13:c9:
48:a3:a2:52:d4:a9:0e:3f:bb:77:70:9a:ef:12:da:99:f0:07:
2e:75:f7:c0:24:fe:b3:0d:b2:9d:d0:1f:ad:dc:8f:db:07:5e:
2a:e7:a9:50:6f:09:59:06:72:bc:6b:b4:18:a8:99:33:ca:c1:
cd:bd:b1:4f:7a:ff:58:9e:8e:ea:92:36:53:db:ae:ea:f2:f6:
48:6b:dc:89:af:88:e7:7b:d4:9d:a9:42:2c:5f:84:62:ac:dc:
4b:a5:68:bb:1c:8f:05:56:82:92:0e:fe:0c:12:3e:1d:bf:a9:
39:b4:c7:9f:47:61:e4:aa:f5:2c:da:60:5c:43:1f:51:1e:f7:
27:a0:a8:07:37:6a:2d:8c:82:a1:36:b7:f2:50:0e:8c:6c:d9:
b2:85:d8:d2:2c:53:c5:9d:14:47:70:f7:8d:b7:37:83:b8:59:
77:b4:db:0f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYUGzxc45KxB84Sls5VDTf9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZjgxNDM1ZWQxMzc4OTg5NWYzNzVkYzM0ZDA0Y2U5MWFj
YTQ3NDQwHhcNMjIxMjEyMTQ0ODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmJhNzcxMzYzMjIwNTE2NTRhZDlkOTUyMGY2OWE4YzI4MjYyMWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2c2NyEqZkbAoMWe2MvMuwIRSs7/
ncAhkX09I0xmJdddRYGvZlmo67w2leQHdFl3Cdeckvphm6Ank0wVTBvLP88k5/An
BHzKrM9ncrprj71OZM31HYowcc/iAWUxn10AXf6/2raPUihvMCWvFQZ4JKAOTAC8
2Nu4BaLN8QTPKsPu0YgjaSsI97mkygOKaR+vozOrTw5VFGDRA0Z2EJoMOhcKvdgd
J4/xSDQPkTym+egkTtLkKBQyQSqAP0aWLCgDBFKDo0FDPf9dahF1aOi84sIBxZMV
4Sqg636FVAk6HrLjjEP2JCnm22iLLI/PdeHApmCd1dJR9oQBMiobw+l7SwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIa6dxNjIgUWVK2dlSD2mowoJiHMMB8GA1UdIwQY
MBaAFFv4FDXtE3iYlfN13DTQTOkaykdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEt
NDhlNGNjNmIzM2EzLzEvaHJwM0UyTWlCUlpVcloyVklQYWFqQ2dtSWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEtNDhlNGNjNmIzM2Ez
LzEvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBnunkMAwD
BAGe6fIDBAKe6fgwDQYJKoZIhvcNAQELBQADggEBAE++65O3gnJHdv3fGzvlosV5
g8ebNMLndHXuqPk2YxHipvaRg8wkMYqwZgF0SJQjESWfIVthrZp4aQJuA7KdZJQQ
b3mI9Lg7Vm7H88VvGd16QhmfHukK0HITyUijolLUqQ4/u3dwmu8S2pnwBy5198Ak
/rMNsp3QH63cj9sHXirnqVBvCVkGcrxrtBiomTPKwc29sU96/1iejuqSNlPbrury
9khr3ImviOd71J2pQixfhGKs3EulaLscjwVWgpIO/gwSPh2/qTm0x59HYeSq9Sza
YFxDH1Ee9yegqAc3ai2MgqE2t/JQDoxs2bKF2NIsU8WdFEdw9423N4O4WXe02w8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:39 2025 by rpki-client