Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/cdbf8f-6e67-4ab1-bf18-48ef8e1114e4/1/O7XFrUIu153BfVr8V-OYmXHo8GE.roa
File: O7XFrUIu153BfVr8V-OYmXHo8GE.roa (raw, json)
Hash identifier: pMij13LWs3Bcdwv9PW98sZLvQkTraVpHi4W0Uaccmxc=
Subject key identifier: 3B:B5:C5:AD:42:2E:D7:9D:C1:7D:5A:FC:57:E3:98:99:71:E8:F0:61
Certificate issuer: /CN=69c67969c3c9d8fadbc9a73e3ff56361d0203b71
Certificate serial: 01856EC20FD720838BB64B7FE5640AD6D5FC
Authority key identifier: 69:C6:79:69:C3:C9:D8:FA:DB:C9:A7:3E:3F:F5:63:61:D0:20:3B:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/acZ5acPJ2Prbyac-P_VjYdAgO3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/cdbf8f-6e67-4ab1-bf18-48ef8e1114e4/1/O7XFrUIu153BfVr8V-OYmXHo8GE.roa
Signing time: Sun 01 Jan 2023 19:14:49 +0000
ROA not before: Sun 01 Jan 2023 19:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201359
IP address blocks: 5.102.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:0f:d7:20:83:8b:b6:4b:7f:e5:64:0a:d6:d5:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69c67969c3c9d8fadbc9a73e3ff56361d0203b71
Validity
Not Before: Jan 1 19:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bb5c5ad422ed79dc17d5afc57e3989971e8f061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4f:16:94:ea:df:ef:b3:ac:00:fa:36:a5:3c:
a6:03:15:9d:80:8f:22:54:d2:83:2d:0f:78:2a:08:
97:05:b6:d0:e6:30:c5:03:3c:87:49:02:32:a7:3e:
d9:64:42:8d:96:c6:12:f0:31:ef:47:09:dc:47:43:
e7:c5:28:d5:b8:2b:e8:99:b5:e4:dc:65:15:3f:89:
f3:38:d0:96:47:2a:9f:b1:03:a2:36:0b:0c:56:70:
d2:8a:51:18:dc:7c:dc:04:9d:79:76:8e:a6:83:38:
bc:41:1e:ee:3b:74:5b:19:0f:c0:6b:71:44:79:29:
49:b6:1e:6b:38:b4:ee:1e:cf:26:46:5d:59:11:f7:
52:48:9f:4a:30:1e:92:57:bd:cf:5f:29:d5:ba:76:
ed:7c:65:e0:19:84:47:71:d2:30:91:48:eb:f3:cc:
db:d9:71:b6:d6:56:30:ad:68:5e:d7:f2:94:ba:3c:
98:dc:5f:4f:99:bd:1e:3c:c9:5f:1b:99:91:ce:1c:
02:de:b5:6a:85:eb:1b:16:7a:af:b3:4d:1a:49:6d:
1a:2f:6c:b2:66:6d:d6:4f:a1:b9:0c:f8:c9:3f:f8:
43:55:ab:f7:6d:63:65:63:8c:28:09:d8:3e:50:b2:
19:10:e0:30:b1:ca:b2:b1:d2:c4:cf:90:0c:11:05:
a2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B5:C5:AD:42:2E:D7:9D:C1:7D:5A:FC:57:E3:98:99:71:E8:F0:61
X509v3 Authority Key Identifier:
keyid:69:C6:79:69:C3:C9:D8:FA:DB:C9:A7:3E:3F:F5:63:61:D0:20:3B:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/acZ5acPJ2Prbyac-P_VjYdAgO3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/cdbf8f-6e67-4ab1-bf18-48ef8e1114e4/1/O7XFrUIu153BfVr8V-OYmXHo8GE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/cdbf8f-6e67-4ab1-bf18-48ef8e1114e4/1/acZ5acPJ2Prbyac-P_VjYdAgO3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.131.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:85:cf:ce:2b:a6:e3:2d:f8:6e:be:f8:43:32:6a:41:ae:f9:
ea:6d:eb:1a:07:26:0d:dd:78:4c:64:13:c7:80:cb:ca:4f:30:
9f:cf:85:2e:07:9c:93:cc:72:14:57:1a:f6:77:cd:c6:fd:3e:
e1:b2:e5:55:0b:23:c0:9a:87:6c:c9:85:ae:a6:f1:8a:fd:dc:
5d:83:d5:76:ed:10:f3:fa:0b:4f:5e:1b:0b:2a:64:74:4a:49:
40:4f:bf:1c:90:3c:6f:7e:2b:75:a8:b4:3d:ff:d0:b4:69:b4:
c7:53:6c:f9:9b:2d:8f:8a:ba:38:7b:6e:8a:0a:84:f9:cf:d0:
e9:cf:55:97:8c:e1:02:91:7e:e4:a2:6a:af:cd:0b:a6:51:fb:
f9:d0:62:6a:bb:47:59:1b:9d:2e:1b:40:ee:0b:92:1e:45:aa:
7b:98:70:4e:cb:60:ac:2a:eb:92:71:1d:ab:93:87:5b:16:f6:
71:00:68:92:d2:b9:c3:d2:45:5f:40:84:e1:77:af:11:82:50:
3e:70:cb:ce:24:1b:9c:96:5d:a1:aa:a8:6a:f0:6c:dc:ad:50:
44:c0:23:b1:ee:9c:51:90:05:51:27:d6:66:75:da:63:68:fe:
ce:6b:35:88:4c:fc:ab:84:ad:ac:2d:8d:fc:7e:fa:e8:2c:7d:
85:7b:42:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwg/XIIOLtkt/5WQK1tX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YzY3OTY5YzNjOWQ4ZmFkYmM5YTczZTNmZjU2MzYxZDAy
MDNiNzEwHhcNMjMwMTAxMTkxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmI1YzVhZDQyMmVkNzlkYzE3ZDVhZmM1N2UzOTg5OTcxZThmMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnE8WlOrf77OsAPo2pTymAxWdgI8i
VNKDLQ94KgiXBbbQ5jDFAzyHSQIypz7ZZEKNlsYS8DHvRwncR0PnxSjVuCvombXk
3GUVP4nzONCWRyqfsQOiNgsMVnDSilEY3HzcBJ15do6mgzi8QR7uO3RbGQ/Aa3FE
eSlJth5rOLTuHs8mRl1ZEfdSSJ9KMB6SV73PXynVunbtfGXgGYRHcdIwkUjr88zb
2XG21lYwrWhe1/KUujyY3F9Pmb0ePMlfG5mRzhwC3rVqhesbFnqvs00aSW0aL2yy
Zm3WT6G5DPjJP/hDVav3bWNlY4woCdg+ULIZEOAwscqysdLEz5AMEQWi1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDu1xa1CLtedwX1a/FfjmJlx6PBhMB8GA1UdIwQY
MBaAFGnGeWnDydj628mnPj/1Y2HQIDtxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWNaNWFjUEoyUHJieWFjLVBfVmpZZEFnTzNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9jZGJmOGYtNmU2Ny00YWIxLWJmMTgt
NDhlZjhlMTExNGU0LzEvTzdYRnJVSXUxNTNCZlZyOFYtT1ltWEhvOEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9jZGJmOGYtNmU2Ny00YWIxLWJmMTgtNDhlZjhlMTExNGU0
LzEvYWNaNWFjUEoyUHJieWFjLVBfVmpZZEFnTzNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWaDMA0G
CSqGSIb3DQEBCwUAA4IBAQBahc/OK6bjLfhuvvhDMmpBrvnqbesaByYN3XhMZBPH
gMvKTzCfz4UuB5yTzHIUVxr2d83G/T7hsuVVCyPAmodsyYWupvGK/dxdg9V27RDz
+gtPXhsLKmR0SklAT78ckDxvfit1qLQ9/9C0abTHU2z5my2Piro4e26KCoT5z9Dp
z1WXjOECkX7komqvzQumUfv50GJqu0dZG50uG0DuC5IeRap7mHBOy2CsKuuScR2r
k4dbFvZxAGiS0rnD0kVfQIThd68RglA+cMvOJBucll2hqqhq8GzcrVBEwCOx7pxR
kAVRJ9ZmddpjaP7OazWITPyrhK2sLY38fvroLH2Fe0Ic
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:57 2025 by rpki-client