Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/OSur2uIHUmy8x2BVcPY3Inue0Ew.roa
File: OSur2uIHUmy8x2BVcPY3Inue0Ew.roa (raw, json)
Hash identifier: xDFD13dGlTg55vDLiRhDcr5JXugZAjgeNWPbc0RPeAk=
Subject key identifier: 39:2B:AB:DA:E2:07:52:6C:BC:C7:60:55:70:F6:37:22:7B:9E:D0:4C
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 0183B23FB9B15DCCACF8BE2C6014B90F408D
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/OSur2uIHUmy8x2BVcPY3Inue0Ew.roa
Signing time: Fri 07 Oct 2022 11:41:04 +0000
ROA not before: Fri 07 Oct 2022 11:41:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3261
IP address blocks: 5.153.128.0/19 maxlen: 24
92.242.96.0/19 maxlen: 24
195.184.192.0/19 maxlen: 24
2.57.112.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b2:3f:b9:b1:5d:cc:ac:f8:be:2c:60:14:b9:0f:40:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Oct 7 11:41:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=392babdae207526cbcc7605570f637227b9ed04c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:22:ce:ca:1c:91:cc:37:af:11:1d:a2:60:47:
3a:6b:49:69:fb:11:01:35:1f:fb:12:5b:d5:2c:26:
58:51:ab:16:a0:20:79:15:58:fd:f2:27:71:61:9c:
1f:3e:6f:fc:c1:cc:a2:bb:57:4d:8f:b1:40:fe:5c:
a4:73:25:64:5f:b3:9f:6f:56:0a:28:b9:69:79:8a:
fd:da:ab:d0:3a:bd:73:d5:3d:50:82:5a:af:15:75:
a0:66:41:28:a0:d0:04:5b:e3:dc:33:ae:4f:2c:b5:
2e:15:0c:15:b1:11:57:48:2c:28:45:30:05:75:80:
64:cd:00:77:60:b3:71:c1:17:70:2e:36:a5:9e:36:
30:32:85:00:30:a3:7c:ab:83:f3:d7:0d:96:a6:6c:
f6:bc:3d:4e:76:aa:d3:5a:61:7c:3b:93:0a:ed:f0:
e0:27:8f:88:5c:dd:fb:f5:b3:e3:49:90:e3:da:09:
18:7d:ec:91:bd:10:de:a4:21:98:7f:c8:8c:92:9f:
10:28:c3:ed:c5:db:0e:c5:9b:89:dc:01:61:94:dc:
08:ca:06:34:e2:41:93:57:5e:e2:a7:b7:6c:ac:ca:
f3:ec:5f:12:d2:7b:03:91:50:a4:4a:bd:69:f5:2a:
1a:01:b5:53:f6:a6:8a:4d:16:7d:16:8b:1a:01:24:
79:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:2B:AB:DA:E2:07:52:6C:BC:C7:60:55:70:F6:37:22:7B:9E:D0:4C
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/OSur2uIHUmy8x2BVcPY3Inue0Ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.112.0/22
5.153.128.0/19
92.242.96.0/19
195.184.192.0/19
Signature Algorithm: sha256WithRSAEncryption
86:c2:41:6c:16:22:3d:c4:15:eb:8f:85:d7:c3:37:f8:a2:28:
ad:80:b8:d8:68:cc:9d:00:87:6a:a4:4f:a7:f2:cb:ac:4b:77:
87:97:c5:05:1a:df:4c:b3:49:85:c6:32:fe:aa:4a:e7:04:dc:
8c:22:b9:6e:fb:4f:5c:38:50:fa:89:7a:18:ed:c4:dd:b3:86:
9c:64:95:bc:ad:1d:1b:11:4f:12:14:fd:b8:5e:bd:fa:ff:ce:
45:a7:ce:a0:c0:23:c7:48:ed:35:0a:88:30:be:97:b3:f6:ef:
5d:90:c4:e4:d4:31:d3:f9:f5:a4:45:a8:93:4a:25:ac:63:b1:
6c:db:d6:95:44:8d:9c:08:93:08:97:d1:22:4b:dc:17:30:ad:
34:d8:82:d1:4d:3d:78:0a:83:62:29:c3:fa:2e:7e:80:6a:94:
27:1a:a8:e6:d2:02:86:84:de:d0:c1:e4:54:97:95:20:dc:5c:
8d:58:17:2f:2b:a6:9b:51:b4:34:9e:4f:51:88:79:0d:50:3b:
79:66:37:62:3d:f6:51:40:99:da:12:f0:4e:03:05:93:4b:08:
99:63:03:3c:0f:c4:95:55:eb:46:47:4c:c7:54:52:1b:f5:cc:
30:c6:d4:f1:78:25:1d:3c:c0:7a:25:4b:bb:ec:ef:29:57:45:
e1:dc:d5:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYOyP7mxXcys+L4sYBS5D0CNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjIxMDA3MTE0MTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTJiYWJkYWUyMDc1MjZjYmNjNzYwNTU3MGY2MzcyMjdiOWVkMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSLOyhyRzDevER2iYEc6a0lp+xEB
NR/7ElvVLCZYUasWoCB5FVj98idxYZwfPm/8wcyiu1dNj7FA/lykcyVkX7Ofb1YK
KLlpeYr92qvQOr1z1T1QglqvFXWgZkEooNAEW+PcM65PLLUuFQwVsRFXSCwoRTAF
dYBkzQB3YLNxwRdwLjalnjYwMoUAMKN8q4Pz1w2Wpmz2vD1OdqrTWmF8O5MK7fDg
J4+IXN379bPjSZDj2gkYfeyRvRDepCGYf8iMkp8QKMPtxdsOxZuJ3AFhlNwIygY0
4kGTV17ip7dsrMrz7F8S0nsDkVCkSr1p9SoaAbVT9qaKTRZ9FosaASR5OQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDkrq9riB1JsvMdgVXD2NyJ7ntBMMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvT1N1cjJ1SUhVbXk4eDJCVmNQWTNJbnVlMEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjlwAwQF
BZmAAwQFXPJgAwQFw7jAMA0GCSqGSIb3DQEBCwUAA4IBAQCGwkFsFiI9xBXrj4XX
wzf4oiitgLjYaMydAIdqpE+n8susS3eHl8UFGt9Ms0mFxjL+qkrnBNyMIrlu+09c
OFD6iXoY7cTds4acZJW8rR0bEU8SFP24Xr36/85Fp86gwCPHSO01Cogwvpez9u9d
kMTk1DHT+fWkRaiTSiWsY7Fs29aVRI2cCJMIl9EiS9wXMK002ILRTT14CoNiKcP6
Ln6AapQnGqjm0gKGhN7QweRUl5Ug3FyNWBcvK6abUbQ0nk9RiHkNUDt5ZjdiPfZR
QJnaEvBOAwWTSwiZYwM8D8SVVetGR0zHVFIb9cwwxtTxeCUdPMB6JUu77O8pV0Xh
3NVx
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:34:18 2025 by rpki-client