Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/W7qrd0KwZa35lDhTiohFtxKg64U.roa
File: W7qrd0KwZa35lDhTiohFtxKg64U.roa (raw, json)
Hash identifier: W67Mt8X5Ny6+RU9B87QZhEAdWc4qJV2tOVKBksLWu7o=
Subject key identifier: 5B:BA:AB:77:42:B0:65:AD:F9:94:38:53:8A:88:45:B7:12:A0:EB:85
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 01889F70394A6FD316FD3F1DE0D109D9B992
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/W7qrd0KwZa35lDhTiohFtxKg64U.roa
Signing time: Fri 09 Jun 2023 09:15:11 +0000
ROA not before: Fri 09 Jun 2023 09:15:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196977
IP address blocks: 5.153.190.0/24 maxlen: 24
5.153.191.0/24 maxlen: 24
5.153.190.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9f:70:39:4a:6f:d3:16:fd:3f:1d:e0:d1:09:d9:b9:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Jun 9 09:15:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bbaab7742b065adf99438538a8845b712a0eb85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f7:81:7f:70:5c:b4:f7:8e:42:d0:e5:0f:06:
d9:16:18:ed:62:0b:97:d3:18:7d:1f:b9:56:72:10:
99:6f:1f:1f:4c:fd:be:db:b3:ca:eb:61:47:42:aa:
4b:09:23:06:69:2b:60:7c:c2:0e:44:cc:1b:05:81:
8c:4d:f9:05:f4:a9:ee:78:bb:42:5f:aa:c1:b6:1d:
5b:bd:db:98:75:da:91:b8:e2:6f:c1:6d:7e:2e:d2:
8b:11:5f:05:f7:18:a5:93:e9:05:7a:d3:4c:94:30:
62:34:58:27:66:3c:ca:f6:e4:4f:5a:a2:d9:de:92:
29:6d:47:65:ac:19:8d:25:02:9e:bd:25:a0:e5:e1:
45:7f:ae:80:fc:b4:31:69:42:9a:55:ae:ff:fb:e2:
8b:61:9a:01:4b:4c:fe:18:a9:55:2f:9a:d9:cd:b4:
aa:2e:ce:e1:cd:4d:72:2f:03:4f:84:3e:15:a5:69:
60:4f:2a:76:4f:7a:cb:1d:66:f5:63:93:a2:cc:83:
07:7c:65:93:b4:73:39:f0:64:4d:4f:72:ec:0c:79:
f0:79:e9:db:b0:f8:f7:ba:a4:02:c0:6f:35:5a:f4:
99:28:1e:7e:fa:66:ea:b7:dd:d6:3e:9c:40:01:72:
b9:95:20:5f:1b:00:90:e5:70:5a:e9:25:48:2b:3b:
89:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:BA:AB:77:42:B0:65:AD:F9:94:38:53:8A:88:45:B7:12:A0:EB:85
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/W7qrd0KwZa35lDhTiohFtxKg64U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.190.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:f6:93:ba:a0:a5:68:0a:0c:73:20:9b:99:24:ab:c7:1a:a6:
a5:26:42:ea:ac:90:85:bf:42:8c:0c:e7:76:3e:cf:16:9e:6a:
52:88:95:ba:ce:d3:91:9d:79:f9:5d:fe:75:d0:6b:61:4e:4b:
23:53:0c:90:83:77:b5:29:5f:e8:28:55:57:da:48:57:9c:6a:
9a:9d:08:3c:42:1b:9c:d6:46:b6:fb:66:25:95:5d:9e:9a:d2:
dc:09:99:8a:dd:0f:19:cc:ee:9c:d9:c7:50:2f:4b:ef:1f:ab:
97:ae:d7:f4:b1:b5:af:a8:31:9a:80:6e:da:53:b0:f2:0c:8d:
20:12:6c:b9:e9:06:c5:63:ab:70:f1:e3:b7:8f:4d:28:65:cc:
75:73:6a:b4:1d:65:7e:5a:88:a0:b2:9d:e4:9c:d8:92:be:57:
0d:a1:4c:f2:cc:94:da:23:6b:ee:da:9a:21:e5:30:a9:a6:07:
d7:c5:9b:86:27:81:a6:a4:03:e7:52:be:11:a2:65:e4:6f:82:
55:35:65:94:3c:48:01:38:e2:f4:3b:24:a1:d5:41:7a:90:0f:
68:3d:91:b6:af:c9:a4:00:9d:96:40:1c:92:3d:8f:c3:dc:98:
ec:17:67:f6:0b:65:80:cc:9a:a9:63:c5:bd:ea:c3:0b:e6:8a:
74:09:04:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYifcDlKb9MW/T8d4NEJ2bmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjMwNjA5MDkxNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmJhYWI3NzQyYjA2NWFkZjk5NDM4NTM4YTg4NDViNzEyYTBlYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPeBf3BctPeOQtDlDwbZFhjtYguX
0xh9H7lWchCZbx8fTP2+27PK62FHQqpLCSMGaStgfMIORMwbBYGMTfkF9KnueLtC
X6rBth1bvduYddqRuOJvwW1+LtKLEV8F9xilk+kFetNMlDBiNFgnZjzK9uRPWqLZ
3pIpbUdlrBmNJQKevSWg5eFFf66A/LQxaUKaVa7/++KLYZoBS0z+GKlVL5rZzbSq
Ls7hzU1yLwNPhD4VpWlgTyp2T3rLHWb1Y5OizIMHfGWTtHM58GRNT3LsDHnweenb
sPj3uqQCwG81WvSZKB5++mbqt93WPpxAAXK5lSBfGwCQ5XBa6SVIKzuJ5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFu6q3dCsGWt+ZQ4U4qIRbcSoOuFMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvVzdxcmQwS3daYTM1bERoVGlvaEZ0eEtnNjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBZm+MA0G
CSqGSIb3DQEBCwUAA4IBAQAO9pO6oKVoCgxzIJuZJKvHGqalJkLqrJCFv0KMDOd2
Ps8WnmpSiJW6ztORnXn5Xf510GthTksjUwyQg3e1KV/oKFVX2khXnGqanQg8Qhuc
1ka2+2YllV2emtLcCZmK3Q8ZzO6c2cdQL0vvH6uXrtf0sbWvqDGagG7aU7DyDI0g
Emy56QbFY6tw8eO3j00oZcx1c2q0HWV+Woigsp3knNiSvlcNoUzyzJTaI2vu2poh
5TCppgfXxZuGJ4GmpAPnUr4RomXkb4JVNWWUPEgBOOL0OySh1UF6kA9oPZG2r8mk
AJ2WQBySPY/D3JjsF2f2C2WAzJqpY8W96sML5op0CQRb
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:42:31 2025 by rpki-client