Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/mSGgGH73NXOTKJqoKuYFTLhtm2U.roa
File: mSGgGH73NXOTKJqoKuYFTLhtm2U.roa (raw, json)
Hash identifier: eyVwl96PkWUZcQqEgDjJIDn8RpRMUP056up4g+o+wxw=
Subject key identifier: 99:21:A0:18:7E:F7:35:73:93:28:9A:A8:2A:E6:05:4C:B8:6D:9B:65
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 018B1F52B446237F7CDC73E5BDE4B2C82ACC
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/mSGgGH73NXOTKJqoKuYFTLhtm2U.roa
Signing time: Wed 11 Oct 2023 15:19:55 +0000
ROA not before: Wed 11 Oct 2023 15:19:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41039
IP address blocks: 92.242.96.0/19 maxlen: 24
195.184.192.0/19 maxlen: 24
128.0.93.0/24 maxlen: 24
5.153.176.0/23 maxlen: 23
5.153.179.0/24 maxlen: 24
5.153.178.0/24 maxlen: 24
5.153.181.0/24 maxlen: 24
5.153.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1f:52:b4:46:23:7f:7c:dc:73:e5:bd:e4:b2:c8:2a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Oct 11 15:19:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9921a0187ef7357393289aa82ae6054cb86d9b65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:aa:e3:9b:15:2a:b5:bf:75:e6:97:d9:30:16:
39:b5:9f:23:61:5a:8d:be:dd:dd:2f:0d:63:b9:c4:
8a:91:8a:35:3e:6c:c0:40:41:f6:bb:03:44:0b:b2:
b9:70:02:54:d0:fe:09:6a:f0:3e:2a:db:ca:53:d0:
98:76:56:3d:5c:88:86:59:ef:d1:66:8c:6e:05:4b:
d2:eb:e4:7b:9b:8f:9b:07:22:08:a3:f1:b0:aa:92:
2d:b9:cf:5d:b6:39:83:17:56:a2:97:30:f1:df:cd:
87:a0:f2:ab:b9:74:f5:a7:75:3d:8c:f8:7a:f4:f5:
c6:8e:cc:fa:d0:e2:b2:29:2e:47:0f:77:58:06:e1:
9c:7d:a1:2e:d7:af:96:8f:77:37:d5:40:b2:21:36:
ab:26:5d:bb:5a:97:dd:f0:81:6c:70:44:ee:30:b6:
e6:40:e5:c0:e3:ea:cb:59:8d:fe:58:6f:3f:c4:28:
0e:b3:27:a2:65:32:6c:f9:08:1d:55:a7:bd:5e:b2:
78:1a:78:c9:b9:6c:04:55:04:15:71:b7:b2:01:06:
ba:8f:b4:09:7c:3c:8e:c9:1f:2c:84:19:a4:b1:f5:
85:18:a2:3d:24:84:73:b1:88:62:5f:b8:98:2f:aa:
52:67:4f:05:0f:ba:ab:fc:86:cc:a0:fc:a5:b5:b4:
cf:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:21:A0:18:7E:F7:35:73:93:28:9A:A8:2A:E6:05:4C:B8:6D:9B:65
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/mSGgGH73NXOTKJqoKuYFTLhtm2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.176.0/22
5.153.181.0/24
5.153.185.0/24
92.242.96.0/19
128.0.93.0/24
195.184.192.0/19
Signature Algorithm: sha256WithRSAEncryption
55:18:5d:7c:aa:b0:99:05:3c:b6:c4:0b:87:bb:24:a6:a9:fe:
20:1c:f5:67:b8:6b:3e:90:a0:f9:c2:21:09:a1:63:64:47:08:
f3:b3:0b:9d:3e:93:42:8b:92:a0:bd:d0:93:23:e6:d2:f6:63:
b9:3d:9c:42:e3:cb:af:28:a5:11:09:14:f7:71:30:b5:f9:23:
20:6d:35:02:df:9d:1e:43:4b:0b:ef:63:74:0e:60:ae:23:a1:
54:66:cd:98:1f:19:48:17:f3:68:d1:79:51:86:47:92:88:86:
eb:6c:4e:33:20:82:8e:98:56:15:e7:a4:29:f6:2a:bc:76:13:
f9:38:4d:a4:62:3a:60:8e:60:14:80:a1:03:de:36:78:97:31:
9f:d9:9f:4c:00:a2:c3:7c:cf:e0:51:79:73:56:05:d3:0c:3b:
cd:12:d8:ef:f2:d3:15:4b:c4:f8:95:70:e2:ec:e0:82:81:7d:
b0:ff:3b:9c:54:ce:dc:54:ec:97:6c:21:20:56:b1:f7:53:1b:
e3:4f:8e:1b:e7:5f:b5:f3:01:e6:ce:76:c5:91:4a:fd:99:d2:
d8:bb:d6:ec:0e:74:e8:c6:de:4d:c2:e9:df:d4:5e:d8:be:4d:
a8:b7:5e:e3:e3:a8:06:3b:96:60:22:7b:31:66:f3:b4:e6:42:
0c:1c:22:5d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYsfUrRGI3983HPlveSyyCrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjMxMDExMTUxOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTIxYTAxODdlZjczNTczOTMyODlhYTgyYWU2MDU0Y2I4NmQ5YjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7arjmxUqtb915pfZMBY5tZ8jYVqN
vt3dLw1jucSKkYo1PmzAQEH2uwNEC7K5cAJU0P4JavA+KtvKU9CYdlY9XIiGWe/R
ZoxuBUvS6+R7m4+bByIIo/GwqpItuc9dtjmDF1ailzDx382HoPKruXT1p3U9jPh6
9PXGjsz60OKyKS5HD3dYBuGcfaEu16+Wj3c31UCyITarJl27Wpfd8IFscETuMLbm
QOXA4+rLWY3+WG8/xCgOsyeiZTJs+QgdVae9XrJ4GnjJuWwEVQQVcbeyAQa6j7QJ
fDyOyR8shBmksfWFGKI9JIRzsYhiX7iYL6pSZ08FD7qr/IbMoPyltbTPwwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJkhoBh+9zVzkyiaqCrmBUy4bZtlMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvbVNHZ0dINzNOWE9US0pxb0t1WUZUTGh0bTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBZmwAwQA
BZm1AwQABZm5AwQFXPJgAwQAgABdAwQFw7jAMA0GCSqGSIb3DQEBCwUAA4IBAQBV
GF18qrCZBTy2xAuHuySmqf4gHPVnuGs+kKD5wiEJoWNkRwjzswudPpNCi5KgvdCT
I+bS9mO5PZxC48uvKKURCRT3cTC1+SMgbTUC350eQ0sL72N0DmCuI6FUZs2YHxlI
F/No0XlRhkeSiIbrbE4zIIKOmFYV56Qp9iq8dhP5OE2kYjpgjmAUgKED3jZ4lzGf
2Z9MAKLDfM/gUXlzVgXTDDvNEtjv8tMVS8T4lXDi7OCCgX2w/zucVM7cVOyXbCEg
VrH3UxvjT44b51+18wHmznbFkUr9mdLYu9bsDnToxt5Nwunf1F7Yvk2ot17j46gG
O5ZgInsxZvO05kIMHCJd
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:38:04 2025 by rpki-client