Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/mdY1tL5QoQWATSx8FEb9dyTL9b4.roa
File: mdY1tL5QoQWATSx8FEb9dyTL9b4.roa (raw, json)
Hash identifier: FDh+rfpfbXzSxskaXqNYyG+5/m3csyL0m0WFv/aKatA=
Subject key identifier: 99:D6:35:B4:BE:50:A1:05:80:4D:2C:7C:14:46:FD:77:24:CB:F5:BE
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 01856E4AFB3B9E01D14A3873291557332E27
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/mdY1tL5QoQWATSx8FEb9dyTL9b4.roa
Signing time: Sun 01 Jan 2023 17:04:45 +0000
ROA not before: Sun 01 Jan 2023 17:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3261
IP address blocks: 5.153.128.0/19 maxlen: 24
92.242.96.0/19 maxlen: 24
195.184.192.0/19 maxlen: 24
2.57.112.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:4a:fb:3b:9e:01:d1:4a:38:73:29:15:57:33:2e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Jan 1 17:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99d635b4be50a105804d2c7c1446fd7724cbf5be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:69:9d:ac:18:99:af:b3:dc:c9:f2:ec:96:e9:
50:b6:8a:1a:dd:28:d1:9d:11:79:fd:1e:e8:51:bc:
8d:23:f7:2a:5d:7b:11:44:b0:0b:37:9f:d0:2a:d6:
0c:4e:60:55:94:30:8a:10:53:12:f1:09:93:4e:4e:
02:dc:27:c2:d5:b8:8a:91:d4:41:9c:c1:ce:45:e1:
b6:d8:35:d1:4c:43:40:3d:15:57:b1:9a:4c:67:9d:
98:95:53:28:6d:3e:a5:a2:8e:b4:70:7d:c2:90:84:
b6:c5:bd:51:4d:58:f8:02:73:72:8a:f6:3d:e2:ce:
1c:74:91:4a:c0:8d:e5:3b:68:b2:70:30:53:f4:12:
02:09:64:32:06:c9:ea:bb:69:4d:ee:fc:34:be:2a:
77:e7:ad:9f:78:2a:ae:67:28:f5:2f:c4:d9:fe:ba:
5e:ce:d0:2f:05:4d:d4:8b:e6:82:6a:b4:70:2d:00:
47:a0:7d:9c:6a:44:aa:e3:43:b6:d6:47:2d:d3:a4:
3b:fa:a8:b2:18:e3:f8:ec:0a:88:af:26:49:0c:b6:
a5:cb:ac:db:6b:31:98:ee:1d:37:b3:a8:15:59:a3:
f2:ff:1b:12:77:8c:4f:5a:c8:17:0c:89:fd:50:fd:
12:68:5b:61:20:f3:90:f1:a5:c4:1e:c5:49:d8:40:
96:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D6:35:B4:BE:50:A1:05:80:4D:2C:7C:14:46:FD:77:24:CB:F5:BE
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/mdY1tL5QoQWATSx8FEb9dyTL9b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.112.0/22
5.153.128.0/19
92.242.96.0/19
195.184.192.0/19
Signature Algorithm: sha256WithRSAEncryption
40:31:9b:cf:44:34:23:ef:87:d4:4f:f5:6e:52:d4:aa:11:86:
1d:ce:19:22:65:a3:e3:8e:57:2c:f7:1b:bc:88:e6:08:fa:0e:
3f:1b:05:1f:da:4f:1c:9d:da:d5:9b:8c:18:02:cd:7c:5e:50:
5c:de:4a:ef:bb:8d:1b:fd:de:bb:08:f3:6c:e9:91:84:27:99:
ea:54:8a:99:93:92:a5:85:5f:20:e8:54:d2:de:34:0c:a2:14:
b2:63:d1:d7:23:b4:bc:97:9a:46:50:a8:3b:54:48:40:05:63:
49:1d:c1:13:26:e0:a2:a5:fc:af:6e:c5:b0:02:af:1c:12:ae:
12:21:51:f0:b0:54:82:2a:c1:05:ce:76:93:5c:d2:fd:d6:12:
3b:2d:1d:3d:53:08:50:9a:14:4a:a5:2e:a6:bc:7a:ea:46:a7:
11:95:40:03:aa:d5:74:a6:8b:ca:85:31:81:72:a4:d8:00:d9:
c3:eb:82:2f:d8:89:15:0e:9b:10:9b:05:13:cf:7a:e7:65:03:
6b:12:7c:3b:bf:fc:d4:09:59:de:a5:a3:0f:a3:75:7f:f5:00:
0f:7c:20:9a:81:d2:71:34:36:20:d6:eb:46:4c:e8:80:0e:f6:
50:9a:4a:c2:a8:fd:6d:69:47:0c:c6:8a:13:05:14:47:2b:11:
cd:2f:84:3f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVuSvs7ngHRSjhzKRVXMy4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjMwMTAxMTcwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQ2MzViNGJlNTBhMTA1ODA0ZDJjN2MxNDQ2ZmQ3NzI0Y2JmNWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGmdrBiZr7PcyfLslulQtooa3SjR
nRF5/R7oUbyNI/cqXXsRRLALN5/QKtYMTmBVlDCKEFMS8QmTTk4C3CfC1biKkdRB
nMHOReG22DXRTENAPRVXsZpMZ52YlVMobT6loo60cH3CkIS2xb1RTVj4AnNyivY9
4s4cdJFKwI3lO2iycDBT9BICCWQyBsnqu2lN7vw0vip3562feCquZyj1L8TZ/rpe
ztAvBU3Ui+aCarRwLQBHoH2cakSq40O21kct06Q7+qiyGOP47AqIryZJDLaly6zb
azGY7h03s6gVWaPy/xsSd4xPWsgXDIn9UP0SaFthIPOQ8aXEHsVJ2ECW7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJnWNbS+UKEFgE0sfBRG/Xcky/W+MB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvbWRZMXRMNVFvUVdBVFN4OEZFYjlkeVRMOWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjlwAwQF
BZmAAwQFXPJgAwQFw7jAMA0GCSqGSIb3DQEBCwUAA4IBAQBAMZvPRDQj74fUT/Vu
UtSqEYYdzhkiZaPjjlcs9xu8iOYI+g4/GwUf2k8cndrVm4wYAs18XlBc3krvu40b
/d67CPNs6ZGEJ5nqVIqZk5KlhV8g6FTS3jQMohSyY9HXI7S8l5pGUKg7VEhABWNJ
HcETJuCipfyvbsWwAq8cEq4SIVHwsFSCKsEFznaTXNL91hI7LR09UwhQmhRKpS6m
vHrqRqcRlUADqtV0povKhTGBcqTYANnD64Iv2IkVDpsQmwUTz3rnZQNrEnw7v/zU
CVnepaMPo3V/9QAPfCCagdJxNDYg1utGTOiADvZQmkrCqP1taUcMxooTBRRHKxHN
L4Q/
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:37:57 2025 by rpki-client