Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/5ywF1eXU5vMr2Q7jxp7ago1hXu0.roa
File: 5ywF1eXU5vMr2Q7jxp7ago1hXu0.roa (raw, json)
Hash identifier: 9TN5VmaYl0Wg877FKVEOekwhI5MnkTy682KANQxUH6M=
Subject key identifier: E7:2C:05:D5:E5:D4:E6:F3:2B:D9:0E:E3:C6:9E:DA:82:8D:61:5E:ED
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 3A761F4E
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/5ywF1eXU5vMr2Q7jxp7ago1hXu0.roa
Signing time: Sat 01 Jan 2022 04:51:56 +0000
ROA not before: Sat 01 Jan 2022 04:51:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50467
IP address blocks: 195.136.110.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 980819790 (0x3a761f4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 04:51:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e72c05d5e5d4e6f32bd90ee3c69eda828d615eed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:98:40:3b:96:fc:b9:63:6f:b3:d5:3d:15:cd:
3e:ae:5e:85:d3:14:52:d2:40:e7:06:61:b9:c1:fe:
77:94:c3:0a:41:8b:56:b4:86:21:9b:b8:da:9c:ed:
50:dc:0a:f5:5d:40:03:06:09:74:c8:46:7f:b3:42:
9c:b0:da:b1:b8:a0:f2:5b:51:ff:17:08:dc:e4:47:
3b:30:f2:31:2c:0a:81:0f:2d:1f:f1:9f:86:d7:24:
91:72:42:2e:7a:0b:95:27:86:32:58:cc:f6:83:af:
89:99:b5:02:0c:b3:82:9c:9f:1e:8b:54:bf:13:eb:
35:3e:e8:36:01:46:0c:36:e0:1e:bc:0a:49:5d:81:
c6:a2:79:19:52:4a:90:93:84:42:f5:c7:ab:04:02:
e2:ee:5a:5c:83:6b:86:46:8b:08:16:45:39:63:de:
d2:7f:ad:67:d0:56:c1:5d:4d:0c:00:30:44:b4:f7:
b3:68:f1:7e:dc:d1:a4:61:9a:5c:18:cf:29:6f:c6:
72:e7:2b:fb:fa:2e:a8:3a:dc:97:5c:de:51:bd:b2:
2b:a8:f4:a7:a1:02:13:92:8b:2f:65:92:14:93:8a:
8e:e3:1d:85:80:4d:5f:2e:86:a5:d0:38:44:87:b0:
ac:72:9a:57:35:5d:94:76:e7:2c:0c:23:da:b7:44:
fb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:2C:05:D5:E5:D4:E6:F3:2B:D9:0E:E3:C6:9E:DA:82:8D:61:5E:ED
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/5ywF1eXU5vMr2Q7jxp7ago1hXu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.110.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:63:ac:ef:93:15:bc:b8:56:38:f5:e2:9c:65:29:e2:9b:e4:
1b:26:7e:c4:fb:8c:e8:21:2c:89:54:f5:5d:59:07:d5:03:08:
a2:84:94:d8:ee:b2:5f:98:91:71:c4:49:78:a2:22:cc:99:dc:
a2:a2:22:00:34:1e:a9:85:10:a0:98:15:61:e6:aa:95:8a:e7:
51:32:62:ae:ba:1d:66:96:75:bb:8f:d0:62:eb:2a:9c:a0:25:
cc:20:ba:8d:95:07:02:c1:c5:ec:8b:d7:f2:d5:d7:98:4c:58:
76:d5:17:a8:64:e5:ba:a3:01:68:f2:4c:0b:77:78:d1:f6:a7:
4c:7f:88:37:de:ca:46:2a:9a:c3:de:6e:ac:08:c9:11:ba:23:
86:a3:68:a9:6a:98:22:23:70:09:14:9b:d8:a9:9d:e5:cc:6b:
01:d7:50:51:45:c5:8c:b0:64:7e:19:d2:52:31:1f:6f:d4:28:
30:66:a8:8d:78:b1:b4:18:fc:63:31:8a:de:b9:3a:af:c3:58:
39:f7:4d:94:a7:02:5f:f7:05:c7:fd:75:e7:2d:39:67:af:e0:
0d:d1:20:fa:fd:57:48:cd:d5:0a:74:a4:d1:fb:90:50:f2:ac:
46:56:f2:48:3c:e8:1d:66:13:91:4f:9a:07:90:fd:78:cf:74:
58:1f:b3:c7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOnYfTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDY4MzRlNjg4OTBmMzk4NmExYjA0NTdjZTBmNTRhZTAzYzJkNzZiMB4XDTIyMDEw
MTA0NTE1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTcyYzA1ZDVlNWQ0
ZTZmMzJiZDkwZWUzYzY5ZWRhODI4ZDYxNWVlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOuYQDuW/Lljb7PVPRXNPq5ehdMUUtJA5wZhucH+d5TDCkGL
VrSGIZu42pztUNwK9V1AAwYJdMhGf7NCnLDasbig8ltR/xcI3ORHOzDyMSwKgQ8t
H/GfhtckkXJCLnoLlSeGMljM9oOviZm1AgyzgpyfHotUvxPrNT7oNgFGDDbgHrwK
SV2BxqJ5GVJKkJOEQvXHqwQC4u5aXINrhkaLCBZFOWPe0n+tZ9BWwV1NDAAwRLT3
s2jxftzRpGGaXBjPKW/Gcucr+/ouqDrcl1zeUb2yK6j0p6ECE5KLL2WSFJOKjuMd
hYBNXy6GpdA4RIewrHKaVzVdlHbnLAwj2rdE++cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTnLAXV5dTm8yvZDuPGntqCjWFe7TAfBgNVHSMEGDAWgBRUaDTmiJDzmGob
BFfOD1SuA8LXazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZHZzA1b2lRODVocUd3Ulh6ZzlVcmdQQzEycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvNWYyZjBiLWZkODItNDRmYS1iNjM0LTUyNzY2YjI0YmFhNC8x
LzV5d0YxZVhVNXZNcjJRN2p4cDdhZ28xaFh1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
NWYyZjBiLWZkODItNDRmYS1iNjM0LTUyNzY2YjI0YmFhNC8xL1ZHZzA1b2lRODVo
cUd3Ulh6ZzlVcmdQQzEycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcOIbjANBgkqhkiG9w0BAQsFAAOC
AQEAP2Os75MVvLhWOPXinGUp4pvkGyZ+xPuM6CEsiVT1XVkH1QMIooSU2O6yX5iR
ccRJeKIizJncoqIiADQeqYUQoJgVYeaqlYrnUTJirrodZpZ1u4/QYusqnKAlzCC6
jZUHAsHF7IvX8tXXmExYdtUXqGTluqMBaPJMC3d40fanTH+IN97KRiqaw95urAjJ
EbojhqNoqWqYIiNwCRSb2Kmd5cxrAddQUUXFjLBkfhnSUjEfb9QoMGaojXixtBj8
YzGK3rk6r8NYOfdNlKcCX/cFx/115y05Z6/gDdEg+v1XSM3VCnSk0fuQUPKsRlby
SDzoHWYTkU+aB5D9eM90WB+zxw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:57 2025 by rpki-client