Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/5dO1PiCnzjCFDZ0d9iyrpOc3LuQ.roa
File: 5dO1PiCnzjCFDZ0d9iyrpOc3LuQ.roa (raw, json)
Hash identifier: kY4JGrfLCLJtOBU9P7sSvLozeZ4f4f9gsKrJJubZhfw=
Subject key identifier: E5:D3:B5:3E:20:A7:CE:30:85:0D:9D:1D:F6:2C:AB:A4:E7:37:2E:E4
Certificate issuer: /CN=3ee6cecffd9b8bba18d474e7b3993e0a1d14dbb3
Certificate serial: 01856FC2629D49F4FF728FE30F4F90D88408
Authority key identifier: 3E:E6:CE:CF:FD:9B:8B:BA:18:D4:74:E7:B3:99:3E:0A:1D:14:DB:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PubOz_2bi7oY1HTns5k-Ch0U27M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/5dO1PiCnzjCFDZ0d9iyrpOc3LuQ.roa
Signing time: Sun 01 Jan 2023 23:54:48 +0000
ROA not before: Sun 01 Jan 2023 23:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59453
IP address blocks: 194.246.0.0/22 maxlen: 22
194.246.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:62:9d:49:f4:ff:72:8f:e3:0f:4f:90:d8:84:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee6cecffd9b8bba18d474e7b3993e0a1d14dbb3
Validity
Not Before: Jan 1 23:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5d3b53e20a7ce30850d9d1df62caba4e7372ee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6f:d7:bf:a4:8d:01:41:bd:11:55:fd:bf:5b:
b4:92:ac:8d:81:6f:f9:99:54:56:ba:5b:8c:c7:09:
b3:6c:55:5c:55:2e:0b:d6:b3:f1:f8:05:bf:ef:33:
6f:f4:c4:cf:e7:da:f8:1b:16:14:5b:d1:a1:31:5a:
fe:a2:f9:3b:a8:69:93:b0:fe:79:b4:df:ec:6e:0c:
df:28:32:ab:e6:af:d6:67:42:0d:dd:d9:94:31:d5:
ff:7a:e2:4e:19:b8:58:de:e2:e7:90:47:02:95:f1:
f2:c0:1f:a6:34:86:9c:bf:ea:a3:12:39:32:2d:fe:
8c:91:58:d1:f5:97:c1:19:2a:86:50:18:4e:42:e7:
10:03:2c:61:85:cb:c8:87:db:cd:e1:96:81:33:0e:
d1:0b:a0:5c:8c:62:9b:39:c7:77:f6:10:8b:54:21:
e0:c9:96:bd:7c:40:cd:45:be:64:5b:9e:c6:ec:53:
2d:95:08:7a:4d:13:40:2b:7d:cf:18:e6:61:a6:b4:
64:be:09:bc:cd:55:ec:cd:84:b7:3b:b0:8b:d8:c1:
05:23:7f:b8:21:73:b0:79:5b:51:5a:41:f9:63:32:
fe:1b:87:b4:68:cf:75:a3:4f:4a:8b:5f:d4:90:27:
a1:eb:94:5d:5e:ee:89:30:66:d1:c3:a1:f4:97:8b:
9d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D3:B5:3E:20:A7:CE:30:85:0D:9D:1D:F6:2C:AB:A4:E7:37:2E:E4
X509v3 Authority Key Identifier:
keyid:3E:E6:CE:CF:FD:9B:8B:BA:18:D4:74:E7:B3:99:3E:0A:1D:14:DB:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PubOz_2bi7oY1HTns5k-Ch0U27M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/5dO1PiCnzjCFDZ0d9iyrpOc3LuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/PubOz_2bi7oY1HTns5k-Ch0U27M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.0.0/22
194.246.21.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:92:40:81:57:a7:40:c4:b9:ff:e0:6a:42:75:db:d1:8c:d1:
d5:ae:8a:ac:e3:b3:f5:64:46:20:39:81:8b:2e:43:fd:e4:01:
c9:90:a4:d3:bf:39:2b:22:26:9a:65:e8:e6:76:63:ba:d3:35:
b6:5b:b4:14:bf:45:7a:59:54:f8:43:2e:22:6c:3b:98:dc:5e:
51:c4:9f:dc:3b:75:06:c9:be:35:2d:64:66:90:8b:3c:72:be:
b0:79:86:a4:d4:27:84:f1:db:f8:be:47:af:ed:b2:d5:57:ad:
90:e1:94:b9:6a:db:3a:6f:46:58:43:e9:4e:17:f2:af:3a:62:
cb:62:f7:13:03:64:d9:79:9b:8d:99:cd:23:30:f1:64:5d:b3:
cc:fd:d7:13:a1:8f:4d:30:0f:a0:1f:3e:e0:7d:b3:69:37:01:
a3:5c:d2:3d:34:92:14:34:ac:ea:d7:ae:f9:3f:43:47:57:3b:
e5:8c:9e:a3:8d:f8:75:07:44:a2:7d:1b:06:40:eb:91:29:7b:
07:00:43:2b:ef:e5:63:c9:c9:31:c1:44:f0:6e:5b:4a:79:27:
d6:52:4b:ba:85:41:0b:20:02:05:1d:1e:e4:fc:ef:97:a0:1a:
19:1c:d9:e4:8c:42:5f:74:69:72:3e:ef:2d:fc:f4:24:ca:8e:
ff:ab:bd:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvwmKdSfT/co/jD0+Q2IQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTZjZWNmZmQ5YjhiYmExOGQ0NzRlN2IzOTkzZTBhMWQx
NGRiYjMwHhcNMjMwMTAxMjM1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWQzYjUzZTIwYTdjZTMwODUwZDlkMWRmNjJjYWJhNGU3MzcyZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqG/Xv6SNAUG9EVX9v1u0kqyNgW/5
mVRWuluMxwmzbFVcVS4L1rPx+AW/7zNv9MTP59r4GxYUW9GhMVr+ovk7qGmTsP55
tN/sbgzfKDKr5q/WZ0IN3dmUMdX/euJOGbhY3uLnkEcClfHywB+mNIacv+qjEjky
Lf6MkVjR9ZfBGSqGUBhOQucQAyxhhcvIh9vN4ZaBMw7RC6BcjGKbOcd39hCLVCHg
yZa9fEDNRb5kW57G7FMtlQh6TRNAK33PGOZhprRkvgm8zVXszYS3O7CL2MEFI3+4
IXOweVtRWkH5YzL+G4e0aM91o09Ki1/UkCeh65RdXu6JMGbRw6H0l4udhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOXTtT4gp84whQ2dHfYsq6TnNy7kMB8GA1UdIwQY
MBaAFD7mzs/9m4u6GNR057OZPgodFNuzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHViT3pfMmJpN29ZMUhUbnM1ay1DaDBVMjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNjFjYWEtMjUwMC00Mzg4LWE5ZmEt
NzMyNDkxMzk3NWQ1LzEvNWRPMVBpQ256akNGRFowZDlpeXJwT2MzTHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNjFjYWEtMjUwMC00Mzg4LWE5ZmEtNzMyNDkxMzk3NWQ1
LzEvUHViT3pfMmJpN29ZMUhUbnM1ay1DaDBVMjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwvYAAwQA
wvYVMA0GCSqGSIb3DQEBCwUAA4IBAQC1kkCBV6dAxLn/4GpCddvRjNHVroqs47P1
ZEYgOYGLLkP95AHJkKTTvzkrIiaaZejmdmO60zW2W7QUv0V6WVT4Qy4ibDuY3F5R
xJ/cO3UGyb41LWRmkIs8cr6weYak1CeE8dv4vkev7bLVV62Q4ZS5ats6b0ZYQ+lO
F/KvOmLLYvcTA2TZeZuNmc0jMPFkXbPM/dcToY9NMA+gHz7gfbNpNwGjXNI9NJIU
NKzq1675P0NHVzvljJ6jjfh1B0SifRsGQOuRKXsHAEMr7+VjyckxwUTwbltKeSfW
Uku6hUELIAIFHR7k/O+XoBoZHNnkjEJfdGlyPu8t/PQkyo7/q72C
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:24:25 2025 by rpki-client