Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/5_nh_H9sBBD--2BWjaD0IzzRU5I.roa
File: 5_nh_H9sBBD--2BWjaD0IzzRU5I.roa (raw, json)
Hash identifier: 2oyNauFCu4ZkebqIHVNJYRVGrmAqDDFPYr/cI0XtBWU=
Subject key identifier: E7:F9:E1:FC:7F:6C:04:10:FE:FB:60:56:8D:A0:F4:23:3C:D1:53:92
Certificate issuer: /CN=1b68656126198373d07886bf4ab8fb06b9006780
Certificate serial: 0185701EEB01C33EE8738086DF8DB60D7BAE
Authority key identifier: 1B:68:65:61:26:19:83:73:D0:78:86:BF:4A:B8:FB:06:B9:00:67:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/5_nh_H9sBBD--2BWjaD0IzzRU5I.roa
Signing time: Mon 02 Jan 2023 01:35:52 +0000
ROA not before: Mon 02 Jan 2023 01:35:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208621
IP address blocks: 45.92.36.0/24 maxlen: 24
45.92.38.0/24 maxlen: 24
45.92.37.0/24 maxlen: 24
45.92.39.0/24 maxlen: 24
2a0e:1bc7::/35 maxlen: 35
2a0e:1bc0:2000::/35 maxlen: 35
2a0e:1bc0:4000::/35 maxlen: 35
2a0e:1bc0:6000::/35 maxlen: 35
2a0e:1bc0::/35 maxlen: 35
2a0e:1bc1::/35 maxlen: 35
2a0e:1bc1:2000::/35 maxlen: 35
2a0e:1bc5::/35 maxlen: 35
2a0e:1bc4::/35 maxlen: 35
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:eb:01:c3:3e:e8:73:80:86:df:8d:b6:0d:7b:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b68656126198373d07886bf4ab8fb06b9006780
Validity
Not Before: Jan 2 01:35:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7f9e1fc7f6c0410fefb60568da0f4233cd15392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:23:02:4f:1a:4c:3a:ea:3b:89:dc:7f:f4:e5:
91:89:e6:30:23:19:e1:48:4c:59:f0:c7:77:88:28:
6c:f2:b5:22:0d:54:b7:a8:84:5a:a7:16:7a:0d:99:
89:d0:ff:38:1a:d4:34:b8:84:bb:92:7d:e0:6b:f7:
f0:63:35:c7:30:ed:5a:c0:73:de:9b:4e:d6:cd:7e:
5e:5b:ed:34:d3:84:f1:46:4e:48:95:a1:6f:d8:93:
50:b8:fd:83:85:0b:49:5b:e2:d7:4b:51:bc:e1:da:
ee:ce:77:77:da:4d:a7:58:46:17:66:4d:aa:c3:9b:
52:f6:8f:eb:eb:ba:f6:fc:1f:1c:7e:64:95:a7:11:
83:a9:66:09:97:62:91:a6:9f:34:df:64:f4:ea:b4:
4b:4a:a5:71:46:b5:51:24:dc:22:4e:c7:49:1a:e7:
55:70:89:e6:05:df:59:67:b0:dc:7c:50:e9:d3:e4:
7e:83:6b:41:22:3b:1d:ab:6b:b7:0d:4f:04:43:4d:
56:c3:b2:f7:8e:4e:ef:8b:36:6a:71:f6:b7:99:14:
b8:4c:95:e8:79:69:68:ed:37:44:e7:44:8e:71:56:
70:29:a9:f8:e5:92:bc:7d:3b:54:87:99:3b:16:25:
b1:57:fc:bd:03:fd:42:69:39:22:d3:55:43:34:fe:
6d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:F9:E1:FC:7F:6C:04:10:FE:FB:60:56:8D:A0:F4:23:3C:D1:53:92
X509v3 Authority Key Identifier:
keyid:1B:68:65:61:26:19:83:73:D0:78:86:BF:4A:B8:FB:06:B9:00:67:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/5_nh_H9sBBD--2BWjaD0IzzRU5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.36.0/22
IPv6:
2a0e:1bc0::/33
2a0e:1bc1::/34
2a0e:1bc4::/35
2a0e:1bc5::/35
2a0e:1bc7::/35
Signature Algorithm: sha256WithRSAEncryption
5f:cf:c5:6b:0c:be:7f:35:70:95:58:07:de:60:d9:ab:eb:30:
7b:49:e1:7d:c6:16:16:2c:8f:9f:c8:08:1f:d9:4f:7f:c4:bd:
ea:44:0a:77:58:fc:94:ed:3a:2a:0b:b9:e5:f6:44:9a:fa:03:
ee:a1:58:cb:98:1f:30:2a:72:41:78:02:a2:20:63:bd:14:0d:
c4:9f:16:90:1e:bd:ae:95:ff:e7:1a:e7:51:00:e1:c9:b5:9a:
88:8c:0c:d3:a1:3c:b0:24:1e:b8:e3:e2:d2:65:55:10:6c:4e:
5b:db:55:ff:f9:9c:99:24:d9:ca:2b:d4:4e:a9:80:ec:e2:4e:
70:34:bf:00:23:10:e9:f4:61:5c:fa:fb:68:7d:32:ce:6d:5e:
46:c3:8c:d7:76:04:a5:48:d4:0c:2b:8a:b5:a6:4a:90:82:6f:
a9:69:84:d1:60:01:69:e2:62:2e:f8:f4:79:5b:2d:20:4b:24:
18:3a:96:c4:08:83:83:4d:0c:86:d3:a4:be:3e:e3:40:47:0a:
23:79:25:e2:0c:7d:4f:7a:5f:15:07:c6:50:67:d9:f0:87:af:
f3:b0:f4:95:9b:0c:89:ac:39:8c:56:af:50:7c:c1:84:d4:2a:
5e:10:43:65:bf:4f:d9:80:af:a7:b1:ec:de:c4:e8:62:a4:4a:
e9:d9:1f:80
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVwHusBwz7oc4CG3422DXuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjg2NTYxMjYxOTgzNzNkMDc4ODZiZjRhYjhmYjA2Yjkw
MDY3ODAwHhcNMjMwMTAyMDEzNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Y5ZTFmYzdmNmMwNDEwZmVmYjYwNTY4ZGEwZjQyMzNjZDE1MzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCMCTxpMOuo7idx/9OWRieYwIxnh
SExZ8Md3iChs8rUiDVS3qIRapxZ6DZmJ0P84GtQ0uIS7kn3ga/fwYzXHMO1awHPe
m07WzX5eW+0004TxRk5IlaFv2JNQuP2DhQtJW+LXS1G84druznd32k2nWEYXZk2q
w5tS9o/r67r2/B8cfmSVpxGDqWYJl2KRpp8032T06rRLSqVxRrVRJNwiTsdJGudV
cInmBd9ZZ7DcfFDp0+R+g2tBIjsdq2u3DU8EQ01Ww7L3jk7vizZqcfa3mRS4TJXo
eWlo7TdE50SOcVZwKan45ZK8fTtUh5k7FiWxV/y9A/1CaTki01VDNP5tMwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOf54fx/bAQQ/vtgVo2g9CM80VOSMB8GA1UdIwQY
MBaAFBtoZWEmGYNz0HiGv0q4+wa5AGeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJobFlTWVpnM1BRZUlhX1NyajdCcmtBWjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MzEwMGYtMWJiMy00MjE5LTljODIt
MjM5ODcwNGFiNTBjLzEvNV9uaF9IOXNCQkQtLTJCV2phRDBJenpSVTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81MzEwMGYtMWJiMy00MjE5LTljODItMjM5ODcwNGFiNTBj
LzEvRzJobFlTWVpnM1BRZUlhX1NyajdCcmtBWjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAMBAIAATAGAwQCLVwkMC4E
AgACMCgDBgcqDhvAAAMGBioOG8EAAwYFKg4bxAADBgUqDhvFAAMGBSoOG8cAMA0G
CSqGSIb3DQEBCwUAA4IBAQBfz8VrDL5/NXCVWAfeYNmr6zB7SeF9xhYWLI+fyAgf
2U9/xL3qRAp3WPyU7ToqC7nl9kSa+gPuoVjLmB8wKnJBeAKiIGO9FA3EnxaQHr2u
lf/nGudRAOHJtZqIjAzToTywJB644+LSZVUQbE5b21X/+ZyZJNnKK9ROqYDs4k5w
NL8AIxDp9GFc+vtofTLObV5Gw4zXdgSlSNQMK4q1pkqQgm+paYTRYAFp4mIu+PR5
Wy0gSyQYOpbECIODTQyG06S+PuNARwojeSXiDH1Pel8VB8ZQZ9nwh6/zsPSVmwyJ
rDmMVq9QfMGE1CpeEENlv0/ZgK+nsezexOhipErp2R+A
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:56 2025 by rpki-client