Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/5be80b-3382-4448-a1cc-dca04270b9d5/1/XkA3ixWQ6Q6ve_rOfPARCVBhErY.roa
File: XkA3ixWQ6Q6ve_rOfPARCVBhErY.roa (raw, json)
Hash identifier: ezLJBSP1YgXesXP3XqSPtSFbP/vu0CUIiCWU48czuxY=
Subject key identifier: 5E:40:37:8B:15:90:E9:0E:AF:7B:FA:CE:7C:F0:11:09:50:61:12:B6
Certificate issuer: /CN=44a88637498b188fc0bceae0bbf0681761a49d4b
Certificate serial: 10ED50
Authority key identifier: 44:A8:86:37:49:8B:18:8F:C0:BC:EA:E0:BB:F0:68:17:61:A4:9D:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKiGN0mLGI_AvOrgu_BoF2GknUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/5be80b-3382-4448-a1cc-dca04270b9d5/1/XkA3ixWQ6Q6ve_rOfPARCVBhErY.roa
Signing time: Tue 29 Mar 2022 19:50:30 +0000
ROA not before: Tue 29 Mar 2022 19:50:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6830
IP address blocks: 5.133.166.0/24 maxlen: 24
5.133.163.0/24 maxlen: 24
5.133.165.0/24 maxlen: 24
5.133.162.0/24 maxlen: 24
5.133.164.0/24 maxlen: 24
5.133.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1109328 (0x10ed50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a88637498b188fc0bceae0bbf0681761a49d4b
Validity
Not Before: Mar 29 19:50:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e40378b1590e90eaf7bface7cf01109506112b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:62:0a:4a:90:98:6a:fd:44:10:5b:b9:01:74:
ac:71:23:1f:ce:d7:ea:e8:5a:20:c2:aa:71:60:43:
0c:52:08:3b:75:a5:16:ce:da:fe:54:61:d4:65:f0:
33:90:d8:50:03:b9:00:b2:f1:9a:fb:a8:c8:1c:b2:
67:4c:d7:82:c5:23:63:eb:0e:a5:7c:07:38:04:b5:
52:9b:12:02:46:32:d8:a9:a2:23:2d:60:08:31:7f:
39:4e:ee:0d:a3:1f:72:e2:6c:b7:a7:b4:a6:45:13:
e8:e7:3a:d6:47:0c:72:17:0e:5f:68:87:1f:23:62:
a1:a8:7b:87:81:f0:48:8b:a4:30:3a:be:c7:7f:dd:
71:4c:ca:40:1b:31:e1:18:56:5f:bc:de:f5:11:0e:
4f:6a:ad:95:2f:49:04:4c:e6:89:51:2f:d7:44:ab:
00:ef:e2:d8:47:5a:83:d1:c5:95:59:ff:7c:77:8a:
4f:e8:b9:2e:87:5d:36:71:aa:df:f2:33:02:f9:d5:
c3:5a:db:d3:01:79:5a:04:13:8f:dc:5a:78:4a:70:
d7:db:c1:77:5b:65:75:bb:02:7a:07:1f:13:54:d0:
6c:c6:1b:40:ba:e1:8a:fe:d8:e6:56:4d:af:28:7d:
74:69:44:69:a2:6c:4f:98:1a:67:f4:90:03:91:31:
19:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:40:37:8B:15:90:E9:0E:AF:7B:FA:CE:7C:F0:11:09:50:61:12:B6
X509v3 Authority Key Identifier:
keyid:44:A8:86:37:49:8B:18:8F:C0:BC:EA:E0:BB:F0:68:17:61:A4:9D:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKiGN0mLGI_AvOrgu_BoF2GknUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/5be80b-3382-4448-a1cc-dca04270b9d5/1/XkA3ixWQ6Q6ve_rOfPARCVBhErY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/5be80b-3382-4448-a1cc-dca04270b9d5/1/RKiGN0mLGI_AvOrgu_BoF2GknUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.162.0-5.133.167.255
Signature Algorithm: sha256WithRSAEncryption
3a:bf:2e:2b:e5:95:4f:8d:87:23:a1:9e:e7:31:35:b7:41:39:
94:1a:7c:df:ae:fa:8a:e5:7b:0d:04:3d:b8:e2:81:4c:91:4f:
ce:b8:98:48:d1:3c:fa:85:c6:7a:23:1b:c3:59:b0:7f:62:0d:
39:98:6d:e8:5b:2a:d6:e2:11:2e:f8:a1:45:01:00:da:35:07:
71:71:85:31:d5:2c:48:85:bf:1b:44:45:5c:87:b7:bd:5b:7b:
5f:19:b2:fa:f4:98:da:8e:75:3f:f9:79:ff:56:be:f5:e7:03:
0d:1e:08:bf:8e:fc:91:6e:e1:56:99:b5:55:ac:4c:aa:5d:10:
aa:da:fc:d9:19:fa:77:21:b3:ae:42:a3:b4:b0:f6:df:9a:5b:
ca:25:d1:3a:5c:a1:7d:5e:b2:c2:e7:12:bb:4a:33:06:ca:4c:
b0:bd:a9:95:f5:46:36:d7:ad:2d:6c:9b:89:95:e9:a1:2d:7a:
a9:eb:31:82:95:e7:7d:f2:b6:6c:6b:f8:a8:a3:43:46:f9:ef:
a3:d6:d5:66:6a:dd:51:d8:51:6e:39:7a:24:53:31:4f:df:6e:
00:0e:93:f7:b9:7b:6c:ba:f6:16:27:6f:c9:9d:99:ed:4b:65:
5a:d2:bc:31:e3:8b:4d:ac:33:2d:a5:51:32:74:c2:6b:e7:72:
e6:66:07:7e
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIDEO1QMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ0
YTg4NjM3NDk4YjE4OGZjMGJjZWFlMGJiZjA2ODE3NjFhNDlkNGIwHhcNMjIwMzI5
MTk1MDMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1ZTQwMzc4YjE1OTBl
OTBlYWY3YmZhY2U3Y2YwMTEwOTUwNjExMmI2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwGIKSpCYav1EEFu5AXSscSMfztfq6FogwqpxYEMMUgg7daUW
ztr+VGHUZfAzkNhQA7kAsvGa+6jIHLJnTNeCxSNj6w6lfAc4BLVSmxICRjLYqaIj
LWAIMX85Tu4Nox9y4my3p7SmRRPo5zrWRwxyFw5faIcfI2KhqHuHgfBIi6QwOr7H
f91xTMpAGzHhGFZfvN71EQ5Paq2VL0kETOaJUS/XRKsA7+LYR1qD0cWVWf98d4pP
6Lkuh102carf8jMC+dXDWtvTAXlaBBOP3Fp4SnDX28F3W2V1uwJ6Bx8TVNBsxhtA
uuGK/tjmVk2vKH10aURpomxPmBpn9JADkTEZDQIDAQABo4ICETCCAg0wHQYDVR0O
BBYEFF5AN4sVkOkOr3v6znzwEQlQYRK2MB8GA1UdIwQYMBaAFESohjdJixiPwLzq
4LvwaBdhpJ1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UktpR04wbUxHSV9Bdk9yZ3VfQm9GMkdrblVzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83ZS81YmU4MGItMzM4Mi00NDQ4LWExY2MtZGNhMDQyNzBiOWQ1LzEv
WGtBM2l4V1E2UTZ2ZV9yT2ZQQVJDVkJoRXJZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS81
YmU4MGItMzM4Mi00NDQ4LWExY2MtZGNhMDQyNzBiOWQ1LzEvUktpR04wbUxHSV9B
dk9yZ3VfQm9GMkdrblVzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcG
CCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEFhaIDBAMFhaAwDQYJKoZIhvcN
AQELBQADggEBADq/LivllU+NhyOhnucxNbdBOZQafN+u+orlew0EPbjigUyRT864
mEjRPPqFxnojG8NZsH9iDTmYbehbKtbiES74oUUBANo1B3FxhTHVLEiFvxtERVyH
t71be18Zsvr0mNqOdT/5ef9WvvXnAw0eCL+O/JFu4VaZtVWsTKpdEKra/NkZ+nch
s65Co7Sw9t+aW8ol0TpcoX1essLnErtKMwbKTLC9qZX1RjbXrS1sm4mV6aEteqnr
MYKV533ytmxr+KijQ0b576PW1WZq3VHYUW45eiRTMU/fbgAOk/e5e2y69hYnb8md
me1LZVrSvDHji02sMy2lUTJ0wmvncuZmB34=
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:32:00 2025 by rpki-client