Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2e257e-df64-4668-863b-f4dea86929ae/1/w-qRkkeZaH_mtCDKPtbn59lznQU.roa
File: w-qRkkeZaH_mtCDKPtbn59lznQU.roa (raw, json)
Hash identifier: Aeoht3bp7VAF5JDOpe4VxeHxcfvxvhGkfha9Xfx1ENk=
Subject key identifier: C3:EA:91:92:47:99:68:7F:E6:B4:20:CA:3E:D6:E7:E7:D9:73:9D:05
Certificate issuer: /CN=ee7450b230172e3e8ad35288110ef8abd24ff92d
Certificate serial: 018794B545D752BF9ABFFB9239DB501DE1E0
Authority key identifier: EE:74:50:B2:30:17:2E:3E:8A:D3:52:88:11:0E:F8:AB:D2:4F:F9:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7nRQsjAXLj6K01KIEQ74q9JP-S0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/2e257e-df64-4668-863b-f4dea86929ae/1/w-qRkkeZaH_mtCDKPtbn59lznQU.roa
Signing time: Tue 18 Apr 2023 14:12:00 +0000
ROA not before: Tue 18 Apr 2023 14:12:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211402
IP address blocks: 5.182.172.0/24 maxlen: 24
5.182.175.0/24 maxlen: 24
5.182.173.0/24 maxlen: 24
5.182.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:b5:45:d7:52:bf:9a:bf:fb:92:39:db:50:1d:e1:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee7450b230172e3e8ad35288110ef8abd24ff92d
Validity
Not Before: Apr 18 14:12:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3ea91924799687fe6b420ca3ed6e7e7d9739d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a1:76:21:26:57:55:87:e5:f7:70:50:16:8d:
49:0c:c2:4d:a1:8d:c0:c4:56:18:d4:c7:3a:0d:fa:
fa:44:b8:66:dc:1e:7c:c5:62:2e:08:24:ae:d8:27:
bb:99:79:07:fd:9a:fe:23:b9:7b:6a:8a:db:18:61:
4f:34:95:8c:e4:e7:54:18:87:8d:ee:d7:13:04:fe:
38:e9:39:fb:29:3d:a3:5c:b7:44:60:a7:47:70:9b:
0f:c5:95:1f:99:d2:38:7a:47:8c:e5:60:36:5d:bb:
6b:41:1e:a6:f9:0e:ae:f2:24:c5:fb:23:2c:0e:90:
98:c0:e6:c5:aa:89:9b:76:9a:bf:32:d4:e2:38:81:
00:59:cb:c2:6d:c0:fb:a0:68:79:82:e9:da:fd:3c:
9b:de:68:ce:0a:fb:ba:5e:a3:6e:12:b8:2e:d3:a7:
34:78:7b:45:69:bf:bd:fc:d7:00:33:44:65:de:e5:
3f:c0:e9:89:64:10:28:43:b1:2d:5d:2f:b8:76:ea:
5c:d6:a9:a8:22:40:ef:3e:74:b5:6f:d2:cb:bb:11:
23:eb:d3:5e:03:63:98:ee:76:11:b8:46:bf:dd:ad:
53:c3:b0:4c:32:cf:b7:17:72:e8:62:5f:e9:0f:9a:
32:0b:96:94:68:56:20:0a:e0:f4:c1:b1:31:a8:a8:
a8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:EA:91:92:47:99:68:7F:E6:B4:20:CA:3E:D6:E7:E7:D9:73:9D:05
X509v3 Authority Key Identifier:
keyid:EE:74:50:B2:30:17:2E:3E:8A:D3:52:88:11:0E:F8:AB:D2:4F:F9:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7nRQsjAXLj6K01KIEQ74q9JP-S0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2e257e-df64-4668-863b-f4dea86929ae/1/w-qRkkeZaH_mtCDKPtbn59lznQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2e257e-df64-4668-863b-f4dea86929ae/1/7nRQsjAXLj6K01KIEQ74q9JP-S0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.172.0/22
Signature Algorithm: sha256WithRSAEncryption
36:69:20:99:9b:34:20:72:f9:3d:fc:55:82:53:1e:30:e5:5a:
b3:dc:5b:45:45:85:38:c0:f3:26:1f:95:cd:15:15:0b:72:0b:
fb:97:70:6a:72:ec:d9:85:e3:23:e1:4b:f8:2a:f5:69:22:bb:
f8:65:1a:1b:02:d4:ad:1c:1b:84:33:ce:d0:2f:32:ff:18:a7:
19:dd:f0:63:19:87:1d:34:84:2e:67:fe:f0:1f:3d:2c:d3:57:
a6:4e:5d:d0:30:f1:9a:a6:b3:a1:34:6e:f6:45:fd:db:67:a4:
9e:00:12:34:04:07:4c:b4:82:22:b6:cb:78:c5:6c:c5:87:79:
9b:b1:23:d2:b1:21:1b:68:09:6a:e1:96:da:7c:36:9c:dd:23:
24:92:e5:0c:4c:e5:92:50:d5:70:16:d4:38:d2:d3:3a:df:09:
72:5e:9d:f6:9d:e2:80:02:79:22:40:e0:84:d6:1b:e5:67:d2:
f3:b5:80:bf:ad:f1:95:6e:c5:84:9f:b6:c0:38:21:e1:f7:d6:
03:89:b3:3f:77:83:38:4d:bf:b3:71:11:cd:5e:3f:bd:bf:fc:
de:e2:4d:ca:be:d0:d0:8d:fd:8a:55:8a:44:55:a6:cc:64:38:
20:b1:60:6e:f2:25:e8:f1:a3:b0:5e:0e:c8:dd:a8:db:3e:33:
04:db:f9:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeUtUXXUr+av/uSOdtQHeHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNzQ1MGIyMzAxNzJlM2U4YWQzNTI4ODExMGVmOGFiZDI0
ZmY5MmQwHhcNMjMwNDE4MTQxMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2VhOTE5MjQ3OTk2ODdmZTZiNDIwY2EzZWQ2ZTdlN2Q5NzM5ZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaF2ISZXVYfl93BQFo1JDMJNoY3A
xFYY1Mc6Dfr6RLhm3B58xWIuCCSu2Ce7mXkH/Zr+I7l7aorbGGFPNJWM5OdUGIeN
7tcTBP446Tn7KT2jXLdEYKdHcJsPxZUfmdI4ekeM5WA2XbtrQR6m+Q6u8iTF+yMs
DpCYwObFqombdpq/MtTiOIEAWcvCbcD7oGh5guna/Tyb3mjOCvu6XqNuErgu06c0
eHtFab+9/NcAM0Rl3uU/wOmJZBAoQ7EtXS+4dupc1qmoIkDvPnS1b9LLuxEj69Ne
A2OY7nYRuEa/3a1Tw7BMMs+3F3LoYl/pD5oyC5aUaFYgCuD0wbExqKioawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMPqkZJHmWh/5rQgyj7W5+fZc50FMB8GA1UdIwQY
MBaAFO50ULIwFy4+itNSiBEO+KvST/ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN25SUXNqQVhMajZLMDFLSUVRNzRxOUpQLVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yZTI1N2UtZGY2NC00NjY4LTg2M2It
ZjRkZWE4NjkyOWFlLzEvdy1xUmtrZVphSF9tdENES1B0Ym41OWx6blFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yZTI1N2UtZGY2NC00NjY4LTg2M2ItZjRkZWE4NjkyOWFl
LzEvN25SUXNqQVhMajZLMDFLSUVRNzRxOUpQLVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbasMA0G
CSqGSIb3DQEBCwUAA4IBAQA2aSCZmzQgcvk9/FWCUx4w5Vqz3FtFRYU4wPMmH5XN
FRULcgv7l3BqcuzZheMj4Uv4KvVpIrv4ZRobAtStHBuEM87QLzL/GKcZ3fBjGYcd
NIQuZ/7wHz0s01emTl3QMPGaprOhNG72Rf3bZ6SeABI0BAdMtIIitst4xWzFh3mb
sSPSsSEbaAlq4ZbafDac3SMkkuUMTOWSUNVwFtQ40tM63wlyXp32neKAAnkiQOCE
1hvlZ9LztYC/rfGVbsWEn7bAOCHh99YDibM/d4M4Tb+zcRHNXj+9v/ze4k3KvtDQ
jf2KVYpEVabMZDggsWBu8iXo8aOwXg7I3ajbPjME2/ll
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:27 2025 by rpki-client