Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/5hjGKE-n_TFLxLHgCrFPucU-CDg.roa
File: 5hjGKE-n_TFLxLHgCrFPucU-CDg.roa (raw, json)
Hash identifier: bOd0/VMxKCGXBXY/4vtXaZGmKp5M+QfOEZ2Krth2pqE=
Subject key identifier: E6:18:C6:28:4F:A7:FD:31:4B:C4:B1:E0:0A:B1:4F:B9:C5:3E:08:38
Certificate issuer: /CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Certificate serial: 34DF48FB
Authority key identifier: 85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/5hjGKE-n_TFLxLHgCrFPucU-CDg.roa
Signing time: Sat 01 Jan 2022 13:56:26 +0000
ROA not before: Sat 01 Jan 2022 13:56:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201711
IP address blocks: 37.77.175.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 887048443 (0x34df48fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Validity
Not Before: Jan 1 13:56:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e618c6284fa7fd314bc4b1e00ab14fb9c53e0838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:53:c3:45:67:2a:41:2b:58:13:43:a3:b3:1c:
16:82:d9:31:2b:33:30:4b:30:4f:51:5c:b3:85:eb:
4b:12:d5:a5:fe:27:36:2b:af:ea:a5:e0:26:04:54:
b8:d0:82:ca:94:2a:2c:9e:ed:1d:ad:a7:24:3a:35:
17:ae:a4:42:63:8e:44:aa:d4:75:27:4e:da:df:c6:
9d:49:77:ae:dc:ef:ed:78:f3:13:a1:98:f5:96:af:
7d:67:fc:50:39:97:f1:c5:39:e2:55:73:1f:87:a7:
60:d2:52:07:58:ca:79:4d:f7:a2:5b:01:26:45:d4:
d3:86:06:16:8b:13:73:92:78:51:4c:2e:1b:9d:18:
1a:61:bc:ae:e0:7b:b3:a7:bc:a5:82:09:70:df:c3:
a6:45:3f:09:cb:bc:e3:59:e6:10:14:40:d4:28:37:
f1:3f:05:39:fc:86:83:94:c7:36:3b:cd:64:41:dc:
96:20:c6:d1:06:7e:6b:3e:bc:07:9f:e4:bd:62:4e:
75:8b:70:ff:a0:bc:f1:4c:f2:b7:6c:25:c4:9f:1c:
de:51:55:f0:31:27:1f:e5:c1:ff:ee:66:f9:d9:95:
cf:e0:22:0b:1f:3c:36:78:c5:ef:79:33:58:1c:62:
47:ca:06:e4:0a:88:4b:e2:b3:5e:b5:ea:e1:a8:e5:
50:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:18:C6:28:4F:A7:FD:31:4B:C4:B1:E0:0A:B1:4F:B9:C5:3E:08:38
X509v3 Authority Key Identifier:
keyid:85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/5hjGKE-n_TFLxLHgCrFPucU-CDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.175.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:46:93:a7:a1:91:f8:81:ee:cb:64:8e:22:4e:28:4e:87:9c:
86:4b:01:5f:0e:2c:20:75:68:3c:e0:94:53:7f:a8:0f:d3:cc:
cf:31:f7:2d:c0:28:53:e7:5f:22:c2:68:24:28:83:ed:d7:1f:
07:11:12:7b:4f:ab:89:db:ec:fd:e1:ea:1a:13:45:d8:58:d7:
d0:6d:bf:ae:c2:20:19:80:0a:ec:6a:4f:18:1f:16:18:1d:d4:
3a:3a:a5:59:b8:af:3d:bd:ec:08:c7:06:37:fe:79:0b:49:e0:
4f:45:d1:06:22:b3:43:d3:b2:37:34:ca:70:e7:84:ef:09:70:
9c:a4:95:c0:80:a0:48:6c:01:5c:dc:78:ed:3a:38:81:cf:73:
33:93:81:7e:13:e6:04:e0:dc:4c:fd:0f:bb:8c:54:22:6a:34:
32:ce:69:15:02:1c:85:0c:1d:41:d5:76:b7:9b:1a:de:dc:18:
0f:f3:36:68:f8:b9:f2:dd:14:03:93:be:0f:f6:95:6f:05:fa:
68:1f:f4:80:f3:c0:30:38:82:a5:4d:e8:d9:f6:91:b4:8c:06:
5e:56:6f:ee:89:0e:38:60:e6:0a:da:47:a8:01:91:70:24:5b:
fe:9a:f4:73:61:99:09:9f:2a:84:45:c2:1d:c0:09:07:1d:91:
3b:94:7a:7e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENN9I+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NTdhMmM3NGFmNWE0NGQ5YWFlNDdhMGI4OTQyNWZhNGY3ZmM3YzE5MB4XDTIyMDEw
MTEzNTYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTYxOGM2Mjg0ZmE3
ZmQzMTRiYzRiMWUwMGFiMTRmYjljNTNlMDgzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOBTw0VnKkErWBNDo7McFoLZMSszMEswT1Fcs4XrSxLVpf4n
Niuv6qXgJgRUuNCCypQqLJ7tHa2nJDo1F66kQmOORKrUdSdO2t/GnUl3rtzv7Xjz
E6GY9ZavfWf8UDmX8cU54lVzH4enYNJSB1jKeU33olsBJkXU04YGFosTc5J4UUwu
G50YGmG8ruB7s6e8pYIJcN/DpkU/Ccu841nmEBRA1Cg38T8FOfyGg5THNjvNZEHc
liDG0QZ+az68B5/kvWJOdYtw/6C88Uzyt2wlxJ8c3lFV8DEnH+XB/+5m+dmVz+Ai
Cx88NnjF73kzWBxiR8oG5AqIS+KzXrXq4ajlUD0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTmGMYoT6f9MUvEseAKsU+5xT4IODAfBgNVHSMEGDAWgBSFeix0r1pE2ark
eguJQl+k9/x8GTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hYb3NkSzlhUk5tcTVIb0xpVUpmcFBmOGZCay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTMvMGE5YTMzLTk5ZGMtNGI5Mi04Y2VkLTgzNmFjOTdjMDFiYi8x
LzVoakdLRS1uX1RGTHhMSGdDckZQdWNVLUNEZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMv
MGE5YTMzLTk5ZGMtNGI5Mi04Y2VkLTgzNmFjOTdjMDFiYi8xL2hYb3NkSzlhUk5t
cTVIb0xpVUpmcFBmOGZCay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACVNrzANBgkqhkiG9w0BAQsFAAOC
AQEAqUaTp6GR+IHuy2SOIk4oToechksBXw4sIHVoPOCUU3+oD9PMzzH3LcAoU+df
IsJoJCiD7dcfBxESe0+ridvs/eHqGhNF2FjX0G2/rsIgGYAK7GpPGB8WGB3UOjql
WbivPb3sCMcGN/55C0ngT0XRBiKzQ9OyNzTKcOeE7wlwnKSVwICgSGwBXNx47To4
gc9zM5OBfhPmBODcTP0Pu4xUImo0Ms5pFQIchQwdQdV2t5sa3twYD/M2aPi58t0U
A5O+D/aVbwX6aB/0gPPAMDiCpU3o2faRtIwGXlZv7okOOGDmCtpHqAGRcCRb/pr0
c2GZCZ8qhEXCHcAJBx2RO5R6fg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:41 2025 by rpki-client