Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/97744d-5988-46ae-82f1-64187e30435b/1/m5Tr6kIpKg1o-xSTAvQhEwyD_so.roa
File: m5Tr6kIpKg1o-xSTAvQhEwyD_so.roa (raw, json)
Hash identifier: cgev4V08XTOhwZsSKpjPVSacMedbFpx+FFQC11K7ccA=
Subject key identifier: 9B:94:EB:EA:42:29:2A:0D:68:FB:14:93:02:F4:21:13:0C:83:FE:CA
Certificate issuer: /CN=be2f2ccf1baa39033ec76a586f846a36218f209d
Certificate serial: 0278DE3A
Authority key identifier: BE:2F:2C:CF:1B:AA:39:03:3E:C7:6A:58:6F:84:6A:36:21:8F:20:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vi8szxuqOQM-x2pYb4RqNiGPIJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/97744d-5988-46ae-82f1-64187e30435b/1/m5Tr6kIpKg1o-xSTAvQhEwyD_so.roa
Signing time: Sat 01 Jan 2022 10:55:18 +0000
ROA not before: Sat 01 Jan 2022 10:55:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39382
IP address blocks: 159.255.200.0/21 maxlen: 21
195.234.116.0/22 maxlen: 22
2a03:8680::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41475642 (0x278de3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be2f2ccf1baa39033ec76a586f846a36218f209d
Validity
Not Before: Jan 1 10:55:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b94ebea42292a0d68fb149302f421130c83feca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:34:9b:47:c8:92:17:1c:80:fa:8e:c2:d7:2b:
cb:36:4a:81:ee:5a:d2:f5:ae:41:4e:19:26:b3:c3:
ed:43:7d:a7:cb:2c:a2:66:0d:0c:96:cd:8a:f9:fc:
e1:67:e4:27:16:1c:a5:03:a1:c3:2e:48:bb:3b:50:
89:72:e7:a6:a5:8d:25:d8:0c:d0:63:74:c3:c0:aa:
71:3d:80:72:b5:ca:7e:4d:51:2d:57:2b:98:a3:f8:
a4:90:c7:e0:2d:b0:99:1b:89:04:4d:8b:39:01:88:
df:41:f2:e8:1f:24:ee:58:3e:e3:82:bc:76:46:37:
c6:00:23:9c:12:f0:2c:dd:2d:8f:d4:fd:e2:18:93:
2d:9d:20:5e:cf:d5:a4:1c:69:74:00:a5:7f:ba:eb:
12:86:ef:8e:c9:d7:15:57:92:00:49:61:38:98:ac:
95:3b:7d:18:72:21:6b:f9:14:70:24:fd:49:4c:59:
fe:ae:e9:dc:f6:80:76:7b:51:6d:49:fd:47:e7:9d:
f1:d7:34:51:3d:37:fd:69:a5:a8:40:38:f8:49:4a:
01:40:37:7f:7e:8a:be:38:52:b4:cc:7c:9c:a7:92:
74:91:4d:fd:41:c0:a3:92:38:f7:e4:03:2c:68:af:
2a:05:c9:c6:8b:19:89:9a:59:cd:5b:9a:14:6b:88:
bf:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:94:EB:EA:42:29:2A:0D:68:FB:14:93:02:F4:21:13:0C:83:FE:CA
X509v3 Authority Key Identifier:
keyid:BE:2F:2C:CF:1B:AA:39:03:3E:C7:6A:58:6F:84:6A:36:21:8F:20:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vi8szxuqOQM-x2pYb4RqNiGPIJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/97744d-5988-46ae-82f1-64187e30435b/1/m5Tr6kIpKg1o-xSTAvQhEwyD_so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/97744d-5988-46ae-82f1-64187e30435b/1/vi8szxuqOQM-x2pYb4RqNiGPIJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.200.0/21
195.234.116.0/22
IPv6:
2a03:8680::/32
Signature Algorithm: sha256WithRSAEncryption
07:d2:5f:f4:1c:0c:01:80:82:24:d0:1f:6f:dc:4b:90:c6:c9:
eb:89:1f:15:a2:f3:0d:30:e9:83:6c:65:8c:e9:99:fd:d1:6f:
e5:e8:fb:0b:66:34:b2:18:84:67:ed:35:80:59:ef:07:73:b7:
ac:e8:25:0a:5d:ca:51:50:57:b7:53:c1:bd:c3:54:03:8a:46:
5d:84:84:8e:1c:72:31:c0:a4:75:29:34:48:dc:74:7c:ca:0e:
70:c4:6a:cc:cc:53:09:5e:16:f2:df:2e:5b:88:0f:f1:bd:e3:
dd:3d:82:18:f4:13:60:28:31:a0:9b:be:cb:78:9a:1f:c1:ba:
76:b4:ef:fb:7e:23:c1:17:92:13:b1:64:73:98:dd:58:20:97:
40:41:b4:28:3b:be:53:45:52:02:08:35:84:ec:c2:65:e1:b3:
8d:89:e4:3f:c0:d7:6d:52:0c:55:22:d2:6c:78:19:aa:01:22:
28:f0:41:9c:49:59:c0:a0:24:b2:36:4e:1d:d7:11:a1:38:92:
30:e9:a3:31:dc:19:c4:63:01:38:2f:54:e6:c3:75:0f:c6:4b:
ad:ea:8e:40:18:f6:e9:8f:5f:00:f3:ae:78:6b:41:df:8a:58:
93:80:35:52:e3:9f:01:c0:0d:60:a8:dd:2e:7f:e4:17:1f:36:
0d:ab:3d:3e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAnjeOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTJmMmNjZjFiYWEzOTAzM2VjNzZhNTg2Zjg0NmEzNjIxOGYyMDlkMB4XDTIyMDEw
MTEwNTUxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWI5NGViZWE0MjI5
MmEwZDY4ZmIxNDkzMDJmNDIxMTMwYzgzZmVjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ80m0fIkhccgPqOwtcryzZKge5a0vWuQU4ZJrPD7UN9p8ss
omYNDJbNivn84WfkJxYcpQOhwy5IuztQiXLnpqWNJdgM0GN0w8CqcT2AcrXKfk1R
LVcrmKP4pJDH4C2wmRuJBE2LOQGI30Hy6B8k7lg+44K8dkY3xgAjnBLwLN0tj9T9
4hiTLZ0gXs/VpBxpdAClf7rrEobvjsnXFVeSAElhOJislTt9GHIha/kUcCT9SUxZ
/q7p3PaAdntRbUn9R+ed8dc0UT03/WmlqEA4+ElKAUA3f36KvjhStMx8nKeSdJFN
/UHAo5I49+QDLGivKgXJxosZiZpZzVuaFGuIvxkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSblOvqQikqDWj7FJMC9CETDIP+yjAfBgNVHSMEGDAWgBS+LyzPG6o5Az7H
alhvhGo2IY8gnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZpOHN6eHVxT1FNLXgycFliNFJxTmlHUElKMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvOTc3NDRkLTU5ODgtNDZhZS04MmYxLTY0MTg3ZTMwNDM1Yi8x
L201VHI2a0lwS2cxby14U1RBdlFoRXd5RF9zby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
OTc3NDRkLTU5ODgtNDZhZS04MmYxLTY0MTg3ZTMwNDM1Yi8xL3ZpOHN6eHVxT1FN
LXgycFliNFJxTmlHUElKMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA5//yAMEAsPqdDANBAIAAjAHAwUA
KgOGgDANBgkqhkiG9w0BAQsFAAOCAQEAB9Jf9BwMAYCCJNAfb9xLkMbJ64kfFaLz
DTDpg2xljOmZ/dFv5ej7C2Y0shiEZ+01gFnvB3O3rOglCl3KUVBXt1PBvcNUA4pG
XYSEjhxyMcCkdSk0SNx0fMoOcMRqzMxTCV4W8t8uW4gP8b3j3T2CGPQTYCgxoJu+
y3iaH8G6drTv+34jwReSE7Fkc5jdWCCXQEG0KDu+U0VSAgg1hOzCZeGzjYnkP8DX
bVIMVSLSbHgZqgEiKPBBnElZwKAksjZOHdcRoTiSMOmjMdwZxGMBOC9U5sN1D8ZL
reqOQBj26Y9fAPOueGtB34pYk4A1UuOfAcANYKjdLn/kFx82Das9Pg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:41 2025 by rpki-client