Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/NtlC4Z7vTedDqgiT_8OrPKh51Ik.roa
File: NtlC4Z7vTedDqgiT_8OrPKh51Ik.roa (raw, json)
Hash identifier: FY2u/JLWGkxRM+zync2fzY+XfSU6vsjyxwJCXgcp3fk=
Subject key identifier: 36:D9:42:E1:9E:EF:4D:E7:43:AA:08:93:FF:C3:AB:3C:A8:79:D4:89
Certificate issuer: /CN=ffe70693454bc33485dec69d219d0502654ac04a
Certificate serial: 01856FD4F9DC356792DC85729393958A1798
Authority key identifier: FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/NtlC4Z7vTedDqgiT_8OrPKh51Ik.roa
Signing time: Mon 02 Jan 2023 00:15:06 +0000
ROA not before: Mon 02 Jan 2023 00:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205847
IP address blocks: 5.181.58.0/24 maxlen: 24
5.181.58.0/23 maxlen: 23
5.181.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:f9:dc:35:67:92:dc:85:72:93:93:95:8a:17:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffe70693454bc33485dec69d219d0502654ac04a
Validity
Not Before: Jan 2 00:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36d942e19eef4de743aa0893ffc3ab3ca879d489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:27:9f:3c:9f:a2:88:00:9a:2d:af:8f:d4:c6:
03:69:81:59:fc:56:7f:4a:c1:01:25:16:48:14:53:
13:21:82:81:8f:2f:f2:b9:95:7e:e5:a8:6f:07:71:
e0:ef:c2:0f:82:e4:bd:22:d5:4a:80:aa:28:13:ca:
9e:5e:dd:a6:be:21:cf:34:6e:e1:26:80:22:0c:40:
e6:fd:f7:35:e6:18:f6:63:a9:21:f1:69:74:ab:c1:
64:73:8a:b6:31:c1:35:11:e0:e5:a7:e7:8c:15:bd:
fa:13:89:d9:12:65:db:6d:a2:18:a7:57:fc:ec:25:
b0:b0:2f:00:ef:93:4c:77:da:2b:aa:e1:8d:92:3c:
f1:76:35:0e:2d:a9:49:92:67:41:ab:56:bc:05:02:
a4:dd:67:ad:9c:2b:99:ad:70:97:23:fc:1c:86:a4:
be:7b:d9:53:d4:90:6d:ee:2f:60:76:a4:27:77:d2:
4c:0e:56:3d:bd:71:01:a0:30:28:dd:a0:6b:8e:32:
90:b1:36:88:2a:d2:3d:70:07:cd:ad:74:34:81:78:
a5:c7:c6:94:56:66:25:78:dc:85:74:77:ab:15:56:
9d:aa:0d:38:5d:39:fb:0c:41:b2:6b:27:e4:1a:c0:
f5:a5:52:1e:66:2c:8f:5c:84:f8:52:da:53:26:32:
e4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D9:42:E1:9E:EF:4D:E7:43:AA:08:93:FF:C3:AB:3C:A8:79:D4:89
X509v3 Authority Key Identifier:
keyid:FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/NtlC4Z7vTedDqgiT_8OrPKh51Ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/_-cGk0VLwzSF3sadIZ0FAmVKwEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.58.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:8d:cf:fd:97:2c:96:53:cc:a1:e7:3b:e4:85:ab:fe:e8:eb:
aa:54:52:77:b7:32:13:cb:40:79:2d:6b:99:4a:78:f3:34:31:
17:46:b8:cc:22:35:98:22:9e:c8:d5:34:3c:28:5e:4f:e1:46:
29:24:98:6f:4a:3d:ca:ac:9b:80:96:16:cd:55:5e:bf:d6:7d:
40:26:fa:6c:35:e0:66:63:c1:2a:5a:c4:b0:5c:19:fc:b7:c1:
8b:7c:8a:23:1a:9f:ad:09:2a:c8:37:38:66:34:59:5a:1c:7f:
af:ec:2a:3f:af:4c:de:88:cd:00:06:4d:24:8c:18:49:82:1b:
99:21:61:a3:ad:eb:73:66:4a:dc:26:ea:b9:03:66:f7:40:6a:
2f:46:78:ba:cf:9c:12:ad:39:b6:fa:eb:76:9e:74:f4:6e:ae:
c7:4c:31:f3:13:6d:a7:93:3c:77:28:2f:8f:d7:b8:c7:f9:89:
5c:88:df:26:4f:26:08:31:96:bb:46:fc:4e:59:46:0f:d6:2a:
6a:62:a3:9b:89:3d:2c:ce:b5:35:91:b5:03:dd:57:63:a6:06:
6d:80:62:cb:d5:55:1c:79:48:ac:75:ea:dc:b2:33:a7:d8:98:
0c:c2:d3:21:6f:7b:e3:6a:69:fe:db:4d:09:a8:f2:6d:4e:7c:
cd:60:10:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1PncNWeS3IVyk5OViheYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZTcwNjkzNDU0YmMzMzQ4NWRlYzY5ZDIxOWQwNTAyNjU0
YWMwNGEwHhcNMjMwMTAyMDAxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ5NDJlMTllZWY0ZGU3NDNhYTA4OTNmZmMzYWIzY2E4NzlkNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCefPJ+iiACaLa+P1MYDaYFZ/FZ/
SsEBJRZIFFMTIYKBjy/yuZV+5ahvB3Hg78IPguS9ItVKgKooE8qeXt2mviHPNG7h
JoAiDEDm/fc15hj2Y6kh8Wl0q8Fkc4q2McE1EeDlp+eMFb36E4nZEmXbbaIYp1f8
7CWwsC8A75NMd9orquGNkjzxdjUOLalJkmdBq1a8BQKk3WetnCuZrXCXI/wchqS+
e9lT1JBt7i9gdqQnd9JMDlY9vXEBoDAo3aBrjjKQsTaIKtI9cAfNrXQ0gXilx8aU
VmYleNyFdHerFVadqg04XTn7DEGyayfkGsD1pVIeZiyPXIT4UtpTJjLkiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbZQuGe703nQ6oIk//DqzyoedSJMB8GA1UdIwQY
MBaAFP/nBpNFS8M0hd7GnSGdBQJlSsBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUt
MzUwMjY1OGFlNmY1LzEvTnRsQzRaN3ZUZWREcWdpVF84T3JQS2g1MUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUtMzUwMjY1OGFlNmY1
LzEvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBbU6MA0G
CSqGSIb3DQEBCwUAA4IBAQCpjc/9lyyWU8yh5zvkhav+6OuqVFJ3tzITy0B5LWuZ
SnjzNDEXRrjMIjWYIp7I1TQ8KF5P4UYpJJhvSj3KrJuAlhbNVV6/1n1AJvpsNeBm
Y8EqWsSwXBn8t8GLfIojGp+tCSrINzhmNFlaHH+v7Co/r0zeiM0ABk0kjBhJghuZ
IWGjretzZkrcJuq5A2b3QGovRni6z5wSrTm2+ut2nnT0bq7HTDHzE22nkzx3KC+P
17jH+YlciN8mTyYIMZa7RvxOWUYP1ipqYqObiT0szrU1kbUD3VdjpgZtgGLL1VUc
eUisdercsjOn2JgMwtMhb3vjamn+200JqPJtTnzNYBAt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:09 2025 by rpki-client