Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/M5S3w551QR016rqf0AqOu1mIblY.roa
File: M5S3w551QR016rqf0AqOu1mIblY.roa (raw, json)
Hash identifier: SqLeDJZSTvVuLkll4wXNyNYBZE7YPLK1KE7fIp0ssAk=
Subject key identifier: 33:94:B7:C3:9E:75:41:1D:35:EA:BA:9F:D0:0A:8E:BB:59:88:6E:56
Certificate issuer: /CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6
Certificate serial: 01856E78C911ED0EE1970CF81A0E4315D648
Authority key identifier: 5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/M5S3w551QR016rqf0AqOu1mIblY.roa
Signing time: Sun 01 Jan 2023 17:54:47 +0000
ROA not before: Sun 01 Jan 2023 17:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44640
IP address blocks: 185.56.116.0/22 maxlen: 24
91.202.44.0/22 maxlen: 24
2a04:c340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:c9:11:ed:0e:e1:97:0c:f8:1a:0e:43:15:d6:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6
Validity
Not Before: Jan 1 17:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3394b7c39e75411d35eaba9fd00a8ebb59886e56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5f:e4:6b:44:0f:f9:73:47:f2:8c:03:5c:20:
35:35:e2:8b:35:05:72:26:19:37:b2:e1:0c:e6:58:
85:01:31:fb:9d:1b:e3:d8:9b:98:0d:03:d6:db:d0:
fd:15:00:54:6e:83:03:5c:a1:04:93:89:a9:db:03:
9c:8f:4a:e7:f9:8b:4f:5c:6b:7d:f0:7d:b9:a5:77:
5f:e8:c6:ab:45:eb:5c:4b:a6:ad:aa:ca:a4:d4:a0:
ca:90:11:03:02:01:c5:da:49:da:87:e6:0d:49:e9:
b4:a9:7a:0e:db:60:01:d8:21:a1:dd:00:07:b2:76:
ea:8f:90:ae:f1:d2:24:31:1a:34:e9:98:75:6b:ef:
63:71:45:50:49:16:5f:5c:0b:2d:10:02:ae:1a:10:
92:a4:34:f9:a7:25:e1:23:d3:80:99:21:02:57:64:
58:24:e4:b7:cd:41:29:e0:63:04:ee:19:ab:b8:69:
69:ae:1c:49:ba:f2:cd:5b:be:07:de:41:e5:2b:83:
0d:f5:78:f1:c0:99:46:97:de:b7:6b:32:22:e7:be:
22:b2:55:da:31:55:5f:af:32:a1:55:e3:9a:c6:c3:
82:a1:14:cc:65:ed:fb:fd:c3:43:8a:83:96:14:d0:
5a:7f:67:9e:b7:f8:86:1d:ed:3e:17:06:44:75:1a:
9c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:94:B7:C3:9E:75:41:1D:35:EA:BA:9F:D0:0A:8E:BB:59:88:6E:56
X509v3 Authority Key Identifier:
keyid:5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/M5S3w551QR016rqf0AqOu1mIblY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.44.0/22
185.56.116.0/22
IPv6:
2a04:c340::/29
Signature Algorithm: sha256WithRSAEncryption
67:b3:50:fa:7f:8d:ca:6b:b8:27:f7:81:55:af:33:08:1c:3a:
3b:7d:ce:16:41:f3:27:50:ac:43:81:b5:48:39:5d:3c:b9:a8:
59:27:21:6e:ff:08:a1:6c:9f:26:ff:af:ee:64:75:65:56:0d:
d5:cf:48:f8:28:68:a7:19:55:10:42:e5:34:0c:f5:13:84:7e:
9e:81:d2:04:c3:b9:a8:e0:bf:48:62:ea:1a:bb:4a:dc:3d:cd:
44:9a:fe:1c:6f:b1:6f:44:bb:74:80:aa:77:95:11:38:7b:4f:
d5:82:f1:84:b5:d0:d1:2a:34:30:3b:31:1a:64:1d:70:c4:d0:
34:e2:f4:9b:34:83:d0:3c:66:09:f1:b6:8f:69:b7:52:fa:dd:
87:7e:a5:d5:b2:b6:4c:08:a6:7d:19:31:59:97:93:67:c4:d0:
51:b4:1e:51:a7:80:41:8f:7a:b7:64:37:82:47:08:43:bd:a9:
84:a0:e2:83:0a:72:cc:01:ac:db:0a:c7:5c:4a:7d:8d:3b:4e:
80:6d:65:9e:92:58:6f:e6:6a:cd:67:a1:e5:94:90:30:f5:74:
70:bc:6c:61:e6:9e:1d:bd:a7:01:be:2e:90:43:c6:d4:8d:aa:
3e:73:b8:38:a4:a1:49:ea:0f:91:55:b4:c3:5e:d3:87:15:62:
eb:cc:57:8d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVueMkR7Q7hlwz4Gg5DFdZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzkxYTFiYTA5YjlkNGQzNThlZjA1YWFkZWQ3ZjBlODVl
ODgxYjYwHhcNMjMwMTAxMTc1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzk0YjdjMzllNzU0MTFkMzVlYWJhOWZkMDBhOGViYjU5ODg2ZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApF/ka0QP+XNH8owDXCA1NeKLNQVy
Jhk3suEM5liFATH7nRvj2JuYDQPW29D9FQBUboMDXKEEk4mp2wOcj0rn+YtPXGt9
8H25pXdf6MarRetcS6atqsqk1KDKkBEDAgHF2knah+YNSem0qXoO22AB2CGh3QAH
snbqj5Cu8dIkMRo06Zh1a+9jcUVQSRZfXAstEAKuGhCSpDT5pyXhI9OAmSECV2RY
JOS3zUEp4GME7hmruGlprhxJuvLNW74H3kHlK4MN9XjxwJlGl963azIi574islXa
MVVfrzKhVeOaxsOCoRTMZe37/cNDioOWFNBaf2eet/iGHe0+FwZEdRqczQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDOUt8OedUEdNeq6n9AKjrtZiG5WMB8GA1UdIwQY
MBaAFFx5Ghugm51NNY7wWq3tfw6F6IG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTct
NjZjNWFlOGEzNmI0LzEvTTVTM3c1NTFRUjAxNnJxZjBBcU91MW1JYmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTctNjZjNWFlOGEzNmI0
LzEvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8osAwQC
uTh0MA0EAgACMAcDBQMqBMNAMA0GCSqGSIb3DQEBCwUAA4IBAQBns1D6f43Ka7gn
94FVrzMIHDo7fc4WQfMnUKxDgbVIOV08uahZJyFu/wihbJ8m/6/uZHVlVg3Vz0j4
KGinGVUQQuU0DPUThH6egdIEw7mo4L9IYuoau0rcPc1Emv4cb7FvRLt0gKp3lRE4
e0/VgvGEtdDRKjQwOzEaZB1wxNA04vSbNIPQPGYJ8baPabdS+t2HfqXVsrZMCKZ9
GTFZl5NnxNBRtB5Rp4BBj3q3ZDeCRwhDvamEoOKDCnLMAazbCsdcSn2NO06AbWWe
klhv5mrNZ6HllJAw9XRwvGxh5p4dvacBvi6QQ8bUjao+c7g4pKFJ6g+RVbTDXtOH
FWLrzFeN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:53 2025 by rpki-client