Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c7156a-8feb-439e-a88f-086c4ea1d8ca/1/5wZbgPP0idDvqFWDrHExwBSy0-A.roa
File: 5wZbgPP0idDvqFWDrHExwBSy0-A.roa (raw, json)
Hash identifier: jwB930XP2bumTTqGP7RIFHIEGy/2By+kKOR3o8nyHVo=
Subject key identifier: E7:06:5B:80:F3:F4:89:D0:EF:A8:55:83:AC:71:31:C0:14:B2:D3:E0
Certificate issuer: /CN=305d78d2075c7820979d7ba50d25b1427b67d456
Certificate serial: 01856C9CABDBC6FADB704583EAFF32CE95F6
Authority key identifier: 30:5D:78:D2:07:5C:78:20:97:9D:7B:A5:0D:25:B1:42:7B:67:D4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MF140gdceCCXnXulDSWxQntn1FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c7156a-8feb-439e-a88f-086c4ea1d8ca/1/5wZbgPP0idDvqFWDrHExwBSy0-A.roa
Signing time: Sun 01 Jan 2023 09:14:44 +0000
ROA not before: Sun 01 Jan 2023 09:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204819
IP address blocks: 185.69.64.0/22 maxlen: 22
2a05:2080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:ab:db:c6:fa:db:70:45:83:ea:ff:32:ce:95:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=305d78d2075c7820979d7ba50d25b1427b67d456
Validity
Not Before: Jan 1 09:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7065b80f3f489d0efa85583ac7131c014b2d3e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:51:c7:35:39:f7:90:e0:b7:b3:e2:78:79:95:
72:a5:95:09:52:7c:c6:78:1f:40:4b:67:b0:cb:e8:
b7:5c:a2:33:6f:2e:c7:d4:dd:b1:7f:b7:76:10:e9:
db:a8:24:4b:2e:39:8c:26:b8:ad:e3:02:f4:49:9d:
e2:fa:c3:f2:12:00:42:15:9b:49:3b:11:0c:49:10:
8c:bb:d8:43:cf:fa:f8:30:2c:ab:f4:36:ce:b5:7b:
7c:df:69:73:30:ee:ee:39:ca:70:17:76:09:a8:00:
3d:22:ba:09:5e:f4:85:eb:d6:be:4a:cd:0c:f7:bd:
aa:95:4f:65:86:ad:4c:93:39:60:94:26:43:9b:3c:
c9:6b:c8:cd:b6:cc:60:36:17:00:08:11:ce:26:7c:
ed:9a:a1:22:c7:3e:bf:35:20:e2:ab:df:4a:d5:5f:
2c:ad:7a:cf:64:df:a9:14:21:2f:e0:aa:21:ee:8d:
fb:9a:e9:f9:eb:7d:fb:ac:9a:ae:13:ee:90:c1:24:
61:22:4f:6b:b3:59:96:17:a7:4b:10:ef:21:f1:a6:
a9:3e:7e:f7:3d:95:4d:6d:37:41:94:ca:f6:f4:ee:
f9:ad:d5:91:4a:e7:2e:fd:d9:ba:f0:d6:16:83:b0:
62:8e:42:a0:05:ba:1e:83:bc:c3:58:ec:d7:6e:a2:
0a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:06:5B:80:F3:F4:89:D0:EF:A8:55:83:AC:71:31:C0:14:B2:D3:E0
X509v3 Authority Key Identifier:
keyid:30:5D:78:D2:07:5C:78:20:97:9D:7B:A5:0D:25:B1:42:7B:67:D4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MF140gdceCCXnXulDSWxQntn1FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7156a-8feb-439e-a88f-086c4ea1d8ca/1/5wZbgPP0idDvqFWDrHExwBSy0-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7156a-8feb-439e-a88f-086c4ea1d8ca/1/MF140gdceCCXnXulDSWxQntn1FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.64.0/22
IPv6:
2a05:2080::/29
Signature Algorithm: sha256WithRSAEncryption
e8:ca:2c:15:02:91:54:b6:60:eb:eb:dc:1e:60:e7:fd:f1:8b:
2f:55:a5:58:00:c9:c8:c7:70:38:37:b1:eb:52:21:a8:43:47:
52:f8:8b:04:4a:e1:e5:82:43:36:a7:7a:a7:b1:09:e2:03:82:
9a:df:66:9d:dd:c2:ce:4e:81:d8:a0:0d:6e:7b:cc:54:8c:79:
4c:7a:4b:21:cd:2e:9a:6e:6c:e7:cf:3e:af:b1:24:dc:ec:fb:
d9:73:83:f2:4e:fa:b0:32:dc:ef:9e:3e:0e:94:4c:29:23:7b:
69:71:4f:44:76:7a:48:fd:bb:94:53:cf:6c:b7:e7:d8:9c:2d:
de:97:17:56:01:7e:36:f4:3a:34:79:14:2a:93:d5:a1:92:a1:
d8:97:1a:c8:95:92:79:7d:f5:cd:d1:cf:92:25:61:93:65:cf:
e6:b0:d3:41:04:14:b8:f4:d7:42:d1:46:52:0a:a5:c6:a2:82:
8a:2f:91:7a:e5:76:e3:c5:4b:9f:48:77:e6:62:a3:bb:c9:a7:
54:96:25:cb:a5:09:8f:48:e8:8e:51:c1:6d:06:74:c4:17:cb:
73:9f:d0:f8:5e:0b:69:ba:6b:e3:82:1b:25:0f:48:88:f6:61:
b6:30:ff:59:b4:1c:4f:99:10:da:27:6c:f5:c4:74:13:d6:be:
59:26:ab:6b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsnKvbxvrbcEWD6v8yzpX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNWQ3OGQyMDc1Yzc4MjA5NzlkN2JhNTBkMjViMTQyN2I2
N2Q0NTYwHhcNMjMwMTAxMDkxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzA2NWI4MGYzZjQ4OWQwZWZhODU1ODNhYzcxMzFjMDE0YjJkM2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolHHNTn3kOC3s+J4eZVypZUJUnzG
eB9AS2ewy+i3XKIzby7H1N2xf7d2EOnbqCRLLjmMJrit4wL0SZ3i+sPyEgBCFZtJ
OxEMSRCMu9hDz/r4MCyr9DbOtXt832lzMO7uOcpwF3YJqAA9IroJXvSF69a+Ss0M
972qlU9lhq1MkzlglCZDmzzJa8jNtsxgNhcACBHOJnztmqEixz6/NSDiq99K1V8s
rXrPZN+pFCEv4Koh7o37mun56337rJquE+6QwSRhIk9rs1mWF6dLEO8h8aapPn73
PZVNbTdBlMr29O75rdWRSucu/dm68NYWg7BijkKgBboeg7zDWOzXbqIKowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOcGW4Dz9InQ76hVg6xxMcAUstPgMB8GA1UdIwQY
MBaAFDBdeNIHXHggl517pQ0lsUJ7Z9RWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUYxNDBnZGNlQ0NYblh1bERTV3hRbnRuMUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jNzE1NmEtOGZlYi00MzllLWE4OGYt
MDg2YzRlYTFkOGNhLzEvNXdaYmdQUDBpZER2cUZXRHJIRXh3QlN5MC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jNzE1NmEtOGZlYi00MzllLWE4OGYtMDg2YzRlYTFkOGNh
LzEvTUYxNDBnZGNlQ0NYblh1bERTV3hRbnRuMUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUVAMA0E
AgACMAcDBQMqBSCAMA0GCSqGSIb3DQEBCwUAA4IBAQDoyiwVApFUtmDr69weYOf9
8YsvVaVYAMnIx3A4N7HrUiGoQ0dS+IsESuHlgkM2p3qnsQniA4Ka32ad3cLOToHY
oA1ue8xUjHlMekshzS6abmznzz6vsSTc7PvZc4PyTvqwMtzvnj4OlEwpI3tpcU9E
dnpI/buUU89st+fYnC3elxdWAX429Do0eRQqk9WhkqHYlxrIlZJ5ffXN0c+SJWGT
Zc/msNNBBBS49NdC0UZSCqXGooKKL5F65XbjxUufSHfmYqO7yadUliXLpQmPSOiO
UcFtBnTEF8tzn9D4XgtpumvjghslD0iI9mG2MP9ZtBxPmRDaJ2z1xHQT1r5ZJqtr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:11 2025 by rpki-client