Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/kjoJq5t3dUQkA5v5i1qxwARvy-k.roa
File: kjoJq5t3dUQkA5v5i1qxwARvy-k.roa (raw, json)
Hash identifier: aCcG7t58wahcM+8GN6wG8e+epPkxutJdWHFeoOueYAs=
Subject key identifier: 92:3A:09:AB:9B:77:75:44:24:03:9B:F9:8B:5A:B1:C0:04:6F:CB:E9
Certificate issuer: /CN=27f958c3b759b2c7896f5ed663e807781f3ff5a2
Certificate serial: 01856F9DEF3A4ADE6DBAC4254DC8E72A4808
Authority key identifier: 27:F9:58:C3:B7:59:B2:C7:89:6F:5E:D6:63:E8:07:78:1F:3F:F5:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_lYw7dZsseJb17WY-gHeB8_9aI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/kjoJq5t3dUQkA5v5i1qxwARvy-k.roa
Signing time: Sun 01 Jan 2023 23:14:59 +0000
ROA not before: Sun 01 Jan 2023 23:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210168
IP address blocks: 5.1.127.0/24 maxlen: 24
2a02:e747::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:ef:3a:4a:de:6d:ba:c4:25:4d:c8:e7:2a:48:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27f958c3b759b2c7896f5ed663e807781f3ff5a2
Validity
Not Before: Jan 1 23:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=923a09ab9b77754424039bf98b5ab1c0046fcbe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:09:87:2d:41:70:f4:55:1d:44:67:a8:3b:2c:
7c:6b:2b:11:ae:95:3c:eb:4d:a4:f7:21:ba:fa:57:
dd:4f:9a:e8:1a:1f:48:82:7a:dd:d1:73:35:62:f2:
bd:a1:34:4a:7d:d6:6d:cf:e2:a9:98:8d:2e:41:88:
a8:b6:cb:c8:20:cd:be:3f:e6:74:f2:2b:76:c9:45:
e6:7b:20:c9:0f:e7:aa:2b:a9:66:f3:28:ff:d6:73:
35:8a:de:2e:ad:73:bf:77:13:44:95:d4:02:5b:8b:
dc:37:e2:09:56:ee:5a:fe:e5:27:22:fa:f8:da:cb:
39:bc:5a:13:22:98:0a:e9:be:0a:8e:f1:d6:c4:52:
90:4a:73:ca:8d:84:d6:98:98:7f:b2:a2:3b:e2:3b:
dd:f8:8a:ca:93:ba:fa:00:ac:68:6f:d8:39:7a:b4:
72:48:85:09:b5:56:78:30:78:6e:4c:f6:0b:25:84:
25:46:52:2c:c6:bf:9b:ee:90:7d:ec:a3:64:73:7f:
f4:44:56:95:42:c0:32:98:0c:96:62:6d:d9:93:18:
37:99:40:ca:96:dc:32:78:44:39:0c:0c:b7:21:f7:
e9:c0:3a:b0:64:e0:34:d9:e9:5d:f5:24:f1:a2:71:
17:ae:5b:5b:a0:32:d8:ec:e1:b7:47:e7:ae:7f:41:
03:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:3A:09:AB:9B:77:75:44:24:03:9B:F9:8B:5A:B1:C0:04:6F:CB:E9
X509v3 Authority Key Identifier:
keyid:27:F9:58:C3:B7:59:B2:C7:89:6F:5E:D6:63:E8:07:78:1F:3F:F5:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_lYw7dZsseJb17WY-gHeB8_9aI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/kjoJq5t3dUQkA5v5i1qxwARvy-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/J_lYw7dZsseJb17WY-gHeB8_9aI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.127.0/24
IPv6:
2a02:e747::/48
Signature Algorithm: sha256WithRSAEncryption
79:64:b2:16:d7:1a:6c:d1:ad:da:4f:b0:1c:b9:0f:9b:06:d4:
c4:02:eb:df:b7:88:4b:f2:05:ef:79:36:cf:82:1e:4c:43:ce:
2a:30:97:cb:3c:33:b4:1d:39:5b:86:be:e4:fc:47:c7:a1:e7:
2d:80:72:d4:bb:e9:32:9a:d2:2a:bb:19:6a:dc:1c:27:c6:49:
67:af:f6:6f:51:8c:4b:51:89:4d:25:36:4b:fd:84:f0:ad:81:
c9:e2:45:c7:79:bf:48:02:17:b5:73:9f:aa:84:18:73:64:b3:
25:32:14:10:24:21:03:d1:ec:bd:e2:4a:6c:94:ca:35:f3:7e:
c4:e9:0c:d0:78:01:da:2a:c4:6f:04:b9:28:bb:4f:cb:d7:c2:
b7:ac:85:e4:49:6b:5b:52:b8:bc:6d:2c:d5:dd:50:4b:16:d2:
19:77:c5:d2:3b:cb:66:c9:9a:3b:12:fc:fc:32:3b:48:00:12:
ab:1e:0a:19:27:74:01:55:67:ef:02:66:42:db:d1:4f:bb:d8:
76:26:89:33:d4:89:4f:89:15:f8:23:fe:e4:c9:35:41:fb:91:
57:c8:25:64:1e:93:4d:ef:5b:19:46:26:7f:22:b3:b2:fd:bd:
c5:45:2c:c0:03:5c:14:8d:cf:df:b3:8a:00:80:54:c8:6a:22:
bd:2d:3e:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvne86St5tusQlTcjnKkgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3Zjk1OGMzYjc1OWIyYzc4OTZmNWVkNjYzZTgwNzc4MWYz
ZmY1YTIwHhcNMjMwMTAxMjMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjNhMDlhYjliNzc3NTQ0MjQwMzliZjk4YjVhYjFjMDA0NmZjYmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAmHLUFw9FUdRGeoOyx8aysRrpU8
602k9yG6+lfdT5roGh9Ignrd0XM1YvK9oTRKfdZtz+KpmI0uQYiotsvIIM2+P+Z0
8it2yUXmeyDJD+eqK6lm8yj/1nM1it4urXO/dxNEldQCW4vcN+IJVu5a/uUnIvr4
2ss5vFoTIpgK6b4KjvHWxFKQSnPKjYTWmJh/sqI74jvd+IrKk7r6AKxob9g5erRy
SIUJtVZ4MHhuTPYLJYQlRlIsxr+b7pB97KNkc3/0RFaVQsAymAyWYm3Zkxg3mUDK
ltwyeEQ5DAy3IffpwDqwZOA02eld9STxonEXrltboDLY7OG3R+euf0EDzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJI6Caubd3VEJAOb+YtascAEb8vpMB8GA1UdIwQY
MBaAFCf5WMO3WbLHiW9e1mPoB3gfP/WiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl9sWXc3ZFpzc2VKYjE3V1ktZ0hlQjhfOWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9jZGJmYmQtZWQ2Ny00NGI3LTllMWYt
YjI5MTA3Yjk4YWNjLzEva2pvSnE1dDNkVVFrQTV2NWkxcXh3QVJ2eS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9jZGJmYmQtZWQ2Ny00NGI3LTllMWYtYjI5MTA3Yjk4YWNj
LzEvSl9sWXc3ZFpzc2VKYjE3V1ktZ0hlQjhfOWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABQF/MA8E
AgACMAkDBwAqAudHAAAwDQYJKoZIhvcNAQELBQADggEBAHlkshbXGmzRrdpPsBy5
D5sG1MQC69+3iEvyBe95Ns+CHkxDziowl8s8M7QdOVuGvuT8R8eh5y2ActS76TKa
0iq7GWrcHCfGSWev9m9RjEtRiU0lNkv9hPCtgcniRcd5v0gCF7Vzn6qEGHNksyUy
FBAkIQPR7L3iSmyUyjXzfsTpDNB4AdoqxG8EuSi7T8vXwresheRJa1tSuLxtLNXd
UEsW0hl3xdI7y2bJmjsS/PwyO0gAEqseChkndAFVZ+8CZkLb0U+72HYmiTPUiU+J
Ffgj/uTJNUH7kVfIJWQek03vWxlGJn8is7L9vcVFLMADXBSNz9+zigCAVMhqIr0t
PvU=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:21 2025 by rpki-client