Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/Hl_rU5xLglM2kc7TYVtSUXbKxNU.roa
File: Hl_rU5xLglM2kc7TYVtSUXbKxNU.roa (raw, json)
Hash identifier: qpolKNDR/IzeoteWrbDKtnaXipj1FNcd0/b/KgA30q8=
Subject key identifier: 1E:5F:EB:53:9C:4B:82:53:36:91:CE:D3:61:5B:52:51:76:CA:C4:D5
Certificate issuer: /CN=e15136feff3574ef9b2262de59b06a21908fab3e
Certificate serial: 018956856C529FB3C2EC0EF40B9AD09A5C3A
Authority key identifier: E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/Hl_rU5xLglM2kc7TYVtSUXbKxNU.roa
Signing time: Fri 14 Jul 2023 22:28:51 +0000
ROA not before: Fri 14 Jul 2023 22:28:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49801
IP address blocks: 78.111.5.0/24 maxlen: 24
78.111.6.0/24 maxlen: 24
87.247.172.0/23 maxlen: 23
87.247.168.0/21 maxlen: 21
87.247.173.0/24 maxlen: 24
2a10:a440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:56:85:6c:52:9f:b3:c2:ec:0e:f4:0b:9a:d0:9a:5c:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15136feff3574ef9b2262de59b06a21908fab3e
Validity
Not Before: Jul 14 22:28:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e5feb539c4b82533691ced3615b525176cac4d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:05:88:3b:53:72:91:52:70:ef:29:a6:10:b2:
ae:94:82:37:0b:46:e5:47:a7:f1:4a:fb:81:d6:d3:
8c:50:57:fb:84:b5:aa:66:75:3d:47:47:14:b4:94:
b6:0c:72:04:4b:7d:eb:84:f1:e4:56:9c:ad:17:eb:
9a:5d:5b:8c:2b:b0:8f:52:d1:e2:f0:47:83:08:bf:
30:54:30:31:1b:e6:3b:45:11:1d:88:8e:1e:a8:86:
0a:59:76:a4:b9:c3:f6:7a:ed:be:d3:91:83:f0:09:
07:01:f2:62:b6:ca:0c:63:10:7c:85:0d:ab:fd:a9:
3b:c9:b2:06:bf:a2:df:a1:61:a2:1d:3c:99:31:ee:
1e:f2:5f:e8:ba:f4:cc:5a:7c:9e:75:44:14:2e:36:
6e:15:9d:5d:a0:08:54:c3:53:86:f1:18:de:57:13:
92:79:70:08:71:fc:5c:f3:12:b6:a1:d8:d0:9a:75:
17:03:29:0a:34:52:54:2f:46:fe:02:6b:5c:76:9a:
0f:60:93:9b:94:21:36:c6:4d:5e:79:86:82:02:97:
d7:78:28:20:fe:74:53:cd:41:d3:59:d2:3e:8b:57:
ab:9a:cb:c5:0f:8c:00:30:85:7c:50:16:59:c7:d9:
59:33:60:db:fb:d3:7f:b1:fe:bb:e0:1d:57:e5:11:
d6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:5F:EB:53:9C:4B:82:53:36:91:CE:D3:61:5B:52:51:76:CA:C4:D5
X509v3 Authority Key Identifier:
keyid:E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/Hl_rU5xLglM2kc7TYVtSUXbKxNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.5.0-78.111.6.255
87.247.168.0/21
IPv6:
2a10:a440::/29
Signature Algorithm: sha256WithRSAEncryption
8e:32:3e:ca:41:85:ab:9f:99:5e:8d:2e:e0:8b:ac:2c:01:e5:
25:b9:fa:73:23:4f:cf:24:e1:b7:3f:bc:e5:b3:f7:40:3d:1c:
ca:19:ac:79:21:fd:79:26:a4:69:f8:51:94:a2:99:93:f4:60:
4a:de:aa:04:70:12:8a:fc:54:df:1a:88:d7:39:83:c0:2e:64:
8f:ee:95:7a:36:99:43:81:7e:f2:90:ac:91:4b:78:af:07:f6:
84:89:29:df:3d:f0:60:08:fb:db:2b:74:9b:6e:aa:4c:b1:7a:
99:1f:b4:24:af:ed:8a:a4:67:d7:5a:13:3f:b8:81:16:5d:68:
61:55:bb:21:40:52:6a:4d:8e:2d:8e:1d:2a:50:db:23:8d:b2:
9a:fc:0f:45:6c:3f:53:c3:08:d2:a9:24:cf:ac:3f:87:f6:c9:
fe:71:bc:36:db:a5:b1:3a:82:e7:37:c0:0c:40:d8:13:47:9d:
3b:ce:03:0a:77:be:de:e2:ea:22:83:1f:4d:79:74:58:26:2d:
fe:6a:1e:88:1a:c2:b5:04:36:64:8f:1b:5a:ca:29:6f:a9:dc:
d4:e0:94:be:87:cc:5d:ca:b4:7f:90:44:8a:65:5a:7f:37:13:
47:76:f1:eb:fe:a8:bb:ea:3e:89:a5:ad:b1:05:08:ac:54:94:
0a:41:47:c5
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYlWhWxSn7PC7A70C5rQmlw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTEzNmZlZmYzNTc0ZWY5YjIyNjJkZTU5YjA2YTIxOTA4
ZmFiM2UwHhcNMjMwNzE0MjIyODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTVmZWI1MzljNGI4MjUzMzY5MWNlZDM2MTViNTI1MTc2Y2FjNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQWIO1NykVJw7ymmELKulII3C0bl
R6fxSvuB1tOMUFf7hLWqZnU9R0cUtJS2DHIES33rhPHkVpytF+uaXVuMK7CPUtHi
8EeDCL8wVDAxG+Y7RREdiI4eqIYKWXakucP2eu2+05GD8AkHAfJitsoMYxB8hQ2r
/ak7ybIGv6LfoWGiHTyZMe4e8l/ouvTMWnyedUQULjZuFZ1doAhUw1OG8RjeVxOS
eXAIcfxc8xK2odjQmnUXAykKNFJUL0b+AmtcdpoPYJOblCE2xk1eeYaCApfXeCgg
/nRTzUHTWdI+i1ermsvFD4wAMIV8UBZZx9lZM2Db+9N/sf674B1X5RHWgQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFB5f61OcS4JTNpHO02FbUlF2ysTVMB8GA1UdIwQY
MBaAFOFRNv7/NXTvmyJi3lmwaiGQj6s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMt
MDQxMzEyMjQyZmYzLzEvSGxfclU1eExnbE0ya2M3VFlWdFNVWGJLeE5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMtMDQxMzEyMjQyZmYz
LzEvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBABObwUD
BABObwYDBANX96gwDQQCAAIwBwMFAyoQpEAwDQYJKoZIhvcNAQELBQADggEBAI4y
PspBhaufmV6NLuCLrCwB5SW5+nMjT88k4bc/vOWz90A9HMoZrHkh/XkmpGn4UZSi
mZP0YEreqgRwEor8VN8aiNc5g8AuZI/ulXo2mUOBfvKQrJFLeK8H9oSJKd898GAI
+9srdJtuqkyxepkftCSv7YqkZ9daEz+4gRZdaGFVuyFAUmpNji2OHSpQ2yONspr8
D0VsP1PDCNKpJM+sP4f2yf5xvDbbpbE6guc3wAxA2BNHnTvOAwp3vt7i6iKDH015
dFgmLf5qHogawrUENmSPG1rKKW+p3NTglL6HzF3KtH+QRIplWn83E0d28ev+qLvq
PomlrbEFCKxUlApBR8U=
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:05:17 2025 by rpki-client