Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/PRjpPoWLoEndXojZljTBF5KeG6A.roa
File: PRjpPoWLoEndXojZljTBF5KeG6A.roa (raw, json)
Hash identifier: VDXtXy23vuafPyG+M7+NVY+cJkKIUUhRFm05G+zE2ZE=
Subject key identifier: 3D:18:E9:3E:85:8B:A0:49:DD:5E:88:D9:96:34:C1:17:92:9E:1B:A0
Certificate issuer: /CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Certificate serial: 01856C1C75F159779C78098AD91EE4A4EB65
Authority key identifier: 43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/PRjpPoWLoEndXojZljTBF5KeG6A.roa
Signing time: Sun 01 Jan 2023 06:54:42 +0000
ROA not before: Sun 01 Jan 2023 06:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200818
IP address blocks: 5.183.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:75:f1:59:77:9c:78:09:8a:d9:1e:e4:a4:eb:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Validity
Not Before: Jan 1 06:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d18e93e858ba049dd5e88d99634c117929e1ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9d:90:21:1f:6d:d8:c8:b8:8f:2a:38:ca:9c:
e6:b5:6b:09:b0:9a:34:50:8c:66:7b:4b:db:d7:4b:
e4:e8:95:60:1c:1f:6e:7d:32:8a:1c:cb:5f:c1:9a:
b0:a2:b8:5d:c5:a5:ee:17:30:a1:ad:2f:9c:75:b1:
2f:e7:b6:cf:fa:7b:2f:2f:48:67:db:bc:78:ad:2b:
7f:e7:4d:2f:cd:50:39:21:c0:b8:73:53:04:b9:22:
b5:1d:10:95:cc:e5:93:34:45:1d:29:30:5c:d9:08:
12:43:f0:41:78:b2:df:fb:a6:4d:ca:d3:d4:15:cf:
38:5e:72:06:41:14:fa:1c:d7:6a:5a:34:18:59:b9:
9d:3c:53:77:d9:ce:59:85:54:86:6c:aa:5d:93:9e:
9f:23:d2:4d:b3:11:94:90:5e:fd:52:61:0d:ca:12:
2e:b5:86:2b:9a:4d:34:90:36:57:59:39:19:88:25:
8a:06:f8:94:cb:79:ae:30:3e:a7:20:eb:a2:27:40:
4e:d4:41:f1:81:b6:f5:9c:33:ea:0e:c2:ed:25:79:
b1:2e:1f:1d:ce:de:9a:1e:e7:b4:75:16:a8:e3:38:
3b:29:d2:7f:92:2b:27:f5:9e:9b:31:d5:36:d1:98:
69:f4:cf:a0:74:83:d8:0e:bb:15:24:16:e1:aa:69:
f0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:18:E9:3E:85:8B:A0:49:DD:5E:88:D9:96:34:C1:17:92:9E:1B:A0
X509v3 Authority Key Identifier:
keyid:43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/PRjpPoWLoEndXojZljTBF5KeG6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/Q4T2-m3sztVXioWlHgvWVwHqNOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.108.0/24
Signature Algorithm: sha256WithRSAEncryption
39:12:a2:f6:ec:4b:f9:2e:03:ab:1d:89:30:03:57:bf:4f:32:
fc:26:17:d9:34:ce:a3:3a:b6:34:30:27:f3:a9:4f:c5:bf:1e:
08:62:f3:17:8d:f5:73:31:10:60:e7:c2:58:0d:83:1f:7e:26:
f9:fd:7a:d6:1d:87:e7:bf:20:26:df:03:35:bb:ac:e4:4c:ee:
5b:6b:22:ab:30:5d:da:c7:a6:5a:3d:e9:87:35:d6:1a:0c:37:
a8:51:ee:84:b3:4e:e2:a5:be:ec:95:20:7c:a9:63:85:8e:35:
68:56:6e:c6:56:5b:a8:8d:e2:1d:fd:5b:ed:59:97:26:a2:1d:
6f:e6:49:5e:bc:2a:fe:bb:46:e5:51:ed:6d:54:e7:e8:3d:a0:
3b:a1:9a:c9:cd:10:43:88:be:ab:c1:66:ee:79:78:a1:b2:ad:
14:ca:12:1e:e4:6f:5e:aa:3d:7b:94:ed:96:7f:09:a8:69:c5:
d9:a9:36:7a:85:87:d5:6b:a9:24:3a:57:4e:79:76:8d:57:83:
bf:95:f1:d4:1b:81:39:c0:b8:94:48:d2:a7:67:a7:d7:7d:a4:
17:45:fa:32:4c:a0:19:85:fa:0b:02:99:a2:bc:ff:23:d8:d2:
5d:d3:d0:c3:66:c7:d4:90:70:f0:6b:a8:4c:3d:24:f1:d0:2b:
5c:e9:ec:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsHHXxWXeceAmK2R7kpOtlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzODRmNmZhNmRlY2NlZDU1NzhhODVhNTFlMGJkNjU3MDFl
YTM0ZWMwHhcNMjMwMTAxMDY1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDE4ZTkzZTg1OGJhMDQ5ZGQ1ZTg4ZDk5NjM0YzExNzkyOWUxYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZ2QIR9t2Mi4jyo4ypzmtWsJsJo0
UIxme0vb10vk6JVgHB9ufTKKHMtfwZqworhdxaXuFzChrS+cdbEv57bP+nsvL0hn
27x4rSt/500vzVA5IcC4c1MEuSK1HRCVzOWTNEUdKTBc2QgSQ/BBeLLf+6ZNytPU
Fc84XnIGQRT6HNdqWjQYWbmdPFN32c5ZhVSGbKpdk56fI9JNsxGUkF79UmENyhIu
tYYrmk00kDZXWTkZiCWKBviUy3muMD6nIOuiJ0BO1EHxgbb1nDPqDsLtJXmxLh8d
zt6aHue0dRao4zg7KdJ/kisn9Z6bMdU20Zhp9M+gdIPYDrsVJBbhqmnwWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0Y6T6Fi6BJ3V6I2ZY0wReSnhugMB8GA1UdIwQY
MBaAFEOE9vpt7M7VV4qFpR4L1lcB6jTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMt
MWIxM2JkNDU2NmE1LzEvUFJqcFBvV0xvRW5kWG9qWmxqVEJGNUtlRzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMtMWIxM2JkNDU2NmE1
LzEvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbdsMA0G
CSqGSIb3DQEBCwUAA4IBAQA5EqL27Ev5LgOrHYkwA1e/TzL8JhfZNM6jOrY0MCfz
qU/Fvx4IYvMXjfVzMRBg58JYDYMffib5/XrWHYfnvyAm3wM1u6zkTO5bayKrMF3a
x6ZaPemHNdYaDDeoUe6Es07ipb7slSB8qWOFjjVoVm7GVluojeId/VvtWZcmoh1v
5klevCr+u0blUe1tVOfoPaA7oZrJzRBDiL6rwWbueXihsq0UyhIe5G9eqj17lO2W
fwmoacXZqTZ6hYfVa6kkOldOeXaNV4O/lfHUG4E5wLiUSNKnZ6fXfaQXRfoyTKAZ
hfoLApmivP8j2NJd09DDZsfUkHDwa6hMPSTx0Ctc6ewh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:58 2025 by rpki-client