Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/hNvyCa8oKIQCH3r-gi1w4VzJdT4.roa
File: hNvyCa8oKIQCH3r-gi1w4VzJdT4.roa (raw, json)
Hash identifier: 88IYYT7hd0fQZy5k+JTbMAAZS8Plku9JjKqYrppSCKc=
Subject key identifier: 84:DB:F2:09:AF:28:28:84:02:1F:7A:FE:82:2D:70:E1:5C:C9:75:3E
Certificate issuer: /CN=7b48945b9d716cd47fbde2860d8100fcda987496
Certificate serial: 01857039842E3B53B62F8F9D1172CC26150F
Authority key identifier: 7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/hNvyCa8oKIQCH3r-gi1w4VzJdT4.roa
Signing time: Mon 02 Jan 2023 02:04:55 +0000
ROA not before: Mon 02 Jan 2023 02:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 5.22.145.0/24 maxlen: 24
2a00:18e0:5::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:84:2e:3b:53:b6:2f:8f:9d:11:72:cc:26:15:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b48945b9d716cd47fbde2860d8100fcda987496
Validity
Not Before: Jan 2 02:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84dbf209af282884021f7afe822d70e15cc9753e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c3:ba:5c:a8:d0:92:84:d2:78:6b:5b:91:8d:
2e:4d:5b:51:35:07:9a:ea:03:d3:46:3c:14:0c:e4:
63:6e:41:5b:29:6f:2a:88:6e:38:4c:6d:55:ef:84:
9c:27:f1:a0:62:3d:33:bd:be:84:25:b7:fc:8d:20:
40:8f:b9:96:d3:9c:34:41:f1:9c:36:db:2a:6e:66:
24:4f:b3:96:86:18:99:a7:d7:3d:71:5e:5c:eb:0d:
1a:de:07:91:53:a7:06:ef:07:7b:30:07:34:d9:0b:
6e:1f:f3:b3:79:9f:36:18:16:0a:5c:05:57:11:d0:
98:2d:74:a9:7e:52:81:58:10:6e:4e:f3:ee:b9:61:
69:5f:8e:63:ae:64:f9:88:fe:7e:1e:4a:7e:56:8e:
17:81:96:51:82:3c:65:32:79:16:20:78:0f:73:68:
e4:78:07:dc:19:02:9d:e3:3b:e8:19:e5:52:b1:a5:
ec:8d:67:bd:74:e6:72:42:1a:fc:d0:a0:5b:a6:20:
64:1f:b9:5a:04:ff:e7:1b:28:85:b2:18:27:88:3a:
c8:ce:a4:1b:ba:ad:b8:fa:e9:42:4d:20:b4:9e:28:
66:04:5f:43:be:9a:3c:00:46:3d:ab:24:1f:ac:e1:
d6:80:7d:10:d0:b9:cc:c1:c0:73:ba:c3:0b:49:67:
d7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DB:F2:09:AF:28:28:84:02:1F:7A:FE:82:2D:70:E1:5C:C9:75:3E
X509v3 Authority Key Identifier:
keyid:7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/hNvyCa8oKIQCH3r-gi1w4VzJdT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/e0iUW51xbNR_veKGDYEA_NqYdJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.145.0/24
IPv6:
2a00:18e0:5::/48
Signature Algorithm: sha256WithRSAEncryption
7c:3f:e4:22:4e:32:09:8f:3a:f3:7d:3f:5f:53:c4:42:54:ef:
79:93:fb:6d:1f:31:68:02:cc:81:07:00:42:70:97:17:fb:12:
4f:5d:d1:1c:f8:2f:4b:e1:92:12:7a:a8:99:4b:48:e6:82:85:
d6:bf:1a:a2:49:2f:90:44:09:74:54:8d:10:10:a2:01:06:1b:
70:f3:74:9f:53:9e:92:b2:b3:a8:83:41:d6:2d:42:58:0c:74:
9d:b4:d0:39:fd:25:4c:3d:72:51:41:c7:8e:df:0c:0a:5c:a3:
a3:66:52:ed:13:7a:97:95:67:4b:f6:b3:75:31:96:26:a7:e1:
37:b8:20:42:06:bd:f2:1b:62:f8:eb:04:91:4a:ba:72:d6:38:
cb:e2:b0:ee:d2:e1:cf:ff:fc:30:71:d2:79:93:05:c9:a8:31:
df:51:0f:73:f3:21:f6:9e:95:cf:49:07:63:99:a7:6b:39:37:
90:41:cd:1e:de:90:f9:27:e8:33:6e:cc:6e:76:31:da:72:5e:
8e:7f:8c:9e:33:bb:ef:e5:65:04:9f:52:6c:a0:c7:b1:55:60:
76:2d:09:bd:de:25:cb:ce:71:84:3f:90:11:60:38:06:6b:89:
ba:d3:87:3c:d3:8b:90:89:74:ee:90:7e:02:ea:e1:65:1b:28:
cb:87:a7:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwOYQuO1O2L4+dEXLMJhUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNDg5NDViOWQ3MTZjZDQ3ZmJkZTI4NjBkODEwMGZjZGE5
ODc0OTYwHhcNMjMwMTAyMDIwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGRiZjIwOWFmMjgyODg0MDIxZjdhZmU4MjJkNzBlMTVjYzk3NTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMO6XKjQkoTSeGtbkY0uTVtRNQea
6gPTRjwUDORjbkFbKW8qiG44TG1V74ScJ/GgYj0zvb6EJbf8jSBAj7mW05w0QfGc
NtsqbmYkT7OWhhiZp9c9cV5c6w0a3geRU6cG7wd7MAc02QtuH/OzeZ82GBYKXAVX
EdCYLXSpflKBWBBuTvPuuWFpX45jrmT5iP5+Hkp+Vo4XgZZRgjxlMnkWIHgPc2jk
eAfcGQKd4zvoGeVSsaXsjWe9dOZyQhr80KBbpiBkH7laBP/nGyiFshgniDrIzqQb
uq24+ulCTSC0nihmBF9Dvpo8AEY9qyQfrOHWgH0Q0LnMwcBzusMLSWfXEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFITb8gmvKCiEAh96/oItcOFcyXU+MB8GA1UdIwQY
MBaAFHtIlFudcWzUf73ihg2BAPzamHSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2Mt
NGU4NTg5N2YzMDljLzEvaE52eUNhOG9LSVFDSDNyLWdpMXc0VnpKZFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2MtNGU4NTg5N2YzMDlj
LzEvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABRaRMA8E
AgACMAkDBwAqABjgAAUwDQYJKoZIhvcNAQELBQADggEBAHw/5CJOMgmPOvN9P19T
xEJU73mT+20fMWgCzIEHAEJwlxf7Ek9d0Rz4L0vhkhJ6qJlLSOaChda/GqJJL5BE
CXRUjRAQogEGG3DzdJ9TnpKys6iDQdYtQlgMdJ200Dn9JUw9clFBx47fDApco6Nm
Uu0TepeVZ0v2s3Uxlian4Te4IEIGvfIbYvjrBJFKunLWOMvisO7S4c///DBx0nmT
BcmoMd9RD3PzIfaelc9JB2OZp2s5N5BBzR7ekPkn6DNuzG52MdpyXo5/jJ4zu+/l
ZQSfUmygx7FVYHYtCb3eJcvOcYQ/kBFgOAZribrThzzTi5CJdO6QfgLq4WUbKMuH
p1o=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:59 2025 by rpki-client