Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/hpK5UU2k_ZujVByauK1-el2PA5A.roa
File: hpK5UU2k_ZujVByauK1-el2PA5A.roa (raw, json)
Hash identifier: I+MsL5TGWvMcG5CrhPXLbw3Ip6GyUzAdPmKm9SjgLIM=
Subject key identifier: 86:92:B9:51:4D:A4:FD:9B:A3:54:1C:9A:B8:AD:7E:7A:5D:8F:03:90
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0184387480358B0A69CD6014F0C632B8E536
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/hpK5UU2k_ZujVByauK1-el2PA5A.roa
Signing time: Wed 02 Nov 2022 13:07:49 +0000
ROA not before: Wed 02 Nov 2022 13:07:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 155.254.38.0/23 maxlen: 24
198.105.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:38:74:80:35:8b:0a:69:cd:60:14:f0:c6:32:b8:e5:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Nov 2 13:07:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8692b9514da4fd9ba3541c9ab8ad7e7a5d8f0390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3a:37:da:27:28:bb:c6:f9:9d:88:24:83:7a:
b9:e9:66:e1:f7:cc:fe:8e:99:38:3f:ce:21:21:36:
e7:a5:af:db:f0:97:4e:80:dc:23:aa:84:56:ec:1f:
67:88:3f:0e:0c:e8:9b:4b:c9:e7:f9:3c:7c:2d:ce:
5b:04:83:e1:81:6d:60:d1:28:e8:d4:5e:0a:fc:2a:
cf:86:dd:08:71:8e:82:f5:28:ed:06:ac:ce:07:9b:
5e:c0:7c:0d:12:14:0a:92:ba:3d:28:79:d6:dc:48:
23:bf:c9:3a:fb:24:63:7d:86:f2:48:91:59:3c:35:
2d:b4:b5:a4:11:8a:d0:a5:26:56:eb:1b:a9:b6:09:
f0:46:7f:c2:eb:a4:bc:ea:37:68:af:97:66:82:d2:
52:83:82:75:0c:c7:b3:be:2b:22:e7:2f:25:aa:e8:
93:b9:b5:b7:b2:a4:a2:de:60:ab:62:7e:0e:e3:a2:
53:85:63:27:ce:bc:1a:a3:62:af:10:fd:4d:16:10:
82:37:53:83:8c:31:3c:bd:cb:d2:e8:62:b7:aa:ce:
6f:53:ba:26:4f:df:12:4b:c7:a0:f8:8e:5d:6c:b2:
1d:9b:e6:80:e6:e7:e8:ca:e0:20:8c:d9:92:cf:7a:
9d:7b:56:65:40:fc:7f:aa:1e:74:79:d6:8e:40:2c:
b9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:92:B9:51:4D:A4:FD:9B:A3:54:1C:9A:B8:AD:7E:7A:5D:8F:03:90
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/hpK5UU2k_ZujVByauK1-el2PA5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.254.38.0/23
198.105.100.0/24
Signature Algorithm: sha256WithRSAEncryption
43:50:a5:13:6a:c5:ff:a7:39:7d:45:ab:ec:7b:7d:16:74:0e:
e3:ec:d1:cf:2e:2f:b1:1a:75:88:53:5b:87:2e:0d:e7:6e:4c:
bd:be:90:5d:76:64:d8:11:4d:23:f4:b1:fa:91:bd:0b:c4:a5:
bc:f9:56:41:05:0b:bd:29:0f:04:fe:3d:4a:fc:0c:03:ab:a9:
82:1a:b3:ec:a3:ab:eb:bb:cb:82:b8:39:6d:da:78:40:c4:c7:
2d:4a:6f:39:ee:14:0f:69:82:6b:fa:1e:b0:11:11:8d:e6:2f:
4a:3f:a5:3f:89:44:64:93:33:f8:3c:0c:2d:c1:21:ee:5e:f3:
5b:95:78:81:24:ca:45:a9:96:48:e0:22:15:f4:2a:fd:58:a9:
17:3b:39:47:82:b2:61:1a:6f:6a:f8:11:c7:28:4e:5a:ff:54:
23:33:01:8b:84:6e:30:dc:c0:cc:c7:91:e9:6f:0e:e6:68:5b:
2a:f6:f8:58:67:4f:0b:f5:db:9d:5b:9d:81:09:e2:b3:b9:77:
48:ff:cc:c7:34:3b:1a:0e:46:f5:c3:eb:ed:80:b9:05:be:46:
f0:e8:21:01:75:95:d0:74:9e:1c:c9:57:51:f0:89:b0:68:f8:
f1:4b:7c:52:c2:ae:fa:72:ec:be:cd:6b:1b:f5:72:96:e4:48:
01:fe:60:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQ4dIA1iwppzWAU8MYyuOU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjIxMTAyMTMwNzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjkyYjk1MTRkYTRmZDliYTM1NDFjOWFiOGFkN2U3YTVkOGYwMzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDo32icou8b5nYgkg3q56Wbh98z+
jpk4P84hITbnpa/b8JdOgNwjqoRW7B9niD8ODOibS8nn+Tx8Lc5bBIPhgW1g0Sjo
1F4K/CrPht0IcY6C9SjtBqzOB5tewHwNEhQKkro9KHnW3Egjv8k6+yRjfYbySJFZ
PDUttLWkEYrQpSZW6xuptgnwRn/C66S86jdor5dmgtJSg4J1DMezvisi5y8lquiT
ubW3sqSi3mCrYn4O46JThWMnzrwao2KvEP1NFhCCN1ODjDE8vcvS6GK3qs5vU7om
T98SS8eg+I5dbLIdm+aA5ufoyuAgjNmSz3qde1ZlQPx/qh50edaOQCy5kwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIaSuVFNpP2bo1QcmritfnpdjwOQMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvaHBLNVVVMmtfWnVqVkJ5YXVLMS1lbDJQQTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBm/4mAwQA
xmlkMA0GCSqGSIb3DQEBCwUAA4IBAQBDUKUTasX/pzl9Ravse30WdA7j7NHPLi+x
GnWIU1uHLg3nbky9vpBddmTYEU0j9LH6kb0LxKW8+VZBBQu9KQ8E/j1K/AwDq6mC
GrPso6vru8uCuDlt2nhAxMctSm857hQPaYJr+h6wERGN5i9KP6U/iURkkzP4PAwt
wSHuXvNblXiBJMpFqZZI4CIV9Cr9WKkXOzlHgrJhGm9q+BHHKE5a/1QjMwGLhG4w
3MDMx5Hpbw7maFsq9vhYZ08L9dudW52BCeKzuXdI/8zHNDsaDkb1w+vtgLkFvkbw
6CEBdZXQdJ4cyVdR8ImwaPjxS3xSwq76cuy+zWsb9XKW5EgB/mDB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:35 2025 by rpki-client