Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/5UUsu6do1UYp_cr0TR7kDjuaN9U.roa
File: 5UUsu6do1UYp_cr0TR7kDjuaN9U.roa (raw, json)
Hash identifier: 7TWk0TdKASF1lvLTR3NAeuqmOaa2aFvx/CsgxLJ872g=
Subject key identifier: E5:45:2C:BB:A7:68:D5:46:29:FD:CA:F4:4D:1E:E4:0E:3B:9A:37:D5
Certificate issuer: /CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Certificate serial: 09C83A50
Authority key identifier: 84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/5UUsu6do1UYp_cr0TR7kDjuaN9U.roa
Signing time: Sat 01 Jan 2022 06:54:43 +0000
ROA not before: Sat 01 Jan 2022 06:54:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51269
IP address blocks: 45.155.168.0/22 maxlen: 32
185.157.244.0/23 maxlen: 32
185.216.24.0/22 maxlen: 32
193.168.144.0/22 maxlen: 32
2a0b:b140::/29 maxlen: 29
2a09:6380::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164117072 (0x9c83a50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Validity
Not Before: Jan 1 06:54:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5452cbba768d54629fdcaf44d1ee40e3b9a37d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c1:d4:98:f3:0e:f3:8b:4f:3a:6e:6a:56:88:
d9:bb:be:d0:74:f6:3f:e9:cd:5c:84:cc:29:b7:41:
40:97:14:cc:00:6c:c7:d9:e6:fa:bf:e8:b5:a1:a0:
64:ea:d7:21:77:f0:b6:80:b5:6c:d3:0e:2e:b0:ce:
e3:d4:2c:31:b6:4d:ee:db:75:ea:c9:00:16:08:bb:
80:fa:c3:04:65:20:43:c5:41:dc:b9:4d:af:66:ba:
15:30:ff:b1:02:36:f8:b7:2d:b5:85:47:60:a5:f9:
7c:60:0f:b0:28:99:83:21:7f:ab:90:ca:ce:25:f6:
cc:ea:27:c0:cb:27:45:04:7b:c8:a4:c1:13:1e:cb:
4b:05:01:39:8e:c5:2c:d9:4f:5a:bc:71:f4:44:b3:
d4:9c:e7:19:6f:fd:30:6a:2a:46:96:52:fa:49:a8:
8a:88:28:c4:fd:9a:b1:36:05:44:37:57:74:df:00:
7f:91:e4:19:61:2e:2a:37:7e:ca:45:86:72:92:00:
7e:0e:d0:87:6e:df:6d:35:e1:f0:d8:81:66:1f:1f:
95:3d:cc:e6:47:95:e4:69:75:a0:2c:b1:dc:28:55:
f8:e2:c9:d0:1d:92:19:06:ec:7f:82:cc:20:80:ba:
e1:4c:c6:a0:39:35:fd:28:3b:63:18:9c:7c:da:cd:
42:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:45:2C:BB:A7:68:D5:46:29:FD:CA:F4:4D:1E:E4:0E:3B:9A:37:D5
X509v3 Authority Key Identifier:
keyid:84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/5UUsu6do1UYp_cr0TR7kDjuaN9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.168.0/22
185.157.244.0/23
185.216.24.0/22
193.168.144.0/22
IPv6:
2a09:6380::/29
2a0b:b140::/29
Signature Algorithm: sha256WithRSAEncryption
0f:9e:fb:05:ee:c0:e5:ac:dd:f3:0b:a5:e4:a7:da:21:67:f4:
10:34:38:6b:0c:cc:a4:1d:92:d1:f6:10:35:5c:c8:da:2a:63:
99:22:f8:03:51:82:da:b0:86:c2:15:85:8f:28:57:1a:78:ea:
0b:6b:98:fa:71:66:0f:f0:ab:b4:17:3d:ed:9c:88:b7:e3:10:
65:72:f7:52:24:b2:78:3a:55:ab:fb:36:08:98:7a:63:c5:59:
4c:72:1b:c3:e2:a7:de:c2:c6:3f:7e:48:73:70:73:51:6b:16:
da:0e:f1:a7:c1:83:e3:75:b8:28:8d:b1:44:c7:82:c3:6a:7b:
d5:37:5c:af:1a:57:06:0c:e1:08:8a:4c:01:82:8c:ee:e6:99:
d3:44:3e:5c:f8:ba:e5:e7:ff:5d:f5:5d:3e:8a:72:e8:67:b3:
d1:3c:22:32:e1:99:44:5a:1c:c4:95:5e:98:23:bd:ee:e3:6c:
1a:f2:1c:45:e9:8d:67:32:d5:7e:9a:c6:d9:d5:13:b8:c3:d2:
7f:91:98:f0:75:14:f7:75:6e:6e:f9:89:24:a9:d4:5d:57:9f:
a3:ab:79:99:6c:88:96:5f:49:80:9f:e3:6b:c3:4e:00:4d:90:
5a:ee:08:f6:ac:af:bb:5d:5f:8b:39:87:08:f1:c9:ed:69:9e:
5e:68:e1:b4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIECcg6UDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGUxNDI5YTUzZTY0NjNiM2M3NGY1YTNmMTdjNWQ0YTUxZWJkMGI4MB4XDTIyMDEw
MTA2NTQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTU0NTJjYmJhNzY4
ZDU0NjI5ZmRjYWY0NGQxZWU0MGUzYjlhMzdkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/B1JjzDvOLTzpualaI2bu+0HT2P+nNXITMKbdBQJcUzABs
x9nm+r/otaGgZOrXIXfwtoC1bNMOLrDO49QsMbZN7tt16skAFgi7gPrDBGUgQ8VB
3LlNr2a6FTD/sQI2+LcttYVHYKX5fGAPsCiZgyF/q5DKziX2zOonwMsnRQR7yKTB
Ex7LSwUBOY7FLNlPWrxx9ESz1JznGW/9MGoqRpZS+kmoiogoxP2asTYFRDdXdN8A
f5HkGWEuKjd+ykWGcpIAfg7Qh27fbTXh8NiBZh8flT3M5keV5Gl1oCyx3ChV+OLJ
0B2SGQbsf4LMIIC64UzGoDk1/Sg7YxicfNrNQoUCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBTlRSy7p2jVRin9yvRNHuQOO5o31TAfBgNVHSMEGDAWgBSE4UKaU+ZGOzx0
9aPxfF1KUevQuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hPRkNtbFBtUmpzOGRQV2o4WHhkU2xIcjBMZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNzJkYmRmLWM3MWQtNGU1OS04MDc2LWM0MWRjY2E4Yjc3NS8x
LzVVVXN1NmRvMVVZcF9jcjBUUjdrRGp1YU45VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NzJkYmRmLWM3MWQtNGU1OS04MDc2LWM0MWRjY2E4Yjc3NS8xL2hPRkNtbFBtUmpz
OGRQV2o4WHhkU2xIcjBMZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEAi2bqAMEAbmd9AMEArnYGAMEAsGo
kDAUBAIAAjAOAwUDKgljgAMFAyoLsUAwDQYJKoZIhvcNAQELBQADggEBAA+e+wXu
wOWs3fMLpeSn2iFn9BA0OGsMzKQdktH2EDVcyNoqY5ki+ANRgtqwhsIVhY8oVxp4
6gtrmPpxZg/wq7QXPe2ciLfjEGVy91Iksng6Vav7NgiYemPFWUxyG8Pip97Cxj9+
SHNwc1FrFtoO8afBg+N1uCiNsUTHgsNqe9U3XK8aVwYM4QiKTAGCjO7mmdNEPlz4
uuXn/131XT6Kcuhns9E8IjLhmURaHMSVXpgjve7jbBryHEXpjWcy1X6axtnVE7jD
0n+RmPB1FPd1bm75iSSp1F1Xn6OreZlsiJZfSYCf42vDTgBNkFruCPasr7tdX4s5
hwjxye1pnl5o4bQ=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:22:29 2025 by rpki-client