Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/BIx38U_5-o9bykyt8gsMKEXXQZo.roa
File: BIx38U_5-o9bykyt8gsMKEXXQZo.roa (raw, json)
Hash identifier: I3pco4KgLMHx8bq6CT3AfFpoNTj6R2sWx9vlkH33Edo=
Subject key identifier: 04:8C:77:F1:4F:F9:FA:8F:5B:CA:4C:AD:F2:0B:0C:28:45:D7:41:9A
Certificate issuer: /CN=8ad47baa9aa6e0a20ad995a79c2a8de604f9aa37
Certificate serial: 057254ED
Authority key identifier: 8A:D4:7B:AA:9A:A6:E0:A2:0A:D9:95:A7:9C:2A:8D:E6:04:F9:AA:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itR7qpqm4KIK2ZWnnCqN5gT5qjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/BIx38U_5-o9bykyt8gsMKEXXQZo.roa
Signing time: Sat 01 Jan 2022 13:07:00 +0000
ROA not before: Sat 01 Jan 2022 13:07:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60609
IP address blocks: 5.158.223.0/24 maxlen: 24
5.158.221.0/24 maxlen: 24
5.158.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91378925 (0x57254ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad47baa9aa6e0a20ad995a79c2a8de604f9aa37
Validity
Not Before: Jan 1 13:07:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=048c77f14ff9fa8f5bca4cadf20b0c2845d7419a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c9:2e:79:be:48:04:e3:20:5f:3d:e1:f6:43:
11:fd:b5:20:a1:ac:78:9a:15:d5:6b:43:c7:e5:cf:
d0:48:58:f7:89:68:23:67:20:b3:e1:7f:af:65:58:
4a:9d:5e:96:5c:59:b2:a5:40:a2:b6:09:0e:0b:42:
50:f0:2d:f4:ff:55:03:9b:cb:97:26:31:58:09:d2:
a7:0b:f8:20:58:c7:6c:6f:83:01:20:a5:f0:17:6f:
5a:24:e8:7c:ac:9e:c8:1a:ae:48:3c:d0:c9:7c:41:
5f:84:72:97:42:a2:72:9e:58:52:4d:87:9a:a0:6b:
71:d1:40:3a:85:94:14:10:0e:4f:70:a1:b8:92:18:
a4:57:58:72:2a:22:1f:59:48:ce:9e:38:e3:95:77:
a5:9d:2b:6d:28:19:14:87:d1:cb:27:4b:3b:27:f7:
e9:de:48:a5:02:5c:37:ee:77:8c:b6:a6:21:c8:4b:
9c:1b:ee:f1:b8:1c:90:df:ea:3e:d0:b1:61:b2:77:
23:7c:11:81:ba:7a:8f:91:12:7c:70:0a:64:e0:65:
d7:17:df:f5:79:5d:b9:31:08:f6:70:cd:74:63:27:
c1:59:9d:0c:61:6b:ff:3b:0d:da:ab:c1:ea:1d:38:
3c:e2:a2:8b:a7:49:e1:d3:5c:c4:54:b8:1b:77:8b:
db:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:8C:77:F1:4F:F9:FA:8F:5B:CA:4C:AD:F2:0B:0C:28:45:D7:41:9A
X509v3 Authority Key Identifier:
keyid:8A:D4:7B:AA:9A:A6:E0:A2:0A:D9:95:A7:9C:2A:8D:E6:04:F9:AA:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itR7qpqm4KIK2ZWnnCqN5gT5qjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/BIx38U_5-o9bykyt8gsMKEXXQZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/itR7qpqm4KIK2ZWnnCqN5gT5qjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.221.0-5.158.223.255
Signature Algorithm: sha256WithRSAEncryption
4d:c0:75:40:a7:7a:bf:ea:37:49:63:9b:c5:17:2a:e6:2d:39:
06:75:3e:c7:50:7d:0f:6c:16:d3:69:ee:0f:9b:23:69:48:6c:
21:85:69:a6:17:54:32:fd:1e:07:88:16:3c:ae:b5:6f:d3:ae:
6a:9b:b1:a5:0e:2b:29:5e:94:7f:da:6d:51:17:ea:62:49:f0:
cf:b4:7a:e1:17:a3:5f:a6:ff:9d:41:07:ae:77:b7:95:14:5c:
4b:4a:3d:ca:04:66:f9:e2:6a:12:75:a3:f8:7d:65:8a:cc:01:
0f:29:d9:9b:01:90:2a:a5:b4:08:5e:79:15:ae:42:e9:71:80:
fc:28:36:99:26:b4:5d:50:35:59:da:cf:2b:95:83:c1:ec:45:
39:c6:d8:68:25:75:45:79:8c:f5:e6:8e:ef:ba:2f:be:d1:d9:
f8:b1:93:22:88:4e:ab:a0:cc:af:59:09:20:a3:0c:d8:f4:c5:
9b:e8:ac:0e:30:6a:1a:ef:dc:ff:50:1e:12:2a:a8:d1:3f:f5:
53:10:93:99:2d:ee:80:4d:56:b6:f5:91:39:bb:34:dc:24:2a:
bc:c0:ca:ab:8f:fe:17:56:9e:68:cc:08:a3:76:d7:21:10:5f:
15:53:f9:05:07:81:8a:fe:31:5f:ae:34:f7:fb:3e:66:d3:b7:
c9:dd:01:73
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBXJU7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YWQ0N2JhYTlhYTZlMGEyMGFkOTk1YTc5YzJhOGRlNjA0ZjlhYTM3MB4XDTIyMDEw
MTEzMDcwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQ4Yzc3ZjE0ZmY5
ZmE4ZjViY2E0Y2FkZjIwYjBjMjg0NWQ3NDE5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTJLnm+SATjIF894fZDEf21IKGseJoV1WtDx+XP0EhY94lo
I2cgs+F/r2VYSp1ellxZsqVAorYJDgtCUPAt9P9VA5vLlyYxWAnSpwv4IFjHbG+D
ASCl8BdvWiTofKyeyBquSDzQyXxBX4Ryl0Kicp5YUk2HmqBrcdFAOoWUFBAOT3Ch
uJIYpFdYcioiH1lIzp4445V3pZ0rbSgZFIfRyydLOyf36d5IpQJcN+53jLamIchL
nBvu8bgckN/qPtCxYbJ3I3wRgbp6j5ESfHAKZOBl1xff9XlduTEI9nDNdGMnwVmd
DGFr/zsN2qvB6h04POKii6dJ4dNcxFS4G3eL25sCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQEjHfxT/n6j1vKTK3yCwwoRddBmjAfBgNVHSMEGDAWgBSK1HuqmqbgogrZ
laecKo3mBPmqNzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2l0UjdxcHFtNEtJSzJaV25uQ3FONWdUNXFqYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvOTM1NWI5LTczZDQtNGM0Yy05NjAxLWYwMWEyZjU4ZWY4OC8x
L0JJeDM4VV81LW85YnlreXQ4Z3NNS0VYWFFaby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
OTM1NWI5LTczZDQtNGM0Yy05NjAxLWYwMWEyZjU4ZWY4OC8xL2l0UjdxcHFtNEtJ
SzJaV25uQ3FONWdUNXFqYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQABZ7dAwQFBZ7AMA0GCSqGSIb3
DQEBCwUAA4IBAQBNwHVAp3q/6jdJY5vFFyrmLTkGdT7HUH0PbBbTae4PmyNpSGwh
hWmmF1Qy/R4HiBY8rrVv065qm7GlDispXpR/2m1RF+piSfDPtHrhF6Nfpv+dQQeu
d7eVFFxLSj3KBGb54moSdaP4fWWKzAEPKdmbAZAqpbQIXnkVrkLpcYD8KDaZJrRd
UDVZ2s8rlYPB7EU5xthoJXVFeYz15o7vui++0dn4sZMiiE6roMyvWQkgowzY9MWb
6KwOMGoa79z/UB4SKqjRP/VTEJOZLe6ATVa29ZE5uzTcJCq8wMqrj/4XVp5ozAij
dtchEF8VU/kFB4GK/jFfrjT3+z5m07fJ3QFz
-----END CERTIFICATE-----
Generated at Wed Apr 16 15:05:12 2025 by rpki-client