Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/da614b-dd19-41e0-a7c4-66fd23eec34d/1/hVsnavnpuOOnPPETZJwqrbVl7SA.roa
File: hVsnavnpuOOnPPETZJwqrbVl7SA.roa (raw, json)
Hash identifier: JeyafEsuqSke190xMMcneCozP/vIEVeXtOWNaEUCwCI=
Subject key identifier: 85:5B:27:6A:F9:E9:B8:E3:A7:3C:F1:13:64:9C:2A:AD:B5:65:ED:20
Certificate issuer: /CN=a978c3655c5a609712e755100d98892ae1c8e5eb
Certificate serial: 01856DCAED0E04C18F9D68FEF3CBFE919E8B
Authority key identifier: A9:78:C3:65:5C:5A:60:97:12:E7:55:10:0D:98:89:2A:E1:C8:E5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qXjDZVxaYJcS51UQDZiJKuHI5es.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/da614b-dd19-41e0-a7c4-66fd23eec34d/1/hVsnavnpuOOnPPETZJwqrbVl7SA.roa
Signing time: Sun 01 Jan 2023 14:44:53 +0000
ROA not before: Sun 01 Jan 2023 14:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209110
IP address blocks: 5.182.40.0/22 maxlen: 24
2a0e:d800::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ed:0e:04:c1:8f:9d:68:fe:f3:cb:fe:91:9e:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a978c3655c5a609712e755100d98892ae1c8e5eb
Validity
Not Before: Jan 1 14:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=855b276af9e9b8e3a73cf113649c2aadb565ed20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1c:54:13:3b:ab:f6:63:99:e7:d3:7f:ca:b2:
eb:7d:82:51:49:c0:b4:72:f4:44:34:1d:90:2c:13:
dd:48:0a:23:53:24:1d:61:e7:58:f4:59:b5:9e:d5:
12:89:2d:75:a5:d0:18:03:bc:5f:a2:e1:27:bb:39:
99:6d:49:ea:a6:02:d8:4b:17:e5:8f:c4:cd:a6:f3:
b7:d2:55:21:7e:16:36:ff:e8:dc:4f:03:6e:a7:3b:
cd:96:3a:2d:8f:91:41:da:e8:01:93:cf:b2:af:7b:
9e:42:7f:79:6c:ab:ee:b8:41:40:74:a9:e3:b8:2d:
47:bc:ce:5c:06:87:1c:82:d6:05:fa:91:cf:f3:ae:
e2:49:7c:94:58:de:cc:ce:76:f1:06:7b:55:d4:7e:
ef:5a:66:84:2f:5b:49:a6:74:e4:44:48:a6:b6:27:
d0:d9:47:34:b5:f9:8e:e7:b8:56:78:af:80:eb:3b:
ea:9d:e1:4e:76:d6:ee:c9:f9:3a:76:1e:19:c0:5a:
a9:5b:50:60:84:82:65:e5:f5:aa:52:ff:8d:e4:11:
a2:05:fe:85:7d:43:a5:7e:ce:42:5d:2d:fb:c2:e5:
79:6c:b8:e5:b5:31:86:fd:be:1a:52:9e:05:67:ee:
81:52:c4:29:48:e5:3d:ff:79:73:bf:ed:7f:0a:c1:
24:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:5B:27:6A:F9:E9:B8:E3:A7:3C:F1:13:64:9C:2A:AD:B5:65:ED:20
X509v3 Authority Key Identifier:
keyid:A9:78:C3:65:5C:5A:60:97:12:E7:55:10:0D:98:89:2A:E1:C8:E5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qXjDZVxaYJcS51UQDZiJKuHI5es.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/da614b-dd19-41e0-a7c4-66fd23eec34d/1/hVsnavnpuOOnPPETZJwqrbVl7SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/da614b-dd19-41e0-a7c4-66fd23eec34d/1/qXjDZVxaYJcS51UQDZiJKuHI5es.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.40.0/22
IPv6:
2a0e:d800::/29
Signature Algorithm: sha256WithRSAEncryption
67:3c:aa:b5:0c:00:b4:fb:5f:3c:b9:94:80:ef:6f:1a:e7:bd:
a5:3f:28:81:87:e3:79:ed:87:dd:f5:4f:d0:73:bc:ac:04:c9:
a6:3e:33:82:0d:c0:e1:83:e0:a2:ab:3e:c1:ff:13:b1:41:75:
a0:48:36:f0:36:d7:73:02:48:5f:ee:3c:99:00:7b:15:70:ee:
17:09:8f:68:e6:63:22:2a:2f:a2:e6:0d:24:51:0a:76:cc:ae:
21:df:08:bb:41:8b:7e:54:36:03:19:3f:ed:92:2a:86:d3:ce:
c7:3b:95:8f:42:91:bd:a7:4e:e3:4f:11:77:c1:d7:fa:0f:33:
58:f6:b9:cf:25:33:90:ab:23:b2:37:cc:84:4e:93:30:48:62:
13:4d:2a:8e:81:06:4a:ef:0b:cd:f2:9c:a4:1c:b4:61:63:7a:
0e:a8:98:e5:14:fd:9c:1d:73:69:6f:f3:ab:b0:61:0b:82:99:
a0:1a:d9:7c:62:4c:3b:17:9e:d3:67:c9:80:4c:57:82:8a:23:
a4:58:1b:4a:e1:ed:3c:fc:38:4e:3b:c3:68:1b:c2:0e:2a:28:
62:de:ea:db:74:56:52:61:56:09:f3:0f:c6:84:b5:b3:0f:e2:
9e:be:ab:05:99:48:38:4e:88:fa:98:b8:b6:93:d9:23:95:b0:
6b:11:de:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtyu0OBMGPnWj+88v+kZ6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NzhjMzY1NWM1YTYwOTcxMmU3NTUxMDBkOTg4OTJhZTFj
OGU1ZWIwHhcNMjMwMTAxMTQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTViMjc2YWY5ZTliOGUzYTczY2YxMTM2NDljMmFhZGI1NjVlZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBxUEzur9mOZ59N/yrLrfYJRScC0
cvRENB2QLBPdSAojUyQdYedY9Fm1ntUSiS11pdAYA7xfouEnuzmZbUnqpgLYSxfl
j8TNpvO30lUhfhY2/+jcTwNupzvNljotj5FB2ugBk8+yr3ueQn95bKvuuEFAdKnj
uC1HvM5cBoccgtYF+pHP867iSXyUWN7MznbxBntV1H7vWmaEL1tJpnTkREimtifQ
2Uc0tfmO57hWeK+A6zvqneFOdtbuyfk6dh4ZwFqpW1BghIJl5fWqUv+N5BGiBf6F
fUOlfs5CXS37wuV5bLjltTGG/b4aUp4FZ+6BUsQpSOU9/3lzv+1/CsEk9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIVbJ2r56bjjpzzxE2ScKq21Ze0gMB8GA1UdIwQY
MBaAFKl4w2VcWmCXEudVEA2YiSrhyOXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVhqRFpWeGFZSmNTNTFVUURaaUpLdUhJNWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kYTYxNGItZGQxOS00MWUwLWE3YzQt
NjZmZDIzZWVjMzRkLzEvaFZzbmF2bnB1T09uUFBFVFpKd3FyYlZsN1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kYTYxNGItZGQxOS00MWUwLWE3YzQtNjZmZDIzZWVjMzRk
LzEvcVhqRFpWeGFZSmNTNTFVUURaaUpLdUhJNWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCBbYoMA0E
AgACMAcDBQMqDtgAMA0GCSqGSIb3DQEBCwUAA4IBAQBnPKq1DAC0+188uZSA728a
572lPyiBh+N57Yfd9U/Qc7ysBMmmPjOCDcDhg+Ciqz7B/xOxQXWgSDbwNtdzAkhf
7jyZAHsVcO4XCY9o5mMiKi+i5g0kUQp2zK4h3wi7QYt+VDYDGT/tkiqG087HO5WP
QpG9p07jTxF3wdf6DzNY9rnPJTOQqyOyN8yETpMwSGITTSqOgQZK7wvN8pykHLRh
Y3oOqJjlFP2cHXNpb/OrsGELgpmgGtl8Ykw7F57TZ8mATFeCiiOkWBtK4e08/DhO
O8NoG8IOKihi3urbdFZSYVYJ8w/GhLWzD+KevqsFmUg4Toj6mLi2k9kjlbBrEd4R
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:12:16 2025 by rpki-client