Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/l1bUIM3F7yWrgdS-s4KQqXdvp38.roa
File: l1bUIM3F7yWrgdS-s4KQqXdvp38.roa (raw, json)
Hash identifier: ayLKQoiNZCOb6Q5fq7qVFpm6uYtuy1qjeLgJGYmXN+g=
Subject key identifier: 97:56:D4:20:CD:C5:EF:25:AB:81:D4:BE:B3:82:90:A9:77:6F:A7:7F
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018C5A621437BCAE4BC600A60C1F20B6F7D2
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/l1bUIM3F7yWrgdS-s4KQqXdvp38.roa
Signing time: Mon 11 Dec 2023 19:37:06 +0000
ROA not before: Mon 11 Dec 2023 19:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 5.180.233.0/24 maxlen: 24
45.15.177.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5a:62:14:37:bc:ae:4b:c6:00:a6:0c:1f:20:b6:f7:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Dec 11 19:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9756d420cdc5ef25ab81d4beb38290a9776fa77f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5b:89:a4:1c:3c:78:4a:6d:d7:a5:fb:b7:e2:
29:30:b1:b0:a6:9a:54:4f:f1:1f:75:bf:a1:1f:41:
16:06:ea:b0:08:a1:fa:2c:b7:7a:25:0d:ee:60:20:
a1:d7:9e:60:56:13:0c:5d:ee:ab:f1:40:e1:42:e7:
bc:8c:e4:f3:99:47:4d:1b:ca:4d:a6:ba:f8:59:3d:
b6:86:73:f1:b6:36:2c:e2:cd:2a:02:d2:8e:85:79:
ba:b6:d3:f3:fb:6a:9f:e7:31:e6:07:fe:f5:f4:28:
ee:6e:7f:36:4e:4f:37:f5:76:fa:46:9d:9a:85:15:
d7:da:90:43:23:5c:1f:cb:bd:ea:0b:9e:58:8e:ff:
ec:9f:d7:7e:52:8a:8f:5b:c5:de:fa:11:ee:45:cf:
be:b7:e0:b9:e9:6b:3a:9b:c4:c2:c3:cb:6a:b3:cd:
9e:22:47:fd:7b:92:2b:18:0f:28:e8:86:6e:72:b0:
22:52:59:84:32:fb:91:7a:85:1c:b6:57:75:2a:57:
af:36:28:95:5a:32:e0:0f:f1:26:62:86:63:38:50:
3d:9d:48:e6:c4:89:52:25:9d:83:b0:f5:8e:e8:ba:
6e:b1:ad:1e:13:87:83:ab:2f:1c:dc:fc:74:34:18:
f8:c5:5f:01:df:aa:26:6b:a2:9c:c0:a3:e1:08:d5:
c2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:56:D4:20:CD:C5:EF:25:AB:81:D4:BE:B3:82:90:A9:77:6F:A7:7F
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/l1bUIM3F7yWrgdS-s4KQqXdvp38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.233.0/24
45.15.177.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:8e:6c:d6:1d:f0:0d:32:da:2c:5a:9f:3d:60:e0:76:65:38:
45:5b:11:81:1f:f1:fe:0c:70:bd:d1:09:b3:38:f9:86:3c:63:
ac:0c:39:13:29:4e:4b:3d:c6:76:47:da:3e:c2:ac:92:90:d6:
21:cf:62:f6:9a:90:50:7e:ee:00:e8:ed:7c:76:2c:19:1c:3f:
f1:bc:ca:c5:93:cf:d9:3a:e6:6d:2a:99:a2:54:7d:2a:5f:38:
7f:59:b3:3b:28:59:5e:a5:41:f4:59:de:85:63:6a:ba:03:03:
12:cc:6d:29:65:00:15:0b:59:0a:25:ae:b1:aa:4c:28:61:b0:
61:4f:6b:6f:a7:a6:c4:cb:17:83:59:7c:8b:7f:5a:41:39:35:
84:b6:e9:2b:51:8d:46:7a:5c:f9:ec:ff:46:de:3c:42:01:ff:
79:f3:e5:d1:35:3d:ed:b3:10:ef:87:a6:38:fd:d6:44:ca:7f:
e5:05:01:38:a9:f2:12:e3:6e:12:1c:1d:ab:47:7f:79:a8:32:
a6:6c:65:62:10:0d:69:ed:3a:bb:06:7b:10:59:c9:77:62:b5:
ad:17:d0:a3:7f:16:bf:5c:39:58:13:cd:a2:92:21:8d:19:7c:
0e:94:12:0f:cc:9f:2f:eb:ca:2a:49:1c:93:19:f1:6b:77:2b:
dc:94:96:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxaYhQ3vK5LxgCmDB8gtvfSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMxMjExMTkzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzU2ZDQyMGNkYzVlZjI1YWI4MWQ0YmViMzgyOTBhOTc3NmZhNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVuJpBw8eEpt16X7t+IpMLGwpppU
T/Efdb+hH0EWBuqwCKH6LLd6JQ3uYCCh155gVhMMXe6r8UDhQue8jOTzmUdNG8pN
prr4WT22hnPxtjYs4s0qAtKOhXm6ttPz+2qf5zHmB/719Cjubn82Tk839Xb6Rp2a
hRXX2pBDI1wfy73qC55Yjv/sn9d+UoqPW8Xe+hHuRc++t+C56Ws6m8TCw8tqs82e
Ikf9e5IrGA8o6IZucrAiUlmEMvuReoUctld1KlevNiiVWjLgD/EmYoZjOFA9nUjm
xIlSJZ2DsPWO6Lpusa0eE4eDqy8c3Px0NBj4xV8B36oma6KcwKPhCNXCYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJdW1CDNxe8lq4HUvrOCkKl3b6d/MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvbDFiVUlNM0Y3eVdyZ2RTLXM0S1FxWGR2cDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbTpAwQA
LQ+xMA0GCSqGSIb3DQEBCwUAA4IBAQC7jmzWHfANMtosWp89YOB2ZThFWxGBH/H+
DHC90QmzOPmGPGOsDDkTKU5LPcZ2R9o+wqySkNYhz2L2mpBQfu4A6O18diwZHD/x
vMrFk8/ZOuZtKpmiVH0qXzh/WbM7KFlepUH0Wd6FY2q6AwMSzG0pZQAVC1kKJa6x
qkwoYbBhT2tvp6bEyxeDWXyLf1pBOTWEtukrUY1Gelz57P9G3jxCAf958+XRNT3t
sxDvh6Y4/dZEyn/lBQE4qfIS424SHB2rR395qDKmbGViEA1p7Tq7BnsQWcl3YrWt
F9Cjfxa/XDlYE82ikiGNGXwOlBIPzJ8v68oqSRyTGfFrdyvclJZV
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:13 2025 by rpki-client