Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/70139d-1e75-40b5-916a-9c816a40490e/1/5W8FfZxe7oJZHaAGSW7hO-2QLrg.roa
File: 5W8FfZxe7oJZHaAGSW7hO-2QLrg.roa (raw, json)
Hash identifier: FSRAnkiIwFS1nm7Kk3dNr1YGghq3uC3uLmkjNqaGgEU=
Subject key identifier: E5:6F:05:7D:9C:5E:EE:82:59:1D:A0:06:49:6E:E1:3B:ED:90:2E:B8
Certificate issuer: /CN=98c9c3189bec1379311bd1353fa9749a68dd992d
Certificate serial: 018BF6E62BDD9DFC26ADFD283437CEB928B4
Authority key identifier: 98:C9:C3:18:9B:EC:13:79:31:1B:D1:35:3F:A9:74:9A:68:DD:99:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mMnDGJvsE3kxG9E1P6l0mmjdmS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/70139d-1e75-40b5-916a-9c816a40490e/1/5W8FfZxe7oJZHaAGSW7hO-2QLrg.roa
Signing time: Wed 22 Nov 2023 11:59:21 +0000
ROA not before: Wed 22 Nov 2023 11:59:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208164
IP address blocks: 194.153.133.0/24 maxlen: 24
2a0f:2880:400::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:e6:2b:dd:9d:fc:26:ad:fd:28:34:37:ce:b9:28:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98c9c3189bec1379311bd1353fa9749a68dd992d
Validity
Not Before: Nov 22 11:59:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e56f057d9c5eee82591da006496ee13bed902eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:5a:20:61:4a:0b:e7:b0:b3:fb:d0:de:25:22:
bd:88:57:9d:19:e8:ae:09:eb:69:2b:76:a2:6f:c6:
2f:0c:cc:f4:39:16:ff:4d:24:3e:fe:5d:d1:2e:a4:
0d:85:f0:c2:ee:b5:eb:08:06:aa:be:88:e5:4b:3a:
6d:17:ec:80:a8:35:62:8c:64:3f:a0:cf:ac:38:60:
00:94:26:98:fa:5d:5c:08:76:49:20:19:41:86:af:
a3:13:b7:63:f3:e0:e8:d4:27:5d:fc:ca:3b:17:cb:
e3:7d:d4:d4:4c:a7:5f:a3:5d:54:47:9f:b5:9e:e8:
11:c9:c4:06:f3:25:b1:56:fc:74:82:9b:b2:a1:16:
61:14:b8:bc:74:01:7d:32:52:7b:d2:dd:69:ce:86:
68:5b:9b:b6:c6:75:51:f2:06:81:d5:86:12:58:93:
ed:c2:21:cb:1f:64:97:e9:65:78:71:51:5a:de:6d:
54:31:05:d1:f2:c8:f5:4c:2d:11:57:3e:38:88:b1:
35:43:82:71:b1:21:89:d9:9a:e1:52:bd:d1:24:d5:
e1:c1:d6:b8:b2:cb:7c:f9:b0:5f:a5:7e:22:ae:46:
66:d8:6a:13:d5:91:14:52:80:d8:88:57:32:27:6f:
bd:a8:1f:12:6d:96:a7:e2:2b:75:eb:6a:70:5e:2c:
b0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:6F:05:7D:9C:5E:EE:82:59:1D:A0:06:49:6E:E1:3B:ED:90:2E:B8
X509v3 Authority Key Identifier:
keyid:98:C9:C3:18:9B:EC:13:79:31:1B:D1:35:3F:A9:74:9A:68:DD:99:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mMnDGJvsE3kxG9E1P6l0mmjdmS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/70139d-1e75-40b5-916a-9c816a40490e/1/5W8FfZxe7oJZHaAGSW7hO-2QLrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/70139d-1e75-40b5-916a-9c816a40490e/1/mMnDGJvsE3kxG9E1P6l0mmjdmS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.133.0/24
IPv6:
2a0f:2880:400::/40
Signature Algorithm: sha256WithRSAEncryption
85:db:64:d0:2f:7f:b5:2d:ed:80:ef:f7:2e:0c:65:02:3e:77:
6e:43:af:74:8e:c4:b3:02:c7:6b:c0:ca:d6:00:ff:a0:83:4e:
a3:de:a3:69:92:96:d8:9c:75:1b:46:1c:02:fd:73:50:f3:19:
85:46:4f:72:1e:fa:1e:ab:ce:c5:32:61:99:ab:3b:f7:89:f9:
4e:03:cb:07:f7:e6:87:68:0e:f7:2b:1b:bb:d1:76:f9:19:39:
49:2e:be:73:05:71:f9:e2:0a:4f:e9:b8:2c:db:61:bd:08:26:
c2:64:61:5c:bf:54:6e:06:f0:94:07:7e:9a:72:20:84:53:17:
c5:53:fe:1a:7a:9b:91:82:47:b2:16:58:46:b4:0a:e7:60:1f:
d6:ab:d9:ab:55:9a:8b:f5:03:ef:64:01:5e:b8:ff:e4:10:e8:
56:c6:c8:b3:fa:c5:91:22:c1:59:dd:3f:11:1f:23:c0:50:79:
8d:bc:d4:d2:93:1c:27:26:52:c7:60:75:14:92:6d:63:d6:ad:
1a:1e:fd:14:d4:1c:3c:4f:44:1d:1e:f1:5e:f5:bc:fa:ea:5c:
f9:e8:54:02:1a:90:41:3f:f2:67:fc:e1:91:b9:15:08:8b:07:
07:8f:54:78:75:fd:a5:d9:fc:db:5f:67:eb:81:17:a2:ab:4f:
a9:40:b2:b8
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYv25ivdnfwmrf0oNDfOuSi0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YzljMzE4OWJlYzEzNzkzMTFiZDEzNTNmYTk3NDlhNjhk
ZDk5MmQwHhcNMjMxMTIyMTE1OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTZmMDU3ZDljNWVlZTgyNTkxZGEwMDY0OTZlZTEzYmVkOTAyZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8logYUoL57Cz+9DeJSK9iFedGeiu
CetpK3aib8YvDMz0ORb/TSQ+/l3RLqQNhfDC7rXrCAaqvojlSzptF+yAqDVijGQ/
oM+sOGAAlCaY+l1cCHZJIBlBhq+jE7dj8+Do1Cdd/Mo7F8vjfdTUTKdfo11UR5+1
nugRycQG8yWxVvx0gpuyoRZhFLi8dAF9MlJ70t1pzoZoW5u2xnVR8gaB1YYSWJPt
wiHLH2SX6WV4cVFa3m1UMQXR8sj1TC0RVz44iLE1Q4JxsSGJ2ZrhUr3RJNXhwda4
sst8+bBfpX4irkZm2GoT1ZEUUoDYiFcyJ2+9qB8SbZan4it162pwXiywlwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOVvBX2cXu6CWR2gBklu4TvtkC64MB8GA1UdIwQY
MBaAFJjJwxib7BN5MRvRNT+pdJpo3ZktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU1uREdKdnNFM2t4RzlFMVA2bDBtbWpkbVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy83MDEzOWQtMWU3NS00MGI1LTkxNmEt
OWM4MTZhNDA0OTBlLzEvNVc4RmZaeGU3b0paSGFBR1NXN2hPLTJRTHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy83MDEzOWQtMWU3NS00MGI1LTkxNmEtOWM4MTZhNDA0OTBl
LzEvbU1uREdKdnNFM2t4RzlFMVA2bDBtbWpkbVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAwpmFMA4E
AgACMAgDBgAqDyiABDANBgkqhkiG9w0BAQsFAAOCAQEAhdtk0C9/tS3tgO/3Lgxl
Aj53bkOvdI7EswLHa8DK1gD/oINOo96jaZKW2Jx1G0YcAv1zUPMZhUZPch76HqvO
xTJhmas794n5TgPLB/fmh2gO9ysbu9F2+Rk5SS6+cwVx+eIKT+m4LNthvQgmwmRh
XL9UbgbwlAd+mnIghFMXxVP+GnqbkYJHshZYRrQK52Af1qvZq1Wai/UD72QBXrj/
5BDoVsbIs/rFkSLBWd0/ER8jwFB5jbzU0pMcJyZSx2B1FJJtY9atGh79FNQcPE9E
HR7xXvW8+upc+ehUAhqQQT/yZ/zhkbkVCIsHB49UeHX9pdn8219n64EXoqtPqUCy
uA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:06 2025 by rpki-client