Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/P5iCCH0Er4zbRj1gMrN6xfKSiFQ.roa
File: P5iCCH0Er4zbRj1gMrN6xfKSiFQ.roa (raw, json)
Hash identifier: qPeAeM00LnXGYqYm1v5LcJkntLj6xpsNbOjfNl3G9e8=
Subject key identifier: 3F:98:82:08:7D:04:AF:8C:DB:46:3D:60:32:B3:7A:C5:F2:92:88:54
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4EE64D900B339B3F4ED301AAB567F
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/P5iCCH0Er4zbRj1gMrN6xfKSiFQ.roa
Signing time: Sun 01 Jan 2023 19:35:26 +0000
ROA not before: Sun 01 Jan 2023 19:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51219
IP address blocks: 109.73.14.0/24 maxlen: 24
81.23.10.0/23 maxlen: 24
5.8.180.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:ee:64:d9:00:b3:39:b3:f4:ed:30:1a:ab:56:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f9882087d04af8cdb463d6032b37ac5f2928854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:21:26:a3:ac:90:1d:cd:6e:71:3c:d8:e5:be:
3d:5e:77:d8:70:cc:59:c6:c1:c9:61:9b:e2:27:de:
e9:24:84:78:04:7a:ce:ed:50:d5:0b:51:8d:6b:ee:
65:ae:03:a9:ff:25:ad:19:db:e6:af:e7:95:88:01:
6d:41:52:c0:4b:9e:10:95:e9:5c:f9:9a:d2:20:e2:
6f:eb:37:94:fc:ac:bb:8e:66:be:4a:48:b5:6d:d5:
b8:5a:11:0b:96:7a:8b:59:4e:b8:9a:a4:a0:24:34:
28:79:2a:4a:7e:9d:05:29:d9:ba:9b:26:b1:eb:6b:
2f:b8:88:56:d1:17:2c:17:ff:16:0b:5d:95:2e:ed:
64:dd:12:5b:79:0b:97:75:24:78:c8:97:5c:dd:31:
09:b1:57:39:b0:c3:f6:67:72:86:83:81:e4:ad:b1:
f0:28:dd:38:c6:31:89:58:07:a6:73:bf:a7:fa:a3:
04:a2:d4:4e:68:bf:b1:cf:24:89:c7:43:98:4b:c9:
30:3d:3f:7b:1b:32:80:2a:40:a4:60:81:83:1f:53:
56:91:a0:8c:c6:75:9b:5e:29:8f:09:74:cb:3c:42:
97:31:b9:ec:e7:f5:f4:6c:53:71:02:7e:96:0f:27:
60:71:3c:52:23:d9:9b:87:da:c4:a7:43:52:2c:0b:
e8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:98:82:08:7D:04:AF:8C:DB:46:3D:60:32:B3:7A:C5:F2:92:88:54
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/P5iCCH0Er4zbRj1gMrN6xfKSiFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.180.0/23
81.23.10.0/23
109.73.14.0/24
Signature Algorithm: sha256WithRSAEncryption
34:c3:61:1b:a8:2a:86:8c:0d:b2:a6:b7:43:c0:2e:4d:8c:79:
d5:83:00:ba:ae:e5:0f:4b:d4:bc:a7:93:b9:39:09:97:60:cc:
0e:7d:8f:7f:b3:08:17:de:df:8d:ee:68:00:62:26:ae:7d:f0:
1a:eb:4f:a8:a6:e3:76:c7:dd:77:35:24:c5:39:82:2c:aa:2d:
ff:32:af:d7:51:10:ca:cf:1a:45:4f:43:64:a8:4c:0e:a2:e6:
bd:dd:5b:bc:56:a1:cf:ac:c2:64:81:47:78:6b:5d:16:23:96:
16:ac:45:f8:90:ef:4e:ae:07:2c:69:ec:5f:fc:bf:5f:09:96:
0c:86:26:59:11:b4:c4:0f:1e:61:f2:0a:3b:dc:02:40:a8:ce:
4f:54:85:2a:48:dc:ef:28:06:aa:3b:90:6b:97:c3:3e:68:fe:
f8:66:cd:11:14:02:7a:de:7d:df:01:db:0d:10:f2:e5:48:af:
f4:58:9b:2c:34:71:ed:61:69:43:b1:7d:71:67:a7:5f:cf:3d:
29:50:43:27:f3:e7:cf:e0:80:35:22:16:67:83:d6:f8:94:c6:
15:86:26:32:0c:d0:1c:8d:22:6a:8a:4b:98:1f:44:d1:fb:b4:
ad:c4:a0:2f:04:75:af:22:5d:5b:80:d7:cd:92:ba:ad:2d:fc:
c2:de:f0:7b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVu1O5k2QCzObP07TAaq1Z/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjk4ODIwODdkMDRhZjhjZGI0NjNkNjAzMmIzN2FjNWYyOTI4ODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSEmo6yQHc1ucTzY5b49XnfYcMxZ
xsHJYZviJ97pJIR4BHrO7VDVC1GNa+5lrgOp/yWtGdvmr+eViAFtQVLAS54Qlelc
+ZrSIOJv6zeU/Ky7jma+Ski1bdW4WhELlnqLWU64mqSgJDQoeSpKfp0FKdm6myax
62svuIhW0RcsF/8WC12VLu1k3RJbeQuXdSR4yJdc3TEJsVc5sMP2Z3KGg4HkrbHw
KN04xjGJWAemc7+n+qMEotROaL+xzySJx0OYS8kwPT97GzKAKkCkYIGDH1NWkaCM
xnWbXimPCXTLPEKXMbns5/X0bFNxAn6WDydgcTxSI9mbh9rEp0NSLAvokQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD+Yggh9BK+M20Y9YDKzesXykohUMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvUDVpQ0NIMEVyNHpiUmoxZ01yTjZ4ZktTaUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBQi0AwQB
URcKAwQAbUkOMA0GCSqGSIb3DQEBCwUAA4IBAQA0w2EbqCqGjA2yprdDwC5NjHnV
gwC6ruUPS9S8p5O5OQmXYMwOfY9/swgX3t+N7mgAYiauffAa60+opuN2x913NSTF
OYIsqi3/Mq/XURDKzxpFT0NkqEwOoua93Vu8VqHPrMJkgUd4a10WI5YWrEX4kO9O
rgcsaexf/L9fCZYMhiZZEbTEDx5h8go73AJAqM5PVIUqSNzvKAaqO5Brl8M+aP74
Zs0RFAJ63n3fAdsNEPLlSK/0WJssNHHtYWlDsX1xZ6dfzz0pUEMn8+fP4IA1IhZn
g9b4lMYVhiYyDNAcjSJqikuYH0TR+7StxKAvBHWvIl1bgNfNkrqtLfzC3vB7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:46 2025 by rpki-client