Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/5_2iNC-yuOC1UzMAmH7lg-xOd8E.roa
File: 5_2iNC-yuOC1UzMAmH7lg-xOd8E.roa (raw, json)
Hash identifier: TecKsOqyQVgmg/iL6IoJ29szT5TCmP2kM6jXCyjlScM=
Subject key identifier: E7:FD:A2:34:2F:B2:B8:E0:B5:53:33:00:98:7E:E5:83:EC:4E:77:C1
Certificate issuer: /CN=8d66032e08894118d7998c5c060ca46eb3871338
Certificate serial: 01856CAF2D6EF745923911FF90E7CF90B85A
Authority key identifier: 8D:66:03:2E:08:89:41:18:D7:99:8C:5C:06:0C:A4:6E:B3:87:13:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jWYDLgiJQRjXmYxcBgykbrOHEzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/5_2iNC-yuOC1UzMAmH7lg-xOd8E.roa
Signing time: Sun 01 Jan 2023 09:34:57 +0000
ROA not before: Sun 01 Jan 2023 09:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43006
IP address blocks: 185.169.146.0/23 maxlen: 24
217.148.240.0/20 maxlen: 24
217.70.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:2d:6e:f7:45:92:39:11:ff:90:e7:cf:90:b8:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d66032e08894118d7998c5c060ca46eb3871338
Validity
Not Before: Jan 1 09:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7fda2342fb2b8e0b5533300987ee583ec4e77c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:59:d6:72:df:3e:5b:b3:83:30:0c:b3:62:98:
02:9a:f1:7c:b5:28:09:34:e8:54:fc:48:60:16:b0:
31:e6:15:d8:46:9f:8d:eb:df:30:75:82:f4:d5:47:
12:8a:34:84:83:f5:26:11:cb:7e:6d:88:86:a1:b8:
8b:9e:51:3b:77:11:21:c8:86:3d:e8:f3:e6:20:f7:
99:06:4b:07:0b:94:17:8f:47:e6:ac:87:91:05:c9:
34:3f:35:7d:01:90:1d:1c:9b:4a:70:fc:ad:12:80:
55:ac:a3:54:f5:c0:2d:d8:ff:91:3f:92:09:1d:34:
c2:b3:75:7b:ac:a3:ff:7c:94:ee:b1:26:6d:2b:18:
54:1f:aa:23:5f:73:ce:91:01:4a:81:26:ab:00:39:
7f:9b:43:10:1f:c3:85:d0:0e:45:47:63:69:90:e7:
a6:35:f3:23:43:4c:93:99:a6:ed:35:77:4b:d4:15:
a4:66:43:61:ad:37:13:2a:77:d6:49:45:5d:9f:a6:
1d:95:f2:5e:24:83:7a:02:77:63:d9:bf:f5:29:73:
9a:a8:df:8d:e0:af:11:5f:3f:be:c9:22:24:0d:f1:
13:d5:91:fc:b0:88:50:b8:15:b5:d1:f6:76:6e:23:
35:a2:ef:63:e3:c3:1d:1c:ba:3c:9d:fc:35:c1:7d:
23:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:FD:A2:34:2F:B2:B8:E0:B5:53:33:00:98:7E:E5:83:EC:4E:77:C1
X509v3 Authority Key Identifier:
keyid:8D:66:03:2E:08:89:41:18:D7:99:8C:5C:06:0C:A4:6E:B3:87:13:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jWYDLgiJQRjXmYxcBgykbrOHEzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/5_2iNC-yuOC1UzMAmH7lg-xOd8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/jWYDLgiJQRjXmYxcBgykbrOHEzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.146.0/23
217.70.224.0/20
217.148.240.0/20
Signature Algorithm: sha256WithRSAEncryption
a4:9e:db:66:09:a6:2c:54:7b:c2:1c:50:79:86:99:47:3f:27:
fb:e3:b0:f6:d2:4d:1b:13:e2:37:0e:46:32:12:29:eb:3e:bb:
02:06:ad:45:38:47:f7:28:8f:6f:d3:97:9a:59:3f:7c:23:95:
5c:ae:bc:3d:a8:96:60:b3:5e:15:06:80:ad:84:e6:1a:ad:dd:
8c:04:53:1a:dd:4b:44:e2:ac:1e:49:cf:b9:0f:36:cd:d4:ec:
3a:d8:36:61:20:e2:c0:fc:2f:b7:f5:ad:0e:5e:ab:74:71:b3:
44:32:4f:65:09:ec:51:ef:6d:ef:d1:a2:be:54:41:11:8c:91:
2e:71:9e:11:1d:9d:36:74:4c:e1:4b:07:7d:0b:5f:fe:42:c6:
c1:c7:42:83:a9:94:d2:31:e0:c8:dd:bf:ac:f4:a4:23:b4:c6:
5e:70:9f:e2:05:49:b1:b8:5e:dd:e1:02:ae:48:ea:b6:06:88:
d8:89:92:10:2f:43:69:4c:8c:9a:7a:eb:7c:38:04:29:b6:93:
c5:d6:f9:2e:8a:3e:76:0f:12:28:eb:e9:7f:15:cd:95:bb:d6:
20:a9:0f:19:f4:4f:8f:2f:11:ab:d7:04:fd:71:ad:f5:4b:08:
22:17:f1:34:73:e1:16:88:e5:d4:52:7b:f8:66:17:b0:a0:ba:
80:89:bb:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsry1u90WSORH/kOfPkLhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNjYwMzJlMDg4OTQxMThkNzk5OGM1YzA2MGNhNDZlYjM4
NzEzMzgwHhcNMjMwMTAxMDkzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2ZkYTIzNDJmYjJiOGUwYjU1MzMzMDA5ODdlZTU4M2VjNGU3N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFnWct8+W7ODMAyzYpgCmvF8tSgJ
NOhU/EhgFrAx5hXYRp+N698wdYL01UcSijSEg/UmEct+bYiGobiLnlE7dxEhyIY9
6PPmIPeZBksHC5QXj0fmrIeRBck0PzV9AZAdHJtKcPytEoBVrKNU9cAt2P+RP5IJ
HTTCs3V7rKP/fJTusSZtKxhUH6ojX3POkQFKgSarADl/m0MQH8OF0A5FR2NpkOem
NfMjQ0yTmabtNXdL1BWkZkNhrTcTKnfWSUVdn6YdlfJeJIN6Andj2b/1KXOaqN+N
4K8RXz++ySIkDfET1ZH8sIhQuBW10fZ2biM1ou9j48MdHLo8nfw1wX0jwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOf9ojQvsrjgtVMzAJh+5YPsTnfBMB8GA1UdIwQY
MBaAFI1mAy4IiUEY15mMXAYMpG6zhxM4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaldZRExnaUpRUmpYbVl4Y0JneWtick9IRXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NzJkYzctN2MwMS00ZTY2LTg0NGUt
NTk5ZDFjYTZhNWZkLzEvNV8yaU5DLXl1T0MxVXpNQW1IN2xnLXhPZDhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NzJkYzctN2MwMS00ZTY2LTg0NGUtNTk5ZDFjYTZhNWZk
LzEvaldZRExnaUpRUmpYbVl4Y0JneWtick9IRXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuamSAwQE
2UbgAwQE2ZTwMA0GCSqGSIb3DQEBCwUAA4IBAQCknttmCaYsVHvCHFB5hplHPyf7
47D20k0bE+I3DkYyEinrPrsCBq1FOEf3KI9v05eaWT98I5Vcrrw9qJZgs14VBoCt
hOYard2MBFMa3UtE4qweSc+5DzbN1Ow62DZhIOLA/C+39a0OXqt0cbNEMk9lCexR
723v0aK+VEERjJEucZ4RHZ02dEzhSwd9C1/+QsbBx0KDqZTSMeDI3b+s9KQjtMZe
cJ/iBUmxuF7d4QKuSOq2BojYiZIQL0NpTIyaeut8OAQptpPF1vkuij52DxIo6+l/
Fc2Vu9YgqQ8Z9E+PLxGr1wT9ca31SwgiF/E0c+EWiOXUUnv4ZhewoLqAibui
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:03:03 2025 by rpki-client