Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/drHC3CobVRvAmxy1hcl1s4xFEVU.roa
File: drHC3CobVRvAmxy1hcl1s4xFEVU.roa (raw, json)
Hash identifier: BGwRC4bmHfEyJqs30hRZ1ketpYzluPb1HP/xecIa9SY=
Subject key identifier: 76:B1:C2:DC:2A:1B:55:1B:C0:9B:1C:B5:85:C9:75:B3:8C:45:11:55
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 0184530160AD9FAB12EC7C14D445FFCA8850
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/drHC3CobVRvAmxy1hcl1s4xFEVU.roa
Signing time: Mon 07 Nov 2022 16:51:49 +0000
ROA not before: Mon 07 Nov 2022 16:51:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202813
IP address blocks: 5.59.64.0/22 maxlen: 24
5.59.172.0/24 maxlen: 24
5.59.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:53:01:60:ad:9f:ab:12:ec:7c:14:d4:45:ff:ca:88:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Nov 7 16:51:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76b1c2dc2a1b551bc09b1cb585c975b38c451155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:28:48:85:0f:de:ee:05:84:fb:cf:d2:44:34:
c8:a6:8c:fe:6b:c8:d3:a1:cf:25:ef:05:32:64:11:
f4:58:31:9f:15:6c:7b:31:1e:c0:9b:92:3e:50:b7:
09:58:19:91:ee:c7:d5:c9:bb:38:68:bd:16:47:e9:
6c:e3:80:c4:98:8d:96:e7:48:e7:ed:64:aa:38:b6:
a8:b4:7b:ac:b2:c6:94:78:91:f9:a5:97:9c:85:57:
2a:34:bc:88:3b:4b:96:7f:de:1a:cd:a3:3a:92:d1:
89:71:83:9c:b9:e8:25:d9:ec:eb:1b:f3:0d:3d:9d:
a9:84:7b:62:25:f9:61:b6:f8:f3:18:65:2c:13:d0:
d9:dc:be:51:87:10:c8:5c:7f:98:59:e3:6d:30:a3:
c0:c4:45:f1:ee:8a:f1:58:7b:2a:0b:50:1f:f3:9d:
32:69:04:f4:b3:dc:72:b5:c3:d7:6f:d9:c4:7b:2f:
09:c7:e8:7c:9c:a8:01:73:3e:2f:82:26:a5:2b:49:
87:06:b5:ed:a8:44:51:71:f2:b4:93:87:7c:2f:2f:
0c:db:f9:87:49:fe:0e:52:79:c6:5e:d7:90:76:6e:
8f:89:c3:ed:13:50:51:f3:d3:07:f0:87:1e:f8:9e:
bc:c0:ae:25:73:94:b4:e0:d8:1a:23:a8:a3:be:56:
2b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B1:C2:DC:2A:1B:55:1B:C0:9B:1C:B5:85:C9:75:B3:8C:45:11:55
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/drHC3CobVRvAmxy1hcl1s4xFEVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.59.64.0/22
5.59.172.0/23
Signature Algorithm: sha256WithRSAEncryption
28:26:ab:d5:b6:e5:11:a2:ac:07:71:70:d0:72:89:a2:e4:3c:
a9:5f:d7:35:2b:ce:e7:f7:ed:6a:c4:4a:50:c1:b4:6c:10:07:
1a:a6:f3:ec:99:44:96:19:ca:b9:8d:ec:ad:86:bd:27:2e:d4:
9b:08:a2:34:5d:8b:f2:03:31:49:94:3d:c4:f3:2e:e1:72:95:
50:51:90:6f:4c:e5:b2:a4:52:17:a2:ad:0c:d9:22:38:24:f5:
01:85:c4:d9:3e:be:34:06:46:e2:d8:c2:5c:bc:40:18:34:19:
94:12:47:4b:89:38:54:dd:4f:26:17:19:3e:8c:d0:e3:0c:0a:
3c:32:94:1a:55:77:66:7d:92:17:61:d4:1a:bf:70:12:c7:51:
39:0a:bd:75:37:13:db:91:7e:ae:d4:e2:ac:98:3c:b3:89:70:
92:4d:8a:d6:30:bc:6a:22:3c:c5:97:5d:87:5f:ab:22:7d:88:
01:f1:81:b4:91:9c:72:e2:b2:b7:2c:7f:c3:55:dc:4d:73:10:
10:96:07:d6:cb:93:ab:d4:a9:20:62:74:ee:07:08:3e:a4:cc:
3f:42:85:86:f1:02:7f:df:61:c6:74:27:ac:0d:8d:c8:2c:90:
38:03:7b:c9:0d:48:89:0e:9f:ca:04:a4:6d:b6:89:42:6a:d5:
20:af:93:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRTAWCtn6sS7HwU1EX/yohQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjIxMTA3MTY1MTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmIxYzJkYzJhMWI1NTFiYzA5YjFjYjU4NWM5NzViMzhjNDUxMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnChIhQ/e7gWE+8/SRDTIpoz+a8jT
oc8l7wUyZBH0WDGfFWx7MR7Am5I+ULcJWBmR7sfVybs4aL0WR+ls44DEmI2W50jn
7WSqOLaotHusssaUeJH5pZechVcqNLyIO0uWf94azaM6ktGJcYOcuegl2ezrG/MN
PZ2phHtiJflhtvjzGGUsE9DZ3L5RhxDIXH+YWeNtMKPAxEXx7orxWHsqC1Af850y
aQT0s9xytcPXb9nEey8Jx+h8nKgBcz4vgialK0mHBrXtqERRcfK0k4d8Ly8M2/mH
Sf4OUnnGXteQdm6PicPtE1BR89MH8Ice+J68wK4lc5S04NgaI6ijvlYrnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHaxwtwqG1UbwJsctYXJdbOMRRFVMB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEvZHJIQzNDb2JWUnZBbXh5MWhjbDFzNHhGRVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBTtAAwQB
BTusMA0GCSqGSIb3DQEBCwUAA4IBAQAoJqvVtuURoqwHcXDQcomi5DypX9c1K87n
9+1qxEpQwbRsEAcapvPsmUSWGcq5jeythr0nLtSbCKI0XYvyAzFJlD3E8y7hcpVQ
UZBvTOWypFIXoq0M2SI4JPUBhcTZPr40Bkbi2MJcvEAYNBmUEkdLiThU3U8mFxk+
jNDjDAo8MpQaVXdmfZIXYdQav3ASx1E5Cr11NxPbkX6u1OKsmDyziXCSTYrWMLxq
IjzFl12HX6sifYgB8YG0kZxy4rK3LH/DVdxNcxAQlgfWy5Or1KkgYnTuBwg+pMw/
QoWG8QJ/32HGdCesDY3ILJA4A3vJDUiJDp/KBKRttolCatUgr5Mr
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:40 2025 by rpki-client