Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/Rl7-FhxeSCYpa7jU2Tk-4DNuVR0.roa
File: Rl7-FhxeSCYpa7jU2Tk-4DNuVR0.roa (raw, json)
Hash identifier: cwMLgojR6mPou+J03CPwM4FEyAFRTavXFDGLpD2rnXE=
Subject key identifier: 46:5E:FE:16:1C:5E:48:26:29:6B:B8:D4:D9:39:3E:E0:33:6E:55:1D
Certificate issuer: /CN=b220d91b4e9d70f034fa16a16a887d4255792ade
Certificate serial: 018571BA0BEDE9FC96F7BD9DA8DD94922481
Authority key identifier: B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/Rl7-FhxeSCYpa7jU2Tk-4DNuVR0.roa
Signing time: Mon 02 Jan 2023 09:04:56 +0000
ROA not before: Mon 02 Jan 2023 09:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42010
IP address blocks: 5.28.48.0/21 maxlen: 24
128.65.97.0/24 maxlen: 24
128.65.98.0/23 maxlen: 23
128.65.96.0/21 maxlen: 21
128.65.96.0/24 maxlen: 24
91.103.184.0/21 maxlen: 24
185.91.20.0/22 maxlen: 24
128.65.100.0/22 maxlen: 22
2a03:7f80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:0b:ed:e9:fc:96:f7:bd:9d:a8:dd:94:92:24:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b220d91b4e9d70f034fa16a16a887d4255792ade
Validity
Not Before: Jan 2 09:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=465efe161c5e4826296bb8d4d9393ee0336e551d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:03:20:52:e1:22:08:7a:f5:b0:8a:db:f0:e6:
c1:74:b7:a5:d3:71:03:90:c4:6e:6b:84:3f:46:fd:
6a:b5:5e:27:94:58:f4:63:ff:b2:76:a2:54:91:d0:
c3:d5:ee:06:2c:8a:b8:bd:0d:ee:bd:7a:ca:a2:4c:
78:e0:2d:dd:1d:59:81:01:03:86:70:40:9f:72:d6:
e8:d1:1d:23:1d:1c:25:1d:41:ec:79:b0:30:44:83:
ec:d3:b7:ab:63:0b:e9:b6:3a:78:c7:6e:ac:04:e0:
c2:6a:a8:a1:d2:ad:dd:55:71:20:de:fd:2f:b7:ff:
29:ba:4d:f8:f3:cc:17:77:9b:b6:07:1c:ac:97:47:
9c:12:65:9f:e6:a0:6b:80:23:bf:18:28:66:2e:86:
e1:8a:21:f9:37:94:22:ab:21:1d:31:60:20:2f:f6:
d2:1e:05:a3:13:d5:43:50:77:fd:ce:68:6f:d7:53:
76:3b:08:2f:c3:9d:8c:a3:16:e7:bd:36:9e:07:54:
81:13:a6:75:cd:62:a2:3a:e8:79:9e:84:49:c1:77:
68:8a:de:1b:d7:f3:f5:6e:0b:98:7b:86:89:08:3e:
0b:df:9c:b0:8f:af:70:6f:17:20:38:50:6a:f5:ea:
0c:5b:2d:f3:cc:8e:70:3a:ae:ff:f2:6f:7b:f8:1d:
e8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:5E:FE:16:1C:5E:48:26:29:6B:B8:D4:D9:39:3E:E0:33:6E:55:1D
X509v3 Authority Key Identifier:
keyid:B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/Rl7-FhxeSCYpa7jU2Tk-4DNuVR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.48.0/21
91.103.184.0/21
128.65.96.0/21
185.91.20.0/22
IPv6:
2a03:7f80::/32
Signature Algorithm: sha256WithRSAEncryption
78:cf:3d:21:f7:c8:8d:72:53:3b:06:0e:38:42:3d:ee:83:75:
e5:20:fa:4b:6d:7d:b0:ba:d0:7c:8a:0c:8e:2b:37:54:b8:d9:
e0:21:6e:02:6a:e5:cb:6b:74:75:b0:28:09:09:dc:47:b9:5e:
36:0a:f9:3a:43:10:1d:41:a5:3a:1c:3d:35:45:4f:dd:72:c3:
e9:6d:88:0c:c6:4a:73:5e:c9:ce:05:00:3f:53:46:03:9a:4a:
3e:55:a6:00:28:d2:7a:c2:d5:ee:3d:54:3e:66:9d:35:4e:50:
a0:03:e1:c7:f7:4e:81:2e:89:48:86:bf:ce:e3:c9:b8:98:a8:
7d:5b:f3:f0:f8:4f:75:f6:51:5d:ee:5f:b2:9e:22:72:ae:35:
d6:9f:34:b3:5c:44:8e:99:2f:b5:2e:1f:8a:61:0f:93:b7:ea:
0a:06:c3:f7:e4:95:13:cd:16:d0:ee:d4:37:57:a4:d2:a6:65:
ad:b6:dd:13:d2:5b:b9:5f:ac:a8:2f:50:50:62:61:b3:ad:6a:
6e:55:3e:58:06:36:4e:09:07:55:57:f0:06:2c:30:82:f2:83:
b5:30:ff:be:0c:19:21:a4:d8:d0:8e:56:2a:21:cf:51:7c:52:
e3:0d:22:ea:7a:ad:88:68:67:fb:fd:9c:87:56:3e:3b:96:fa:
da:d2:bc:cd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxugvt6fyW972dqN2UkiSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMjBkOTFiNGU5ZDcwZjAzNGZhMTZhMTZhODg3ZDQyNTU3
OTJhZGUwHhcNMjMwMTAyMDkwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjVlZmUxNjFjNWU0ODI2Mjk2YmI4ZDRkOTM5M2VlMDMzNmU1NTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAMgUuEiCHr1sIrb8ObBdLel03ED
kMRua4Q/Rv1qtV4nlFj0Y/+ydqJUkdDD1e4GLIq4vQ3uvXrKokx44C3dHVmBAQOG
cECfctbo0R0jHRwlHUHsebAwRIPs07erYwvptjp4x26sBODCaqih0q3dVXEg3v0v
t/8puk3488wXd5u2Bxysl0ecEmWf5qBrgCO/GChmLobhiiH5N5QiqyEdMWAgL/bS
HgWjE9VDUHf9zmhv11N2Owgvw52MoxbnvTaeB1SBE6Z1zWKiOuh5noRJwXdoit4b
1/P1bguYe4aJCD4L35ywj69wbxcgOFBq9eoMWy3zzI5wOq7/8m97+B3oawIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEZe/hYcXkgmKWu41Nk5PuAzblUdMB8GA1UdIwQY
MBaAFLIg2RtOnXDwNPoWoWqIfUJVeSreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81NDMyMjEtZjI2Ny00NzMxLWE3YWQt
OTg3MTczYjllOTg3LzEvUmw3LUZoeGVTQ1lwYTdqVTJUay00RE51VlIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81NDMyMjEtZjI2Ny00NzMxLWE3YWQtOTg3MTczYjllOTg3
LzEvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBRwwAwQD
W2e4AwQDgEFgAwQCuVsUMA0EAgACMAcDBQAqA3+AMA0GCSqGSIb3DQEBCwUAA4IB
AQB4zz0h98iNclM7Bg44Qj3ug3XlIPpLbX2wutB8igyOKzdUuNngIW4CauXLa3R1
sCgJCdxHuV42Cvk6QxAdQaU6HD01RU/dcsPpbYgMxkpzXsnOBQA/U0YDmko+VaYA
KNJ6wtXuPVQ+Zp01TlCgA+HH906BLolIhr/O48m4mKh9W/Pw+E919lFd7l+yniJy
rjXWnzSzXESOmS+1Lh+KYQ+Tt+oKBsP35JUTzRbQ7tQ3V6TSpmWttt0T0lu5X6yo
L1BQYmGzrWpuVT5YBjZOCQdVV/AGLDCC8oO1MP++DBkhpNjQjlYqIc9RfFLjDSLq
eq2IaGf7/ZyHVj47lvra0rzN
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:17:12 2025 by rpki-client