Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/hIu95ENub14ONNYBpDY-FikeFu8.roa
File: hIu95ENub14ONNYBpDY-FikeFu8.roa (raw, json)
Hash identifier: o7TbxXTByWBIhLRlCgdczUgNTalqI7gx5v1qVd7uvgI=
Subject key identifier: 84:8B:BD:E4:43:6E:6F:5E:0E:34:D6:01:A4:36:3E:16:29:1E:16:EF
Certificate issuer: /CN=728c2bfd6bb503a01d018602bda152d734ed56f0
Certificate serial: 102A4177
Authority key identifier: 72:8C:2B:FD:6B:B5:03:A0:1D:01:86:02:BD:A1:52:D7:34:ED:56:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cowr_Wu1A6AdAYYCvaFS1zTtVvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/hIu95ENub14ONNYBpDY-FikeFu8.roa
Signing time: Sat 01 Jan 2022 11:00:11 +0000
ROA not before: Sat 01 Jan 2022 11:00:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207357
IP address blocks: 5.182.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 271204727 (0x102a4177)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=728c2bfd6bb503a01d018602bda152d734ed56f0
Validity
Not Before: Jan 1 11:00:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=848bbde4436e6f5e0e34d601a4363e16291e16ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c5:74:1f:e3:dc:f3:82:c6:8b:49:ee:1a:ba:
f0:30:96:3f:47:3b:78:77:a0:c2:60:da:0c:ea:33:
6a:ee:7a:d2:6f:3c:ec:84:01:b3:6b:a7:4e:3b:f1:
a5:a7:83:db:90:0e:d0:ec:07:02:62:28:72:16:d2:
74:f6:f3:70:63:8b:66:fb:3f:4b:48:ba:33:9a:22:
2f:97:e2:a2:8b:5e:85:c0:a7:e2:77:b1:5b:fa:b3:
ae:aa:35:03:9e:17:65:90:c6:20:4d:cf:1b:34:ec:
11:dd:44:a0:76:c0:e0:b6:a8:74:ce:db:b1:46:18:
86:7e:10:f5:0f:bf:47:9d:23:62:83:be:02:de:d1:
72:ed:c1:6a:ad:e7:67:54:d3:6e:5d:3b:d1:cc:0a:
3b:b8:e5:85:3e:a1:91:58:bb:22:be:f9:89:f7:03:
39:b2:7a:5a:ef:f4:75:51:19:3e:d6:94:95:cf:8f:
47:3a:a7:9a:bd:8a:9e:65:08:a8:c8:b7:9c:71:fe:
d5:7d:17:dd:92:ed:93:11:a7:2d:ae:0d:94:a6:24:
4f:3c:69:5e:8f:3b:ea:f9:0a:05:d9:29:23:74:35:
9a:21:3f:5c:f2:15:7a:6a:3d:be:4b:4e:97:32:3c:
57:f2:fb:90:3a:0f:b8:17:15:69:cd:16:8e:e0:1c:
53:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:8B:BD:E4:43:6E:6F:5E:0E:34:D6:01:A4:36:3E:16:29:1E:16:EF
X509v3 Authority Key Identifier:
keyid:72:8C:2B:FD:6B:B5:03:A0:1D:01:86:02:BD:A1:52:D7:34:ED:56:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cowr_Wu1A6AdAYYCvaFS1zTtVvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/hIu95ENub14ONNYBpDY-FikeFu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/cowr_Wu1A6AdAYYCvaFS1zTtVvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.189.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:05:fb:e2:69:32:a8:8c:f8:f3:5c:9a:2e:8f:6c:12:4d:90:
6a:a7:6e:e2:6b:72:60:cd:ea:83:84:20:1a:bd:e6:ac:7b:34:
9f:e9:40:a3:e7:dc:a2:82:f4:ac:af:92:c9:8d:81:d5:17:84:
7e:11:f1:91:2d:1b:fa:89:5c:6e:2d:b0:a0:a5:51:c2:a3:4f:
89:da:82:c8:74:be:c5:60:7d:50:95:ff:62:d1:15:54:02:c1:
cd:82:84:ab:da:7c:08:85:82:3d:67:68:49:be:5f:2a:50:14:
8d:91:64:98:ef:d6:ef:c7:5a:23:5e:d3:f0:4b:c6:0d:d8:8a:
24:38:8d:b9:d2:5a:e6:57:78:9c:e4:d6:e7:d7:54:5c:3a:94:
f2:47:f1:94:c2:cb:84:5b:77:31:cb:df:2b:c3:69:95:b3:32:
3a:9a:fe:1e:f9:95:f9:0e:9b:ff:e6:39:23:da:4c:10:8f:a8:
91:89:eb:b6:ba:63:3e:b9:c1:86:20:93:37:cd:b9:99:f6:c5:
bb:34:bf:7a:39:78:23:13:14:cc:e4:a0:ec:68:da:43:7f:81:
d0:17:be:2c:8a:b3:ba:4d:ab:3b:48:2e:f8:0a:91:0e:6b:1c:
42:ca:4c:ff:a8:00:d0:e2:79:f0:75:60:4a:fa:81:a2:58:af:
11:5d:bc:f4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEECpBdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjhjMmJmZDZiYjUwM2EwMWQwMTg2MDJiZGExNTJkNzM0ZWQ1NmYwMB4XDTIyMDEw
MTExMDAxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQ4YmJkZTQ0MzZl
NmY1ZTBlMzRkNjAxYTQzNjNlMTYyOTFlMTZlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTFdB/j3POCxotJ7hq68DCWP0c7eHegwmDaDOozau560m88
7IQBs2unTjvxpaeD25AO0OwHAmIochbSdPbzcGOLZvs/S0i6M5oiL5fiootehcCn
4nexW/qzrqo1A54XZZDGIE3PGzTsEd1EoHbA4LaodM7bsUYYhn4Q9Q+/R50jYoO+
At7Rcu3Baq3nZ1TTbl070cwKO7jlhT6hkVi7Ir75ifcDObJ6Wu/0dVEZPtaUlc+P
Rzqnmr2KnmUIqMi3nHH+1X0X3ZLtkxGnLa4NlKYkTzxpXo876vkKBdkpI3Q1miE/
XPIVemo9vktOlzI8V/L7kDoPuBcVac0WjuAcU9UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSEi73kQ25vXg401gGkNj4WKR4W7zAfBgNVHSMEGDAWgBRyjCv9a7UDoB0B
hgK9oVLXNO1W8DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Nvd3JfV3UxQTZBZEFZWUN2YUZTMXpUdFZ2QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvNjdmNDJlLTcwNjItNDExMi1hZDQyLTkzNDlmMTBhMjY0OS8x
L2hJdTk1RU51YjE0T05OWUJwRFktRmlrZUZ1OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
NjdmNDJlLTcwNjItNDExMi1hZDQyLTkzNDlmMTBhMjY0OS8xL2Nvd3JfV3UxQTZB
ZEFZWUN2YUZTMXpUdFZ2QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW2vTANBgkqhkiG9w0BAQsFAAOC
AQEAwwX74mkyqIz481yaLo9sEk2Qaqdu4mtyYM3qg4QgGr3mrHs0n+lAo+fcooL0
rK+SyY2B1ReEfhHxkS0b+olcbi2woKVRwqNPidqCyHS+xWB9UJX/YtEVVALBzYKE
q9p8CIWCPWdoSb5fKlAUjZFkmO/W78daI17T8EvGDdiKJDiNudJa5ld4nOTW59dU
XDqU8kfxlMLLhFt3McvfK8NplbMyOpr+HvmV+Q6b/+Y5I9pMEI+okYnrtrpjPrnB
hiCTN825mfbFuzS/ejl4IxMUzOSg7GjaQ3+B0Be+LIqzuk2rO0gu+AqRDmscQspM
/6gA0OJ58HVgSvqBolivEV289A==
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:43:04 2025 by rpki-client