Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/135032-ea24-4a47-8f5c-e0bac4161953/1/shm2-btO6KRKBDCimiFOVzKAa4Q.roa
File: shm2-btO6KRKBDCimiFOVzKAa4Q.roa (raw, json)
Hash identifier: Fpkn/kSe2eZspk+FAATs141eurYUuMhCJ4CkkAvI6sQ=
Subject key identifier: B2:19:B6:F9:BB:4E:E8:A4:4A:04:30:A2:9A:21:4E:57:32:80:6B:84
Certificate issuer: /CN=256be176b313e1a8a050f670af576771b655d611
Certificate serial: 01856FF9682BCBA9378F54F68B07F8D816FD
Authority key identifier: 25:6B:E1:76:B3:13:E1:A8:A0:50:F6:70:AF:57:67:71:B6:55:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JWvhdrMT4aigUPZwr1dncbZV1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/135032-ea24-4a47-8f5c-e0bac4161953/1/shm2-btO6KRKBDCimiFOVzKAa4Q.roa
Signing time: Mon 02 Jan 2023 00:54:54 +0000
ROA not before: Mon 02 Jan 2023 00:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15600
IP address blocks: 5.145.64.0/19 maxlen: 24
185.74.144.0/22 maxlen: 24
5.145.96.0/21 maxlen: 24
2a00:d2a0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:68:2b:cb:a9:37:8f:54:f6:8b:07:f8:d8:16:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=256be176b313e1a8a050f670af576771b655d611
Validity
Not Before: Jan 2 00:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b219b6f9bb4ee8a44a0430a29a214e5732806b84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d2:a4:88:80:ec:1e:3e:05:88:04:3e:4a:4a:
29:ca:1f:ac:08:d5:ec:fd:15:7c:fe:07:63:77:92:
90:a9:28:5a:1f:07:4f:82:a4:32:f7:15:3a:0a:4f:
ad:45:96:87:a8:93:69:b3:fb:0c:c6:ec:f7:b1:09:
78:76:33:0a:57:72:b5:03:63:c5:ce:2a:1f:42:54:
6a:f5:ae:69:49:82:9f:75:15:d1:78:bb:c9:af:49:
50:fa:5e:db:f7:57:e1:c3:67:12:f5:c3:29:68:8e:
b9:fc:a3:16:d9:fe:82:85:e0:b1:be:4b:49:cb:9c:
97:dd:43:b4:76:23:11:8f:31:ce:51:0a:27:72:1b:
0e:e2:4c:a3:23:c9:66:53:90:3b:93:80:e4:5a:36:
08:5f:0a:4c:49:12:f3:93:2b:39:15:9f:db:bb:30:
9e:c2:7d:e2:ba:5a:1e:fe:78:e8:af:8b:16:d6:fa:
5a:00:b4:4c:83:fb:b1:51:0e:68:9e:e5:65:aa:15:
6e:08:69:59:a0:e5:43:08:93:41:79:c2:e0:15:9f:
af:6f:4f:e5:4b:e1:e8:5a:a7:6e:7d:99:b7:55:df:
b3:70:16:b2:72:51:54:ce:55:b2:ae:fd:0a:71:d7:
53:82:2c:80:ad:60:f1:35:db:38:a8:3e:5b:92:7d:
b1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:19:B6:F9:BB:4E:E8:A4:4A:04:30:A2:9A:21:4E:57:32:80:6B:84
X509v3 Authority Key Identifier:
keyid:25:6B:E1:76:B3:13:E1:A8:A0:50:F6:70:AF:57:67:71:B6:55:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JWvhdrMT4aigUPZwr1dncbZV1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/135032-ea24-4a47-8f5c-e0bac4161953/1/shm2-btO6KRKBDCimiFOVzKAa4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/135032-ea24-4a47-8f5c-e0bac4161953/1/JWvhdrMT4aigUPZwr1dncbZV1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.64.0-5.145.103.255
185.74.144.0/22
IPv6:
2a00:d2a0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:64:47:64:47:a6:66:2c:b6:94:ab:61:3e:a1:89:6b:3c:23:
b0:5f:59:eb:dc:0a:16:b4:00:32:d8:f4:a2:36:f3:fb:b8:6a:
70:da:dc:35:ef:63:c4:cd:30:fa:ae:d2:e4:b4:85:18:56:e2:
d9:eb:a1:56:f0:59:99:7b:7e:2b:ba:14:93:f0:dd:0e:81:1f:
ce:95:4c:ef:65:72:8f:68:01:23:13:f1:c8:21:c3:8f:4d:68:
2e:7e:ba:26:3c:d6:c6:95:34:67:6a:10:14:95:7f:84:41:20:
47:80:c4:1a:ba:2c:3f:d2:ee:c5:9a:7e:80:ee:28:de:a1:c5:
85:7c:d6:cc:54:a2:a4:49:9f:26:56:64:3a:63:41:36:ae:95:
83:30:ff:25:4b:aa:e4:c9:86:21:02:d9:2f:ea:e6:ac:bd:2c:
0f:69:f8:69:b2:65:15:d7:e4:96:4b:a5:4b:75:91:1a:8c:a1:
40:70:ab:3e:51:33:2a:70:cd:9a:a7:69:07:64:b2:28:6c:32:
cf:a5:a0:eb:96:80:9d:ed:9d:80:16:55:82:88:4b:1f:46:51:
eb:02:18:ce:99:42:50:8e:4e:3c:ae:f7:db:a4:02:11:d3:8a:
0c:09:2a:80:2e:f5:41:59:85:77:fd:b1:fe:00:17:b6:40:33:
6f:ac:c1:e4
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVv+Wgry6k3j1T2iwf42Bb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NmJlMTc2YjMxM2UxYThhMDUwZjY3MGFmNTc2NzcxYjY1
NWQ2MTEwHhcNMjMwMTAyMDA1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjE5YjZmOWJiNGVlOGE0NGEwNDMwYTI5YTIxNGU1NzMyODA2Yjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtKkiIDsHj4FiAQ+Skopyh+sCNXs
/RV8/gdjd5KQqShaHwdPgqQy9xU6Ck+tRZaHqJNps/sMxuz3sQl4djMKV3K1A2PF
ziofQlRq9a5pSYKfdRXReLvJr0lQ+l7b91fhw2cS9cMpaI65/KMW2f6CheCxvktJ
y5yX3UO0diMRjzHOUQonchsO4kyjI8lmU5A7k4DkWjYIXwpMSRLzkys5FZ/buzCe
wn3iuloe/njor4sW1vpaALRMg/uxUQ5onuVlqhVuCGlZoOVDCJNBecLgFZ+vb0/l
S+HoWqdufZm3Vd+zcBayclFUzlWyrv0KcddTgiyArWDxNds4qD5bkn2x2wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLIZtvm7TuikSgQwopohTlcygGuEMB8GA1UdIwQY
MBaAFCVr4XazE+GooFD2cK9XZ3G2VdYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSld2aGRyTVQ0YWlnVVBad3IxZG5jYlpWMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8xMzUwMzItZWEyNC00YTQ3LThmNWMt
ZTBiYWM0MTYxOTUzLzEvc2htMi1idE82S1JLQkRDaW1pRk9WektBYTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8xMzUwMzItZWEyNC00YTQ3LThmNWMtZTBiYWM0MTYxOTUz
LzEvSld2aGRyTVQ0YWlnVVBad3IxZG5jYlpWMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAYFkUAD
BAMFkWADBAK5SpAwDQQCAAIwBwMFAyoA0qAwDQYJKoZIhvcNAQELBQADggEBAD9k
R2RHpmYstpSrYT6hiWs8I7BfWevcCha0ADLY9KI28/u4anDa3DXvY8TNMPqu0uS0
hRhW4tnroVbwWZl7fiu6FJPw3Q6BH86VTO9lco9oASMT8cghw49NaC5+uiY81saV
NGdqEBSVf4RBIEeAxBq6LD/S7sWafoDuKN6hxYV81sxUoqRJnyZWZDpjQTaulYMw
/yVLquTJhiEC2S/q5qy9LA9p+GmyZRXX5JZLpUt1kRqMoUBwqz5RMypwzZqnaQdk
sihsMs+loOuWgJ3tnYAWVYKISx9GUesCGM6ZQlCOTjyu99ukAhHTigwJKoAu9UFZ
hXf9sf4AF7ZAM2+sweQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:07 2025 by rpki-client