Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3f1c-bbef-4d35-8146-c48b25f7846f/1/ih2Y3aa6Vn9Di8I2ZHgAdrlNpdM.roa
File: ih2Y3aa6Vn9Di8I2ZHgAdrlNpdM.roa (raw, json)
Hash identifier: WlmYitW+Ti6XYYFZ7yErseV5XuWPcM9LtY7e88LaKuQ=
Subject key identifier: 8A:1D:98:DD:A6:BA:56:7F:43:8B:C2:36:64:78:00:76:B9:4D:A5:D3
Certificate issuer: /CN=64685a6d73ff5a27e1bc1f9617dfb5508bad293b
Certificate serial: 0183001730E5329671F0E40BB6139D6F3053
Authority key identifier: 64:68:5A:6D:73:FF:5A:27:E1:BC:1F:96:17:DF:B5:50:8B:AD:29:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZGhabXP_WifhvB-WF9-1UIutKTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3f1c-bbef-4d35-8146-c48b25f7846f/1/ih2Y3aa6Vn9Di8I2ZHgAdrlNpdM.roa
Signing time: Fri 02 Sep 2022 21:24:23 +0000
ROA not before: Fri 02 Sep 2022 21:24:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205000
IP address blocks: 5.182.104.0/23 maxlen: 23
2a0f:dc80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:00:17:30:e5:32:96:71:f0:e4:0b:b6:13:9d:6f:30:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64685a6d73ff5a27e1bc1f9617dfb5508bad293b
Validity
Not Before: Sep 2 21:24:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a1d98dda6ba567f438bc23664780076b94da5d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:30:3c:53:78:4d:23:f4:d4:e7:6f:f8:95:25:
ca:5c:fa:ee:be:93:d5:d1:ea:c1:21:4a:60:07:3e:
d9:73:9b:1e:e5:63:0f:4e:7d:b0:90:5e:d4:e4:52:
6b:78:e7:30:85:ec:34:4b:00:23:0d:76:18:10:03:
1c:03:9e:c6:13:49:de:45:a7:b8:4f:33:c0:bc:04:
38:0a:35:07:39:cf:0d:6a:20:f6:6c:cd:65:65:8f:
ae:48:71:43:0e:cf:fa:ab:61:df:02:4e:91:e1:50:
4a:19:8d:b5:09:53:1b:7e:41:d5:27:8a:53:7b:60:
1c:52:d6:ca:aa:ad:30:32:df:a3:71:22:1a:7d:cd:
7b:8f:4d:f2:4f:3d:13:83:78:86:9b:36:95:73:c1:
47:df:70:82:7c:29:03:c3:23:84:6f:56:f7:d3:c9:
2f:df:ba:3c:3e:28:ac:90:98:ed:0e:ae:c0:aa:47:
fc:67:52:5b:79:ed:8e:0a:34:ae:bf:d4:b6:95:bf:
99:f3:e5:44:b0:71:d5:42:07:6c:9e:d0:27:ff:ec:
4f:ad:78:ad:fc:a9:dc:25:e0:0d:cb:8d:ee:2a:e1:
4b:2c:1e:4c:af:60:9d:3f:c6:e0:b2:04:82:7b:91:
51:2d:c1:e3:f1:8b:83:83:d8:14:aa:95:47:8b:56:
e0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:1D:98:DD:A6:BA:56:7F:43:8B:C2:36:64:78:00:76:B9:4D:A5:D3
X509v3 Authority Key Identifier:
keyid:64:68:5A:6D:73:FF:5A:27:E1:BC:1F:96:17:DF:B5:50:8B:AD:29:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZGhabXP_WifhvB-WF9-1UIutKTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3f1c-bbef-4d35-8146-c48b25f7846f/1/ih2Y3aa6Vn9Di8I2ZHgAdrlNpdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3f1c-bbef-4d35-8146-c48b25f7846f/1/ZGhabXP_WifhvB-WF9-1UIutKTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.104.0/23
IPv6:
2a0f:dc80::/29
Signature Algorithm: sha256WithRSAEncryption
5e:32:fa:b9:4f:3e:2e:c3:67:41:61:31:63:f3:e2:9c:f2:39:
03:4d:f8:59:a4:87:ae:ff:4c:f8:2a:c4:75:ba:ff:37:5c:30:
44:f5:15:23:34:ab:c8:bf:07:c4:26:66:04:9d:67:f7:17:e9:
c5:e6:0b:04:3f:b8:94:ee:e2:c4:e9:fe:9f:f9:61:b6:51:61:
97:e1:9a:ee:14:09:b3:d8:f0:64:0e:86:9f:a2:e3:3d:6a:b5:
e5:2d:3d:57:5f:e0:e1:46:51:e4:4e:e1:ff:62:05:17:c5:53:
0f:81:f9:4b:c9:f1:fb:be:36:3e:00:a6:19:0c:b7:3f:9a:fe:
23:6c:f3:bc:da:94:1b:45:8e:df:82:db:af:5f:69:ca:8c:df:
d5:8d:93:34:fd:6c:5d:d9:38:e1:91:f0:73:24:54:34:6d:2f:
15:24:8d:a0:7d:ea:38:8f:a9:84:84:32:1e:c6:4c:be:f4:3a:
c6:d2:9c:61:9b:9b:00:00:5b:b3:6f:b7:2f:a4:89:1c:56:44:
a1:4b:21:6d:93:da:81:72:a8:86:67:d5:a2:7f:15:39:5f:bf:
68:18:02:0d:57:1c:38:f1:84:54:32:60:bd:a7:4e:2d:0c:e1:
15:3d:54:3e:ba:67:4a:cc:d9:03:fd:63:4b:09:0c:df:cb:fa:
2b:a7:d6:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYMAFzDlMpZx8OQLthOdbzBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Njg1YTZkNzNmZjVhMjdlMWJjMWY5NjE3ZGZiNTUwOGJh
ZDI5M2IwHhcNMjIwOTAyMjEyNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTFkOThkZGE2YmE1NjdmNDM4YmMyMzY2NDc4MDA3NmI5NGRhNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTA8U3hNI/TU52/4lSXKXPruvpPV
0erBIUpgBz7Zc5se5WMPTn2wkF7U5FJreOcwhew0SwAjDXYYEAMcA57GE0neRae4
TzPAvAQ4CjUHOc8NaiD2bM1lZY+uSHFDDs/6q2HfAk6R4VBKGY21CVMbfkHVJ4pT
e2AcUtbKqq0wMt+jcSIafc17j03yTz0Tg3iGmzaVc8FH33CCfCkDwyOEb1b308kv
37o8PiiskJjtDq7Aqkf8Z1Jbee2OCjSuv9S2lb+Z8+VEsHHVQgdsntAn/+xPrXit
/KncJeANy43uKuFLLB5Mr2CdP8bgsgSCe5FRLcHj8YuDg9gUqpVHi1bgiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIodmN2mulZ/Q4vCNmR4AHa5TaXTMB8GA1UdIwQY
MBaAFGRoWm1z/1on4bwflhfftVCLrSk7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkdoYWJYUF9XaWZodkItV0Y5LTFVSXV0S1RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjNmMWMtYmJlZi00ZDM1LTgxNDYt
YzQ4YjI1Zjc4NDZmLzEvaWgyWTNhYTZWbjlEaThJMlpIZ0FkcmxOcGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjNmMWMtYmJlZi00ZDM1LTgxNDYtYzQ4YjI1Zjc4NDZm
LzEvWkdoYWJYUF9XaWZodkItV0Y5LTFVSXV0S1RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBBbZoMA0E
AgACMAcDBQMqD9yAMA0GCSqGSIb3DQEBCwUAA4IBAQBeMvq5Tz4uw2dBYTFj8+Kc
8jkDTfhZpIeu/0z4KsR1uv83XDBE9RUjNKvIvwfEJmYEnWf3F+nF5gsEP7iU7uLE
6f6f+WG2UWGX4ZruFAmz2PBkDoafouM9arXlLT1XX+DhRlHkTuH/YgUXxVMPgflL
yfH7vjY+AKYZDLc/mv4jbPO82pQbRY7fgtuvX2nKjN/VjZM0/Wxd2TjhkfBzJFQ0
bS8VJI2gfeo4j6mEhDIexky+9DrG0pxhm5sAAFuzb7cvpIkcVkShSyFtk9qBcqiG
Z9WifxU5X79oGAINVxw48YRUMmC9p04tDOEVPVQ+umdKzNkD/WNLCQzfy/orp9bc
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:32:27 2025 by rpki-client