Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/5Xh5yoNEXZJcd9NmylZsuT8yQfE.roa
File: 5Xh5yoNEXZJcd9NmylZsuT8yQfE.roa (raw, json)
Hash identifier: hvjpG0j0nfVwTHhnSfXieshcfc0zmX69zGFxjqrVyZc=
Subject key identifier: E5:78:79:CA:83:44:5D:92:5C:77:D3:66:CA:56:6C:B9:3F:32:41:F1
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 0184A9C58C349E519EFB3A38CC2F9AB0BAE7
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/5Xh5yoNEXZJcd9NmylZsuT8yQfE.roa
Signing time: Thu 24 Nov 2022 13:13:26 +0000
ROA not before: Thu 24 Nov 2022 13:13:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 185.191.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:c5:8c:34:9e:51:9e:fb:3a:38:cc:2f:9a:b0:ba:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: Nov 24 13:13:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e57879ca83445d925c77d366ca566cb93f3241f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:62:2b:c1:9c:83:86:b5:b5:63:f4:fb:b4:e1:
ec:c4:a1:cb:5a:77:57:a4:53:b9:e4:c0:f8:8d:64:
56:10:b0:9f:2b:ff:8b:93:1e:c2:82:b5:03:55:79:
5d:74:13:52:9d:dc:7d:17:93:94:62:9e:5d:a0:30:
43:dc:92:9d:69:88:4a:29:fe:49:d6:eb:34:cc:a5:
03:08:57:ab:ed:27:c2:1d:45:18:4b:3a:0e:ed:3f:
ab:80:1e:e2:16:69:53:ec:96:12:52:04:87:29:92:
af:16:30:42:22:92:fc:81:0d:07:00:d7:3f:e2:10:
c0:9c:4f:9a:62:44:63:a8:88:2e:71:25:8a:2c:77:
06:80:13:92:73:69:75:ff:5e:1c:83:85:84:b4:38:
0c:89:b4:c0:72:41:d0:6a:b7:55:e1:42:20:49:10:
55:4d:dd:27:0a:57:23:ad:3d:2f:79:77:24:10:43:
d7:18:de:19:d8:ec:de:12:4c:96:19:63:86:97:5c:
9c:98:28:1b:06:22:79:e2:23:13:c0:3e:80:ee:bf:
6c:fc:63:47:40:99:c7:be:bd:a7:9e:4b:07:d2:a1:
a7:b0:be:68:de:fd:ce:de:dd:64:9a:b7:0a:10:9f:
fe:ca:de:43:dc:5b:b9:60:57:0c:3d:88:7b:5f:25:
cc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:78:79:CA:83:44:5D:92:5C:77:D3:66:CA:56:6C:B9:3F:32:41:F1
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/5Xh5yoNEXZJcd9NmylZsuT8yQfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.147.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:88:72:fa:74:eb:1b:82:38:86:1a:11:e5:47:8a:d5:1c:7b:
68:d6:02:0b:7c:44:d9:6b:08:3f:3c:fe:5c:2e:fb:78:79:11:
fa:74:dc:5a:bf:45:50:a5:dc:8d:85:7d:29:dd:c1:fd:f1:12:
28:96:95:f4:f1:28:3d:5e:e7:13:59:4c:97:bd:bb:93:97:6b:
7c:2e:39:15:1f:85:e5:71:dd:9f:12:d5:5c:f9:7a:6a:0b:e8:
50:8e:10:c7:16:42:ff:2c:80:46:87:51:90:39:1a:f8:76:33:
04:9e:da:be:37:32:54:9d:f6:a2:cc:ff:1f:a3:c5:54:fb:8b:
b6:c8:cf:52:e4:0c:85:65:d5:d4:84:5d:ef:c9:1d:b2:81:39:
bf:c5:31:20:4f:cf:e2:9d:0b:6c:2a:23:b5:ad:ff:b9:5a:a7:
75:5b:aa:6d:f2:72:c9:ea:76:f7:41:70:5e:f9:d8:c9:1a:bf:
86:af:e4:41:e6:b6:aa:5d:a4:f4:17:c2:cd:99:cb:23:dc:82:
18:70:9e:15:72:14:2a:be:1c:b8:83:25:d1:aa:db:8e:ea:97:
4a:e6:83:44:41:5e:65:d3:95:4c:ef:d6:f4:e6:24:2f:2e:12:
82:ee:0b:42:04:ff:0e:81:b8:52:be:23:8f:cb:0e:8a:bf:24:
b3:81:3d:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSpxYw0nlGe+zo4zC+asLrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjIxMTI0MTMxMzI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTc4NzljYTgzNDQ1ZDkyNWM3N2QzNjZjYTU2NmNiOTNmMzI0MWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWIrwZyDhrW1Y/T7tOHsxKHLWndX
pFO55MD4jWRWELCfK/+Lkx7CgrUDVXlddBNSndx9F5OUYp5doDBD3JKdaYhKKf5J
1us0zKUDCFer7SfCHUUYSzoO7T+rgB7iFmlT7JYSUgSHKZKvFjBCIpL8gQ0HANc/
4hDAnE+aYkRjqIgucSWKLHcGgBOSc2l1/14cg4WEtDgMibTAckHQardV4UIgSRBV
Td0nClcjrT0veXckEEPXGN4Z2OzeEkyWGWOGl1ycmCgbBiJ54iMTwD6A7r9s/GNH
QJnHvr2nnksH0qGnsL5o3v3O3t1kmrcKEJ/+yt5D3Fu5YFcMPYh7XyXMWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOV4ecqDRF2SXHfTZspWbLk/MkHxMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvNVhoNXlvTkVYWkpjZDlObXlsWnN1VDh5UWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+TMA0G
CSqGSIb3DQEBCwUAA4IBAQDSiHL6dOsbgjiGGhHlR4rVHHto1gILfETZawg/PP5c
Lvt4eRH6dNxav0VQpdyNhX0p3cH98RIolpX08Sg9XucTWUyXvbuTl2t8LjkVH4Xl
cd2fEtVc+XpqC+hQjhDHFkL/LIBGh1GQORr4djMEntq+NzJUnfaizP8fo8VU+4u2
yM9S5AyFZdXUhF3vyR2ygTm/xTEgT8/inQtsKiO1rf+5Wqd1W6pt8nLJ6nb3QXBe
+djJGr+Gr+RB5raqXaT0F8LNmcsj3IIYcJ4VchQqvhy4gyXRqtuO6pdK5oNEQV5l
05VM79b05iQvLhKC7gtCBP8OgbhSviOPyw6KvySzgT05
-----END CERTIFICATE-----
Generated at Fri Feb 21 10:58:58 2025 by rpki-client