Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/5NtSNQfmLULmiZOxSQ5-jHmpQcI.roa
File: 5NtSNQfmLULmiZOxSQ5-jHmpQcI.roa (raw, json)
Hash identifier: kDfy0hwW940iKE+IEOX0eZxvaYHwS4F7MRD8vLxmkuc=
Subject key identifier: E4:DB:52:35:07:E6:2D:42:E6:89:93:B1:49:0E:7E:8C:79:A9:41:C2
Certificate issuer: /CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Certificate serial: 0184D349074CC2128BCDC42FC49DC7D52994
Authority key identifier: DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/5NtSNQfmLULmiZOxSQ5-jHmpQcI.roa
Signing time: Fri 02 Dec 2022 14:41:29 +0000
ROA not before: Fri 02 Dec 2022 14:41:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17916
IP address blocks: 194.169.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d3:49:07:4c:c2:12:8b:cd:c4:2f:c4:9d:c7:d5:29:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Validity
Not Before: Dec 2 14:41:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4db523507e62d42e68993b1490e7e8c79a941c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5c:5c:d7:f2:59:fb:b6:4a:be:cb:c2:88:fe:
06:f0:b8:d7:e5:34:54:92:1e:dd:ba:de:e3:09:75:
7b:52:29:77:3a:80:74:ec:9f:01:32:7c:50:80:9e:
58:b5:63:85:f9:fe:51:c8:9f:dc:54:b3:ea:59:24:
55:83:6d:d8:65:73:cf:0c:c8:b4:1a:3e:7b:60:1e:
fa:64:11:89:3c:b3:97:e8:e2:ee:7a:d2:82:13:a2:
a4:19:fe:6a:8b:cd:c1:75:8f:e2:46:58:7c:f2:59:
ce:aa:00:d0:e0:63:83:74:e5:25:d6:7f:03:c2:0a:
4d:63:f5:d4:02:c9:fa:53:98:ba:d8:d8:76:78:2b:
97:f4:33:26:57:8e:81:dd:5e:3c:92:4b:eb:da:bb:
aa:42:0f:e6:55:71:50:db:f6:7c:82:84:a9:63:42:
c8:d6:ba:28:29:90:67:9d:1b:7a:d9:9a:39:19:a3:
e5:3d:6c:d1:8d:49:ac:b7:05:a0:83:49:91:80:3c:
a5:7a:d2:de:12:12:ba:e9:ee:06:29:43:0f:97:16:
da:ca:31:7c:9f:f7:78:c0:62:36:51:fd:07:c8:1f:
93:63:38:e0:85:1e:aa:90:e8:8b:a2:94:51:e8:44:
9b:80:20:31:ae:97:95:27:76:b4:4d:88:56:92:21:
78:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:DB:52:35:07:E6:2D:42:E6:89:93:B1:49:0E:7E:8C:79:A9:41:C2
X509v3 Authority Key Identifier:
keyid:DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/5NtSNQfmLULmiZOxSQ5-jHmpQcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/3mZANXrkrhD8Cz6dmPKgywEYkDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.22.0/24
Signature Algorithm: sha256WithRSAEncryption
43:59:f3:d8:49:95:d0:cc:c5:1d:c4:db:32:16:6b:da:7c:95:
00:bc:67:e9:28:d5:6f:9f:cc:35:30:b3:38:2f:02:7a:f8:fb:
21:b4:01:d6:8e:25:e2:80:47:4f:21:53:81:1e:f7:91:f9:6a:
e2:78:8d:b7:f9:67:d3:66:27:03:17:55:2e:5f:fe:e8:a6:3f:
f8:c9:a8:38:66:43:66:72:50:21:6e:f0:7d:b1:59:ec:63:65:
5f:d2:29:03:b4:32:51:fb:d7:4a:64:58:06:f8:8f:2d:b5:04:
2c:a6:a3:6d:0d:a3:ec:06:1c:98:33:76:94:e9:05:d0:1c:41:
36:3d:4b:ac:59:66:db:be:4b:1a:fa:10:6b:c1:ec:ea:7a:dd:
42:b2:33:73:4c:e2:0b:41:9e:82:b8:50:f2:57:e8:1a:ae:7a:
ba:78:82:b7:f0:3f:9a:8d:fe:b1:31:d6:1f:85:d7:c4:51:8e:
a5:dd:f0:f9:3c:0a:87:d6:65:2e:fa:61:e3:a3:02:8d:58:32:
24:db:d5:3a:22:02:1f:53:f3:34:f0:40:86:35:01:3e:7a:86:
41:66:d9:60:9e:81:3c:8f:22:fc:fb:0d:e3:66:74:6f:2a:4a:
91:b1:75:8a:5a:4a:f4:d4:cf:2d:99:c1:f3:d3:1a:64:a7:3a:
29:ed:0f:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTTSQdMwhKLzcQvxJ3H1SmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNjY0MDM1N2FlNGFlMTBmYzBiM2U5ZDk4ZjJhMGNiMDEx
ODkwM2MwHhcNMjIxMjAyMTQ0MTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGRiNTIzNTA3ZTYyZDQyZTY4OTkzYjE0OTBlN2U4Yzc5YTk0MWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilxc1/JZ+7ZKvsvCiP4G8LjX5TRU
kh7dut7jCXV7Uil3OoB07J8BMnxQgJ5YtWOF+f5RyJ/cVLPqWSRVg23YZXPPDMi0
Gj57YB76ZBGJPLOX6OLuetKCE6KkGf5qi83BdY/iRlh88lnOqgDQ4GODdOUl1n8D
wgpNY/XUAsn6U5i62Nh2eCuX9DMmV46B3V48kkvr2ruqQg/mVXFQ2/Z8goSpY0LI
1rooKZBnnRt62Zo5GaPlPWzRjUmstwWgg0mRgDyletLeEhK66e4GKUMPlxbayjF8
n/d4wGI2Uf0HyB+TYzjghR6qkOiLopRR6ESbgCAxrpeVJ3a0TYhWkiF4FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTbUjUH5i1C5omTsUkOfox5qUHCMB8GA1UdIwQY
MBaAFN5mQDV65K4Q/As+nZjyoMsBGJA8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAt
ZmY5N2Y2MmEwOTQ1LzEvNU50U05RZm1MVUxtaVpPeFNRNS1qSG1wUWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAtZmY5N2Y2MmEwOTQ1
LzEvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqkWMA0G
CSqGSIb3DQEBCwUAA4IBAQBDWfPYSZXQzMUdxNsyFmvafJUAvGfpKNVvn8w1MLM4
LwJ6+PshtAHWjiXigEdPIVOBHveR+WrieI23+WfTZicDF1UuX/7opj/4yag4ZkNm
clAhbvB9sVnsY2Vf0ikDtDJR+9dKZFgG+I8ttQQspqNtDaPsBhyYM3aU6QXQHEE2
PUusWWbbvksa+hBrwezqet1CsjNzTOILQZ6CuFDyV+garnq6eIK38D+ajf6xMdYf
hdfEUY6l3fD5PAqH1mUu+mHjowKNWDIk29U6IgIfU/M08ECGNQE+eoZBZtlgnoE8
jyL8+w3jZnRvKkqRsXWKWkr01M8tmcHz0xpkpzop7Q+w
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:47 2025 by rpki-client