Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/V5667ZnljxUQPt6kqtYn2l1R6C8.roa
File: V5667ZnljxUQPt6kqtYn2l1R6C8.roa (raw, json)
Hash identifier: MDwextkdvhvGeq3EmPKDJ/c0dCU5+7jqD6EgDZlmieY=
Subject key identifier: 57:9E:BA:ED:99:E5:8F:15:10:3E:DE:A4:AA:D6:27:DA:5D:51:E8:2F
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 01896478F069E1CA29D2632C48E0F80093D5
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/V5667ZnljxUQPt6kqtYn2l1R6C8.roa
Signing time: Mon 17 Jul 2023 15:29:54 +0000
ROA not before: Mon 17 Jul 2023 15:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 5.133.110.0/24 maxlen: 24
192.144.16.0/24 maxlen: 24
109.94.217.0/24 maxlen: 24
109.94.216.0/24 maxlen: 24
109.94.219.0/24 maxlen: 24
109.94.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:78:f0:69:e1:ca:29:d2:63:2c:48:e0:f8:00:93:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jul 17 15:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=579ebaed99e58f15103edea4aad627da5d51e82f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ce:3c:df:4b:7d:0f:aa:b1:d8:0e:08:1f:2c:
79:e4:de:f8:67:b0:89:1f:c4:04:ff:1d:a5:62:27:
8e:7e:4e:18:ff:58:4c:5b:af:61:d1:1c:05:79:ee:
63:d0:92:82:7e:fd:f1:32:a2:e4:b9:a6:1a:1c:32:
f8:3b:11:0a:e0:91:82:ad:9b:2b:be:39:63:08:0d:
33:55:bc:13:95:33:f5:3a:e2:0e:7d:9c:d6:d2:db:
0a:9e:b9:bb:01:8b:7e:56:c7:fa:b2:e2:8d:eb:4d:
e5:eb:e3:0c:75:c4:31:bd:6c:bd:1d:51:d9:28:f2:
8e:5f:97:e8:1a:d5:91:98:c8:b4:4d:6d:7b:49:ca:
10:83:a4:8c:f0:e1:5d:35:4b:45:ff:a7:da:9e:24:
c4:01:5c:00:62:41:b5:6b:e3:dd:b7:33:d0:c7:29:
b8:9b:0c:7a:9a:16:ca:cc:62:61:3b:ce:16:ae:c0:
e2:58:d9:c5:c8:00:70:86:54:9b:92:bd:18:0a:f0:
da:7a:c7:d6:a3:33:a7:d3:05:e4:85:08:0c:9e:ba:
22:85:52:60:c1:fb:8e:2a:bd:04:06:82:6b:54:fa:
d7:e3:a2:80:be:45:b2:76:e3:35:df:7f:62:cc:66:
f8:1a:19:4d:63:42:d3:87:73:f5:8a:9a:db:32:80:
a8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:9E:BA:ED:99:E5:8F:15:10:3E:DE:A4:AA:D6:27:DA:5D:51:E8:2F
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/V5667ZnljxUQPt6kqtYn2l1R6C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.110.0/24
109.94.216.0/22
192.144.16.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:37:c3:04:ee:75:d0:51:d0:be:53:b1:e6:8e:49:e1:6f:4a:
91:d3:93:2f:25:84:e2:b7:cc:a7:04:76:d0:3d:89:44:3b:6c:
31:fd:8d:64:1f:70:e7:ff:da:dc:12:26:62:7d:15:c4:c0:0b:
93:09:51:60:a0:19:e6:2e:79:85:31:8a:6d:22:2d:19:21:b1:
25:02:84:53:59:fa:46:d0:59:be:10:9c:89:ad:6d:b3:75:69:
cf:08:f1:0c:f2:8c:70:88:86:7c:20:a6:1e:26:d2:44:f7:61:
54:08:a9:1f:b9:6e:ef:67:c3:8b:c3:4a:54:f5:e5:78:f5:5b:
c8:d0:cd:63:8b:76:65:da:b8:72:ca:50:81:48:11:fa:03:ec:
7e:33:75:c7:69:25:d5:99:38:8b:70:1a:ce:0d:ab:83:16:b8:
f9:db:a6:6f:ba:68:78:af:1a:ae:e1:20:fc:f1:43:4f:16:48:
65:1f:ce:03:27:50:1d:af:5b:4c:40:72:e3:be:7e:15:22:a6:
c2:e3:dc:d7:68:6d:67:04:65:30:d2:42:9a:26:c5:a0:88:1c:
f5:12:02:c5:2f:6f:2b:af:6f:4e:99:f8:fe:c0:b6:45:1d:19:
52:65:85:11:47:71:7c:6e:36:23:40:a4:3e:e1:9a:28:49:80:
b1:a2:86:f3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlkePBp4cop0mMsSOD4AJPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjMwNzE3MTUyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzllYmFlZDk5ZTU4ZjE1MTAzZWRlYTRhYWQ2MjdkYTVkNTFlODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM4830t9D6qx2A4IHyx55N74Z7CJ
H8QE/x2lYieOfk4Y/1hMW69h0RwFee5j0JKCfv3xMqLkuaYaHDL4OxEK4JGCrZsr
vjljCA0zVbwTlTP1OuIOfZzW0tsKnrm7AYt+Vsf6suKN603l6+MMdcQxvWy9HVHZ
KPKOX5foGtWRmMi0TW17ScoQg6SM8OFdNUtF/6faniTEAVwAYkG1a+PdtzPQxym4
mwx6mhbKzGJhO84WrsDiWNnFyABwhlSbkr0YCvDaesfWozOn0wXkhQgMnroihVJg
wfuOKr0EBoJrVPrX46KAvkWyduM1339izGb4GhlNY0LTh3P1iprbMoCoDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFeeuu2Z5Y8VED7epKrWJ9pdUegvMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvVjU2NjdabmxqeFVRUHQ2a3F0WW4ybDFSNkM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABYVuAwQC
bV7YAwQAwJAQMA0GCSqGSIb3DQEBCwUAA4IBAQBsN8ME7nXQUdC+U7Hmjknhb0qR
05MvJYTit8ynBHbQPYlEO2wx/Y1kH3Dn/9rcEiZifRXEwAuTCVFgoBnmLnmFMYpt
Ii0ZIbElAoRTWfpG0Fm+EJyJrW2zdWnPCPEM8oxwiIZ8IKYeJtJE92FUCKkfuW7v
Z8OLw0pU9eV49VvI0M1ji3Zl2rhyylCBSBH6A+x+M3XHaSXVmTiLcBrODauDFrj5
26Zvumh4rxqu4SD88UNPFkhlH84DJ1Adr1tMQHLjvn4VIqbC49zXaG1nBGUw0kKa
JsWgiBz1EgLFL28rr29Omfj+wLZFHRlSZYURR3F8bjYjQKQ+4ZooSYCxoobz
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:19:03 2025 by rpki-client