Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/4db770-d7f5-4bcb-ba44-857712720a35/1/5oQ9F1pwBzcTm52FrtiEghTqMU8.roa
File: 5oQ9F1pwBzcTm52FrtiEghTqMU8.roa (raw, json)
Hash identifier: 9J5FDx/qY6zOCUAKyZ5rpLAjoLQAcqjLPgXddnZ14KY=
Subject key identifier: E6:84:3D:17:5A:70:07:37:13:9B:9D:85:AE:D8:84:82:14:EA:31:4F
Certificate issuer: /CN=eab9a157e12a2ef717d13231af06fd85454b3151
Certificate serial: 0185DE6D36E842D72A07267A5B03E7A190E7
Authority key identifier: EA:B9:A1:57:E1:2A:2E:F7:17:D1:32:31:AF:06:FD:85:45:4B:31:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6rmhV-EqLvcX0TIxrwb9hUVLMVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/4db770-d7f5-4bcb-ba44-857712720a35/1/5oQ9F1pwBzcTm52FrtiEghTqMU8.roa
Signing time: Mon 23 Jan 2023 11:39:37 +0000
ROA not before: Mon 23 Jan 2023 11:39:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47292
IP address blocks: 37.157.0.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:6d:36:e8:42:d7:2a:07:26:7a:5b:03:e7:a1:90:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eab9a157e12a2ef717d13231af06fd85454b3151
Validity
Not Before: Jan 23 11:39:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6843d175a700737139b9d85aed8848214ea314f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6d:c0:2f:2e:01:5e:ca:61:c2:90:c7:b5:e2:
a8:2d:ce:4b:21:6e:bb:21:4d:36:8d:7c:40:5a:57:
10:d5:c5:84:10:18:16:9f:d7:21:ac:bb:f2:a6:21:
56:72:fa:97:38:da:fa:31:ee:8c:ef:c9:b8:70:2e:
96:d0:99:ce:9c:55:30:27:e9:84:57:58:5d:12:0a:
2b:2d:61:59:29:c3:66:20:38:4d:d5:c2:d4:97:e7:
d2:e8:bb:2c:c3:56:5a:e5:d3:4d:29:ed:cb:1d:0c:
4a:21:b8:12:43:3e:49:6f:5a:bb:55:5c:e8:a7:1d:
df:14:27:6d:22:1f:f2:dc:49:64:1a:32:9e:0d:85:
d3:68:49:20:63:d0:2b:d9:f2:8d:c5:db:1a:fe:60:
1f:04:8d:33:ec:28:ce:8f:5a:d9:e3:9f:f1:32:f2:
46:fa:63:95:f6:04:53:e7:a1:6e:2b:fb:16:76:8f:
11:72:51:39:ad:6a:e7:89:db:b3:b3:db:16:e2:f1:
51:6b:70:a9:38:50:57:21:cb:c8:98:8d:bd:3b:c6:
bc:c1:3d:ba:39:e8:42:7a:9b:3f:3c:1e:f1:34:dc:
e1:06:2d:24:ae:65:fd:f1:a4:90:69:40:c5:8c:29:
e7:55:83:8c:28:34:7a:33:4f:7b:74:8e:bb:b0:f5:
b9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:84:3D:17:5A:70:07:37:13:9B:9D:85:AE:D8:84:82:14:EA:31:4F
X509v3 Authority Key Identifier:
keyid:EA:B9:A1:57:E1:2A:2E:F7:17:D1:32:31:AF:06:FD:85:45:4B:31:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6rmhV-EqLvcX0TIxrwb9hUVLMVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/4db770-d7f5-4bcb-ba44-857712720a35/1/5oQ9F1pwBzcTm52FrtiEghTqMU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/4db770-d7f5-4bcb-ba44-857712720a35/1/6rmhV-EqLvcX0TIxrwb9hUVLMVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.0.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:6d:2b:31:e3:01:db:85:3f:90:4f:4b:8e:04:4c:57:f3:17:
65:d2:4a:a1:ff:b4:94:ca:2f:25:f7:64:85:9f:18:14:c3:bf:
33:c8:28:23:82:f4:ac:6d:a3:69:5b:fd:a3:be:6b:5c:3f:cb:
1c:1b:f8:13:40:08:93:8d:4c:e0:50:3f:e8:2a:ba:15:62:9e:
da:fb:da:c2:8d:8b:71:d3:56:be:2e:46:4c:76:af:8d:7c:2a:
2d:44:64:84:86:33:df:c7:b4:cc:d3:b2:af:ae:26:e6:2f:69:
65:6b:65:f3:80:02:6b:8e:e6:94:af:99:60:ef:f5:ae:4e:94:
be:93:f3:d6:b4:be:ce:17:15:52:24:75:63:e8:e6:c1:1f:3d:
c9:d3:29:e3:e6:48:6f:50:d5:9d:1f:4f:7d:c0:c0:38:da:de:
ac:9c:cd:8f:b5:e3:76:47:0e:3f:1f:4b:5c:43:e2:60:01:0b:
c7:33:3a:e3:57:da:58:28:af:c8:f8:24:38:2e:fe:ae:9f:de:
74:47:9a:ac:d2:3d:f9:ad:30:2a:cd:da:d2:c6:7f:e5:68:6a:
8b:b8:d2:1c:5e:c6:c8:58:87:07:79:91:93:12:73:7d:77:1a:
36:ce:93:2b:30:5d:b9:ca:28:0c:76:72:91:47:5e:e2:8c:37:
fa:6c:b5:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXebTboQtcqByZ6WwPnoZDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYjlhMTU3ZTEyYTJlZjcxN2QxMzIzMWFmMDZmZDg1NDU0
YjMxNTEwHhcNMjMwMTIzMTEzOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjg0M2QxNzVhNzAwNzM3MTM5YjlkODVhZWQ4ODQ4MjE0ZWEzMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG3ALy4BXsphwpDHteKoLc5LIW67
IU02jXxAWlcQ1cWEEBgWn9chrLvypiFWcvqXONr6Me6M78m4cC6W0JnOnFUwJ+mE
V1hdEgorLWFZKcNmIDhN1cLUl+fS6Lssw1Za5dNNKe3LHQxKIbgSQz5Jb1q7VVzo
px3fFCdtIh/y3ElkGjKeDYXTaEkgY9Ar2fKNxdsa/mAfBI0z7CjOj1rZ45/xMvJG
+mOV9gRT56FuK/sWdo8RclE5rWrniduzs9sW4vFRa3CpOFBXIcvImI29O8a8wT26
OehCeps/PB7xNNzhBi0krmX98aSQaUDFjCnnVYOMKDR6M097dI67sPW5ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOaEPRdacAc3E5udha7YhIIU6jFPMB8GA1UdIwQY
MBaAFOq5oVfhKi73F9EyMa8G/YVFSzFRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnJtaFYtRXFMdmNYMFRJeHJ3YjloVVZMTVZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi80ZGI3NzAtZDdmNS00YmNiLWJhNDQt
ODU3NzEyNzIwYTM1LzEvNW9ROUYxcHdCemNUbTUyRnJ0aUVnaFRxTVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi80ZGI3NzAtZDdmNS00YmNiLWJhNDQtODU3NzEyNzIwYTM1
LzEvNnJtaFYtRXFMdmNYMFRJeHJ3YjloVVZMTVZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJZ0AMA0G
CSqGSIb3DQEBCwUAA4IBAQBabSsx4wHbhT+QT0uOBExX8xdl0kqh/7SUyi8l92SF
nxgUw78zyCgjgvSsbaNpW/2jvmtcP8scG/gTQAiTjUzgUD/oKroVYp7a+9rCjYtx
01a+LkZMdq+NfCotRGSEhjPfx7TM07KvribmL2lla2XzgAJrjuaUr5lg7/WuTpS+
k/PWtL7OFxVSJHVj6ObBHz3J0ynj5khvUNWdH099wMA42t6snM2PteN2Rw4/H0tc
Q+JgAQvHMzrjV9pYKK/I+CQ4Lv6un950R5qs0j35rTAqzdrSxn/laGqLuNIcXsbI
WIcHeZGTEnN9dxo2zpMrMF25yigMdnKRR17ijDf6bLUa
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:01:09 2025 by rpki-client