Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/hrK0ARoc4gkLFsGtSPc5-VxCJJ0.roa
File: hrK0ARoc4gkLFsGtSPc5-VxCJJ0.roa (raw, json)
Hash identifier: 3gxmPUiTu0HFn/2HSglSmDS4n1dte8KSZ/9xKkibw0c=
Subject key identifier: 86:B2:B4:01:1A:1C:E2:09:0B:16:C1:AD:48:F7:39:F9:5C:42:24:9D
Certificate issuer: /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Certificate serial: 018774FFB9516E98157D45C703992A6DBBF6
Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/hrK0ARoc4gkLFsGtSPc5-VxCJJ0.roa
Signing time: Wed 12 Apr 2023 10:25:28 +0000
ROA not before: Wed 12 Apr 2023 10:25:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64200
IP address blocks: 152.36.240.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:ff:b9:51:6e:98:15:7d:45:c7:03:99:2a:6d:bb:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Validity
Not Before: Apr 12 10:25:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86b2b4011a1ce2090b16c1ad48f739f95c42249d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:83:61:d4:41:a1:5e:0e:75:3b:ed:44:94:94:
88:da:af:7c:61:83:7a:ee:10:f2:05:15:88:78:6b:
53:04:84:16:1b:a5:bf:38:19:06:7c:a3:f1:86:75:
79:b8:6b:de:6b:f5:55:df:a3:77:6c:c8:64:6e:01:
02:d9:85:db:b6:e9:99:6d:ac:e9:72:19:3d:84:e7:
d2:3c:9a:b0:53:c9:6c:83:ca:cc:6d:8e:ca:9f:3e:
ac:87:9a:8e:62:d5:41:6d:b4:ac:be:50:3d:d7:e2:
c5:55:7a:67:65:32:01:be:61:64:b8:27:db:61:70:
c2:39:b4:cb:79:ff:fb:c9:98:0c:d9:2e:c1:75:14:
68:5a:aa:db:68:e9:e9:f4:a1:3c:82:ee:9f:47:01:
7b:d5:9e:17:51:18:a3:63:bd:cb:3d:a8:62:42:7f:
25:2b:0d:f5:4c:05:4a:42:6c:ac:fa:64:62:d7:be:
b6:89:df:06:a9:d9:08:1c:a9:b3:2b:84:17:28:bd:
c0:34:41:b1:18:02:0a:b2:70:fb:97:e2:88:bd:bc:
c0:76:11:9f:db:a9:89:fd:f4:47:24:5a:e2:a5:2d:
6c:a4:61:4e:c0:20:40:61:65:78:62:cd:8b:af:ef:
d3:45:3d:e2:71:95:65:5e:b2:be:01:9f:8e:b6:4f:
98:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B2:B4:01:1A:1C:E2:09:0B:16:C1:AD:48:F7:39:F9:5C:42:24:9D
X509v3 Authority Key Identifier:
keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/hrK0ARoc4gkLFsGtSPc5-VxCJJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.36.240.0/20
Signature Algorithm: sha256WithRSAEncryption
28:6d:e7:5f:a0:94:53:89:b0:31:df:16:30:cc:0d:ae:f4:73:
75:60:38:10:f2:c5:bb:52:e2:ad:93:85:11:d2:14:96:e1:48:
5a:bb:f9:c8:1e:48:64:3f:0d:2f:79:7c:d0:a5:68:19:51:05:
1a:44:96:80:a2:c7:85:2c:d0:13:c6:72:5e:73:3c:6b:7d:ed:
3b:07:d7:2b:db:17:d9:1c:ff:b1:3d:93:ec:ac:96:1b:b0:07:
6d:80:ea:dc:57:ef:6c:f0:67:30:94:53:67:ef:d5:b1:55:7e:
d0:92:ba:6a:32:96:14:a6:ac:4b:e7:b1:94:47:06:f5:5f:be:
f0:1c:1d:bd:08:26:1e:c8:85:f7:d1:62:ae:fc:31:1c:4d:49:
8d:7a:e6:b9:05:6c:c9:6e:e4:4b:0d:e1:49:6e:f5:53:5c:3b:
ab:4a:b5:43:bc:d3:c1:84:8d:fc:fb:5d:8c:ef:d3:a0:44:a0:
6c:f7:f3:99:ae:fd:59:11:60:79:46:ff:52:20:ff:fd:83:8b:
6e:94:0a:ef:f2:93:de:68:c6:13:74:86:6e:c9:a1:66:61:01:
7c:1e:69:72:5c:93:01:fa:f3:97:95:a2:08:45:4b:96:02:ce:
cc:ce:bf:67:02:ca:c8:d5:0a:0c:5b:49:ed:cd:17:7c:67:5d:
62:f8:7f:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd0/7lRbpgVfUXHA5kqbbv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk
ZjNlMWUwHhcNMjMwNDEyMTAyNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmIyYjQwMTFhMWNlMjA5MGIxNmMxYWQ0OGY3MzlmOTVjNDIyNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkINh1EGhXg51O+1ElJSI2q98YYN6
7hDyBRWIeGtTBIQWG6W/OBkGfKPxhnV5uGvea/VV36N3bMhkbgEC2YXbtumZbazp
chk9hOfSPJqwU8lsg8rMbY7Knz6sh5qOYtVBbbSsvlA91+LFVXpnZTIBvmFkuCfb
YXDCObTLef/7yZgM2S7BdRRoWqrbaOnp9KE8gu6fRwF71Z4XURijY73LPahiQn8l
Kw31TAVKQmys+mRi1762id8GqdkIHKmzK4QXKL3ANEGxGAIKsnD7l+KIvbzAdhGf
26mJ/fRHJFripS1spGFOwCBAYWV4Ys2Lr+/TRT3icZVlXrK+AZ+Otk+YiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIaytAEaHOIJCxbBrUj3OflcQiSdMB8GA1UdIwQY
MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt
YjU5MDk1N2Q5NDE1LzEvaHJLMEFSb2M0Z2tMRnNHdFNQYzUtVnhDSkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYtYjU5MDk1N2Q5NDE1
LzEvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmCTwMA0G
CSqGSIb3DQEBCwUAA4IBAQAobedfoJRTibAx3xYwzA2u9HN1YDgQ8sW7UuKtk4UR
0hSW4Uhau/nIHkhkPw0veXzQpWgZUQUaRJaAoseFLNATxnJeczxrfe07B9cr2xfZ
HP+xPZPsrJYbsAdtgOrcV+9s8GcwlFNn79WxVX7QkrpqMpYUpqxL57GURwb1X77w
HB29CCYeyIX30WKu/DEcTUmNeua5BWzJbuRLDeFJbvVTXDurSrVDvNPBhI38+12M
79OgRKBs9/OZrv1ZEWB5Rv9SIP/9g4tulArv8pPeaMYTdIZuyaFmYQF8HmlyXJMB
+vOXlaIIRUuWAs7Mzr9nAsrI1QoMW0ntzRd8Z11i+H+0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:22 2025 by rpki-client