Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/5LVy24Bn4bPeG318qyEgTboyyl0.roa
File: 5LVy24Bn4bPeG318qyEgTboyyl0.roa (raw, json)
Hash identifier: VY4Z5sIMZpkStjVifnbZJ2DobpyTcVVDWe8I4LX3g0U=
Subject key identifier: E4:B5:72:DB:80:67:E1:B3:DE:1B:7D:7C:AB:21:20:4D:BA:32:CA:5D
Certificate issuer: /CN=7d59659636089e32324697629c218da38a2b673d
Certificate serial: 047C3F56
Authority key identifier: 7D:59:65:96:36:08:9E:32:32:46:97:62:9C:21:8D:A3:8A:2B:67:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVllljYInjIyRpdinCGNo4orZz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/5LVy24Bn4bPeG318qyEgTboyyl0.roa
Signing time: Sat 01 Jan 2022 11:56:34 +0000
ROA not before: Sat 01 Jan 2022 11:56:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197540
IP address blocks: 202.61.192.0/20 maxlen: 22
202.61.224.0/20 maxlen: 22
202.61.240.0/20 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75251542 (0x47c3f56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d59659636089e32324697629c218da38a2b673d
Validity
Not Before: Jan 1 11:56:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4b572db8067e1b3de1b7d7cab21204dba32ca5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ba:93:5c:4c:03:78:fe:18:0a:c5:24:bc:44:
f6:98:c2:0c:15:9a:6b:2c:2d:1f:98:ad:d2:0b:29:
1e:d9:ef:a5:95:0d:18:0d:58:2d:71:1f:82:9e:4f:
96:b6:46:da:d0:13:44:b0:8a:64:c9:d9:bd:49:e1:
47:74:2c:66:07:50:dd:e7:26:54:0c:c3:39:6e:75:
66:76:93:e2:77:71:ed:f3:07:5e:13:4b:09:66:6f:
91:b4:97:02:10:39:80:b3:e0:d2:90:f3:50:91:0e:
fe:b0:5e:1b:5b:40:a3:aa:70:64:7c:cb:2d:fa:06:
36:79:dc:77:9e:f5:0e:9e:39:f4:5f:ec:17:3a:21:
ce:b0:25:da:f5:c5:95:4c:f5:fd:bb:62:21:27:1b:
48:40:d9:8c:b5:7a:f8:12:6b:a0:66:fb:a0:16:5d:
ca:1b:42:8d:3a:71:3d:a5:85:48:9d:0c:e8:60:21:
dd:54:6b:04:c1:c6:7a:a2:37:c1:11:7f:6e:c2:6c:
ec:b0:c5:c2:77:6a:ef:c0:22:3c:3c:7b:e4:9b:c1:
64:0c:60:f8:db:bf:2e:97:33:6e:b3:3a:a7:10:ce:
24:15:bc:1f:68:1c:ef:b1:3f:bc:cd:0a:1c:a2:79:
e5:e3:50:b1:43:03:74:95:74:43:3f:5d:04:15:eb:
94:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B5:72:DB:80:67:E1:B3:DE:1B:7D:7C:AB:21:20:4D:BA:32:CA:5D
X509v3 Authority Key Identifier:
keyid:7D:59:65:96:36:08:9E:32:32:46:97:62:9C:21:8D:A3:8A:2B:67:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVllljYInjIyRpdinCGNo4orZz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/5LVy24Bn4bPeG318qyEgTboyyl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/fVllljYInjIyRpdinCGNo4orZz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.61.192.0/20
202.61.224.0/19
Signature Algorithm: sha256WithRSAEncryption
4b:ef:d1:fb:84:cc:02:88:30:c8:f7:4c:40:27:85:f2:27:cf:
90:53:d4:3f:fe:2e:ae:aa:e3:e4:40:7e:d4:40:6e:ce:a4:2d:
63:44:bb:79:13:54:45:0a:4a:12:5c:e2:99:2e:92:3b:57:99:
92:cd:cc:ee:53:52:83:d0:76:a3:13:43:fe:da:ff:46:71:59:
8d:a3:30:7b:f1:c4:00:14:4c:6f:ed:f9:ce:dd:5f:e9:af:e6:
f0:ba:48:8e:8a:c6:3c:23:76:7c:f8:06:7d:a7:b2:43:11:d5:
e9:0a:d8:ce:25:d5:5a:ce:6d:85:ec:cb:b4:c6:b9:23:a5:75:
08:28:62:44:b0:b7:86:50:d8:4b:e5:06:51:0b:e3:a8:3a:47:
b1:eb:ce:dd:5f:9d:21:37:2e:6e:5b:f9:06:67:dc:a0:92:a0:
e8:2f:7f:01:0e:58:b6:35:d3:6d:60:cb:b6:0f:fb:66:f7:e7:
fc:0a:6a:3d:01:ba:05:13:8d:2a:0c:ff:fb:c9:9c:f8:c4:b6:
3c:3a:0b:84:6b:78:57:92:73:59:fb:4f:65:56:73:70:cf:14:
be:e8:0e:c3:41:14:66:c7:44:a6:d4:cf:77:30:3b:b8:4c:d3:
92:03:c0:89:f4:2e:57:02:d8:fd:50:1f:20:ec:de:95:e1:18:
45:bd:97:28
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBHw/VjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU5NjU5NjM2MDg5ZTMyMzI0Njk3NjI5YzIxOGRhMzhhMmI2NzNkMB4XDTIyMDEw
MTExNTYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTRiNTcyZGI4MDY3
ZTFiM2RlMWI3ZDdjYWIyMTIwNGRiYTMyY2E1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALm6k1xMA3j+GArFJLxE9pjCDBWaaywtH5it0gspHtnvpZUN
GA1YLXEfgp5PlrZG2tATRLCKZMnZvUnhR3QsZgdQ3ecmVAzDOW51ZnaT4ndx7fMH
XhNLCWZvkbSXAhA5gLPg0pDzUJEO/rBeG1tAo6pwZHzLLfoGNnncd571Dp459F/s
FzohzrAl2vXFlUz1/btiIScbSEDZjLV6+BJroGb7oBZdyhtCjTpxPaWFSJ0M6GAh
3VRrBMHGeqI3wRF/bsJs7LDFwndq78AiPDx75JvBZAxg+Nu/LpczbrM6pxDOJBW8
H2gc77E/vM0KHKJ55eNQsUMDdJV0Qz9dBBXrlJ0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTktXLbgGfhs94bfXyrISBNujLKXTAfBgNVHSMEGDAWgBR9WWWWNgieMjJG
l2KcIY2jiitnPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWbGxsallJbmpJeVJwZGluQ0dObzRvclp6MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTMvNjUyZWYwLWFlMzAtNDViYS05OTcwLTZjMWNmNzI1ZDhmNy8x
LzVMVnkyNEJuNGJQZUczMThxeUVnVGJveXlsMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMv
NjUyZWYwLWFlMzAtNDViYS05OTcwLTZjMWNmNzI1ZDhmNy8xL2ZWbGxsallJbmpJ
eVJwZGluQ0dObzRvclp6MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBMo9wAMEBco94DANBgkqhkiG9w0B
AQsFAAOCAQEAS+/R+4TMAogwyPdMQCeF8ifPkFPUP/4urqrj5EB+1EBuzqQtY0S7
eRNURQpKElzimS6SO1eZks3M7lNSg9B2oxND/tr/RnFZjaMwe/HEABRMb+35zt1f
6a/m8LpIjorGPCN2fPgGfaeyQxHV6QrYziXVWs5thezLtMa5I6V1CChiRLC3hlDY
S+UGUQvjqDpHsevO3V+dITcublv5BmfcoJKg6C9/AQ5YtjXTbWDLtg/7Zvfn/Apq
PQG6BRONKgz/+8mc+MS2PDoLhGt4V5JzWftPZVZzcM8UvugOw0EUZsdEptTPdzA7
uEzTkgPAifQuVwLY/VAfIOzeleEYRb2XKA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:15 2025 by rpki-client