Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/722703-06a7-4fbd-930f-2422abf342ac/1/hXwOiXyMeYri6q_1GY30kBVnjXg.roa
File: hXwOiXyMeYri6q_1GY30kBVnjXg.roa (raw, json)
Hash identifier: vAM4fifg5p2Oi1Fhu7p5uPQvDozaeSHtkHPNT155J20=
Subject key identifier: 85:7C:0E:89:7C:8C:79:8A:E2:EA:AF:F5:19:8D:F4:90:15:67:8D:78
Certificate issuer: /CN=5e7ceb9c931cb1795e227ae2c86475513ae4915c
Certificate serial: 0185720C43231B859BF8B9B9E2B0FB73F475
Authority key identifier: 5E:7C:EB:9C:93:1C:B1:79:5E:22:7A:E2:C8:64:75:51:3A:E4:91:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XnzrnJMcsXleInriyGR1UTrkkVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/722703-06a7-4fbd-930f-2422abf342ac/1/hXwOiXyMeYri6q_1GY30kBVnjXg.roa
Signing time: Mon 02 Jan 2023 10:34:44 +0000
ROA not before: Mon 02 Jan 2023 10:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49597
IP address blocks: 185.165.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:43:23:1b:85:9b:f8:b9:b9:e2:b0:fb:73:f4:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e7ceb9c931cb1795e227ae2c86475513ae4915c
Validity
Not Before: Jan 2 10:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=857c0e897c8c798ae2eaaff5198df49015678d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:89:dd:1d:61:c0:aa:ce:55:af:20:6c:5d:6e:
97:f1:c8:29:b0:db:ec:d9:61:f5:0f:a2:49:da:cd:
3a:3a:35:f2:0c:6a:13:8a:a0:d4:82:06:f5:93:5d:
33:a8:7d:72:f5:dc:a3:15:ba:f9:c7:51:06:af:55:
ce:0f:82:3f:9b:c1:6d:a7:14:dc:8f:7b:61:22:22:
aa:57:4a:d1:6c:9f:18:cf:eb:3c:dc:3b:74:23:ed:
a9:66:67:0b:f8:49:e5:89:4d:08:6c:6f:f2:61:df:
25:4d:da:84:17:9a:fe:bb:41:33:4c:68:f5:3c:47:
c9:39:b6:5a:86:d8:28:06:10:27:2e:89:62:ef:83:
3a:0a:97:15:94:e1:1e:32:9b:80:dd:d2:31:c5:a2:
12:7e:4b:17:5c:03:da:5f:58:50:63:91:85:ba:cf:
e5:2a:18:95:19:fa:25:19:4a:d0:70:44:2b:f4:96:
78:c8:d4:f3:da:81:b0:b2:97:76:85:66:b4:ee:5b:
c6:e2:cb:40:6d:0c:c7:b7:c2:7f:ec:34:f1:d7:b7:
a5:5d:3c:81:b9:de:46:20:45:b7:88:9b:ee:f8:6b:
5e:2e:89:49:0f:e9:ed:ab:2d:5a:27:a2:0b:f7:4e:
45:b0:a8:0f:6f:ad:88:03:57:ea:3d:33:6d:d1:4f:
70:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:7C:0E:89:7C:8C:79:8A:E2:EA:AF:F5:19:8D:F4:90:15:67:8D:78
X509v3 Authority Key Identifier:
keyid:5E:7C:EB:9C:93:1C:B1:79:5E:22:7A:E2:C8:64:75:51:3A:E4:91:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XnzrnJMcsXleInriyGR1UTrkkVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/722703-06a7-4fbd-930f-2422abf342ac/1/hXwOiXyMeYri6q_1GY30kBVnjXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/722703-06a7-4fbd-930f-2422abf342ac/1/XnzrnJMcsXleInriyGR1UTrkkVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.56.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:aa:75:b3:f8:28:9e:ea:0b:de:89:97:ff:9c:0b:77:27:e2:
12:75:1a:28:a7:39:02:46:92:fa:97:18:e8:83:11:13:82:a9:
d8:2b:95:81:47:4c:d6:4e:6e:41:c3:d2:24:67:ce:f3:24:0d:
3d:02:6f:9c:38:2a:21:a5:6f:d6:43:b2:63:ba:f6:c2:1c:93:
bb:bc:b2:fc:29:f3:60:73:4d:7c:d6:32:a0:02:5d:de:85:f0:
0a:b7:8a:c2:e3:ff:32:cf:ba:64:c0:33:fb:df:44:47:80:f9:
88:f3:95:bc:b6:ec:39:50:1c:be:b9:48:59:3c:f0:c2:21:7d:
e5:18:b6:f1:56:b6:73:a2:b5:bd:a1:63:aa:25:d2:bc:2c:73:
9e:8d:e8:7f:58:e1:05:8a:8a:93:da:24:23:ba:22:bf:76:ce:
6d:79:bb:32:18:c7:e7:3d:9e:82:51:a6:9e:7d:75:b6:ac:51:
89:7f:25:f8:e0:1f:e3:51:57:3a:9e:f4:f8:a6:d2:92:fa:47:
79:ba:f2:6a:db:68:6d:75:36:d7:7c:06:cd:c9:5f:14:25:3e:
a7:6a:50:a3:a9:b5:9c:ea:fb:fc:ec:db:ab:1d:0a:64:f6:58:
59:f6:cd:41:7c:d6:52:61:7c:55:3a:59:bc:ea:ac:e3:d8:6d:
a6:a7:8c:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDEMjG4Wb+Lm54rD7c/R1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlN2NlYjljOTMxY2IxNzk1ZTIyN2FlMmM4NjQ3NTUxM2Fl
NDkxNWMwHhcNMjMwMTAyMTAzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTdjMGU4OTdjOGM3OThhZTJlYWFmZjUxOThkZjQ5MDE1Njc4ZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIndHWHAqs5VryBsXW6X8cgpsNvs
2WH1D6JJ2s06OjXyDGoTiqDUggb1k10zqH1y9dyjFbr5x1EGr1XOD4I/m8FtpxTc
j3thIiKqV0rRbJ8Yz+s83Dt0I+2pZmcL+EnliU0IbG/yYd8lTdqEF5r+u0EzTGj1
PEfJObZahtgoBhAnLoli74M6CpcVlOEeMpuA3dIxxaISfksXXAPaX1hQY5GFus/l
KhiVGfolGUrQcEQr9JZ4yNTz2oGwspd2hWa07lvG4stAbQzHt8J/7DTx17elXTyB
ud5GIEW3iJvu+GteLolJD+ntqy1aJ6IL905FsKgPb62IA1fqPTNt0U9wNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIV8Dol8jHmK4uqv9RmN9JAVZ414MB8GA1UdIwQY
MBaAFF5865yTHLF5XiJ64shkdVE65JFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG56cm5KTWNzWGxlSW5yaXlHUjFVVHJra1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjI3MDMtMDZhNy00ZmJkLTkzMGYt
MjQyMmFiZjM0MmFjLzEvaFh3T2lYeU1lWXJpNnFfMUdZMzBrQlZualhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjI3MDMtMDZhNy00ZmJkLTkzMGYtMjQyMmFiZjM0MmFj
LzEvWG56cm5KTWNzWGxlSW5yaXlHUjFVVHJra1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaU4MA0G
CSqGSIb3DQEBCwUAA4IBAQAvqnWz+Cie6gveiZf/nAt3J+ISdRoopzkCRpL6lxjo
gxETgqnYK5WBR0zWTm5Bw9IkZ87zJA09Am+cOCohpW/WQ7JjuvbCHJO7vLL8KfNg
c0181jKgAl3ehfAKt4rC4/8yz7pkwDP730RHgPmI85W8tuw5UBy+uUhZPPDCIX3l
GLbxVrZzorW9oWOqJdK8LHOejeh/WOEFioqT2iQjuiK/ds5tebsyGMfnPZ6CUaae
fXW2rFGJfyX44B/jUVc6nvT4ptKS+kd5uvJq22htdTbXfAbNyV8UJT6nalCjqbWc
6vv87NurHQpk9lhZ9s1BfNZSYXxVOlm86qzj2G2mp4zU
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:32:52 2025 by rpki-client