Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/hS0YfhiTJc1p5wwut4PPfGhj9TA.roa
File: hS0YfhiTJc1p5wwut4PPfGhj9TA.roa (raw, json)
Hash identifier: DERH80PMNnS9BR2g1r12Ef6Ub/RVeb0c1ZtGgijCVJY=
Subject key identifier: 85:2D:18:7E:18:93:25:CD:69:E7:0C:2E:B7:83:CF:7C:68:63:F5:30
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 0185719E895BCD27F4D5A89B1FD4E0B8F0F8
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/hS0YfhiTJc1p5wwut4PPfGhj9TA.roa
Signing time: Mon 02 Jan 2023 08:34:53 +0000
ROA not before: Mon 02 Jan 2023 08:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209835
IP address blocks: 158.172.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:89:5b:cd:27:f4:d5:a8:9b:1f:d4:e0:b8:f0:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 2 08:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=852d187e189325cd69e70c2eb783cf7c6863f530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:cb:89:5a:f0:98:68:d3:09:1d:0c:dc:9c:75:
d1:7f:6a:ce:17:6c:45:20:f8:be:04:af:17:b6:78:
39:74:b8:b2:e9:95:7d:69:db:8a:d3:ef:86:89:fd:
a9:1d:d9:aa:8e:8c:6a:d5:3b:f5:08:22:2d:f0:ba:
5c:95:c1:46:53:5a:51:f0:ac:07:e8:d9:1f:5c:cf:
bb:a4:ad:58:19:0d:9c:bd:95:12:91:5a:e7:6c:e6:
fe:eb:29:ff:ef:ed:60:39:3f:00:b1:b3:9f:76:b5:
1d:64:a5:a6:24:4b:86:dc:db:56:3d:cd:59:3f:95:
cf:b5:94:1b:9d:55:78:53:08:ee:30:1f:c1:2d:75:
58:53:c0:78:f0:7d:39:65:82:03:bc:37:9c:e4:52:
f7:e3:fa:fe:e9:fb:24:fd:27:25:31:e5:cb:28:8c:
3d:4d:0f:30:40:8f:fa:46:88:a7:da:f8:76:c7:64:
dd:46:a9:c9:9e:22:fc:10:cb:84:a8:3f:c5:c6:b3:
fa:99:bb:ec:78:bb:79:ba:89:6e:1b:13:8f:31:2b:
9f:79:0e:ae:ab:2e:14:be:57:3b:a2:ae:0e:60:a8:
82:67:a7:ad:a7:5f:ce:e7:0d:0c:8a:2e:f4:e2:78:
4b:a0:de:2b:a7:4a:60:e9:9c:35:51:2f:ca:3b:f9:
29:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2D:18:7E:18:93:25:CD:69:E7:0C:2E:B7:83:CF:7C:68:63:F5:30
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/hS0YfhiTJc1p5wwut4PPfGhj9TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.143.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:15:7a:f1:b2:67:88:1c:83:b7:9d:67:fd:18:d9:ed:8d:65:
7d:19:27:ac:f7:32:87:e5:b7:4a:1a:e1:87:1c:2a:2e:b6:3a:
3b:f1:18:e0:f6:66:5f:ba:4c:f3:10:fe:94:2f:d0:42:49:42:
68:8a:46:8f:d3:f7:d3:07:fc:45:a3:84:4e:31:86:7d:45:40:
dc:ba:20:0e:30:dd:6f:9f:30:2d:e4:bd:08:eb:45:63:1e:ba:
44:cb:46:ea:b6:11:7a:2b:ca:ad:2a:6b:cb:ac:83:0b:5d:26:
04:a8:35:62:99:c1:43:ea:93:9b:0c:46:e2:53:1e:5a:f2:e4:
c8:47:00:56:e3:99:a3:95:48:7f:b8:aa:fc:71:db:df:e7:c8:
8a:1c:e7:1f:60:b9:2b:b9:79:a7:0a:ec:2e:bc:57:d1:b4:ef:
67:da:e9:5f:51:97:4c:b1:b7:54:96:0d:e5:13:03:7b:ca:3b:
fe:4d:21:3e:9b:60:d5:2d:76:bf:79:7f:ff:d6:f6:74:3f:b0:
40:c4:f1:56:ae:8a:16:41:fa:a1:d8:fd:e6:0b:17:9f:8b:87:
9a:5c:67:d1:b6:8b:02:f0:0e:c6:f9:0f:d3:43:f8:a8:ec:99:
ea:08:40:46:81:46:f0:22:4e:72:6c:1f:7b:bc:f2:f0:f7:64:
d7:f7:04:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxnolbzSf01aibH9TguPD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjMwMTAyMDgzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJkMTg3ZTE4OTMyNWNkNjllNzBjMmViNzgzY2Y3YzY4NjNmNTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8uJWvCYaNMJHQzcnHXRf2rOF2xF
IPi+BK8Xtng5dLiy6ZV9aduK0++Gif2pHdmqjoxq1Tv1CCIt8LpclcFGU1pR8KwH
6NkfXM+7pK1YGQ2cvZUSkVrnbOb+6yn/7+1gOT8AsbOfdrUdZKWmJEuG3NtWPc1Z
P5XPtZQbnVV4UwjuMB/BLXVYU8B48H05ZYIDvDec5FL34/r+6fsk/SclMeXLKIw9
TQ8wQI/6Roin2vh2x2TdRqnJniL8EMuEqD/FxrP6mbvseLt5uoluGxOPMSufeQ6u
qy4Uvlc7oq4OYKiCZ6etp1/O5w0Mii704nhLoN4rp0pg6Zw1US/KO/kpbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUtGH4YkyXNaecMLreDz3xoY/UwMB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvaFMwWWZoaVRKYzFwNXd3dXQ0UFBmR2hqOVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnqyPMA0G
CSqGSIb3DQEBCwUAA4IBAQBNFXrxsmeIHIO3nWf9GNntjWV9GSes9zKH5bdKGuGH
HCoutjo78Rjg9mZfukzzEP6UL9BCSUJoikaP0/fTB/xFo4ROMYZ9RUDcuiAOMN1v
nzAt5L0I60VjHrpEy0bqthF6K8qtKmvLrIMLXSYEqDVimcFD6pObDEbiUx5a8uTI
RwBW45mjlUh/uKr8cdvf58iKHOcfYLkruXmnCuwuvFfRtO9n2ulfUZdMsbdUlg3l
EwN7yjv+TSE+m2DVLXa/eX//1vZ0P7BAxPFWrooWQfqh2P3mCxefi4eaXGfRtosC
8A7G+Q/TQ/io7JnqCEBGgUbwIk5ybB97vPLw92TX9wTO
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:29 2025 by rpki-client