Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/5JoA1Xb0TRKfSyB25EKiEKUb16E.roa
File: 5JoA1Xb0TRKfSyB25EKiEKUb16E.roa (raw, json)
Hash identifier: U7qK3/qW3j/QS/d9mHTgI/NxP5SpYiyT6SCTiRT/cKc=
Subject key identifier: E4:9A:00:D5:76:F4:4D:12:9F:4B:20:76:E4:42:A2:10:A5:1B:D7:A1
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 06EC31A4
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/5JoA1Xb0TRKfSyB25EKiEKUb16E.roa
Signing time: Sat 01 Jan 2022 01:59:24 +0000
ROA not before: Sat 01 Jan 2022 01:59:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13119
IP address blocks: 213.155.160.0/19 maxlen: 19
212.14.48.0/20 maxlen: 20
80.94.16.0/20 maxlen: 20
2001:4c5c::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116142500 (0x6ec31a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: Jan 1 01:59:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e49a00d576f44d129f4b2076e442a210a51bd7a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ba:43:df:50:e0:14:a8:39:16:70:81:cc:d1:
7a:fd:2d:08:1e:af:d4:23:77:a2:33:d1:bb:b9:0c:
31:bb:e9:cb:0e:04:51:23:16:69:c3:82:38:5c:fb:
48:cc:25:ec:ce:e2:c3:f8:a3:7a:53:70:77:b7:43:
90:26:6a:67:dc:36:6b:90:31:8e:dd:07:51:3e:93:
ef:cc:71:f5:dc:0d:d7:e9:7d:8e:e3:3f:9a:26:2c:
c4:0e:7a:bf:3c:0a:a3:1b:c2:16:72:87:1a:6b:15:
db:d6:51:00:e9:c8:76:98:26:5a:71:c4:23:8d:7c:
66:b2:b1:c2:eb:ab:98:cc:40:d3:8b:08:57:c1:e6:
da:5a:fa:4c:d0:b9:5c:af:44:e9:f1:f3:82:b6:da:
eb:09:db:bd:75:45:f5:d9:2d:60:78:8e:ec:b0:56:
fe:0f:30:cd:ce:e6:aa:26:40:b6:e7:85:94:a0:fc:
79:4c:a8:98:a7:ee:64:c6:95:8e:32:f9:3c:d7:3f:
49:51:12:2c:b0:14:27:fb:c5:c2:ef:f3:de:ad:67:
95:f3:ac:3e:3d:7f:84:a5:56:eb:b4:4e:92:fc:d5:
20:8c:30:4c:ac:f4:d8:4f:6e:69:40:2f:d0:ba:f8:
65:d0:1c:a9:97:bb:a5:fb:19:38:1f:4e:33:d9:a0:
2f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9A:00:D5:76:F4:4D:12:9F:4B:20:76:E4:42:A2:10:A5:1B:D7:A1
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/5JoA1Xb0TRKfSyB25EKiEKUb16E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.16.0/20
212.14.48.0/20
213.155.160.0/19
IPv6:
2001:4c5c::/30
Signature Algorithm: sha256WithRSAEncryption
80:d5:2e:ce:0c:89:2e:c4:dc:10:a5:98:cb:90:03:42:55:82:
d6:05:78:19:94:2c:32:4c:13:4e:49:02:52:8d:4a:74:27:6e:
d9:1e:c8:67:e9:de:54:02:4f:41:e1:2e:e0:62:6c:35:a3:83:
fc:d9:21:e7:d9:cd:b5:d7:e3:f2:40:a0:70:f0:c9:62:d2:0e:
1e:7d:ec:84:33:c9:c2:14:bf:1d:69:dd:fb:b5:19:28:5d:96:
18:20:8c:e3:6e:52:2d:eb:c0:4b:ab:99:2e:ad:1d:04:7a:99:
6a:f3:d3:2d:40:72:3c:50:a2:4e:d3:23:14:7a:33:8a:ab:19:
61:92:ad:88:d8:b4:88:fb:e4:ef:03:05:82:dd:fe:d4:60:64:
ec:13:2f:3d:9c:37:4b:7a:ad:f1:6d:07:a8:5b:38:31:a9:de:
82:74:59:37:b8:f0:cc:c5:a1:a5:e3:7f:9d:1e:11:d4:8b:47:
d8:92:e6:d7:88:b2:b0:e3:18:e3:66:18:3f:11:64:b5:87:ab:
9b:52:69:69:47:b9:b5:8d:c9:02:3d:c2:20:e7:de:cd:5f:35:
3e:b2:a2:1e:da:ba:0c:2e:4f:3f:ad:18:75:ce:07:1d:66:2e:
0e:6d:58:e0:0a:37:68:16:44:a4:82:e8:33:52:51:f0:cc:3b:
91:e3:83:6b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBuwxpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWM2NGRjMjFjYjVmZDRkMGJjYjAyY2MyYjQzZmQ3NTFmZDkxZTFlMB4XDTIyMDEw
MTAxNTkyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQ5YTAwZDU3NmY0
NGQxMjlmNGIyMDc2ZTQ0MmEyMTBhNTFiZDdhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALe6Q99Q4BSoORZwgczRev0tCB6v1CN3ojPRu7kMMbvpyw4E
USMWacOCOFz7SMwl7M7iw/ijelNwd7dDkCZqZ9w2a5Axjt0HUT6T78xx9dwN1+l9
juM/miYsxA56vzwKoxvCFnKHGmsV29ZRAOnIdpgmWnHEI418ZrKxwuurmMxA04sI
V8Hm2lr6TNC5XK9E6fHzgrba6wnbvXVF9dktYHiO7LBW/g8wzc7mqiZAtueFlKD8
eUyomKfuZMaVjjL5PNc/SVESLLAUJ/vFwu/z3q1nlfOsPj1/hKVW67ROkvzVIIww
TKz02E9uaUAv0Lr4ZdAcqZe7pfsZOB9OM9mgL8sCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTkmgDVdvRNEp9LIHbkQqIQpRvXoTAfBgNVHSMEGDAWgBQqxk3CHLX9TQvL
AswrQ/11H9keHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzWk53aHkxX1UwTHl3TE1LMFA5ZFJfWkhoNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvZGUxZGI0LWVjNzgtNGU0MS05NTcwLTA5N2MzYzFjMjU0MC8x
LzVKb0ExWGIwVFJLZlN5QjI1RUtpRUtVYjE2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
ZGUxZGI0LWVjNzgtNGU0MS05NTcwLTA5N2MzYzFjMjU0MC8xL0tzWk53aHkxX1Uw
THl3TE1LMFA5ZFJfWkhoNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBFBeEAMEBNQOMAMEBdWboDANBAIA
AjAHAwUCIAFMXDANBgkqhkiG9w0BAQsFAAOCAQEAgNUuzgyJLsTcEKWYy5ADQlWC
1gV4GZQsMkwTTkkCUo1KdCdu2R7IZ+neVAJPQeEu4GJsNaOD/Nkh59nNtdfj8kCg
cPDJYtIOHn3shDPJwhS/HWnd+7UZKF2WGCCM425SLevAS6uZLq0dBHqZavPTLUBy
PFCiTtMjFHoziqsZYZKtiNi0iPvk7wMFgt3+1GBk7BMvPZw3S3qt8W0HqFs4Mane
gnRZN7jwzMWhpeN/nR4R1ItH2JLm14iysOMY42YYPxFktYerm1JpaUe5tY3JAj3C
IOfezV81PrKiHtq6DC5PP60Ydc4HHWYuDm1Y4Ao3aBZEpILoM1JR8Mw7keODaw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:50 2025 by rpki-client