Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/VW7wPXDlrqZj1z5NR99PI2556tM.roa
File: VW7wPXDlrqZj1z5NR99PI2556tM.roa (raw, json)
Hash identifier: TzMvTtRtB3eki6GIO422StdUZY9ppgiOn/4wQ1U0qY0=
Subject key identifier: 55:6E:F0:3D:70:E5:AE:A6:63:D7:3E:4D:47:DF:4F:23:6E:79:EA:D3
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 02A4B880
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/VW7wPXDlrqZj1z5NR99PI2556tM.roa
Signing time: Fri 11 Feb 2022 13:20:06 +0000
ROA not before: Fri 11 Feb 2022 13:20:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210654
IP address blocks: 5.10.242.0/24 maxlen: 24
5.10.245.0/24 maxlen: 24
5.10.251.0/24 maxlen: 24
5.10.248.0/24 maxlen: 24
5.10.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44349568 (0x2a4b880)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 11 13:20:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=556ef03d70e5aea663d73e4d47df4f236e79ead3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:06:b8:f4:ba:06:72:f6:1d:60:f1:d8:a5:35:
f7:c3:30:80:3b:8b:bf:d9:f2:36:8b:10:5c:1a:c1:
ba:80:a1:ad:52:31:77:b8:80:31:f6:5d:12:da:9a:
04:a8:a2:18:23:96:aa:ae:4f:03:2d:fa:76:ca:dd:
c1:90:98:d1:2f:f7:cd:55:0e:3e:9f:53:45:e5:42:
73:e7:ab:c2:1b:11:85:53:ba:3a:dd:4a:f4:8f:89:
db:da:fd:9a:ab:67:46:30:54:85:9f:1a:05:ad:47:
43:5b:da:4d:0a:71:c8:7e:e9:d9:ce:cd:cf:6d:69:
fd:36:cd:4d:ac:a5:51:b0:f4:1a:ad:fd:44:eb:f3:
8e:71:7e:47:1d:75:f2:c2:a2:11:4a:18:d7:80:2f:
3c:f6:7d:8f:92:7c:c8:1f:3a:76:ba:e5:d2:0a:c1:
5c:e1:1c:01:89:05:1b:70:95:2f:82:96:b0:b2:6b:
74:79:14:f7:ae:00:d2:d9:ba:88:44:3d:53:63:d7:
c1:f2:4c:ea:09:5f:c6:28:7b:9a:31:b7:56:49:98:
e9:5b:dd:53:2a:e9:c4:e0:a2:1b:fd:40:a4:5f:aa:
a1:e5:21:36:71:cf:99:7e:80:43:92:b8:56:b2:a2:
67:48:cc:23:ef:05:ea:eb:e2:fb:fd:00:2d:45:fa:
1a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:6E:F0:3D:70:E5:AE:A6:63:D7:3E:4D:47:DF:4F:23:6E:79:EA:D3
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/VW7wPXDlrqZj1z5NR99PI2556tM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.242.0/24
5.10.245.0/24
5.10.248.0/24
5.10.251.0/24
5.10.254.0/24
Signature Algorithm: sha256WithRSAEncryption
08:07:14:33:cf:f1:85:e0:92:9b:76:b3:c1:38:39:b2:d3:63:
5e:d5:81:ad:80:46:c2:ce:87:e5:cb:c4:b5:f7:46:e1:97:e4:
92:e2:ea:74:ab:e3:4a:5b:cb:0a:d4:54:be:6d:f0:2d:4f:ff:
a5:df:65:c3:08:b4:e1:b5:3a:03:18:cd:e8:0b:a7:0a:0b:5e:
28:f0:bc:36:bc:66:b7:5c:e8:15:13:d9:ca:8d:26:e5:e3:5b:
04:dc:cd:0b:15:f5:f3:7f:30:6a:ce:d1:13:7a:f9:1a:19:37:
64:d6:fd:75:45:95:8f:0a:62:aa:6e:a5:37:f9:b9:a0:f6:47:
53:da:2d:70:b0:72:f7:48:b5:e3:ec:46:c0:16:e3:b7:bd:a8:
4b:b2:e2:5b:91:96:0b:67:13:86:c8:84:23:ce:43:44:b6:a9:
06:d3:96:73:9c:bd:98:e8:07:27:e1:de:8b:5b:62:c4:d7:35:
c4:6d:a8:65:e8:1a:00:4a:1c:31:61:10:5e:12:77:8d:f4:1c:
d5:85:db:b5:64:34:d1:1b:3e:9c:45:41:4e:a8:15:78:d2:84:
8d:bd:5c:f6:e4:06:8f:65:f8:4c:04:de:db:5c:bc:df:0d:8f:
8a:42:8b:9e:0e:56:be:fb:c5:30:7c:3a:ad:a9:73:da:37:0e:
30:9e:0c:ff
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAqS4gDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDA2YTQyYmIyNDQ2ZTUxZjE5MmVhMzc1YmRmN2VlYzVhNTFjNzdmMB4XDTIyMDIx
MTEzMjAwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTU2ZWYwM2Q3MGU1
YWVhNjYzZDczZTRkNDdkZjRmMjM2ZTc5ZWFkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYGuPS6BnL2HWDx2KU198MwgDuLv9nyNosQXBrBuoChrVIx
d7iAMfZdEtqaBKiiGCOWqq5PAy36dsrdwZCY0S/3zVUOPp9TReVCc+erwhsRhVO6
Ot1K9I+J29r9mqtnRjBUhZ8aBa1HQ1vaTQpxyH7p2c7Nz21p/TbNTaylUbD0Gq39
ROvzjnF+Rx118sKiEUoY14AvPPZ9j5J8yB86drrl0grBXOEcAYkFG3CVL4KWsLJr
dHkU964A0tm6iEQ9U2PXwfJM6glfxih7mjG3VkmY6VvdUyrpxOCiG/1ApF+qoeUh
NnHPmX6AQ5K4VrKiZ0jMI+8F6uvi+/0ALUX6GoMCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRVbvA9cOWupmPXPk1H308jbnnq0zAfBgNVHSMEGDAWgBR9BqQrskRuUfGS
6jdb337sWlHHfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZRYWtLN0pFYmxIeGt1bzNXOTktN0ZwUngzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8x
L1ZXN3dQWERscnFaajF6NU5SOTlQSTI1NTZ0TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8xL2ZRYWtLN0pFYmxI
eGt1bzNXOTktN0ZwUngzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAAUK8gMEAAUK9QMEAAUK+AMEAAUK
+wMEAAUK/jANBgkqhkiG9w0BAQsFAAOCAQEACAcUM8/xheCSm3azwTg5stNjXtWB
rYBGws6H5cvEtfdG4ZfkkuLqdKvjSlvLCtRUvm3wLU//pd9lwwi04bU6AxjN6Aun
CgteKPC8Nrxmt1zoFRPZyo0m5eNbBNzNCxX1838was7RE3r5Ghk3ZNb9dUWVjwpi
qm6lN/m5oPZHU9otcLBy90i14+xGwBbjt72oS7LiW5GWC2cThsiEI85DRLapBtOW
c5y9mOgHJ+Hei1tixNc1xG2oZegaAEocMWEQXhJ3jfQc1YXbtWQ00Rs+nEVBTqgV
eNKEjb1c9uQGj2X4TATe21y83w2PikKLng5WvvvFMHw6ralz2jcOMJ4M/w==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:04 2025 by rpki-client