Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/0b951a-8e6c-4445-9c2d-9f00c72620f6/1/h0Fr470wpJ3o64urtwXipXWWlPg.roa
File: h0Fr470wpJ3o64urtwXipXWWlPg.roa (raw, json)
Hash identifier: SJlM0TlKwTehwzu6FAkBcYTvzxvTJgi47tm/MaMS0Ko=
Subject key identifier: 87:41:6B:E3:BD:30:A4:9D:E8:EB:8B:AB:B7:05:E2:A5:75:96:94:F8
Certificate issuer: /CN=bc663667973238b184d9eefd36bbf3810ba4b6d9
Certificate serial: 01847AE9F70DE9B4096FE77AEC6861DBDBB0
Authority key identifier: BC:66:36:67:97:32:38:B1:84:D9:EE:FD:36:BB:F3:81:0B:A4:B6:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vGY2Z5cyOLGE2e79NrvzgQukttk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/0b951a-8e6c-4445-9c2d-9f00c72620f6/1/h0Fr470wpJ3o64urtwXipXWWlPg.roa
Signing time: Tue 15 Nov 2022 10:51:04 +0000
ROA not before: Tue 15 Nov 2022 10:51:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198608
IP address blocks: 5.57.48.0/21 maxlen: 21
185.168.244.0/22 maxlen: 22
2a01:4c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:e9:f7:0d:e9:b4:09:6f:e7:7a:ec:68:61:db:db:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc663667973238b184d9eefd36bbf3810ba4b6d9
Validity
Not Before: Nov 15 10:51:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87416be3bd30a49de8eb8babb705e2a5759694f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:62:9b:0a:06:9a:c9:a8:a8:52:98:95:6c:88:
b9:90:30:87:1b:ca:19:7e:7d:43:cb:e8:1a:a7:9d:
02:bd:2e:88:33:a1:69:4e:ac:c0:78:ab:38:62:cd:
b2:c4:76:50:d6:19:c7:af:1c:ba:54:d2:b2:96:4a:
ac:18:f8:89:2a:2b:6c:38:cb:c2:8d:4f:a3:70:15:
33:97:96:db:a3:5e:aa:21:65:0e:64:cd:fb:22:6a:
3b:38:f0:e4:f8:32:c7:45:94:60:be:d7:a5:63:f3:
36:79:32:92:b5:bc:21:12:d9:f6:d9:a8:90:6f:66:
b9:38:f5:3a:9f:0e:e2:71:74:b7:00:65:a4:52:65:
c8:ac:53:d7:ee:3d:93:d3:4a:a7:ee:47:2d:d7:f7:
d6:3c:4e:7b:46:8e:33:ac:20:64:3c:db:03:be:12:
d5:02:03:03:00:2d:1b:32:ed:4a:04:21:12:39:7c:
15:18:cd:0f:60:38:44:1c:b2:1b:f7:96:aa:cc:17:
c7:c0:46:ed:54:d5:b7:3d:84:56:6a:c1:36:0c:d1:
5a:e4:8f:59:83:e4:e8:e5:2b:8c:8a:77:c1:28:06:
64:9c:b2:42:ac:5a:a8:e0:5c:a3:00:9b:5b:e7:64:
ce:09:dc:42:17:74:b9:ff:d1:b3:01:4a:e6:75:99:
16:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:41:6B:E3:BD:30:A4:9D:E8:EB:8B:AB:B7:05:E2:A5:75:96:94:F8
X509v3 Authority Key Identifier:
keyid:BC:66:36:67:97:32:38:B1:84:D9:EE:FD:36:BB:F3:81:0B:A4:B6:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vGY2Z5cyOLGE2e79NrvzgQukttk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/0b951a-8e6c-4445-9c2d-9f00c72620f6/1/h0Fr470wpJ3o64urtwXipXWWlPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/0b951a-8e6c-4445-9c2d-9f00c72620f6/1/vGY2Z5cyOLGE2e79NrvzgQukttk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.48.0/21
185.168.244.0/22
IPv6:
2a01:4c40::/32
Signature Algorithm: sha256WithRSAEncryption
28:52:a2:45:e1:64:26:1f:bc:b7:22:8c:2f:5e:26:ff:55:6d:
17:e2:3d:34:e5:15:8c:56:fe:2e:d7:05:6a:c2:e6:db:28:25:
33:0d:69:02:56:a4:04:c7:51:f5:0c:ae:8d:96:70:60:77:56:
2b:51:ac:eb:58:5f:3b:83:d5:14:5f:fd:26:0b:8f:7b:b1:c2:
92:45:ea:f7:89:bb:a7:ce:e6:fc:f2:76:cc:93:db:3c:79:a4:
28:90:a3:bd:83:64:b7:3e:05:8b:55:84:14:2a:30:bc:5d:53:
a2:03:2b:d0:7f:26:6f:da:99:c7:8f:55:6a:1f:6d:c7:7a:bb:
6d:90:92:38:e2:0d:38:96:b4:be:bf:86:e5:c5:c7:6b:c3:1e:
01:7a:89:a5:9c:37:ad:bd:a2:f2:76:d2:13:1b:bd:3a:c9:2f:
5c:85:6c:ca:eb:92:af:ed:d9:82:7f:58:76:5e:c1:6f:52:57:
d9:1d:4c:e2:70:a4:fc:4a:46:1a:86:17:38:bc:c4:63:9a:11:
ad:6e:ee:94:aa:86:6f:e8:3f:f5:f5:fd:79:09:98:f3:7a:d7:
d2:91:10:e6:90:f6:28:55:c3:9f:7c:9d:0a:4b:29:38:20:d6:
5c:48:2f:ec:90:2b:a2:11:11:59:1c:67:0e:67:03:63:aa:5f:
ba:b6:73:96
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYR66fcN6bQJb+d67Ghh29uwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNjYzNjY3OTczMjM4YjE4NGQ5ZWVmZDM2YmJmMzgxMGJh
NGI2ZDkwHhcNMjIxMTE1MTA1MTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQxNmJlM2JkMzBhNDlkZThlYjhiYWJiNzA1ZTJhNTc1OTY5NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmKbCgaayaioUpiVbIi5kDCHG8oZ
fn1Dy+gap50CvS6IM6FpTqzAeKs4Ys2yxHZQ1hnHrxy6VNKylkqsGPiJKitsOMvC
jU+jcBUzl5bbo16qIWUOZM37Imo7OPDk+DLHRZRgvtelY/M2eTKStbwhEtn22aiQ
b2a5OPU6nw7icXS3AGWkUmXIrFPX7j2T00qn7kct1/fWPE57Ro4zrCBkPNsDvhLV
AgMDAC0bMu1KBCESOXwVGM0PYDhEHLIb95aqzBfHwEbtVNW3PYRWasE2DNFa5I9Z
g+To5SuMinfBKAZknLJCrFqo4FyjAJtb52TOCdxCF3S5/9GzAUrmdZkWuwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIdBa+O9MKSd6OuLq7cF4qV1lpT4MB8GA1UdIwQY
MBaAFLxmNmeXMjixhNnu/Ta784ELpLbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkdZMlo1Y3lPTEdFMmU3OU5ydnpnUXVrdHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8wYjk1MWEtOGU2Yy00NDQ1LTljMmQt
OWYwMGM3MjYyMGY2LzEvaDBGcjQ3MHdwSjNvNjR1cnR3WGlwWFdXbFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8wYjk1MWEtOGU2Yy00NDQ1LTljMmQtOWYwMGM3MjYyMGY2
LzEvdkdZMlo1Y3lPTEdFMmU3OU5ydnpnUXVrdHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBTkwAwQC
uaj0MA0EAgACMAcDBQAqAUxAMA0GCSqGSIb3DQEBCwUAA4IBAQAoUqJF4WQmH7y3
IowvXib/VW0X4j005RWMVv4u1wVqwubbKCUzDWkCVqQEx1H1DK6NlnBgd1YrUazr
WF87g9UUX/0mC497scKSRer3ibunzub88nbMk9s8eaQokKO9g2S3PgWLVYQUKjC8
XVOiAyvQfyZv2pnHj1VqH23HerttkJI44g04lrS+v4blxcdrwx4BeomlnDetvaLy
dtITG706yS9chWzK65Kv7dmCf1h2XsFvUlfZHUzicKT8SkYahhc4vMRjmhGtbu6U
qoZv6D/19f15CZjzetfSkRDmkPYoVcOffJ0KSyk4INZcSC/skCuiERFZHGcOZwNj
ql+6tnOW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:02 2025 by rpki-client