Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/1NT515Mp47i_Jsp4NYlHRFXaWpY.roa
File: 1NT515Mp47i_Jsp4NYlHRFXaWpY.roa (raw, json)
Hash identifier: duV5CFsIx9RZdpOYuf7cJ3Kwl2abpPELNtE9+dJB7Ao=
Subject key identifier: D4:D4:F9:D7:93:29:E3:B8:BF:26:CA:78:35:89:47:44:55:DA:5A:96
Certificate issuer: /CN=846d45225cf0d4fa9c65aee88861d2261203ad00
Certificate serial: 01BDDABB
Authority key identifier: 84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/1NT515Mp47i_Jsp4NYlHRFXaWpY.roa
Signing time: Sat 01 Jan 2022 10:01:45 +0000
ROA not before: Sat 01 Jan 2022 10:01:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209135
IP address blocks: 5.180.198.0/24 maxlen: 24
5.180.196.0/23 maxlen: 23
5.180.196.0/22 maxlen: 24
2a0b:2d40:c10a::/48 maxlen: 48
2a0b:2d40::/32 maxlen: 48
2a0b:2d40::/48 maxlen: 48
2a0b:2d40:bac3::/48 maxlen: 48
2a0b:2d40:eeee::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29219515 (0x1bddabb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=846d45225cf0d4fa9c65aee88861d2261203ad00
Validity
Not Before: Jan 1 10:01:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4d4f9d79329e3b8bf26ca783589474455da5a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:00:8e:0b:1c:b2:41:56:66:2f:a9:a5:5c:d1:
f4:15:ad:cb:2f:bd:e5:1e:71:26:35:8a:f8:c1:03:
11:81:7d:59:41:13:76:5b:98:e0:28:85:b0:d2:b1:
95:40:2b:12:8a:24:28:cb:b1:04:20:97:c8:e9:6a:
3c:b0:cc:70:d7:b9:41:5c:14:63:1a:dc:a4:9a:d7:
47:5f:23:b8:35:5e:0a:ef:5f:b5:b0:45:3c:0d:5f:
7e:6a:ca:f2:87:92:85:dd:f0:5a:2a:0c:3d:05:60:
11:57:68:1d:8d:62:e3:a0:0d:8a:73:c4:09:fe:88:
5b:d3:fb:90:4b:47:e4:89:1f:d9:07:37:d5:81:42:
14:a4:bd:f9:ea:49:b9:ee:47:08:1e:9b:30:70:6c:
70:fd:8e:c1:4b:c6:e5:9f:10:92:96:ed:96:d6:39:
3f:73:aa:3e:e3:83:da:47:fb:a4:a3:23:b7:66:84:
c1:7b:82:87:80:81:90:06:5f:a8:80:56:80:45:ae:
6d:23:b1:33:f9:c0:e9:80:4e:57:a8:28:00:86:b5:
7a:79:3b:9c:f0:9a:f7:08:39:85:36:a0:e4:04:47:
81:0d:46:5d:9e:84:cb:ae:71:fa:9b:9f:9b:79:38:
8a:c6:0f:bc:cf:3d:ed:e1:90:dc:18:36:97:76:55:
65:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D4:F9:D7:93:29:E3:B8:BF:26:CA:78:35:89:47:44:55:DA:5A:96
X509v3 Authority Key Identifier:
keyid:84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/1NT515Mp47i_Jsp4NYlHRFXaWpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.196.0/22
IPv6:
2a0b:2d40::/32
Signature Algorithm: sha256WithRSAEncryption
93:a2:36:17:95:39:b4:c8:97:30:5b:92:7f:84:94:3b:a7:51:
a5:1e:28:eb:d1:bd:21:c9:da:ba:f2:16:3b:60:b2:9c:4b:9b:
5a:d5:45:59:08:9d:46:d7:c0:87:8b:4b:29:5c:f5:09:43:e2:
c3:78:df:63:4b:df:e7:75:25:11:af:84:7d:7f:ba:69:45:b7:
6f:90:c9:58:c7:8a:0a:eb:8c:d5:d7:ba:bd:4b:34:87:26:52:
91:c7:f6:60:b9:23:df:29:a1:8d:cf:f0:ff:4c:ec:3c:92:9b:
9f:73:42:c4:7b:62:c5:35:49:77:69:7f:24:ac:81:e1:34:12:
43:cf:07:b6:68:9d:61:2a:ba:d3:46:c5:b2:13:55:e0:9d:cc:
d0:b1:3b:f5:5b:a3:02:ba:d8:c4:5e:03:a6:fb:fe:a9:78:e1:
9c:aa:11:9b:64:37:71:ea:a2:8e:7c:4e:35:f5:51:8d:25:5a:
6f:32:77:f3:be:44:69:4c:38:29:70:53:33:17:f6:54:a6:dc:
b2:1d:1d:ca:ed:35:c7:fe:2b:ce:d7:71:94:c9:77:f3:c3:60:
35:75:68:61:38:a3:d2:7f:49:0c:ef:b0:fc:e5:16:12:6b:e2:
c0:f4:b6:13:12:32:cb:1c:3d:a0:70:79:91:70:a8:5b:c3:28:
b1:1b:b6:1e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAb3auzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NDZkNDUyMjVjZjBkNGZhOWM2NWFlZTg4ODYxZDIyNjEyMDNhZDAwMB4XDTIyMDEw
MTEwMDE0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDRkNGY5ZDc5MzI5
ZTNiOGJmMjZjYTc4MzU4OTQ3NDQ1NWRhNWE5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMoAjgscskFWZi+ppVzR9BWtyy+95R5xJjWK+MEDEYF9WUET
dluY4CiFsNKxlUArEookKMuxBCCXyOlqPLDMcNe5QVwUYxrcpJrXR18juDVeCu9f
tbBFPA1ffmrK8oeShd3wWioMPQVgEVdoHY1i46ANinPECf6IW9P7kEtH5Ikf2Qc3
1YFCFKS9+epJue5HCB6bMHBscP2OwUvG5Z8QkpbtltY5P3OqPuOD2kf7pKMjt2aE
wXuCh4CBkAZfqIBWgEWubSOxM/nA6YBOV6goAIa1enk7nPCa9wg5hTag5ARHgQ1G
XZ6Ey65x+pufm3k4isYPvM897eGQ3Bg2l3ZVZbkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTU1PnXkynjuL8myng1iUdEVdpaljAfBgNVHSMEGDAWgBSEbUUiXPDU+pxl
ruiIYdImEgOtADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hHMUZJbHp3MVBxY1phN29pR0hTSmhJRHJRQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvMTYzZjRiLWRlNTktNDg3YS05MTEwLTQ2MzUzMTA0NmM3Zi8x
LzFOVDUxNU1wNDdpX0pzcDROWWxIUkZYYVdwWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
MTYzZjRiLWRlNTktNDg3YS05MTEwLTQ2MzUzMTA0NmM3Zi8xL2hHMUZJbHp3MVBx
Y1phN29pR0hTSmhJRHJRQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAgW0xDANBAIAAjAHAwUAKgstQDAN
BgkqhkiG9w0BAQsFAAOCAQEAk6I2F5U5tMiXMFuSf4SUO6dRpR4o69G9IcnauvIW
O2CynEubWtVFWQidRtfAh4tLKVz1CUPiw3jfY0vf53UlEa+EfX+6aUW3b5DJWMeK
CuuM1de6vUs0hyZSkcf2YLkj3ymhjc/w/0zsPJKbn3NCxHtixTVJd2l/JKyB4TQS
Q88HtmidYSq600bFshNV4J3M0LE79VujArrYxF4Dpvv+qXjhnKoRm2Q3ceqijnxO
NfVRjSVabzJ3875EaUw4KXBTMxf2VKbcsh0dyu01x/4rztdxlMl388NgNXVoYTij
0n9JDO+w/OUWEmviwPS2ExIyyxw9oHB5kXCoW8MosRu2Hg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:15 2025 by rpki-client