Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/55_IgSJ-yWEOkTqFKdecn3W_cB8.roa
File: 55_IgSJ-yWEOkTqFKdecn3W_cB8.roa (raw, json)
Hash identifier: W74RVo26kKDmkullaePi+0ozN/TG4WK33iGPUip2Tyc=
Subject key identifier: E7:9F:C8:81:22:7E:C9:61:0E:91:3A:85:29:D7:9C:9F:75:BF:70:1F
Certificate issuer: /CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Certificate serial: 018BCA3D9DDE3438106BE2D20E5FD0105A60
Authority key identifier: F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/55_IgSJ-yWEOkTqFKdecn3W_cB8.roa
Signing time: Mon 13 Nov 2023 19:51:57 +0000
ROA not before: Mon 13 Nov 2023 19:51:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39683
IP address blocks: 5.61.96.0/21 maxlen: 24
195.189.224.0/24 maxlen: 24
195.189.224.0/23 maxlen: 23
195.189.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ca:3d:9d:de:34:38:10:6b:e2:d2:0e:5f:d0:10:5a:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Validity
Not Before: Nov 13 19:51:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e79fc881227ec9610e913a8529d79c9f75bf701f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bd:ba:59:a1:bb:92:36:d1:e9:da:85:82:3e:
26:c5:26:56:20:e4:fc:ca:4e:76:99:a3:d4:8d:42:
23:0c:47:6e:25:e5:dc:be:7c:ca:b8:e6:42:e0:27:
69:46:14:dd:26:31:ad:f3:ce:4a:63:e7:40:cf:8e:
88:80:9b:f7:e3:12:83:e7:d4:e8:da:85:10:a2:16:
4a:ba:9e:98:d6:c2:26:11:e7:58:8c:6b:b8:01:5b:
bc:12:a8:63:67:74:f4:c2:7f:e4:f2:dc:dd:15:6a:
ba:68:32:2f:39:c2:55:24:68:3b:ba:22:6a:da:b4:
cf:db:38:55:b9:a5:05:04:ff:1c:8f:8a:e3:c9:6d:
d6:50:1c:a6:12:88:45:4d:ea:ff:7d:cf:4d:89:95:
d7:4d:a9:f5:98:db:69:c7:ca:71:ab:f9:d9:32:91:
2e:59:8e:f1:e8:b5:f7:fc:47:ca:2e:c2:b3:cf:70:
69:73:37:56:0a:4c:1f:f3:f6:a2:bd:8d:5b:7a:5e:
f1:75:8e:49:e0:52:81:aa:19:b0:7c:73:24:fb:e5:
49:b2:1d:a0:a5:fe:5a:32:4f:55:4b:26:d8:73:59:
ca:31:6f:6a:5a:3e:48:33:40:76:3a:8f:89:ef:d9:
2a:6a:5d:89:f9:63:41:d7:60:23:a8:ee:7b:f6:39:
0e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:9F:C8:81:22:7E:C9:61:0E:91:3A:85:29:D7:9C:9F:75:BF:70:1F
X509v3 Authority Key Identifier:
keyid:F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/55_IgSJ-yWEOkTqFKdecn3W_cB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/8fGG6XCXyEF9lDfXDP38UnMxtag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.96.0/21
195.189.224.0/23
Signature Algorithm: sha256WithRSAEncryption
68:86:5b:16:fa:66:92:b4:f8:09:a9:18:b1:1c:c1:38:73:28:
57:2f:a6:f0:a8:09:1b:ce:ff:1f:93:77:48:53:e9:4b:3d:8b:
a4:ec:34:fc:6f:ff:b8:fb:12:d0:87:72:7e:5c:c0:e9:7a:cd:
64:dd:b0:14:e7:ac:4f:79:80:14:ca:ca:ab:97:33:c6:80:dc:
30:ce:ab:42:88:5c:86:23:d5:ab:e9:fa:2a:7c:a8:89:c1:30:
e5:25:c4:ec:27:84:b3:53:cf:75:4e:fe:d5:17:fe:ae:72:b7:
4e:94:0d:d2:59:94:74:94:9b:b7:73:13:ce:cf:cd:9b:b8:c9:
fb:c2:48:8a:de:e9:31:dc:d0:0f:3f:fa:be:d3:ce:76:bb:4a:
b5:8d:72:65:ea:b4:28:44:c9:7b:f6:6f:7a:e3:51:6d:fa:c2:
55:ba:61:2b:03:8b:27:21:0a:14:88:a9:24:01:a7:74:88:27:
fc:68:f8:46:37:8c:d0:54:a8:44:43:98:4f:d0:72:db:64:e4:
e9:d3:ee:46:31:0a:ab:1f:cf:a7:c4:b9:ed:13:d6:06:48:48:
ef:14:3c:20:4b:c3:75:00:af:69:9f:89:23:fe:9b:e3:36:50:
72:c2:40:36:a6:59:bf:cf:19:b8:c1:32:94:7a:dd:9d:0e:1e:
7e:c2:21:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvKPZ3eNDgQa+LSDl/QEFpgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZjE4NmU5NzA5N2M4NDE3ZDk0MzdkNzBjZmRmYzUyNzMz
MWI1YTgwHhcNMjMxMTEzMTk1MTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzlmYzg4MTIyN2VjOTYxMGU5MTNhODUyOWQ3OWM5Zjc1YmY3MDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr26WaG7kjbR6dqFgj4mxSZWIOT8
yk52maPUjUIjDEduJeXcvnzKuOZC4CdpRhTdJjGt885KY+dAz46IgJv34xKD59To
2oUQohZKup6Y1sImEedYjGu4AVu8EqhjZ3T0wn/k8tzdFWq6aDIvOcJVJGg7uiJq
2rTP2zhVuaUFBP8cj4rjyW3WUBymEohFTer/fc9NiZXXTan1mNtpx8pxq/nZMpEu
WY7x6LX3/EfKLsKzz3BpczdWCkwf8/aivY1bel7xdY5J4FKBqhmwfHMk++VJsh2g
pf5aMk9VSybYc1nKMW9qWj5IM0B2Oo+J79kqal2J+WNB12AjqO579jkO1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOefyIEifslhDpE6hSnXnJ91v3AfMB8GA1UdIwQY
MBaAFPHxhulwl8hBfZQ31wz9/FJzMbWoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2Mt
YjY1Y2QxMzYyNjJlLzEvNTVfSWdTSi15V0VPa1RxRktkZWNuM1dfY0I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2MtYjY1Y2QxMzYyNjJl
LzEvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBT1gAwQB
w73gMA0GCSqGSIb3DQEBCwUAA4IBAQBohlsW+maStPgJqRixHME4cyhXL6bwqAkb
zv8fk3dIU+lLPYuk7DT8b/+4+xLQh3J+XMDpes1k3bAU56xPeYAUysqrlzPGgNww
zqtCiFyGI9Wr6foqfKiJwTDlJcTsJ4SzU891Tv7VF/6ucrdOlA3SWZR0lJu3cxPO
z82buMn7wkiK3ukx3NAPP/q+0852u0q1jXJl6rQoRMl79m9641Ft+sJVumErA4sn
IQoUiKkkAad0iCf8aPhGN4zQVKhEQ5hP0HLbZOTp0+5GMQqrH8+nxLntE9YGSEjv
FDwgS8N1AK9pn4kj/pvjNlBywkA2plm/zxm4wTKUet2dDh5+wiGO
-----END CERTIFICATE-----
Generated at Tue Apr 15 08:48:55 2025 by rpki-client