Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/sdKrHDsFb-U8FIsV55D_NKM93Qs.roa
File: sdKrHDsFb-U8FIsV55D_NKM93Qs.roa (raw, json)
Hash identifier: cN+8GDIg4TxPVIKVSOWzikVnf0iL71D9smdueiIi7Os=
Subject key identifier: B1:D2:AB:1C:3B:05:6F:E5:3C:14:8B:15:E7:90:FF:34:A3:3D:DD:0B
Certificate issuer: /CN=e5a27555c1a5c5ddf7f7acc839fa577aa7ee7a9c
Certificate serial: 0AE9212B
Authority key identifier: E5:A2:75:55:C1:A5:C5:DD:F7:F7:AC:C8:39:FA:57:7A:A7:EE:7A:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aJ1VcGlxd3396zIOfpXeqfuepw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/sdKrHDsFb-U8FIsV55D_NKM93Qs.roa
Signing time: Sat 01 Jan 2022 06:56:13 +0000
ROA not before: Sat 01 Jan 2022 06:56:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33907
IP address blocks: 194.145.172.0/24 maxlen: 24
194.145.173.0/24 maxlen: 24
194.145.174.0/24 maxlen: 24
194.145.175.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 183050539 (0xae9212b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a27555c1a5c5ddf7f7acc839fa577aa7ee7a9c
Validity
Not Before: Jan 1 06:56:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b1d2ab1c3b056fe53c148b15e790ff34a33ddd0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b1:9d:9a:49:1a:b5:48:6b:a3:8e:a8:90:dd:
5a:68:0a:b4:24:38:12:57:0b:4a:b5:97:e3:c3:e2:
4f:a9:4e:48:11:6c:c5:e4:a3:8d:0d:d6:23:88:ea:
35:77:52:ac:7a:1b:5a:98:ad:9f:7a:58:d9:0d:80:
1c:d1:5c:37:5e:0a:b3:3f:b7:23:33:0c:2b:78:53:
5e:8e:50:d7:3b:d7:44:e2:2b:8f:a7:e3:ff:05:93:
a0:a2:79:80:db:00:f9:e8:9e:2e:ed:8e:39:e1:41:
c9:a2:65:31:f1:47:22:39:0d:d1:56:e7:b4:4c:ee:
f7:fc:8e:f0:55:6a:26:4b:3c:4b:05:31:b3:4e:a1:
b5:3f:41:e7:ab:46:93:37:50:af:ce:b3:c1:30:c2:
d1:a4:03:49:2c:e7:93:75:ea:d0:72:d2:55:85:78:
9b:b9:d2:56:32:83:94:76:92:34:6e:dc:59:f2:05:
55:d5:7c:65:e2:4b:16:72:92:10:aa:c8:30:17:e5:
7b:30:d5:8e:35:c3:44:29:b0:b5:83:c2:70:5e:61:
24:5f:5f:ad:2c:e7:3a:cc:11:5b:3f:7f:31:63:04:
a7:27:df:52:b7:ff:52:58:d4:8a:f5:18:01:41:50:
49:45:38:f4:34:66:d7:52:18:10:de:80:f4:90:be:
a9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D2:AB:1C:3B:05:6F:E5:3C:14:8B:15:E7:90:FF:34:A3:3D:DD:0B
X509v3 Authority Key Identifier:
keyid:E5:A2:75:55:C1:A5:C5:DD:F7:F7:AC:C8:39:FA:57:7A:A7:EE:7A:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aJ1VcGlxd3396zIOfpXeqfuepw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/sdKrHDsFb-U8FIsV55D_NKM93Qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/5aJ1VcGlxd3396zIOfpXeqfuepw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.145.172.0/22
Signature Algorithm: sha256WithRSAEncryption
91:cd:0f:94:b2:f6:af:d7:40:5a:44:53:b2:c3:0a:a0:af:a0:
2f:9a:fb:3d:00:51:4b:0c:58:58:95:3c:d1:e4:80:b1:e8:db:
bb:67:8d:32:37:9f:b4:5a:c5:6b:6a:ab:c2:10:f1:2a:2b:62:
64:f6:42:32:f1:c9:9a:8d:20:a4:28:c7:a8:ee:fa:8a:9d:4e:
4d:23:eb:c3:14:d6:ab:8e:e2:c0:b5:87:4e:5c:20:91:39:65:
fe:a0:b4:78:f3:f5:ad:41:52:73:ba:bf:2f:d1:c1:28:86:b5:
e7:78:e0:a0:b2:3f:ba:18:68:36:ee:ea:25:37:b7:2d:a6:02:
51:a0:2a:cd:94:98:36:b2:e8:d3:49:48:55:87:e7:de:f8:49:
5e:96:ab:33:e2:a2:c3:ad:59:f3:bd:d1:4e:aa:be:af:1c:ce:
04:07:a0:09:cd:d5:92:f1:0c:cd:12:75:aa:ec:52:87:c3:66:
83:7f:53:b9:2d:a3:d0:2c:07:d4:5a:51:2a:d6:44:53:11:b1:
31:f8:f2:50:b2:d9:31:6f:f4:e9:d9:a2:00:ef:20:91:7c:7e:
62:66:12:c0:77:c3:c8:44:48:2e:c1:32:e1:2c:c8:7e:e4:62:
3d:55:1e:38:a0:d2:7d:b6:c6:c0:12:77:d4:a3:66:7e:77:ac:
7a:8f:78:26
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECukhKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWEyNzU1NWMxYTVjNWRkZjdmN2FjYzgzOWZhNTc3YWE3ZWU3YTljMB4XDTIyMDEw
MTA2NTYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjFkMmFiMWMzYjA1
NmZlNTNjMTQ4YjE1ZTc5MGZmMzRhMzNkZGQwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ2xnZpJGrVIa6OOqJDdWmgKtCQ4ElcLSrWX48PiT6lOSBFs
xeSjjQ3WI4jqNXdSrHobWpitn3pY2Q2AHNFcN14Ksz+3IzMMK3hTXo5Q1zvXROIr
j6fj/wWToKJ5gNsA+eieLu2OOeFByaJlMfFHIjkN0VbntEzu9/yO8FVqJks8SwUx
s06htT9B56tGkzdQr86zwTDC0aQDSSznk3Xq0HLSVYV4m7nSVjKDlHaSNG7cWfIF
VdV8ZeJLFnKSEKrIMBflezDVjjXDRCmwtYPCcF5hJF9frSznOswRWz9/MWMEpyff
Urf/UljUivUYAUFQSUU49DRm11IYEN6A9JC+qbcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSx0qscOwVv5TwUixXnkP80oz3dCzAfBgNVHSMEGDAWgBTlonVVwaXF3ff3
rMg5+ld6p+56nDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVhSjFWY0dseGQzMzk2eklPZnBYZXFmdWVwdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvMWNjZDlhLWMzMGUtNGU4YS04OTRhLWZkNzE2NjdhMmI1Zi8x
L3NkS3JIRHNGYi1VOEZJc1Y1NURfTktNOTNRcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
MWNjZDlhLWMzMGUtNGU4YS04OTRhLWZkNzE2NjdhMmI1Zi8xLzVhSjFWY0dseGQz
Mzk2eklPZnBYZXFmdWVwdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsKRrDANBgkqhkiG9w0BAQsFAAOC
AQEAkc0PlLL2r9dAWkRTssMKoK+gL5r7PQBRSwxYWJU80eSAsejbu2eNMjeftFrF
a2qrwhDxKitiZPZCMvHJmo0gpCjHqO76ip1OTSPrwxTWq47iwLWHTlwgkTll/qC0
ePP1rUFSc7q/L9HBKIa153jgoLI/uhhoNu7qJTe3LaYCUaAqzZSYNrLo00lIVYfn
3vhJXparM+Kiw61Z873RTqq+rxzOBAegCc3VkvEMzRJ1quxSh8Nmg39TuS2j0CwH
1FpRKtZEUxGxMfjyULLZMW/06dmiAO8gkXx+YmYSwHfDyERILsEy4SzIfuRiPVUe
OKDSfbbGwBJ31KNmfneseo94Jg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:38:49 2025 by rpki-client