Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/5wLz69ocuujXJ5PpJRxj4bqRHd4.roa
File: 5wLz69ocuujXJ5PpJRxj4bqRHd4.roa (raw, json)
Hash identifier: C3879DAbbY+S70sDqVjT41aNyEEA/8F1eumQmK8wRYM=
Subject key identifier: E7:02:F3:EB:DA:1C:BA:E8:D7:27:93:E9:25:1C:63:E1:BA:91:1D:DE
Certificate issuer: /CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Certificate serial: 0184425D6C79212827960C8372CC20DFEAC9
Authority key identifier: 5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/5wLz69ocuujXJ5PpJRxj4bqRHd4.roa
Signing time: Fri 04 Nov 2022 11:18:49 +0000
ROA not before: Fri 04 Nov 2022 11:18:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20847
IP address blocks: 195.211.72.0/22 maxlen: 22
141.138.168.0/21 maxlen: 21
2a03:3c00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:42:5d:6c:79:21:28:27:96:0c:83:72:cc:20:df:ea:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Validity
Not Before: Nov 4 11:18:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e702f3ebda1cbae8d72793e9251c63e1ba911dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a1:73:70:6b:71:6d:4e:b5:3c:14:38:68:7f:
fc:6e:56:a8:81:a9:7d:c5:7e:77:f5:67:8e:44:9a:
a2:64:39:21:e4:87:76:83:59:5f:96:14:e7:82:45:
24:3c:a7:02:14:56:f9:6f:7d:c5:91:2a:12:94:a4:
b6:c2:97:a5:6f:2e:07:97:8b:cc:1c:7d:7e:0c:db:
db:4a:bf:71:96:87:22:1b:ac:d0:4e:b9:b2:e8:31:
c0:0d:81:93:ee:51:4a:dc:09:26:64:f0:64:ca:8b:
cf:a1:e8:d5:25:d1:e2:31:5c:e4:4d:8c:55:b5:a5:
4d:f4:07:91:2e:ed:b1:25:3e:9c:36:cd:a2:38:b8:
6f:31:9b:70:eb:be:fd:b6:09:a9:49:6d:c4:3b:b0:
39:4f:a9:b2:c0:13:6a:ba:70:91:09:e9:8e:2e:1f:
7b:d1:3c:6c:1f:2a:54:3e:af:fc:91:c8:9b:af:e2:
73:9a:fc:3f:ee:b5:e3:1a:e4:25:16:f3:08:e8:3a:
9c:f8:d6:75:20:56:01:14:40:93:19:34:f4:01:8c:
3d:e7:cc:01:d8:14:85:cb:5c:cc:d4:46:58:4f:78:
28:5a:0d:13:ab:54:36:14:ed:39:62:fc:aa:e2:9e:
ee:eb:e1:36:9a:72:e0:24:58:93:16:85:df:b8:ed:
2c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:02:F3:EB:DA:1C:BA:E8:D7:27:93:E9:25:1C:63:E1:BA:91:1D:DE
X509v3 Authority Key Identifier:
keyid:5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/5wLz69ocuujXJ5PpJRxj4bqRHd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.168.0/21
195.211.72.0/22
IPv6:
2a03:3c00::/32
Signature Algorithm: sha256WithRSAEncryption
a2:cf:46:5c:a0:c3:7b:ba:b3:5b:fd:b1:ae:7f:0a:ac:5e:e8:
eb:7c:03:c6:5a:88:24:ac:3b:e6:f4:a8:36:39:98:63:4d:30:
14:17:e9:43:7c:8a:8b:22:b4:24:de:4b:e4:50:d7:e3:25:3b:
fd:2f:96:d3:7d:78:a6:b4:48:2f:b2:a7:b4:06:f5:a6:40:de:
ec:51:2a:58:a0:30:94:87:db:7d:36:54:b7:0a:98:a1:7f:75:
11:fe:d1:02:90:10:ce:f3:70:96:50:0c:ec:26:bb:a7:51:18:
83:bf:cf:b0:ce:e9:66:aa:ff:8f:f0:ad:b2:80:bc:42:db:75:
16:63:e4:83:06:d6:ac:2a:72:ec:f5:22:40:ef:4e:c9:6d:93:
04:43:82:b6:b6:e1:1d:6a:09:0a:0b:22:b9:da:c4:f5:d6:78:
da:77:21:2f:60:ce:c6:ac:c6:4b:4f:d7:b4:96:6f:71:30:1c:
9d:3d:99:ce:b6:ca:65:e5:d0:be:ee:4f:09:ad:45:0c:df:a5:
a4:99:1b:6e:5d:03:63:1a:ec:eb:4c:39:65:aa:9a:67:bb:41:
05:e7:92:c4:f0:28:1a:72:76:c2:04:ed:27:b2:76:f1:76:ab:
55:2e:40:14:6c:ae:e0:f7:21:69:55:b9:90:1f:51:11:a9:65:
5e:aa:5a:df
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYRCXWx5ISgnlgyDcswg3+rJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTk4MDEzMmQxOTNlMjcwZWQxZWZlMGFkMjg0OWZlOGFi
MGQ3NmMwHhcNMjIxMTA0MTExODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzAyZjNlYmRhMWNiYWU4ZDcyNzkzZTkyNTFjNjNlMWJhOTExZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqFzcGtxbU61PBQ4aH/8blaogal9
xX539WeORJqiZDkh5Id2g1lflhTngkUkPKcCFFb5b33FkSoSlKS2wpelby4Hl4vM
HH1+DNvbSr9xlociG6zQTrmy6DHADYGT7lFK3AkmZPBkyovPoejVJdHiMVzkTYxV
taVN9AeRLu2xJT6cNs2iOLhvMZtw6779tgmpSW3EO7A5T6mywBNqunCRCemOLh97
0TxsHypUPq/8kcibr+Jzmvw/7rXjGuQlFvMI6Dqc+NZ1IFYBFECTGTT0AYw958wB
2BSFy1zM1EZYT3goWg0Tq1Q2FO05Yvyq4p7u6+E2mnLgJFiTFoXfuO0stwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOcC8+vaHLro1yeT6SUcY+G6kR3eMB8GA1UdIwQY
MBaAFF9ZgBMtGT4nDtHv4K0oSf6KsNdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYt
MWUxZGU5MWE5ODdjLzEvNXdMejY5b2N1dWpYSjVQcEpSeGo0YnFSSGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYtMWUxZGU5MWE5ODdj
LzEvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDjYqoAwQC
w9NIMA0EAgACMAcDBQAqAzwAMA0GCSqGSIb3DQEBCwUAA4IBAQCiz0ZcoMN7urNb
/bGufwqsXujrfAPGWogkrDvm9Kg2OZhjTTAUF+lDfIqLIrQk3kvkUNfjJTv9L5bT
fXimtEgvsqe0BvWmQN7sUSpYoDCUh9t9NlS3Cpihf3UR/tECkBDO83CWUAzsJrun
URiDv8+wzulmqv+P8K2ygLxC23UWY+SDBtasKnLs9SJA707JbZMEQ4K2tuEdagkK
CyK52sT11njadyEvYM7GrMZLT9e0lm9xMBydPZnOtspl5dC+7k8JrUUM36WkmRtu
XQNjGuzrTDllqppnu0EF55LE8CgacnbCBO0nsnbxdqtVLkAUbK7g9yFpVbmQH1ER
qWVeqlrf
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:47:54 2025 by rpki-client