Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_5IqHEUHIM8sZ5Af4PVGuFq2WjQ.roa
File: _5IqHEUHIM8sZ5Af4PVGuFq2WjQ.roa (raw, json)
Hash identifier: T7/rYKvEsR1S/9qV/zxYThLHiCsycmXw161Ebvh4p2w=
Subject key identifier: FF:92:2A:1C:45:07:20:CF:2C:67:90:1F:E0:F5:46:B8:5A:B6:5A:34
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0189108E6FF75ADDF1B991F214EC6771E9AF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_5IqHEUHIM8sZ5Af4PVGuFq2WjQ.roa
Signing time: Sat 01 Jul 2023 08:25:17 +0000
ROA not before: Sat 01 Jul 2023 08:25:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 94.156.14.0/24 maxlen: 24
45.129.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:10:8e:6f:f7:5a:dd:f1:b9:91:f2:14:ec:67:71:e9:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 1 08:25:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff922a1c450720cf2c67901fe0f546b85ab65a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:43:c1:85:85:84:7b:4d:65:84:a6:ab:c5:94:
d6:56:0f:a8:17:03:e8:f9:66:54:4f:67:62:37:fb:
73:28:ca:ef:53:c8:35:54:16:f9:1b:17:ef:42:7e:
82:1a:15:7e:a3:c4:38:f6:b8:a7:0d:0f:c4:80:87:
ff:41:d8:4f:65:b6:15:3d:b2:0c:21:e8:dd:63:dc:
2c:7c:5c:16:5f:c8:a0:36:43:52:a5:cc:80:8c:f2:
34:25:45:e6:1f:96:cc:1f:73:98:a5:d0:af:28:d4:
89:e3:6b:70:41:a3:3b:6f:bd:cd:51:25:41:d7:7c:
95:1e:e4:f6:ea:31:1e:ca:69:d2:cf:50:2a:4d:cb:
bd:9e:b8:fe:a1:b6:82:f8:5c:6d:b4:ba:1e:79:5a:
12:67:d2:ea:3f:b3:a1:bd:e7:9e:96:78:9a:bd:b8:
a1:02:c1:e4:74:c2:8f:19:d9:7c:23:62:56:19:6f:
d8:8c:7a:81:b1:07:ca:9e:53:50:36:87:3c:e6:2d:
15:69:38:4c:6e:5f:46:f7:2a:40:c1:34:94:b0:f3:
f1:2b:64:9e:c8:70:33:e5:82:99:5c:13:40:c4:9f:
e1:ad:62:22:9e:b7:ac:5b:34:34:91:3f:d4:a2:93:
f3:70:ce:86:57:79:a2:57:b8:17:b2:70:2d:1a:27:
fc:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:92:2A:1C:45:07:20:CF:2C:67:90:1F:E0:F5:46:B8:5A:B6:5A:34
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_5IqHEUHIM8sZ5Af4PVGuFq2WjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.85.0/24
94.156.14.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:e4:f4:01:49:ff:d5:2d:4b:52:48:86:06:e0:67:9d:42:9b:
44:e2:8b:be:27:4b:90:68:5e:25:52:af:cb:39:70:b8:f8:54:
e2:e8:3e:a3:86:a2:45:2f:75:de:52:51:2f:e4:a7:45:df:43:
28:fa:e0:1f:ed:48:50:49:dd:f5:f5:62:a2:b3:88:be:f0:98:
83:0a:06:2a:0d:03:5d:18:4e:7d:c9:5b:8d:d8:7b:31:7d:5f:
57:ca:6b:13:60:c7:a3:bc:2e:84:4a:94:0c:2f:61:22:55:20:
7d:91:82:70:ac:0e:61:33:e6:e3:5f:9f:9a:d0:02:32:3f:f4:
f0:27:84:c9:b0:ac:09:c5:0d:ed:07:e4:3f:49:7e:41:01:52:
ca:05:b0:9b:0a:ad:22:04:b5:fe:34:4e:8e:33:bb:f2:d5:e7:
f8:98:fb:b5:0a:06:bc:07:f5:67:02:c6:a4:1e:f5:6a:48:77:
0b:f2:84:a6:8f:d9:93:e8:18:f6:04:9f:a4:93:7d:10:80:25:
ad:86:37:82:10:3f:87:16:73:c2:5e:b9:2b:41:b4:ac:65:1f:
a3:36:7b:d4:19:d3:6b:52:3a:24:15:0d:cd:39:f2:63:8f:fc:
10:1c:01:46:f9:8f:a3:84:01:d4:6e:2d:6e:6e:91:cb:d7:c8:
26:1c:76:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkQjm/3Wt3xuZHyFOxncemvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzAxMDgyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjkyMmExYzQ1MDcyMGNmMmM2NzkwMWZlMGY1NDZiODVhYjY1YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUPBhYWEe01lhKarxZTWVg+oFwPo
+WZUT2diN/tzKMrvU8g1VBb5GxfvQn6CGhV+o8Q49rinDQ/EgIf/QdhPZbYVPbIM
IejdY9wsfFwWX8igNkNSpcyAjPI0JUXmH5bMH3OYpdCvKNSJ42twQaM7b73NUSVB
13yVHuT26jEeymnSz1AqTcu9nrj+obaC+FxttLoeeVoSZ9LqP7Ohveeelniavbih
AsHkdMKPGdl8I2JWGW/YjHqBsQfKnlNQNoc85i0VaThMbl9G9ypAwTSUsPPxK2Se
yHAz5YKZXBNAxJ/hrWIinresWzQ0kT/UopPzcM6GV3miV7gXsnAtGif8uQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP+SKhxFByDPLGeQH+D1Rrhatlo0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvXzVJcUhFVUhJTThzWjVBZjRQVkd1RnEyV2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYFVAwQA
XpwOMA0GCSqGSIb3DQEBCwUAA4IBAQCw5PQBSf/VLUtSSIYG4GedQptE4ou+J0uQ
aF4lUq/LOXC4+FTi6D6jhqJFL3XeUlEv5KdF30Mo+uAf7UhQSd319WKis4i+8JiD
CgYqDQNdGE59yVuN2HsxfV9XymsTYMejvC6ESpQML2EiVSB9kYJwrA5hM+bjX5+a
0AIyP/TwJ4TJsKwJxQ3tB+Q/SX5BAVLKBbCbCq0iBLX+NE6OM7vy1ef4mPu1Cga8
B/VnAsakHvVqSHcL8oSmj9mT6Bj2BJ+kk30QgCWthjeCED+HFnPCXrkrQbSsZR+j
NnvUGdNrUjokFQ3NOfJjj/wQHAFG+Y+jhAHUbi1ubpHL18gmHHZA
-----END CERTIFICATE-----
Generated at Tue May 13 16:36:02 2025 by rpki-client