Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/5irsQz9I8p0biX4dg2dqAzGtoSU.roa
File: 5irsQz9I8p0biX4dg2dqAzGtoSU.roa (raw, json)
Hash identifier: B9BNjX4Z2D64ksQ/eeUj3aF8fCbfgYaAfeUDjBI4VbA=
Subject key identifier: E6:2A:EC:43:3F:48:F2:9D:1B:89:7E:1D:83:67:6A:03:31:AD:A1:25
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018C15E9A06FA1FC9A98474591F8D081564C
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/5irsQz9I8p0biX4dg2dqAzGtoSU.roa
Signing time: Tue 28 Nov 2023 12:31:21 +0000
ROA not before: Tue 28 Nov 2023 12:31:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 159.255.32.0/21 maxlen: 24
188.253.12.0/22 maxlen: 22
188.214.236.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:e9:a0:6f:a1:fc:9a:98:47:45:91:f8:d0:81:56:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 28 12:31:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e62aec433f48f29d1b897e1d83676a0331ada125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:65:fa:81:f5:5b:5d:fb:66:17:58:ab:66:88:
e6:6a:10:6c:65:4e:bc:76:a9:2d:eb:33:25:d6:6b:
34:79:7e:0a:62:6f:05:53:f0:5e:0c:a8:ee:37:c0:
9f:08:e6:21:36:c1:e5:6f:5c:c2:1a:e2:02:79:be:
22:9b:41:e4:2a:52:8c:6c:28:a7:86:7b:4b:23:45:
f4:b7:28:bf:57:0a:91:9f:b2:12:7f:1d:10:d5:d5:
78:6d:b5:98:e0:05:9a:89:8b:de:95:94:ce:20:9b:
a5:30:1c:3c:24:0f:9f:48:fd:b5:32:f7:4e:68:76:
ea:0f:f6:d6:8a:f1:43:57:cd:ea:37:d8:34:4f:3c:
4d:48:92:60:97:66:fb:d9:66:14:94:4b:ad:3f:fb:
b9:de:38:99:6e:8c:92:77:d0:36:9f:d5:22:05:3b:
f4:2a:53:18:5d:cb:41:ba:34:19:19:27:71:9e:3d:
bd:3d:d9:4a:20:e8:55:b2:eb:ce:0a:73:e4:de:db:
d1:7e:24:2d:b4:cf:f1:de:06:59:62:7e:68:4f:43:
bb:06:36:f1:ac:33:5d:ea:cc:1a:b4:30:1c:f5:2f:
00:eb:95:a1:46:4b:6a:b2:20:ff:ed:bb:b3:51:7d:
2c:81:65:64:48:01:a1:a4:25:77:e0:26:e4:6b:14:
a3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:2A:EC:43:3F:48:F2:9D:1B:89:7E:1D:83:67:6A:03:31:AD:A1:25
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/5irsQz9I8p0biX4dg2dqAzGtoSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.32.0/21
188.214.236.0/22
188.253.12.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:65:70:0a:2d:9d:01:b0:b8:82:50:bc:a1:67:e9:a9:ad:a6:
7f:2b:27:f6:1c:9d:eb:1b:3d:ea:18:1a:9a:01:04:05:5b:49:
59:22:91:7e:a7:8d:2a:a3:22:05:eb:df:72:e4:2c:de:34:49:
c3:c8:b0:dd:ba:96:82:75:e5:4c:d0:53:90:72:b5:b7:98:fa:
33:89:78:78:58:a9:ba:ae:d0:fd:49:ea:3d:66:52:3b:5b:d4:
ac:10:79:ee:d3:c6:5c:af:17:0d:b7:42:54:d7:24:fb:f7:2a:
c3:56:14:53:83:ae:bb:7d:c7:1a:ff:d3:da:bd:16:a1:be:13:
f9:b0:3c:4a:fd:d6:a9:6d:a6:b9:5b:77:57:f7:92:8b:1d:60:
d6:a3:97:ac:2b:16:3a:63:3a:a8:a4:7f:87:53:88:97:86:63:
0d:c5:c6:1e:97:72:60:6e:49:19:ff:7e:6b:77:68:e9:6d:1a:
4d:5e:aa:ed:d2:27:25:86:59:64:75:31:21:1d:b4:b9:d0:4b:
d2:7f:05:93:78:c1:b2:40:a9:8b:2c:61:64:ba:11:ec:81:9e:
ed:3f:a9:16:41:13:e1:fc:26:ea:ca:af:99:96:5c:21:f7:a1:
1a:00:01:a9:c9:b8:c9:b7:86:35:3f:70:c2:50:78:e4:e6:f7:
7f:77:37:61
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwV6aBvofyamEdFkfjQgVZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMTI4MTIzMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjJhZWM0MzNmNDhmMjlkMWI4OTdlMWQ4MzY3NmEwMzMxYWRhMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2X6gfVbXftmF1irZojmahBsZU68
dqkt6zMl1ms0eX4KYm8FU/BeDKjuN8CfCOYhNsHlb1zCGuICeb4im0HkKlKMbCin
hntLI0X0tyi/VwqRn7ISfx0Q1dV4bbWY4AWaiYvelZTOIJulMBw8JA+fSP21MvdO
aHbqD/bWivFDV83qN9g0TzxNSJJgl2b72WYUlEutP/u53jiZboySd9A2n9UiBTv0
KlMYXctBujQZGSdxnj29PdlKIOhVsuvOCnPk3tvRfiQttM/x3gZZYn5oT0O7Bjbx
rDNd6swatDAc9S8A65WhRktqsiD/7buzUX0sgWVkSAGhpCV34CbkaxSjjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOYq7EM/SPKdG4l+HYNnagMxraElMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvNWlyc1F6OUk4cDBiaVg0ZGcyZHFBekd0b1NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDn/8gAwQC
vNbsAwQCvP0MMA0GCSqGSIb3DQEBCwUAA4IBAQC8ZXAKLZ0BsLiCULyhZ+mpraZ/
Kyf2HJ3rGz3qGBqaAQQFW0lZIpF+p40qoyIF699y5CzeNEnDyLDdupaCdeVM0FOQ
crW3mPoziXh4WKm6rtD9Seo9ZlI7W9SsEHnu08ZcrxcNt0JU1yT79yrDVhRTg667
fcca/9PavRahvhP5sDxK/dapbaa5W3dX95KLHWDWo5esKxY6YzqopH+HU4iXhmMN
xcYel3JgbkkZ/35rd2jpbRpNXqrt0iclhllkdTEhHbS50EvSfwWTeMGyQKmLLGFk
uhHsgZ7tP6kWQRPh/Cbqyq+Zllwh96EaAAGpybjJt4Y1P3DCUHjk5vd/dzdh
-----END CERTIFICATE-----
Generated at Sat May 17 17:22:29 2025 by rpki-client