Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5nCpgAwS3VMj-lXsv5F9IOeniL8.roa
File: 5nCpgAwS3VMj-lXsv5F9IOeniL8.roa (raw, json)
Hash identifier: JNOV9Ilyf08Twq+ZDfhzoqPKOFLiJCSa/r/v7gMnDA8=
Subject key identifier: E6:70:A9:80:0C:12:DD:53:23:FA:55:EC:BF:91:7D:20:E7:A7:88:BF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01856DCAF894B3EB553A93837D9F8216DE28
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5nCpgAwS3VMj-lXsv5F9IOeniL8.roa
Signing time: Sun 01 Jan 2023 14:44:56 +0000
ROA not before: Sun 01 Jan 2023 14:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211593
IP address blocks: 45.87.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f8:94:b3:eb:55:3a:93:83:7d:9f:82:16:de:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 14:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e670a9800c12dd5323fa55ecbf917d20e7a788bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:13:34:6a:1a:63:12:8f:14:82:77:ef:c3:13:
bd:54:f4:a2:6c:34:f4:44:a6:b6:8d:95:88:b3:a0:
bb:af:00:e4:15:a0:df:45:6e:37:0e:71:31:4b:a3:
c1:da:76:c8:67:98:72:e8:87:26:cd:c5:91:10:e5:
a1:2c:2a:7a:66:0d:6d:c7:bc:55:ce:98:9b:92:91:
01:8a:9d:73:0a:69:43:04:62:82:35:c5:07:20:05:
b5:3a:48:05:f2:c3:f8:28:2c:e7:92:9d:e7:fa:70:
65:b8:37:8a:fa:98:64:5e:8f:5e:94:78:84:f0:85:
62:58:b9:67:a5:1e:8e:0d:de:70:c2:66:d3:95:fa:
a0:8e:7a:cd:a1:ee:ba:01:a9:7b:63:13:2d:70:ca:
87:60:71:35:26:b5:99:81:79:00:aa:36:da:c8:cc:
88:a9:af:5c:78:1f:22:c4:76:ad:f7:d1:4e:b1:40:
04:b8:ff:4a:59:66:b2:49:b4:e0:ed:7c:8b:26:3a:
eb:68:d7:07:d6:80:c4:f2:c3:b7:ac:cc:24:76:d9:
c5:01:32:0b:60:27:d6:1e:82:78:33:d9:1e:5a:6a:
95:d6:f6:2a:f8:03:7f:37:5c:09:de:3c:8b:2e:9c:
46:a3:0f:10:59:5f:40:37:df:55:ff:a7:0e:50:d6:
b3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:70:A9:80:0C:12:DD:53:23:FA:55:EC:BF:91:7D:20:E7:A7:88:BF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5nCpgAwS3VMj-lXsv5F9IOeniL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.251.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:e9:c1:ae:59:1a:58:c2:48:14:c4:d5:47:b5:fb:62:5d:a8:
23:cb:ca:f0:ca:90:de:d9:b4:d3:de:46:71:e2:88:3c:c5:ec:
79:b3:53:36:b8:26:36:31:7f:6f:74:15:45:98:d3:df:9d:50:
a7:40:74:8f:06:41:12:fd:37:b7:8e:d5:aa:c4:7c:aa:0e:73:
b7:07:83:fe:d9:3b:06:3c:3f:4e:16:a2:af:af:60:2b:ec:56:
bd:23:9c:46:7d:09:0d:62:98:95:e3:a5:ff:a8:3c:8d:f1:33:
d5:19:65:e7:33:43:44:b1:ea:9e:52:4c:6d:88:b6:c9:48:4c:
28:99:03:9b:bb:3a:9f:98:64:0a:dd:b1:01:cb:28:87:7a:0a:
f1:47:4d:41:3e:8c:4d:0c:28:dd:06:a6:de:b9:57:ca:16:3d:
4f:65:b4:d3:28:65:5c:e1:0e:39:e2:e2:d4:f0:6a:03:c1:41:
ef:51:e9:3f:fd:8a:4f:76:57:03:51:1f:41:65:68:43:41:5c:
44:1f:00:02:e6:96:35:b5:a3:4e:f8:4b:d6:7d:58:2a:4d:d3:
f0:54:31:51:80:aa:b5:f2:42:4d:f2:84:13:d7:9c:f5:2c:6e:
a0:7c:e7:2c:09:47:cb:92:ab:aa:35:2f:73:70:45:e8:6a:c9:
91:83:2e:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyviUs+tVOpODfZ+CFt4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjcwYTk4MDBjMTJkZDUzMjNmYTU1ZWNiZjkxN2QyMGU3YTc4OGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxM0ahpjEo8UgnfvwxO9VPSibDT0
RKa2jZWIs6C7rwDkFaDfRW43DnExS6PB2nbIZ5hy6IcmzcWREOWhLCp6Zg1tx7xV
zpibkpEBip1zCmlDBGKCNcUHIAW1OkgF8sP4KCznkp3n+nBluDeK+phkXo9elHiE
8IViWLlnpR6ODd5wwmbTlfqgjnrNoe66Aal7YxMtcMqHYHE1JrWZgXkAqjbayMyI
qa9ceB8ixHat99FOsUAEuP9KWWaySbTg7XyLJjrraNcH1oDE8sO3rMwkdtnFATIL
YCfWHoJ4M9keWmqV1vYq+AN/N1wJ3jyLLpxGow8QWV9AN99V/6cOUNaztwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZwqYAMEt1TI/pV7L+RfSDnp4i/MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNW5DcGdBd1MzVk1qLWxYc3Y1RjlJT2VuaUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVf7MA0G
CSqGSIb3DQEBCwUAA4IBAQC56cGuWRpYwkgUxNVHtftiXagjy8rwypDe2bTT3kZx
4og8xex5s1M2uCY2MX9vdBVFmNPfnVCnQHSPBkES/Te3jtWqxHyqDnO3B4P+2TsG
PD9OFqKvr2Ar7Fa9I5xGfQkNYpiV46X/qDyN8TPVGWXnM0NEseqeUkxtiLbJSEwo
mQObuzqfmGQK3bEByyiHegrxR01BPoxNDCjdBqbeuVfKFj1PZbTTKGVc4Q454uLU
8GoDwUHvUek//YpPdlcDUR9BZWhDQVxEHwAC5pY1taNO+EvWfVgqTdPwVDFRgKq1
8kJN8oQT15z1LG6gfOcsCUfLkquqNS9zcEXoasmRgy7f
-----END CERTIFICATE-----
Generated at Thu May 8 04:57:32 2025 by rpki-client