Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/5ASftIoVAioA_puIpzYz0GJ7vqk.roa
File: 5ASftIoVAioA_puIpzYz0GJ7vqk.roa (raw, json)
Hash identifier: 9UtsT9kDKKVA5+iA7d61RwmL9RbsxYwKrAD7ENDQIxs=
Subject key identifier: E4:04:9F:B4:8A:15:02:2A:00:FE:9B:88:A7:36:33:D0:62:7B:BE:A9
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 01836A7D6E492CC76F76506EF7AE29A7283F
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/5ASftIoVAioA_puIpzYz0GJ7vqk.roa
Signing time: Fri 23 Sep 2022 13:15:48 +0000
ROA not before: Fri 23 Sep 2022 13:15:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212708
IP address blocks: 185.235.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6a:7d:6e:49:2c:c7:6f:76:50:6e:f7:ae:29:a7:28:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Sep 23 13:15:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4049fb48a15022a00fe9b88a73633d0627bbea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:80:2d:69:27:26:fe:a9:6e:cd:4c:1b:93:cc:
ac:cb:43:a7:96:39:b8:25:56:b2:ca:d7:61:27:ef:
5e:3f:74:39:c8:bc:8c:15:e1:3b:f3:43:30:4a:f6:
37:77:bd:5a:6c:e7:c9:8c:08:d6:d6:63:5f:04:49:
ab:33:ff:c9:3c:c6:c4:d3:e1:ff:1b:8a:9d:c6:88:
5f:78:57:3d:26:be:e6:a3:5f:55:c8:f5:4e:ad:43:
36:23:e3:d6:7c:6d:9b:a3:e2:4f:2a:ae:c1:9d:c7:
ab:90:4d:05:74:95:c7:73:27:5b:5c:73:b3:e3:59:
ef:4d:57:19:7f:ef:68:b9:9a:e2:3e:ce:c5:0e:7a:
30:52:3c:0e:ab:14:9e:1f:31:c5:41:42:5c:83:54:
94:dc:d8:ee:07:24:33:7b:1c:2a:49:ef:e8:2e:cd:
ca:de:2f:0e:51:66:41:b8:07:46:17:88:5f:a4:b2:
52:e7:9f:27:e4:5e:18:82:7b:47:8a:ee:af:41:de:
8a:39:d9:5c:b6:56:a5:f6:20:f0:41:4f:65:74:89:
ff:15:b1:76:0a:20:5e:7e:7d:92:2d:db:c2:3a:08:
16:a3:03:18:f5:f6:40:44:ae:29:3b:fd:60:93:30:
84:8f:2e:b6:84:09:e5:5b:c4:c0:00:2b:d5:6c:7c:
71:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:04:9F:B4:8A:15:02:2A:00:FE:9B:88:A7:36:33:D0:62:7B:BE:A9
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/5ASftIoVAioA_puIpzYz0GJ7vqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.164.0/24
Signature Algorithm: sha256WithRSAEncryption
28:b9:be:22:1c:1d:cb:62:f2:24:fa:42:47:2b:7e:dc:40:e6:
47:cf:71:8f:9c:d5:f5:83:3b:ba:ac:c5:e1:62:57:44:a2:09:
b4:f9:b9:30:4f:d8:ee:56:7e:a9:04:f1:d8:1a:92:5b:e5:41:
25:0b:ab:fa:a5:c0:aa:31:39:cf:40:9b:6c:cd:f4:d0:97:90:
be:07:5f:e2:19:9c:03:7f:43:75:d1:6c:39:63:4b:30:93:09:
c9:a7:8b:c9:1a:8b:30:76:7e:14:8b:c6:bb:ca:96:66:94:7b:
d7:ff:86:cb:70:77:e0:b6:51:16:bd:ab:7a:df:5f:e7:aa:98:
cb:c6:39:97:48:79:a5:83:0b:56:92:5b:7f:68:c6:ec:7f:d8:
d9:d5:9e:95:34:eb:08:0d:5e:95:dd:26:49:7a:9b:45:51:c1:
58:9a:06:29:6f:cd:c5:7d:28:26:3c:7e:dc:a7:93:10:a5:61:
22:83:a9:44:6d:44:04:72:63:31:b7:5d:83:70:3d:5f:ea:d8:
4e:56:f4:da:33:a7:49:f5:8e:5a:a8:6e:66:02:71:8c:b9:7b:
f0:61:70:e0:90:9b:5d:c0:5c:f4:08:25:9c:44:cd:d6:d3:73:
48:a9:8e:78:05:a2:f1:f2:08:37:53:8e:1e:db:9c:f4:d2:72:
f8:05:fb:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNqfW5JLMdvdlBu964ppyg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjIwOTIzMTMxNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDA0OWZiNDhhMTUwMjJhMDBmZTliODhhNzM2MzNkMDYyN2JiZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoAtaScm/qluzUwbk8ysy0Onljm4
JVayytdhJ+9eP3Q5yLyMFeE780MwSvY3d71abOfJjAjW1mNfBEmrM//JPMbE0+H/
G4qdxohfeFc9Jr7mo19VyPVOrUM2I+PWfG2bo+JPKq7BncerkE0FdJXHcydbXHOz
41nvTVcZf+9ouZriPs7FDnowUjwOqxSeHzHFQUJcg1SU3NjuByQzexwqSe/oLs3K
3i8OUWZBuAdGF4hfpLJS558n5F4YgntHiu6vQd6KOdlctlal9iDwQU9ldIn/FbF2
CiBefn2SLdvCOggWowMY9fZARK4pO/1gkzCEjy62hAnlW8TAACvVbHxxMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQEn7SKFQIqAP6biKc2M9Bie76pMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvNUFTZnRJb1ZBaW9BX3B1SXB6WXowR0o3dnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueukMA0G
CSqGSIb3DQEBCwUAA4IBAQAoub4iHB3LYvIk+kJHK37cQOZHz3GPnNX1gzu6rMXh
YldEogm0+bkwT9juVn6pBPHYGpJb5UElC6v6pcCqMTnPQJtszfTQl5C+B1/iGZwD
f0N10Ww5Y0swkwnJp4vJGoswdn4Ui8a7ypZmlHvX/4bLcHfgtlEWvat631/nqpjL
xjmXSHmlgwtWklt/aMbsf9jZ1Z6VNOsIDV6V3SZJeptFUcFYmgYpb83FfSgmPH7c
p5MQpWEig6lEbUQEcmMxt12DcD1f6thOVvTaM6dJ9Y5aqG5mAnGMuXvwYXDgkJtd
wFz0CCWcRM3W03NIqY54BaLx8gg3U44e25z00nL4Bfvh
-----END CERTIFICATE-----
Generated at Fri May 2 03:25:35 2025 by rpki-client