Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/169a3b-6a73-49ec-affa-ed0a7aba8cb2/1/5lAPNeJA9qaoUCrsYySNNt2WyHw.roa
File: 5lAPNeJA9qaoUCrsYySNNt2WyHw.roa (raw, json)
Hash identifier: DwbDsCo3DRhwJxUMnqFsONtgXb1+hNKvdzFZFbWSMdA=
Subject key identifier: E6:50:0F:35:E2:40:F6:A6:A8:50:2A:EC:63:24:8D:36:DD:96:C8:7C
Certificate issuer: /CN=4aefb99d2a06ee99dea9566f16bf226db3e56c92
Certificate serial: 0185A0481DD917989DB0B618212B889290B2
Authority key identifier: 4A:EF:B9:9D:2A:06:EE:99:DE:A9:56:6F:16:BF:22:6D:B3:E5:6C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Su-5nSoG7pneqVZvFr8ibbPlbJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/169a3b-6a73-49ec-affa-ed0a7aba8cb2/1/5lAPNeJA9qaoUCrsYySNNt2WyHw.roa
Signing time: Wed 11 Jan 2023 10:02:38 +0000
ROA not before: Wed 11 Jan 2023 10:02:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20953
IP address blocks: 195.246.219.0/24 maxlen: 24
80.79.192.0/20 maxlen: 20
2a02:1d8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:48:1d:d9:17:98:9d:b0:b6:18:21:2b:88:92:90:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aefb99d2a06ee99dea9566f16bf226db3e56c92
Validity
Not Before: Jan 11 10:02:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6500f35e240f6a6a8502aec63248d36dd96c87c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f4:bf:d6:04:d9:5f:80:da:89:ee:d8:a4:35:
35:ec:36:6b:d9:6b:6c:08:59:cc:15:08:c8:27:8d:
0d:49:c2:e9:44:c8:1c:29:6b:0b:e4:e4:9b:5c:f7:
ea:06:78:f6:8f:19:c4:b8:fb:29:14:f6:35:c9:42:
78:58:ed:20:7c:75:10:23:2a:f3:7e:c9:88:12:34:
44:a4:11:87:a6:f2:38:18:7d:40:4d:bd:6c:f3:47:
69:6d:16:e1:fd:ef:aa:3a:53:74:d7:a2:35:96:73:
78:87:0f:48:96:16:ae:ab:fb:33:22:fe:f2:10:45:
34:f0:aa:5c:69:dc:04:e2:ef:b8:d5:e3:47:97:a7:
50:e4:c7:0d:65:b9:6d:cb:81:0f:15:ee:13:75:3f:
af:2f:db:1a:4b:ef:cc:a4:80:50:c6:43:55:f3:a6:
71:a2:95:87:1e:ae:93:ae:aa:32:8c:6d:2c:9c:e6:
c7:3a:3c:97:22:98:ba:29:f5:fe:1e:85:49:50:78:
ad:84:8f:ec:5a:72:0f:89:f9:f9:7f:fb:23:8f:89:
5f:36:11:c2:12:7e:51:83:22:d1:78:d3:4a:c7:6e:
4d:c8:7f:b4:5d:2d:41:2f:d9:e1:0b:dd:84:74:bb:
5e:42:28:02:fa:9e:32:b3:ff:32:89:f0:be:75:15:
44:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:50:0F:35:E2:40:F6:A6:A8:50:2A:EC:63:24:8D:36:DD:96:C8:7C
X509v3 Authority Key Identifier:
keyid:4A:EF:B9:9D:2A:06:EE:99:DE:A9:56:6F:16:BF:22:6D:B3:E5:6C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Su-5nSoG7pneqVZvFr8ibbPlbJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/169a3b-6a73-49ec-affa-ed0a7aba8cb2/1/5lAPNeJA9qaoUCrsYySNNt2WyHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/169a3b-6a73-49ec-affa-ed0a7aba8cb2/1/Su-5nSoG7pneqVZvFr8ibbPlbJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.192.0/20
195.246.219.0/24
IPv6:
2a02:1d8::/32
Signature Algorithm: sha256WithRSAEncryption
47:e7:38:86:eb:75:82:34:78:57:b6:79:6c:a9:b0:77:ab:b8:
68:00:fc:df:89:cb:f7:f5:19:0c:6e:db:b7:5b:73:29:78:f3:
b1:55:5b:c5:5f:d1:aa:82:a2:97:0d:b2:2b:99:b4:ed:47:35:
3d:fc:5c:48:2d:45:f8:10:95:b4:d5:da:e1:b4:02:44:da:fb:
b7:5c:e9:4e:3b:d0:10:2b:6a:52:6a:92:c4:f6:eb:cd:f1:2e:
1e:d7:fe:b1:06:44:09:59:26:c5:ff:03:55:d4:10:3f:51:55:
70:89:26:81:7e:e5:a1:bf:25:27:ce:54:f4:c3:df:40:54:d5:
55:6a:b0:e0:4d:41:bb:21:87:0b:5f:93:e9:af:91:e8:cf:2a:
b0:a3:0a:b4:9d:26:fd:2a:cc:96:9c:7c:ff:40:12:f8:ea:69:
df:c0:d2:67:25:33:4e:3e:03:4c:55:81:3a:2c:bd:0e:5a:83:
74:39:31:d9:44:56:ff:13:8f:71:69:88:b1:3d:dc:0d:88:99:
37:46:68:63:9c:6e:5a:cd:29:8d:8f:1b:a9:98:49:d2:9c:c1:
1a:a1:a9:8c:7a:c1:91:0a:96:00:92:3a:9a:18:e7:c9:01:a1:
73:cb:ab:43:8a:ea:0b:a5:ee:3d:71:0b:b8:44:62:26:34:55:
e8:1e:0c:82
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYWgSB3ZF5idsLYYISuIkpCyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZWZiOTlkMmEwNmVlOTlkZWE5NTY2ZjE2YmYyMjZkYjNl
NTZjOTIwHhcNMjMwMTExMTAwMjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjUwMGYzNWUyNDBmNmE2YTg1MDJhZWM2MzI0OGQzNmRkOTZjODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvS/1gTZX4Daie7YpDU17DZr2Wts
CFnMFQjIJ40NScLpRMgcKWsL5OSbXPfqBnj2jxnEuPspFPY1yUJ4WO0gfHUQIyrz
fsmIEjREpBGHpvI4GH1ATb1s80dpbRbh/e+qOlN016I1lnN4hw9Ilhauq/szIv7y
EEU08KpcadwE4u+41eNHl6dQ5McNZblty4EPFe4TdT+vL9saS+/MpIBQxkNV86Zx
opWHHq6TrqoyjG0snObHOjyXIpi6KfX+HoVJUHithI/sWnIPifn5f/sjj4lfNhHC
En5RgyLReNNKx25NyH+0XS1BL9nhC92EdLteQigC+p4ys/8yifC+dRVEDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOZQDzXiQPamqFAq7GMkjTbdlsh8MB8GA1UdIwQY
MBaAFErvuZ0qBu6Z3qlWbxa/Im2z5WySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3UtNW5Tb0c3cG5lcVZadkZyOGliYlBsYkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xNjlhM2ItNmE3My00OWVjLWFmZmEt
ZWQwYTdhYmE4Y2IyLzEvNWxBUE5lSkE5cWFvVUNyc1l5U05OdDJXeUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xNjlhM2ItNmE3My00OWVjLWFmZmEtZWQwYTdhYmE4Y2Iy
LzEvU3UtNW5Tb0c3cG5lcVZadkZyOGliYlBsYkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUE/AAwQA
w/bbMA0EAgACMAcDBQAqAgHYMA0GCSqGSIb3DQEBCwUAA4IBAQBH5ziG63WCNHhX
tnlsqbB3q7hoAPzficv39RkMbtu3W3MpePOxVVvFX9GqgqKXDbIrmbTtRzU9/FxI
LUX4EJW01drhtAJE2vu3XOlOO9AQK2pSapLE9uvN8S4e1/6xBkQJWSbF/wNV1BA/
UVVwiSaBfuWhvyUnzlT0w99AVNVVarDgTUG7IYcLX5Ppr5Hozyqwowq0nSb9KsyW
nHz/QBL46mnfwNJnJTNOPgNMVYE6LL0OWoN0OTHZRFb/E49xaYixPdwNiJk3Rmhj
nG5azSmNjxupmEnSnMEaoamMesGRCpYAkjqaGOfJAaFzy6tDiuoLpe49cQu4RGIm
NFXoHgyC
-----END CERTIFICATE-----
Generated at Tue Apr 29 05:17:34 2025 by rpki-client