Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/0tAY0i9oV5lAvss2uEUyO43pbmU.roa
File: 0tAY0i9oV5lAvss2uEUyO43pbmU.roa (raw, json)
Hash identifier: y+SfrjjrYwL3db4lQZhvpaIQOskTuAYU0/BHuA1hK2w=
Subject key identifier: D2:D0:18:D2:2F:68:57:99:40:BE:CB:36:B8:45:32:3B:8D:E9:6E:65
Certificate issuer: /CN=2b7c4264dacdfacb3b7a3aeeed565975aa52434c
Certificate serial: 0183E60CF7765EEF2DB62F41013A24EC744E
Authority key identifier: 2B:7C:42:64:DA:CD:FA:CB:3B:7A:3A:EE:ED:56:59:75:AA:52:43:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K3xCZNrN-ss7ejru7VZZdapSQ0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/0tAY0i9oV5lAvss2uEUyO43pbmU.roa
Signing time: Mon 17 Oct 2022 13:05:52 +0000
ROA not before: Mon 17 Oct 2022 13:05:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12859
IP address blocks: 5.61.250.0/24 maxlen: 24
5.61.248.0/24 maxlen: 24
5.61.251.0/24 maxlen: 24
5.61.248.0/21 maxlen: 21
5.61.249.0/24 maxlen: 24
5.61.252.0/24 maxlen: 24
5.61.253.0/24 maxlen: 24
5.61.254.0/24 maxlen: 24
5.61.255.0/24 maxlen: 24
2a01:7860::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e6:0c:f7:76:5e:ef:2d:b6:2f:41:01:3a:24:ec:74:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b7c4264dacdfacb3b7a3aeeed565975aa52434c
Validity
Not Before: Oct 17 13:05:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2d018d22f68579940becb36b845323b8de96e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:89:cf:77:f6:1c:a8:ca:09:11:73:b8:37:4d:
17:ce:7c:c1:5e:3f:17:3d:28:cb:ed:a8:5b:24:46:
bd:d5:64:18:d0:0f:0e:b4:c0:b6:ea:ea:c6:95:86:
ab:2b:9b:e5:a2:b0:5d:4d:5f:7c:9c:10:fb:e0:13:
f7:b9:2b:e3:11:6f:82:0f:13:8d:2e:63:4f:28:a7:
af:da:b1:74:a2:cd:c6:4a:f6:c7:04:87:8d:5d:f4:
ef:09:af:54:b2:81:02:06:24:00:38:ae:23:b9:de:
af:ca:b0:c4:ea:e6:a9:d8:3b:26:31:91:f8:76:80:
74:c9:f3:ea:32:15:74:73:67:e1:f5:2a:79:41:ed:
17:20:8b:74:08:7d:8a:78:c6:38:9e:b5:79:4f:ea:
72:ba:38:8b:a7:d2:36:16:27:be:65:93:50:a6:8b:
00:ab:b9:6c:36:cd:42:73:67:6b:fd:1a:b0:ab:4b:
83:a4:96:7d:c9:98:ef:7c:19:ea:29:b1:f5:b3:12:
dd:66:83:ad:cd:9c:94:a3:59:e8:17:b6:f3:87:06:
4d:87:80:c5:48:c8:73:72:df:75:ef:92:b7:b8:f0:
5e:a3:7c:95:31:b1:14:1e:ca:b6:fe:eb:23:70:0a:
e2:39:99:b3:94:93:4e:65:cb:7b:bc:78:cb:24:8b:
3e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D0:18:D2:2F:68:57:99:40:BE:CB:36:B8:45:32:3B:8D:E9:6E:65
X509v3 Authority Key Identifier:
keyid:2B:7C:42:64:DA:CD:FA:CB:3B:7A:3A:EE:ED:56:59:75:AA:52:43:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K3xCZNrN-ss7ejru7VZZdapSQ0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/0tAY0i9oV5lAvss2uEUyO43pbmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/K3xCZNrN-ss7ejru7VZZdapSQ0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.248.0/21
IPv6:
2a01:7860::/32
Signature Algorithm: sha256WithRSAEncryption
cd:cb:09:e2:6a:b1:7c:dc:bf:1c:fb:ef:f9:ad:a1:e7:89:27:
51:c7:d8:f2:7a:e6:0f:4e:51:dc:57:f8:c4:dc:09:95:d6:e9:
18:76:69:f5:ea:02:44:15:86:f2:9f:76:63:24:c6:0f:20:8d:
39:74:9a:b2:2a:f4:df:ba:2e:3c:e0:9a:8e:f7:81:a9:cd:5d:
dc:fe:50:9e:07:d5:44:be:d4:5e:2e:3d:dc:68:f9:b8:da:76:
18:95:1c:74:a9:4d:a9:bb:53:05:dd:9a:0e:82:39:2d:90:15:
51:c6:6d:0e:67:be:c8:05:21:c7:52:61:46:85:6c:5b:ce:82:
c2:df:8e:95:04:81:f5:a9:78:ed:3d:a5:74:56:29:b4:b3:10:
aa:59:17:73:2c:3f:14:f9:c0:84:53:e4:13:12:e9:77:9d:9a:
e8:ae:9b:6d:69:47:98:77:db:f5:86:49:57:ed:ba:eb:ac:40:
45:74:c4:ea:18:8b:14:6b:42:f0:20:5b:bb:e0:77:d4:8e:95:
6c:91:d4:9e:e2:70:66:f0:bd:0c:0d:c8:d0:8d:bc:2d:e8:ab:
7d:70:96:82:da:68:89:5b:13:5c:9e:cd:b9:12:63:58:ce:42:
e1:70:a3:99:16:02:f7:44:82:7e:24:f0:42:b0:3f:15:57:3e:
3f:b8:fc:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYPmDPd2Xu8tti9BATok7HROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2M0MjY0ZGFjZGZhY2IzYjdhM2FlZWVkNTY1OTc1YWE1
MjQzNGMwHhcNMjIxMDE3MTMwNTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmQwMThkMjJmNjg1Nzk5NDBiZWNiMzZiODQ1MzIzYjhkZTk2ZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAponPd/YcqMoJEXO4N00XznzBXj8X
PSjL7ahbJEa91WQY0A8OtMC26urGlYarK5vlorBdTV98nBD74BP3uSvjEW+CDxON
LmNPKKev2rF0os3GSvbHBIeNXfTvCa9UsoECBiQAOK4jud6vyrDE6uap2DsmMZH4
doB0yfPqMhV0c2fh9Sp5Qe0XIIt0CH2KeMY4nrV5T+pyujiLp9I2Fie+ZZNQposA
q7lsNs1Cc2dr/Rqwq0uDpJZ9yZjvfBnqKbH1sxLdZoOtzZyUo1noF7bzhwZNh4DF
SMhzct9175K3uPBeo3yVMbEUHsq2/usjcAriOZmzlJNOZct7vHjLJIs+nwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNLQGNIvaFeZQL7LNrhFMjuN6W5lMB8GA1UdIwQY
MBaAFCt8QmTazfrLO3o67u1WWXWqUkNMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzN4Q1pOck4tc3M3ZWpydTdWWlpkYXBTUTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iYmVkNDAtNjI4MS00OGJmLTllOWQt
MzFkNWFjM2FjOWI1LzEvMHRBWTBpOW9WNWxBdnNzMnVFVXlPNDNwYm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iYmVkNDAtNjI4MS00OGJmLTllOWQtMzFkNWFjM2FjOWI1
LzEvSzN4Q1pOck4tc3M3ZWpydTdWWlpkYXBTUTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBT34MA0E
AgACMAcDBQAqAXhgMA0GCSqGSIb3DQEBCwUAA4IBAQDNywniarF83L8c++/5raHn
iSdRx9jyeuYPTlHcV/jE3AmV1ukYdmn16gJEFYbyn3ZjJMYPII05dJqyKvTfui48
4JqO94GpzV3c/lCeB9VEvtReLj3caPm42nYYlRx0qU2pu1MF3ZoOgjktkBVRxm0O
Z77IBSHHUmFGhWxbzoLC346VBIH1qXjtPaV0Vim0sxCqWRdzLD8U+cCEU+QTEul3
nZrorpttaUeYd9v1hklX7brrrEBFdMTqGIsUa0LwIFu74HfUjpVskdSe4nBm8L0M
DcjQjbwt6Kt9cJaC2miJWxNcns25EmNYzkLhcKOZFgL3RIJ+JPBCsD8VVz4/uPzV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:51 2024 by rpki-client on console-fra.rpki-client.org