Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/64m3NUXODVOcVdKiOAJMjv-dNIE.roa
File: 64m3NUXODVOcVdKiOAJMjv-dNIE.roa (raw, json)
Hash identifier: 1Vd7mAQMLRM8XS/eekkdUAaqXPTdEJuVPmyZHKaTGD8=
Subject key identifier: EB:89:B7:35:45:CE:0D:53:9C:55:D2:A2:38:02:4C:8E:FF:9D:34:81
Certificate issuer: /CN=5ff4bc6137c540a89b9173cc2de32eb04c9e6eae
Certificate serial: 0936AB6D
Authority key identifier: 5F:F4:BC:61:37:C5:40:A8:9B:91:73:CC:2D:E3:2E:B0:4C:9E:6E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X_S8YTfFQKibkXPMLeMusEyebq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/64m3NUXODVOcVdKiOAJMjv-dNIE.roa
Signing time: Sat 01 Jan 2022 03:53:59 +0000
ROA not before: Sat 01 Jan 2022 03:53:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15644
IP address blocks: 5.61.68.0/24 maxlen: 24
5.61.71.0/24 maxlen: 24
5.61.69.0/24 maxlen: 24
5.61.70.0/24 maxlen: 24
5.61.64.0/21 maxlen: 21
2a01:52c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154577773 (0x936ab6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ff4bc6137c540a89b9173cc2de32eb04c9e6eae
Validity
Not Before: Jan 1 03:53:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb89b73545ce0d539c55d2a238024c8eff9d3481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f3:c5:d5:8b:41:d9:e8:d1:b0:cf:21:e5:87:
63:b3:47:54:d6:d2:b8:2c:75:26:7d:90:28:45:6e:
6b:e7:09:b6:02:f1:26:30:42:fe:3f:af:09:66:dc:
ae:7d:8d:ca:f4:12:0d:ac:70:0e:05:50:ea:39:72:
00:da:e9:49:81:ba:d3:38:fe:10:63:b9:0b:96:c3:
5d:fd:10:33:08:42:78:7e:80:12:cb:a7:9a:14:ab:
47:0a:75:62:71:2c:2a:17:df:0a:66:aa:b8:27:7f:
f3:02:27:28:3e:48:a9:6f:60:e8:9c:08:21:98:c1:
32:fb:85:62:71:a2:14:51:b3:e6:91:8c:2a:24:b7:
7a:52:ce:b0:d5:54:55:78:7b:35:9e:89:a3:9b:21:
ea:3b:56:40:3b:20:56:e1:f4:d7:92:59:bb:59:c0:
83:89:09:cf:36:74:99:09:48:25:48:4e:0f:28:86:
d4:46:45:ce:f1:33:4f:2a:61:b6:5e:dd:9d:ac:bc:
04:5e:cf:09:02:bb:4e:d7:12:e3:6e:e7:e2:30:22:
39:4a:b3:4d:f2:cf:f7:64:cf:ee:00:1b:1e:04:a1:
76:4c:90:0f:0d:25:16:9e:17:70:c9:32:ef:a9:02:
ae:6f:36:01:34:84:8a:2f:75:65:b7:6b:5b:10:c8:
73:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:89:B7:35:45:CE:0D:53:9C:55:D2:A2:38:02:4C:8E:FF:9D:34:81
X509v3 Authority Key Identifier:
keyid:5F:F4:BC:61:37:C5:40:A8:9B:91:73:CC:2D:E3:2E:B0:4C:9E:6E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X_S8YTfFQKibkXPMLeMusEyebq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/64m3NUXODVOcVdKiOAJMjv-dNIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/X_S8YTfFQKibkXPMLeMusEyebq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.64.0/21
IPv6:
2a01:52c0::/32
Signature Algorithm: sha256WithRSAEncryption
46:fb:32:0f:fa:95:64:01:a7:6f:4a:4a:0a:78:73:7f:e7:db:
1f:0a:d8:3a:68:85:50:56:5a:10:9a:fa:a3:e5:2c:96:47:9b:
14:d5:c3:6e:9f:ab:6c:cc:41:fb:18:b0:7f:25:ab:12:c8:13:
a8:ec:71:d3:07:fc:bd:d7:ac:2f:8c:e5:46:6b:d1:1c:ff:f3:
aa:a1:cb:8c:fe:9d:2c:61:1c:46:60:ce:e9:9f:57:f9:05:c3:
c4:c6:25:d5:fe:9a:34:a4:41:6e:ab:5d:c9:9f:f1:b5:cb:f8:
4c:cf:a0:d9:d4:eb:07:96:23:75:91:12:0e:0a:ea:48:10:63:
ca:f3:4c:d5:de:cc:d7:2f:ec:4c:e7:84:06:1b:0f:d3:3c:1e:
ac:01:e0:37:ee:77:2d:ad:f7:46:1b:c4:54:e3:c6:c4:c6:40:
1a:fd:29:a8:80:3a:b2:79:70:40:5b:56:89:76:16:e0:37:39:
4b:db:98:dc:ac:2c:e7:33:c4:d9:8a:d9:59:f2:d5:fd:7d:4e:
3e:ac:34:23:55:8e:c7:33:67:27:7b:fa:9e:be:7e:64:67:89:
3b:c6:89:a5:9c:a9:37:f2:c8:79:22:00:6b:ff:dd:71:1e:6e:
c4:f3:4d:2c:c7:61:09:a0:49:f2:cc:71:c0:cf:fd:91:b4:95:
dd:8c:49:bd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECTarbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZmY0YmM2MTM3YzU0MGE4OWI5MTczY2MyZGUzMmViMDRjOWU2ZWFlMB4XDTIyMDEw
MTAzNTM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWI4OWI3MzU0NWNl
MGQ1MzljNTVkMmEyMzgwMjRjOGVmZjlkMzQ4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzzxdWLQdno0bDPIeWHY7NHVNbSuCx1Jn2QKEVua+cJtgLx
JjBC/j+vCWbcrn2NyvQSDaxwDgVQ6jlyANrpSYG60zj+EGO5C5bDXf0QMwhCeH6A
EsunmhSrRwp1YnEsKhffCmaquCd/8wInKD5IqW9g6JwIIZjBMvuFYnGiFFGz5pGM
KiS3elLOsNVUVXh7NZ6Jo5sh6jtWQDsgVuH015JZu1nAg4kJzzZ0mQlIJUhODyiG
1EZFzvEzTyphtl7dnay8BF7PCQK7TtcS427n4jAiOUqzTfLP92TP7gAbHgShdkyQ
Dw0lFp4XcMky76kCrm82ATSEii91ZbdrWxDIc80CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTribc1Rc4NU5xV0qI4AkyO/500gTAfBgNVHSMEGDAWgBRf9LxhN8VAqJuR
c8wt4y6wTJ5urjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hfUzhZVGZGUUtpYmtYUE1MZU11c0V5ZWJxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvYzAxMWNhLTQ1NmItNGY1MS1iYzhiLTAwNWNiNGRjYTYzZi8x
LzY0bTNOVVhPRFZPY1ZkS2lPQUpNanYtZE5JRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
YzAxMWNhLTQ1NmItNGY1MS1iYzhiLTAwNWNiNGRjYTYzZi8xL1hfUzhZVGZGUUtp
YmtYUE1MZU11c0V5ZWJxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAwU9QDANBAIAAjAHAwUAKgFSwDAN
BgkqhkiG9w0BAQsFAAOCAQEARvsyD/qVZAGnb0pKCnhzf+fbHwrYOmiFUFZaEJr6
o+UslkebFNXDbp+rbMxB+xiwfyWrEsgTqOxx0wf8vdesL4zlRmvRHP/zqqHLjP6d
LGEcRmDO6Z9X+QXDxMYl1f6aNKRBbqtdyZ/xtcv4TM+g2dTrB5YjdZESDgrqSBBj
yvNM1d7M1y/sTOeEBhsP0zwerAHgN+53La33RhvEVOPGxMZAGv0pqIA6snlwQFtW
iXYW4Dc5S9uY3Kws5zPE2YrZWfLV/X1OPqw0I1WOxzNnJ3v6nr5+ZGeJO8aJpZyp
N/LIeSIAa//dcR5uxPNNLMdhCaBJ8sxxwM/9kbSV3YxJvQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:52 2024 by rpki-client on console-fra.rpki-client.org