Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/bqb9aJRttGA5E2gUQohkFKajVOY.roa
File: bqb9aJRttGA5E2gUQohkFKajVOY.roa (raw, json)
Hash identifier: ucF2OxGGSjzGlNohNFesN46HcRrR/9WfRd4oTXR4clo=
Subject key identifier: 6E:A6:FD:68:94:6D:B4:60:39:13:68:14:42:88:64:14:A6:A3:54:E6
Certificate issuer: /CN=5ff4bc6137c540a89b9173cc2de32eb04c9e6eae
Certificate serial: 01856D81BC9FE3A73263CCD061218DB9089A
Authority key identifier: 5F:F4:BC:61:37:C5:40:A8:9B:91:73:CC:2D:E3:2E:B0:4C:9E:6E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X_S8YTfFQKibkXPMLeMusEyebq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/bqb9aJRttGA5E2gUQohkFKajVOY.roa
Signing time: Sun 01 Jan 2023 13:24:57 +0000
ROA not before: Sun 01 Jan 2023 13:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134963
IP address blocks: 5.61.68.0/24 maxlen: 24
5.61.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:bc:9f:e3:a7:32:63:cc:d0:61:21:8d:b9:08:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ff4bc6137c540a89b9173cc2de32eb04c9e6eae
Validity
Not Before: Jan 1 13:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ea6fd68946db4603913681442886414a6a354e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:54:f4:11:31:27:85:a3:b7:7e:e6:12:3d:b1:
06:1d:0b:d3:ae:45:c1:e4:c7:9d:a0:d0:76:25:d1:
40:99:7e:4a:bb:f8:08:32:01:af:17:0e:66:33:ee:
a1:7d:82:5b:86:ac:45:73:8d:cb:fa:0f:a3:3d:22:
d9:70:7b:bc:67:e0:25:8c:52:0b:a4:79:13:96:86:
b0:75:59:f5:02:d6:f4:7d:9c:df:62:98:69:24:04:
c8:2e:fc:be:8a:ed:2a:a2:0d:e7:79:ec:8b:b3:70:
57:dd:d5:d8:e7:d1:45:b1:28:58:96:69:3b:d4:a4:
59:33:d7:71:1d:d6:e5:8b:5c:fc:c1:bd:9e:3c:f2:
0c:b4:6a:81:c1:2c:1f:c9:f4:0a:1f:89:3e:40:8e:
94:92:ab:e9:b9:dd:b9:f6:4a:53:11:b2:88:8d:35:
c3:28:28:c9:f9:f8:fb:9c:b4:ad:35:a1:a4:b2:3d:
e7:be:e5:56:24:43:27:d4:02:56:31:53:01:0c:fe:
b7:88:ad:d5:c7:0d:aa:6a:c3:b9:8e:01:f6:27:3f:
5c:00:6a:30:b8:05:10:c0:0c:b7:47:ed:9b:85:b8:
75:2b:73:ca:0f:e8:0b:72:eb:bc:e2:c4:5b:5c:b6:
ac:04:b1:fb:c9:67:5b:97:5b:df:5f:cc:15:df:44:
16:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A6:FD:68:94:6D:B4:60:39:13:68:14:42:88:64:14:A6:A3:54:E6
X509v3 Authority Key Identifier:
keyid:5F:F4:BC:61:37:C5:40:A8:9B:91:73:CC:2D:E3:2E:B0:4C:9E:6E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X_S8YTfFQKibkXPMLeMusEyebq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/bqb9aJRttGA5E2gUQohkFKajVOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/X_S8YTfFQKibkXPMLeMusEyebq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.68.0/23
Signature Algorithm: sha256WithRSAEncryption
00:85:49:dd:bc:6f:db:09:43:e0:fd:a9:0d:ed:bf:64:9b:5d:
79:59:d6:7d:6e:14:24:59:00:0c:f0:92:f7:36:b1:b2:3b:d5:
da:0e:a7:47:25:22:c3:f5:9c:72:32:15:33:d0:18:c7:29:aa:
e1:f3:ca:9f:55:a1:65:66:6f:6e:98:7b:6d:aa:22:fc:bd:6f:
5f:4a:d9:c7:c9:34:ba:0f:44:49:bc:59:54:7d:6d:fa:61:b6:
c1:61:62:80:bc:35:9d:8f:eb:b3:f7:1b:78:ae:43:94:c5:6e:
17:c0:0f:39:a0:13:03:63:cc:8d:b5:e0:27:25:d9:67:f5:1a:
e7:95:b2:4d:35:bb:80:02:48:b3:90:35:56:f3:df:07:84:7e:
6e:71:50:39:54:52:77:84:6e:c1:f5:07:3b:1c:fd:70:33:29:
95:62:42:99:62:1c:b7:73:f7:bb:cc:69:99:cf:d5:ef:87:d0:
90:6a:61:18:56:a0:eb:5d:a9:a6:c2:65:a8:1d:ea:dd:73:42:
bb:d5:e8:12:25:d5:11:f5:3f:df:35:a6:24:45:b8:4e:ba:04:
c7:26:a9:73:de:81:0d:7a:b1:2c:c3:9e:78:00:af:4e:ae:2d:
49:db:2e:4c:81:d6:85:de:a5:64:ef:0e:ab:bf:1b:ea:c5:d7:
fc:c0:df:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgbyf46cyY8zQYSGNuQiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZjRiYzYxMzdjNTQwYTg5YjkxNzNjYzJkZTMyZWIwNGM5
ZTZlYWUwHhcNMjMwMTAxMTMyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWE2ZmQ2ODk0NmRiNDYwMzkxMzY4MTQ0Mjg4NjQxNGE2YTM1NGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVT0ETEnhaO3fuYSPbEGHQvTrkXB
5MedoNB2JdFAmX5Ku/gIMgGvFw5mM+6hfYJbhqxFc43L+g+jPSLZcHu8Z+AljFIL
pHkTloawdVn1Atb0fZzfYphpJATILvy+iu0qog3neeyLs3BX3dXY59FFsShYlmk7
1KRZM9dxHdbli1z8wb2ePPIMtGqBwSwfyfQKH4k+QI6Ukqvpud259kpTEbKIjTXD
KCjJ+fj7nLStNaGksj3nvuVWJEMn1AJWMVMBDP63iK3Vxw2qasO5jgH2Jz9cAGow
uAUQwAy3R+2bhbh1K3PKD+gLcuu84sRbXLasBLH7yWdbl1vfX8wV30QWQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG6m/WiUbbRgORNoFEKIZBSmo1TmMB8GA1UdIwQY
MBaAFF/0vGE3xUCom5FzzC3jLrBMnm6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWF9TOFlUZkZRS2lia1hQTUxlTXVzRXllYnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jMDExY2EtNDU2Yi00ZjUxLWJjOGIt
MDA1Y2I0ZGNhNjNmLzEvYnFiOWFKUnR0R0E1RTJnVVFvaGtGS2FqVk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jMDExY2EtNDU2Yi00ZjUxLWJjOGItMDA1Y2I0ZGNhNjNm
LzEvWF9TOFlUZkZRS2lia1hQTUxlTXVzRXllYnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBT1EMA0G
CSqGSIb3DQEBCwUAA4IBAQAAhUndvG/bCUPg/akN7b9km115WdZ9bhQkWQAM8JL3
NrGyO9XaDqdHJSLD9ZxyMhUz0BjHKarh88qfVaFlZm9umHttqiL8vW9fStnHyTS6
D0RJvFlUfW36YbbBYWKAvDWdj+uz9xt4rkOUxW4XwA85oBMDY8yNteAnJdln9Rrn
lbJNNbuAAkizkDVW898HhH5ucVA5VFJ3hG7B9Qc7HP1wMymVYkKZYhy3c/e7zGmZ
z9Xvh9CQamEYVqDrXammwmWoHerdc0K71egSJdUR9T/fNaYkRbhOugTHJqlz3oEN
erEsw554AK9Ori1J2y5MgdaF3qVk7w6rvxvqxdf8wN9k
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:52 2025 by rpki-client