Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/_-kOKXbn1-CZ91FYe2vwqUn-1FQ.roa
File: _-kOKXbn1-CZ91FYe2vwqUn-1FQ.roa (raw, json)
Hash identifier: k6NBuc36ItbD7I3BfygEB6/gUMq++ZEMWZdhEFG5SMM=
Subject key identifier: FF:E9:0E:29:76:E7:D7:E0:99:F7:51:58:7B:6B:F0:A9:49:FE:D4:54
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 0825359D
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/_-kOKXbn1-CZ91FYe2vwqUn-1FQ.roa
Signing time: Sat 01 Jan 2022 06:03:21 +0000
ROA not before: Sat 01 Jan 2022 06:03:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201551
IP address blocks: 5.149.157.0/24 maxlen: 24
5.149.156.0/24 maxlen: 24
5.149.156.0/23 maxlen: 23
5.149.155.0/24 maxlen: 24
2a02:1710:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136656285 (0x825359d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Jan 1 06:03:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffe90e2976e7d7e099f751587b6bf0a949fed454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:76:8e:77:d2:b3:a7:b3:dc:f5:ab:2f:0b:05:
a8:6e:1e:fe:0b:6b:71:a0:ab:fa:4c:ab:12:0b:d0:
4e:81:70:09:5d:21:c5:87:f9:3f:4e:ad:1f:63:d7:
3e:05:ba:25:22:2b:ca:55:bb:05:5d:06:25:7d:55:
e7:92:59:9c:71:65:ba:7a:e1:ea:f3:c0:08:b3:d7:
f1:c6:15:71:81:b0:91:ce:15:06:20:3f:af:dc:13:
7e:42:2c:27:28:19:1a:f3:33:a2:70:3a:92:76:24:
f6:54:c3:5b:35:04:5d:f2:48:68:e7:ef:80:a7:e9:
88:81:40:db:98:e4:10:12:cf:29:2a:6c:59:ef:84:
34:2e:8c:95:da:b4:84:a8:be:2a:b2:31:d5:66:ac:
46:71:cb:7c:1d:e3:63:20:80:30:66:b8:83:5f:05:
29:8a:53:34:9f:8a:8a:56:09:88:0e:8c:82:c2:75:
0a:4a:f8:63:3d:ea:d5:e3:9b:9e:17:28:e9:7c:16:
58:9f:18:a9:61:09:6e:d5:fc:d7:7e:58:f9:81:b7:
df:5d:f1:83:79:0a:c5:bc:5a:ae:9b:6a:48:9a:31:
a9:dc:25:14:9f:33:ee:8d:58:13:5a:73:c4:16:65:
25:82:06:4c:2f:6d:38:1c:6c:ce:f1:b9:39:6b:9e:
4b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E9:0E:29:76:E7:D7:E0:99:F7:51:58:7B:6B:F0:A9:49:FE:D4:54
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/_-kOKXbn1-CZ91FYe2vwqUn-1FQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.155.0-5.149.157.255
IPv6:
2a02:1710:6::/48
Signature Algorithm: sha256WithRSAEncryption
2d:f4:78:95:d0:28:64:0b:ff:8b:0a:14:7e:f8:2a:4a:5c:a5:
21:5d:f8:4a:ae:b8:af:d7:79:80:6b:61:05:e1:2e:bf:77:e9:
01:e3:ea:6c:cf:10:00:94:5f:98:a8:fa:94:76:05:60:7f:4e:
9c:7d:9f:28:d5:13:36:d8:f3:5b:2d:4a:97:50:1f:69:ad:4a:
bb:e9:1b:a1:9e:47:49:02:73:3b:16:3a:26:ee:da:04:94:06:
ee:17:9d:f2:7b:da:1a:96:71:14:89:9b:bb:a8:27:d0:34:c5:
12:c6:1b:ee:fd:b7:6e:aa:7e:1c:b6:ce:9e:9e:86:02:7a:db:
8d:4f:f2:87:08:11:c5:18:e8:c9:95:36:61:ca:ad:b0:1b:1d:
73:32:61:05:dc:6c:6e:be:7e:8f:6c:2a:bb:6a:45:68:e7:16:
64:76:56:fd:fb:4b:13:be:2c:a1:46:00:dc:00:1e:e9:ef:5a:
d8:10:98:54:b8:99:db:ae:4e:3a:10:c2:04:39:07:75:5b:f8:
d8:9d:56:13:93:74:40:89:62:46:be:ab:d0:a1:0c:94:84:d6:
c0:4d:82:9d:23:91:47:1f:cd:c5:c1:56:28:a9:7a:d1:f3:fe:
a5:e1:00:02:55:10:50:49:70:d6:c1:9e:bb:25:3a:17:92:6f:
2f:dc:97:41
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIECCU1nTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzI1ODhjMDBlZWY3MTU4MDllYjVmZGQ2ZDY3MTdjYzI4YzBkZmFjMB4XDTIyMDEw
MTA2MDMyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmZlOTBlMjk3NmU3
ZDdlMDk5Zjc1MTU4N2I2YmYwYTk0OWZlZDQ1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMh2jnfSs6ez3PWrLwsFqG4e/gtrcaCr+kyrEgvQToFwCV0h
xYf5P06tH2PXPgW6JSIrylW7BV0GJX1V55JZnHFlunrh6vPACLPX8cYVcYGwkc4V
BiA/r9wTfkIsJygZGvMzonA6knYk9lTDWzUEXfJIaOfvgKfpiIFA25jkEBLPKSps
We+ENC6Mldq0hKi+KrIx1WasRnHLfB3jYyCAMGa4g18FKYpTNJ+KilYJiA6MgsJ1
Ckr4Yz3q1eObnhco6XwWWJ8YqWEJbtX8135Y+YG3313xg3kKxbxarptqSJoxqdwl
FJ8z7o1YE1pzxBZlJYIGTC9tOBxszvG5OWueS9kCAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBT/6Q4pdufX4Jn3UVh7a/CpSf7UVDAfBgNVHSMEGDAWgBS3JYjADu9xWAnr
X91tZxfMKMDfrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R5V0l3QTd2Y1ZnSjYxX2RiV2NYekNqQTM2dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvZWJiYWM5LWZlZTctNGYzYi04Y2Q1LTdhNDEyNTRlYWFjYS8x
L18ta09LWGJuMS1DWjkxRlllMnZ3cVVuLTFGUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
ZWJiYWM5LWZlZTctNGYzYi04Y2Q1LTdhNDEyNTRlYWFjYS8xL3R5V0l3QTd2Y1Zn
SjYxX2RiV2NYekNqQTM2dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA4
BggrBgEFBQcBBwEB/wQpMCcwFAQCAAEwDjAMAwQABZWbAwQBBZWcMA8EAgACMAkD
BwAqAhcQAAYwDQYJKoZIhvcNAQELBQADggEBAC30eJXQKGQL/4sKFH74KkpcpSFd
+EquuK/XeYBrYQXhLr936QHj6mzPEACUX5io+pR2BWB/Tpx9nyjVEzbY81stSpdQ
H2mtSrvpG6GeR0kCczsWOibu2gSUBu4XnfJ72hqWcRSJm7uoJ9A0xRLGG+79t26q
fhy2zp6ehgJ6241P8ocIEcUY6MmVNmHKrbAbHXMyYQXcbG6+fo9sKrtqRWjnFmR2
Vv37SxO+LKFGANwAHunvWtgQmFS4mduuTjoQwgQ5B3Vb+NidVhOTdECJYka+q9Ch
DJSE1sBNgp0jkUcfzcXBViipetHz/qXhAAJVEFBJcNbBnrslOheSby/cl0E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:35 2024 by rpki-client on console-ams.rpki-client.org