Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/u5z-3FGob2zik0wlAMm04A6Yf_o.roa
File: u5z-3FGob2zik0wlAMm04A6Yf_o.roa (raw, json)
Hash identifier: rmdnFk4AHaD+KtbakpkZkVTH2aZPVEzaAfYyw9V63dU=
Subject key identifier: BB:9C:FE:DC:51:A8:6F:6C:E2:93:4C:25:00:C9:B4:E0:0E:98:7F:FA
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 01856ECBA890FAE63F313E9725E42F28DDE6
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/u5z-3FGob2zik0wlAMm04A6Yf_o.roa
Signing time: Sun 01 Jan 2023 19:25:18 +0000
ROA not before: Sun 01 Jan 2023 19:25:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16322
IP address blocks: 5.63.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:a8:90:fa:e6:3f:31:3e:97:25:e4:2f:28:dd:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Jan 1 19:25:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb9cfedc51a86f6ce2934c2500c9b4e00e987ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d9:7e:88:7b:d2:67:87:09:97:73:e0:5b:e9:
fd:ae:a4:89:24:a3:0d:24:74:37:b1:26:1c:6d:00:
1e:0a:ee:8e:f5:8c:12:58:a5:81:5f:0a:7d:e7:04:
e8:9e:7a:8c:96:92:97:4b:21:67:b7:8c:3c:2b:36:
7b:c6:81:7c:fb:bd:72:58:e5:3e:53:79:40:e0:bc:
3f:06:a6:a6:96:ad:56:02:8f:55:9e:43:78:bd:b6:
0d:db:06:39:d1:ec:78:bd:ea:c2:c2:3d:5a:c2:25:
61:f3:d6:88:7d:2d:81:f1:0d:d4:4c:c0:ec:05:a2:
c7:1c:60:f1:e5:70:e1:86:59:c4:11:fb:f1:8d:9a:
db:4f:75:99:7a:27:f7:b3:df:26:00:fc:fb:4e:f7:
00:38:89:fc:3e:d7:9f:1d:65:64:37:2f:bb:e1:78:
12:c7:f8:94:ac:a7:5f:da:cd:90:1c:3f:30:1b:ab:
31:fa:dd:bb:e9:7a:1f:bc:9e:9b:88:aa:5f:45:75:
a0:e3:7d:cf:63:bd:18:06:6e:4f:c5:54:03:82:4e:
3c:59:8b:af:ed:78:6a:36:38:5b:6f:fd:06:7e:2b:
48:25:c0:06:39:ea:07:28:1c:fd:cf:49:c6:b7:6d:
dc:b3:74:21:19:24:65:8b:0c:99:dc:c2:0b:74:d8:
ad:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:9C:FE:DC:51:A8:6F:6C:E2:93:4C:25:00:C9:B4:E0:0E:98:7F:FA
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/u5z-3FGob2zik0wlAMm04A6Yf_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.12.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:81:9a:b9:ec:59:cf:d9:d0:1c:d7:a5:f1:b3:56:54:d4:1b:
f7:fc:02:19:51:b5:46:d2:3b:c2:9f:04:82:d2:7f:80:bd:eb:
8a:f2:42:a7:92:01:89:b0:23:6e:e3:aa:67:47:7b:78:fc:50:
55:0c:1f:67:09:6d:36:c4:f1:86:8f:95:60:2a:5f:ff:ec:36:
37:98:b2:4e:28:2e:b8:d6:44:a3:31:3d:cc:2c:01:dc:fd:a3:
66:c9:1d:44:18:63:62:d6:8f:f7:9e:a4:75:9a:36:a8:35:4e:
a0:7e:5b:9e:0a:50:78:ae:08:fb:56:32:a8:2a:6d:13:10:06:
10:bc:4c:0e:c0:58:c0:49:47:75:d1:c8:a3:cd:38:2f:d2:c9:
de:6d:08:5f:ab:45:b7:9d:a6:3c:6d:7d:57:69:fb:d5:98:b9:
62:dc:1e:f7:c7:42:db:56:4c:b6:66:11:3c:b8:83:0f:9e:89:
14:ce:00:b9:54:89:3c:e5:f1:63:b4:0e:97:16:d3:c4:0a:50:
ff:20:33:f2:ba:24:35:a1:04:dc:80:af:95:1b:a5:67:f0:8e:
c2:86:53:46:f7:4c:34:de:d4:32:af:ee:45:d2:4d:88:c5:d4:
42:0a:0f:28:a9:3d:f4:52:8c:b8:af:b0:39:49:2c:d6:ce:a0:
63:d3:04:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy6iQ+uY/MT6XJeQvKN3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzE2N2RmYTk4ODJiMmFhOGY4NDU5NWY1OGE5N2MzMDVj
YTQzYzUwHhcNMjMwMTAxMTkyNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjljZmVkYzUxYTg2ZjZjZTI5MzRjMjUwMGM5YjRlMDBlOTg3ZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNl+iHvSZ4cJl3PgW+n9rqSJJKMN
JHQ3sSYcbQAeCu6O9YwSWKWBXwp95wTonnqMlpKXSyFnt4w8KzZ7xoF8+71yWOU+
U3lA4Lw/Bqamlq1WAo9VnkN4vbYN2wY50ex4verCwj1awiVh89aIfS2B8Q3UTMDs
BaLHHGDx5XDhhlnEEfvxjZrbT3WZeif3s98mAPz7TvcAOIn8PtefHWVkNy+74XgS
x/iUrKdf2s2QHD8wG6sx+t276XofvJ6biKpfRXWg433PY70YBm5PxVQDgk48WYuv
7XhqNjhbb/0GfitIJcAGOeoHKBz9z0nGt23cs3QhGSRliwyZ3MILdNitqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLuc/txRqG9s4pNMJQDJtOAOmH/6MB8GA1UdIwQY
MBaAFLbBZ9+piCsqqPhFlfWKl8MFykPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUt
YWNmYzNkMmMyNTIyLzEvdTV6LTNGR29iMnppazB3bEFNbTA0QTZZZl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUtYWNmYzNkMmMyNTIy
LzEvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABT8MMA0G
CSqGSIb3DQEBCwUAA4IBAQClgZq57FnP2dAc16Xxs1ZU1Bv3/AIZUbVG0jvCnwSC
0n+AveuK8kKnkgGJsCNu46pnR3t4/FBVDB9nCW02xPGGj5VgKl//7DY3mLJOKC64
1kSjMT3MLAHc/aNmyR1EGGNi1o/3nqR1mjaoNU6gflueClB4rgj7VjKoKm0TEAYQ
vEwOwFjASUd10cijzTgv0snebQhfq0W3naY8bX1XafvVmLli3B73x0LbVky2ZhE8
uIMPnokUzgC5VIk85fFjtA6XFtPEClD/IDPyuiQ1oQTcgK+VG6Vn8I7ChlNG90w0
3tQyr+5F0k2IxdRCCg8oqT30Uoy4r7A5SSzWzqBj0wRq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:13 2025 by rpki-client