Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/F1yfMxDJcgtJpVUokEZTc-ATwqo.roa
File: F1yfMxDJcgtJpVUokEZTc-ATwqo.roa (raw, json)
Hash identifier: x9PYxHgTDmEmN9IMIvkuaJSEWO1+g9eCy6oCcnbQ6f0=
Subject key identifier: 17:5C:9F:33:10:C9:72:0B:49:A5:55:28:90:46:53:73:E0:13:C2:AA
Certificate issuer: /CN=056006f2a1840900c753628121b3fb7ec5bd89e9
Certificate serial: 0188FC0E51997BCF7A66A0E21898472A6771
Authority key identifier: 05:60:06:F2:A1:84:09:00:C7:53:62:81:21:B3:FB:7E:C5:BD:89:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWAG8qGECQDHU2KBIbP7fsW9iek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/F1yfMxDJcgtJpVUokEZTc-ATwqo.roa
Signing time: Tue 27 Jun 2023 08:52:56 +0000
ROA not before: Tue 27 Jun 2023 08:52:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62005
IP address blocks: 5.42.221.0/24 maxlen: 24
45.129.0.0/24 maxlen: 24
2a12:c740:1::/48 maxlen: 48
2a12:c740::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fc:0e:51:99:7b:cf:7a:66:a0:e2:18:98:47:2a:67:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=056006f2a1840900c753628121b3fb7ec5bd89e9
Validity
Not Before: Jun 27 08:52:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=175c9f3310c9720b49a5552890465373e013c2aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cf:4e:c7:53:05:24:25:de:c8:b6:aa:17:4d:
04:4d:ed:a9:a2:d8:d2:1e:b1:6d:b0:b2:fe:df:5b:
cc:8f:bb:e2:c8:b5:63:4e:b0:b5:d7:3c:33:39:c8:
15:f2:7e:6e:d8:f0:c9:a5:f8:79:c2:72:a8:e9:b8:
55:0c:ff:1a:4e:42:74:01:a7:bd:7b:ec:d0:1d:a2:
9b:5e:1e:ca:9b:f6:09:9e:dd:f8:9a:6e:61:dc:af:
4d:c6:89:5d:01:39:62:85:61:69:39:42:d6:83:26:
eb:44:80:58:3b:38:0c:c0:8d:34:8a:dc:0c:51:59:
ca:f9:fa:d1:26:f9:9e:2a:65:db:98:9a:7a:9b:cf:
19:80:0b:81:4a:58:20:0b:4f:2f:93:7e:fe:12:78:
e1:fc:0d:f0:78:b3:bf:27:6f:25:e1:e3:e7:84:b9:
a0:a9:9d:33:12:c2:7b:0e:56:22:3c:5f:b0:6f:b4:
bd:30:5a:41:c7:ad:ca:ef:79:84:b3:fd:94:79:16:
36:00:7a:01:c8:23:bc:7c:fd:c5:1b:01:0a:0e:8e:
27:d5:3a:c6:5c:58:5d:56:50:ba:43:c9:5f:00:de:
76:1c:58:a1:d8:00:d9:c9:16:9d:aa:e0:f0:f8:d2:
ab:29:f8:36:45:e0:34:95:f1:b9:eb:59:06:9a:c0:
5e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:5C:9F:33:10:C9:72:0B:49:A5:55:28:90:46:53:73:E0:13:C2:AA
X509v3 Authority Key Identifier:
keyid:05:60:06:F2:A1:84:09:00:C7:53:62:81:21:B3:FB:7E:C5:BD:89:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWAG8qGECQDHU2KBIbP7fsW9iek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/F1yfMxDJcgtJpVUokEZTc-ATwqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/BWAG8qGECQDHU2KBIbP7fsW9iek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.221.0/24
45.129.0.0/24
IPv6:
2a12:c740::/47
Signature Algorithm: sha256WithRSAEncryption
7d:7a:1d:97:8e:a7:e2:c0:b4:3c:a3:43:a3:d9:c0:ed:82:ea:
ed:e9:ea:c3:12:96:8a:d3:b4:d6:09:ce:03:12:3a:cc:2f:27:
83:ad:5c:e9:0b:09:52:a4:fa:05:a1:57:0c:9c:0f:1a:8b:4b:
59:07:63:68:01:7b:81:1a:1c:18:c3:15:74:9b:4d:54:63:08:
3e:48:6b:30:d6:3c:39:75:69:d0:1e:ed:b0:a7:66:21:6b:1b:
6f:d5:a9:71:91:b4:21:9c:79:f0:9b:0f:2c:7a:82:2c:fc:8e:
de:f8:cc:34:8e:ba:d2:1b:0b:b1:da:fc:c9:4b:29:8e:74:45:
73:af:e6:f9:90:61:fb:42:3e:54:7d:32:30:a9:be:c7:fb:5d:
4c:05:64:f2:ac:3e:6b:41:69:ce:eb:10:73:42:05:44:00:76:
4c:a1:98:f6:00:44:7a:87:a0:4c:fb:ae:a6:6c:0d:22:57:83:
d7:c3:33:b1:3e:6d:7d:ca:6d:c2:09:ee:dc:e9:11:f4:9d:68:
8a:90:5d:1d:d5:da:c0:28:a9:a2:6e:72:d2:43:ec:e2:80:49:
0b:e6:30:e0:45:13:78:d9:d9:b0:dc:5b:26:ae:04:2d:cc:58:
27:bf:57:69:04:93:fa:42:86:3a:77:01:ec:ed:c6:79:46:c9:
ac:0e:84:c6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYj8DlGZe896ZqDiGJhHKmdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjAwNmYyYTE4NDA5MDBjNzUzNjI4MTIxYjNmYjdlYzVi
ZDg5ZTkwHhcNMjMwNjI3MDg1MjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzVjOWYzMzEwYzk3MjBiNDlhNTU1Mjg5MDQ2NTM3M2UwMTNjMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM9Ox1MFJCXeyLaqF00ETe2potjS
HrFtsLL+31vMj7viyLVjTrC11zwzOcgV8n5u2PDJpfh5wnKo6bhVDP8aTkJ0Aae9
e+zQHaKbXh7Km/YJnt34mm5h3K9NxoldATlihWFpOULWgybrRIBYOzgMwI00itwM
UVnK+frRJvmeKmXbmJp6m88ZgAuBSlggC08vk37+Enjh/A3weLO/J28l4ePnhLmg
qZ0zEsJ7DlYiPF+wb7S9MFpBx63K73mEs/2UeRY2AHoByCO8fP3FGwEKDo4n1TrG
XFhdVlC6Q8lfAN52HFih2ADZyRadquDw+NKrKfg2ReA0lfG561kGmsBeWwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBdcnzMQyXILSaVVKJBGU3PgE8KqMB8GA1UdIwQY
MBaAFAVgBvKhhAkAx1NigSGz+37FvYnpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldBRzhxR0VDUURIVTJLQkliUDdmc1c5aWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81NzMyZDMtYTUzYy00MWY3LWE2MjMt
NTViM2U2NDc2YTdiLzEvRjF5Zk14REpjZ3RKcFZVb2tFWlRjLUFUd3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81NzMyZDMtYTUzYy00MWY3LWE2MjMtNTViM2U2NDc2YTdi
LzEvQldBRzhxR0VDUURIVTJLQkliUDdmc1c5aWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQABSrdAwQA
LYEAMA8EAgACMAkDBwEqEsdAAAAwDQYJKoZIhvcNAQELBQADggEBAH16HZeOp+LA
tDyjQ6PZwO2C6u3p6sMSlorTtNYJzgMSOswvJ4OtXOkLCVKk+gWhVwycDxqLS1kH
Y2gBe4EaHBjDFXSbTVRjCD5IazDWPDl1adAe7bCnZiFrG2/VqXGRtCGcefCbDyx6
giz8jt74zDSOutIbC7Ha/MlLKY50RXOv5vmQYftCPlR9MjCpvsf7XUwFZPKsPmtB
ac7rEHNCBUQAdkyhmPYARHqHoEz7rqZsDSJXg9fDM7E+bX3KbcIJ7tzpEfSdaIqQ
XR3V2sAoqaJuctJD7OKASQvmMOBFE3jZ2bDcWyauBC3MWCe/V2kEk/pChjp3Aezt
xnlGyawOhMY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:18 2025 by rpki-client