Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/c3328e-1ce9-4e38-9eca-2324977c9393/1/l2BWqSDM7ap2-VWhidwZ2kf8aWA.roa
File: l2BWqSDM7ap2-VWhidwZ2kf8aWA.roa (raw, json)
Hash identifier: 5Bu6S3JTZIzVEWI0g+Lx3PpWmtKWvyXONqpH81bEQ3M=
Subject key identifier: 97:60:56:A9:20:CC:ED:AA:76:F9:55:A1:89:DC:19:DA:47:FC:69:60
Certificate issuer: /CN=608e6a6a54017dd3b9b2cce35fd5a9a7f2a45498
Certificate serial: 19F77395
Authority key identifier: 60:8E:6A:6A:54:01:7D:D3:B9:B2:CC:E3:5F:D5:A9:A7:F2:A4:54:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YI5qalQBfdO5sszjX9Wpp_KkVJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/c3328e-1ce9-4e38-9eca-2324977c9393/1/l2BWqSDM7ap2-VWhidwZ2kf8aWA.roa
Signing time: Sat 01 Jan 2022 11:03:12 +0000
ROA not before: Sat 01 Jan 2022 11:03:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12779
IP address blocks: 5.104.24.0/23 maxlen: 23
5.104.26.0/23 maxlen: 23
5.104.30.0/24 maxlen: 24
5.104.28.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 435647381 (0x19f77395)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=608e6a6a54017dd3b9b2cce35fd5a9a7f2a45498
Validity
Not Before: Jan 1 11:03:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=976056a920ccedaa76f955a189dc19da47fc6960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:81:5c:31:c7:e4:51:29:c4:22:58:2c:47:88:
8d:ae:78:4d:1c:fa:62:ed:d5:b9:54:39:71:45:60:
44:51:68:be:34:92:c1:20:a2:6b:d6:c7:c2:56:19:
77:42:96:5b:5a:2f:75:f9:1e:bf:64:8b:ea:77:05:
db:a4:ac:7c:00:00:48:ae:00:9f:b2:77:f8:4b:8a:
3f:2c:36:a1:39:da:42:5b:46:4c:e2:94:d9:79:0b:
98:5d:70:90:14:e4:dd:cf:10:74:5c:1f:ed:85:d6:
fd:a8:e0:f1:4d:b5:ca:5c:19:6b:9e:cb:46:88:6a:
6e:82:48:37:20:22:c5:f1:4d:01:12:73:be:ce:26:
61:9d:10:27:0a:96:b3:62:e1:47:9c:8c:a4:92:dc:
c0:5a:df:1a:a5:a7:94:eb:1f:e5:f1:f0:d9:a8:a2:
1b:eb:ba:cc:02:c2:88:5d:a6:21:4f:2c:73:1a:2a:
3d:56:71:70:63:b3:0b:30:8e:72:4b:74:02:40:67:
82:1d:d7:9b:36:20:f0:e9:a0:6d:9c:b1:85:90:33:
84:fd:cc:a5:03:3c:fe:ec:7d:59:dc:dc:12:4b:cc:
c1:0c:00:29:4e:c3:df:2b:18:fe:87:5a:03:99:ab:
fb:e2:89:0f:aa:b6:c8:94:f4:cb:99:69:e5:fa:19:
68:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:60:56:A9:20:CC:ED:AA:76:F9:55:A1:89:DC:19:DA:47:FC:69:60
X509v3 Authority Key Identifier:
keyid:60:8E:6A:6A:54:01:7D:D3:B9:B2:CC:E3:5F:D5:A9:A7:F2:A4:54:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YI5qalQBfdO5sszjX9Wpp_KkVJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/c3328e-1ce9-4e38-9eca-2324977c9393/1/l2BWqSDM7ap2-VWhidwZ2kf8aWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/c3328e-1ce9-4e38-9eca-2324977c9393/1/YI5qalQBfdO5sszjX9Wpp_KkVJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.24.0-5.104.30.255
Signature Algorithm: sha256WithRSAEncryption
9d:74:a3:7c:25:79:b7:05:e8:c7:c3:2c:0e:eb:1e:01:3e:db:
e0:53:64:1b:a0:77:45:de:31:13:2d:91:9d:6c:3c:27:b0:be:
1e:c7:ae:71:96:53:15:6d:a2:1a:32:9d:f4:6b:b0:aa:0b:7f:
f7:3e:39:39:33:51:e9:8e:7f:bb:e4:a6:4e:98:0e:a9:86:dc:
b6:cc:3f:39:08:7a:ad:a6:bf:b6:ec:22:3c:d6:b3:3e:00:cd:
bc:09:dd:dc:4b:55:97:bd:fe:c4:05:8d:eb:f0:5e:14:85:2c:
33:6c:52:fb:3e:95:09:0b:b3:30:97:08:34:a8:2c:e4:45:89:
a6:a0:2d:94:eb:a7:83:1e:51:02:17:cb:60:1e:3e:6a:32:a5:
fc:cb:45:99:6c:78:c6:0d:c1:34:c5:f4:bc:92:cf:7d:91:87:
bb:3a:85:0e:b7:ee:89:54:cd:0f:2f:40:54:30:f0:c8:f8:9c:
ac:33:e9:c1:6b:d5:4e:06:e8:02:51:64:c1:18:46:61:98:47:
60:22:0a:db:e1:1f:94:31:a1:a3:e3:c0:02:3a:15:33:98:fe:
39:2a:e8:0e:51:fd:57:91:cc:52:12:ba:8f:ea:9d:c8:8e:1c:
5c:b0:a5:29:c9:5d:97:ed:f0:68:bf:f0:a9:de:b9:65:01:56:
19:fd:ac:02
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEGfdzlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDhlNmE2YTU0MDE3ZGQzYjliMmNjZTM1ZmQ1YTlhN2YyYTQ1NDk4MB4XDTIyMDEw
MTExMDMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc2MDU2YTkyMGNj
ZWRhYTc2Zjk1NWExODlkYzE5ZGE0N2ZjNjk2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+BXDHH5FEpxCJYLEeIja54TRz6Yu3VuVQ5cUVgRFFovjSS
wSCia9bHwlYZd0KWW1ovdfkev2SL6ncF26SsfAAASK4An7J3+EuKPyw2oTnaQltG
TOKU2XkLmF1wkBTk3c8QdFwf7YXW/ajg8U21ylwZa57LRohqboJINyAixfFNARJz
vs4mYZ0QJwqWs2LhR5yMpJLcwFrfGqWnlOsf5fHw2aiiG+u6zALCiF2mIU8scxoq
PVZxcGOzCzCOckt0AkBngh3XmzYg8OmgbZyxhZAzhP3MpQM8/ux9WdzcEkvMwQwA
KU7D3ysY/odaA5mr++KJD6q2yJT0y5lp5foZaF0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSXYFapIMztqnb5VaGJ3BnaR/xpYDAfBgNVHSMEGDAWgBRgjmpqVAF907my
zONf1amn8qRUmDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lJNXFhbFFCZmRPNXNzempYOVdwcF9La1ZKZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvYzMzMjhlLTFjZTktNGUzOC05ZWNhLTIzMjQ5NzdjOTM5My8x
L2wyQldxU0RNN2FwMi1WV2hpZHdaMmtmOGFXQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
YzMzMjhlLTFjZTktNGUzOC05ZWNhLTIzMjQ5NzdjOTM5My8xL1lJNXFhbFFCZmRP
NXNzempYOVdwcF9La1ZKZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQDBWgYAwQABWgeMA0GCSqGSIb3
DQEBCwUAA4IBAQCddKN8JXm3BejHwywO6x4BPtvgU2QboHdF3jETLZGdbDwnsL4e
x65xllMVbaIaMp30a7CqC3/3Pjk5M1Hpjn+75KZOmA6phty2zD85CHqtpr+27CI8
1rM+AM28Cd3cS1WXvf7EBY3r8F4UhSwzbFL7PpUJC7Mwlwg0qCzkRYmmoC2U66eD
HlECF8tgHj5qMqX8y0WZbHjGDcE0xfS8ks99kYe7OoUOt+6JVM0PL0BUMPDI+Jys
M+nBa9VOBugCUWTBGEZhmEdgIgrb4R+UMaGj48ACOhUzmP45KugOUf1XkcxSErqP
6p3IjhxcsKUpyV2X7fBov/Cp3rllAVYZ/awC
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:12 2025 by rpki-client