Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/5-Qog1MKWVSkVZHcfaNj9lI6qwg.roa
File: 5-Qog1MKWVSkVZHcfaNj9lI6qwg.roa (raw, json)
Hash identifier: 9FTpWoFCox3Lmcip/QTU3/z0Nso/Q6hmKG8ngSJcnmM=
Subject key identifier: E7:E4:28:83:53:0A:59:54:A4:55:91:DC:7D:A3:63:F6:52:3A:AB:08
Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial: 01849627B973F8C31C809D4048BF28A1BA9A
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/5-Qog1MKWVSkVZHcfaNj9lI6qwg.roa
Signing time: Sun 20 Nov 2022 17:48:16 +0000
ROA not before: Sun 20 Nov 2022 17:48:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209968
IP address blocks: 185.23.5.0/24 maxlen: 24
2a09:be44::/30 maxlen: 48
2a09:be41::/32 maxlen: 48
2a12:49c0::/29 maxlen: 48
2a0e:ec00::/30 maxlen: 48
2a09:be42::/31 maxlen: 48
2a0e:ec04::/31 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:96:27:b9:73:f8:c3:1c:80:9d:40:48:bf:28:a1:ba:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Validity
Not Before: Nov 20 17:48:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7e42883530a5954a45591dc7da363f6523aab08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2d:e7:59:cb:ad:2f:32:ed:1e:6d:71:ae:39:
c9:50:e4:e3:26:4a:4e:f7:53:0d:84:90:76:7a:f6:
27:8f:36:1d:96:6e:4b:3a:8d:8d:59:a9:b3:42:76:
7a:d7:24:92:2d:e2:34:39:97:6f:d7:2b:da:97:ea:
3c:11:16:44:1b:81:f5:e8:af:0c:7a:ed:df:86:44:
b3:6e:ff:c1:e1:62:1c:12:55:a7:37:1a:47:4a:7a:
e5:2d:fa:95:7b:7a:94:62:57:72:a5:0e:29:5a:a7:
ec:5d:fe:da:04:74:fc:c4:b8:08:ff:99:62:94:10:
04:cc:38:53:91:89:4c:94:64:9d:a7:f8:50:ad:e9:
3f:ee:18:9b:da:74:6e:2a:bd:f6:16:51:c2:4a:ad:
a1:ca:cc:79:dc:0a:a7:b4:b1:69:01:26:6a:43:04:
97:84:88:a8:5c:7a:05:52:9c:90:d4:12:ef:24:3d:
96:0b:a4:3f:7b:8e:a7:b8:55:c3:50:b5:fc:70:0a:
e9:cf:5f:51:f4:41:82:68:ba:5a:5f:46:31:cd:fb:
bd:e6:d7:ac:4f:e9:67:36:16:7e:41:a7:6f:04:ef:
31:0c:2f:95:03:67:10:35:10:0c:ae:3f:e9:d7:bb:
87:36:09:d0:80:a0:c8:04:ac:0f:af:e7:4b:09:6e:
63:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E4:28:83:53:0A:59:54:A4:55:91:DC:7D:A3:63:F6:52:3A:AB:08
X509v3 Authority Key Identifier:
keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/5-Qog1MKWVSkVZHcfaNj9lI6qwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.5.0/24
IPv6:
2a09:be41::-2a09:be47:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:ec00::-2a0e:ec05:ffff:ffff:ffff:ffff:ffff:ffff
2a12:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
89:94:35:4a:9c:3e:fb:9e:b4:79:46:58:6f:cc:3e:20:18:bd:
87:44:41:50:a6:1e:89:21:ab:62:73:a1:56:23:ae:85:05:0f:
53:99:10:4d:df:2b:62:85:0a:6e:74:cb:5c:a3:21:d8:59:48:
36:0a:68:23:cf:10:25:42:dd:f0:4c:f0:9f:b1:93:28:91:23:
f5:ff:49:59:d2:f1:e2:27:e8:a2:70:47:27:ff:da:df:29:ff:
1b:4b:ed:21:0a:5a:de:d8:19:73:41:ea:af:49:b4:75:18:60:
0b:cb:58:2c:07:7b:cb:8c:ab:fa:2d:d4:b1:83:eb:16:07:24:
5f:c5:70:13:8a:17:c0:d3:f9:db:fa:c6:53:9a:b9:df:5f:a7:
4d:e7:a6:03:3d:f0:af:37:46:25:a8:29:ff:9f:57:16:e6:e8:
1e:a4:73:04:49:43:34:bb:4d:0d:f8:90:c3:a1:f4:28:cc:6b:
cd:30:15:69:22:18:06:49:48:39:1a:60:38:80:12:f3:9e:6d:
40:ee:3e:1c:e4:d6:44:6f:bd:94:5b:82:2b:d8:48:6a:5b:b0:
e5:15:81:65:a9:4c:e1:5f:34:0d:be:86:02:f0:46:89:a1:5d:
e9:ff:cd:a8:43:2b:eb:66:cc:9a:83:4c:ea:f2:bc:a9:22:96:
58:4e:b6:c6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYSWJ7lz+MMcgJ1ASL8oobqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjIxMTIwMTc0ODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2U0Mjg4MzUzMGE1OTU0YTQ1NTkxZGM3ZGEzNjNmNjUyM2FhYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAny3nWcutLzLtHm1xrjnJUOTjJkpO
91MNhJB2evYnjzYdlm5LOo2NWamzQnZ61ySSLeI0OZdv1yval+o8ERZEG4H16K8M
eu3fhkSzbv/B4WIcElWnNxpHSnrlLfqVe3qUYldypQ4pWqfsXf7aBHT8xLgI/5li
lBAEzDhTkYlMlGSdp/hQrek/7hib2nRuKr32FlHCSq2hysx53AqntLFpASZqQwSX
hIioXHoFUpyQ1BLvJD2WC6Q/e46nuFXDULX8cArpz19R9EGCaLpaX0Yxzfu95tes
T+lnNhZ+QadvBO8xDC+VA2cQNRAMrj/p17uHNgnQgKDIBKwPr+dLCW5jzQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFOfkKINTCllUpFWR3H2jY/ZSOqsIMB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvNS1Rb2cxTUtXVlNrVlpIY2ZhTmo5bEk2cXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAMBAIAATAGAwQAuRcFMCwE
AgACMCYwDgMFACoJvkEDBQMqCb5AMA0DBAIqDuwDBQEqDuwEAwUDKhJJwDANBgkq
hkiG9w0BAQsFAAOCAQEAiZQ1Spw++560eUZYb8w+IBi9h0RBUKYeiSGrYnOhViOu
hQUPU5kQTd8rYoUKbnTLXKMh2FlINgpoI88QJULd8Ezwn7GTKJEj9f9JWdLx4ifo
onBHJ//a3yn/G0vtIQpa3tgZc0Hqr0m0dRhgC8tYLAd7y4yr+i3UsYPrFgckX8Vw
E4oXwNP52/rGU5q531+nTeemAz3wrzdGJagp/59XFuboHqRzBElDNLtNDfiQw6H0
KMxrzTAVaSIYBklIORpgOIAS855tQO4+HOTWRG+9lFuCK9hIaluw5RWBZalM4V80
Db6GAvBGiaFd6f/NqEMr62bMmoNM6vK8qSKWWE62xg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:50 2024 by rpki-client on console-fra.rpki-client.org