Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/CSnGII6cYwYvaMXCE1b0l5WnP4E.roa
File: CSnGII6cYwYvaMXCE1b0l5WnP4E.roa (raw, json)
Hash identifier: TbLuc6q1rBcrUtMsHmytWAO8Wgx0yiuVeZn5z9eno8o=
Subject key identifier: 09:29:C6:20:8E:9C:63:06:2F:68:C5:C2:13:56:F4:97:95:A7:3F:81
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 01856D53D2E63D81641AE63AC8B212A57916
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/CSnGII6cYwYvaMXCE1b0l5WnP4E.roa
Signing time: Sun 01 Jan 2023 12:34:48 +0000
ROA not before: Sun 01 Jan 2023 12:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57588
IP address blocks: 5.149.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:d2:e6:3d:81:64:1a:e6:3a:c8:b2:12:a5:79:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Jan 1 12:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0929c6208e9c63062f68c5c21356f49795a73f81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:01:61:cf:ff:d9:8f:3c:24:90:b2:b4:1a:9b:
4a:51:d7:ad:e6:53:7b:98:87:1c:91:a5:76:f7:5e:
87:0c:52:b7:d1:8d:db:ad:9a:18:cd:20:1f:73:e5:
97:e2:ce:b2:ed:45:f9:23:a3:18:19:1c:03:25:c8:
9f:aa:88:0c:6e:62:fd:53:91:59:f4:14:9f:0f:2b:
a4:bf:6f:3d:8f:cc:f1:91:48:67:72:4a:76:c5:94:
e1:8d:9f:70:d8:86:a6:dd:86:b3:f1:8a:5c:59:60:
59:4e:1a:cb:0b:16:eb:f5:ae:83:20:6d:bf:7e:ff:
fd:5d:5f:6c:38:90:f8:c6:1f:40:24:32:d8:cc:61:
83:82:bc:6d:f2:48:85:3c:e0:1b:3e:28:0f:2c:c5:
81:dd:2d:28:12:13:60:6d:ed:19:41:aa:47:46:a4:
94:0c:7a:45:bb:c3:a3:5d:28:3d:7c:a7:0a:e7:c7:
bd:c7:7d:25:57:34:5d:79:45:3a:49:95:79:b0:6b:
2f:fc:d1:0f:75:57:7a:9f:22:29:db:13:01:dc:69:
34:c8:15:3e:9f:d8:39:8d:0d:98:21:d0:af:19:62:
aa:af:32:cf:a4:68:2f:a1:c0:5d:e7:cc:84:c9:8c:
82:76:65:f1:2f:17:a8:4e:dc:fc:a8:1a:41:88:dd:
d7:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:29:C6:20:8E:9C:63:06:2F:68:C5:C2:13:56:F4:97:95:A7:3F:81
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/CSnGII6cYwYvaMXCE1b0l5WnP4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.102.0/24
Signature Algorithm: sha256WithRSAEncryption
65:30:b8:aa:a1:bd:e4:97:c4:8f:50:79:3a:a0:f9:7a:37:89:
6b:6a:09:97:fb:85:b9:40:41:18:e7:29:bf:8f:7f:14:95:2a:
09:ad:10:5b:8c:39:8d:ba:ff:30:b0:c7:bc:04:5e:f0:76:9a:
4f:d9:07:d7:ef:22:e3:92:27:85:30:81:db:2c:aa:f0:b8:0c:
26:58:f0:85:38:2a:a5:f4:37:d6:7e:54:25:9b:74:a2:9c:e0:
99:e7:8f:ab:72:29:32:1d:8e:ec:19:5d:65:01:40:b9:56:01:
d6:95:31:8f:7e:aa:30:1d:94:1b:1b:ad:f0:08:fd:9e:70:bc:
85:ce:d9:72:8b:95:ba:30:1c:e8:f6:55:db:d9:6a:88:4a:12:
dd:a2:64:37:1d:ee:e3:32:b1:f2:d7:73:4d:15:93:b4:65:ac:
d0:21:ae:5e:ef:e3:50:4b:20:e1:ba:5c:ca:77:0e:e5:3c:a1:
9b:a1:f3:2b:5e:a2:8f:04:76:fa:08:c2:29:ca:90:ce:f4:ae:
62:5a:9c:ef:7d:64:98:a7:1b:91:89:9a:0d:93:bc:9a:3e:17:
e5:3c:9b:3b:94:7a:1c:36:43:f9:3e:b8:e8:8f:c9:e5:7d:33:
6a:0c:6d:45:8a:1c:92:86:d2:94:eb:0f:5e:4c:47:22:7c:73:
be:64:c7:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU9LmPYFkGuY6yLISpXkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjMwMTAxMTIzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTI5YzYyMDhlOWM2MzA2MmY2OGM1YzIxMzU2ZjQ5Nzk1YTczZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQFhz//ZjzwkkLK0GptKUdet5lN7
mIcckaV2916HDFK30Y3brZoYzSAfc+WX4s6y7UX5I6MYGRwDJcifqogMbmL9U5FZ
9BSfDyukv289j8zxkUhnckp2xZThjZ9w2Iam3Yaz8YpcWWBZThrLCxbr9a6DIG2/
fv/9XV9sOJD4xh9AJDLYzGGDgrxt8kiFPOAbPigPLMWB3S0oEhNgbe0ZQapHRqSU
DHpFu8OjXSg9fKcK58e9x30lVzRdeUU6SZV5sGsv/NEPdVd6nyIp2xMB3Gk0yBU+
n9g5jQ2YIdCvGWKqrzLPpGgvocBd58yEyYyCdmXxLxeoTtz8qBpBiN3XGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkpxiCOnGMGL2jFwhNW9JeVpz+BMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvQ1NuR0lJNmNZd1l2YU1YQ0UxYjBsNVduUDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZVmMA0G
CSqGSIb3DQEBCwUAA4IBAQBlMLiqob3kl8SPUHk6oPl6N4lragmX+4W5QEEY5ym/
j38UlSoJrRBbjDmNuv8wsMe8BF7wdppP2QfX7yLjkieFMIHbLKrwuAwmWPCFOCql
9DfWflQlm3SinOCZ54+rcikyHY7sGV1lAUC5VgHWlTGPfqowHZQbG63wCP2ecLyF
ztlyi5W6MBzo9lXb2WqIShLdomQ3He7jMrHy13NNFZO0ZazQIa5e7+NQSyDhulzK
dw7lPKGbofMrXqKPBHb6CMIpypDO9K5iWpzvfWSYpxuRiZoNk7yaPhflPJs7lHoc
NkP5Prjoj8nlfTNqDG1FihyShtKU6w9eTEcifHO+ZMdy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:36 2025 by rpki-client