Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/PFALfR9umkbZ-GuImZdBqtls5Cc.roa
File: PFALfR9umkbZ-GuImZdBqtls5Cc.roa (raw, json)
Hash identifier: YHvMnRkgN8B1dvECFT0D+J9NMrFU+yn2S6a8BGdzvuw=
Subject key identifier: 3C:50:0B:7D:1F:6E:9A:46:D9:F8:6B:88:99:97:41:AA:D9:6C:E4:27
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 018203E6C6DFD061238084112D2D63B5007C
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/PFALfR9umkbZ-GuImZdBqtls5Cc.roa
Signing time: Fri 15 Jul 2022 22:07:11 +0000
ROA not before: Fri 15 Jul 2022 22:07:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48980
IP address blocks: 5.149.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:03:e6:c6:df:d0:61:23:80:84:11:2d:2d:63:b5:00:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Jul 15 22:07:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c500b7d1f6e9a46d9f86b88999741aad96ce427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b0:86:95:1a:8b:c0:7f:f8:25:16:0d:b4:a1:
89:be:a8:19:21:77:81:5c:cd:6b:bb:4a:1d:fd:97:
99:bc:99:0f:d0:72:b0:09:85:c7:22:42:dd:c5:08:
5b:1c:12:b7:0c:be:7c:2c:8d:82:50:e6:38:5a:e8:
30:26:77:8c:40:e9:5a:95:a9:c1:80:98:f4:7c:75:
0c:a7:e7:f8:2b:4d:6e:e5:2c:25:de:d0:68:69:63:
8c:be:e1:9d:ef:04:ee:31:ec:01:3e:52:cc:21:fe:
a9:15:4e:4a:4d:59:5f:25:c3:87:5f:b3:1f:87:40:
48:71:b5:06:25:b0:84:46:b2:e7:c6:39:2e:dd:b3:
b4:69:42:2d:bf:5b:33:ed:0e:7e:36:3d:99:f7:b3:
3d:7c:73:67:ff:8e:c4:7a:4e:69:71:7e:e3:53:71:
b1:c0:c3:60:a3:5b:25:75:84:d9:d0:c5:7e:fe:fa:
6a:da:b3:72:28:6d:3b:db:5d:ae:f8:f2:6f:86:35:
e4:c0:69:59:08:9f:e9:1f:32:f9:fa:fb:4a:6b:c6:
63:36:72:b5:64:79:e4:88:a3:2f:a8:78:32:d9:70:
77:b3:97:dd:99:b5:4b:4f:88:96:98:99:70:0c:87:
cf:35:7b:2f:3e:b6:6b:6c:5a:26:51:3f:04:ad:71:
70:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:50:0B:7D:1F:6E:9A:46:D9:F8:6B:88:99:97:41:AA:D9:6C:E4:27
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/PFALfR9umkbZ-GuImZdBqtls5Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.108.0/24
Signature Algorithm: sha256WithRSAEncryption
21:ad:9d:01:64:7f:21:dc:b1:c3:11:aa:b6:fa:d0:55:38:c6:
c0:0c:82:99:9a:80:af:12:06:a3:83:7c:97:b7:c6:23:59:3c:
11:b8:70:dd:2d:2f:24:9e:2d:5f:0f:ff:86:77:00:e2:79:f3:
c1:4e:99:3d:73:5e:bc:f6:6b:17:a6:46:f3:a1:f4:82:1b:2d:
61:a8:f8:76:c3:98:11:f9:8a:88:10:31:6d:4c:ed:3c:3e:d8:
5d:60:39:88:f9:05:fc:ed:f5:56:3b:70:8b:ba:e3:fe:79:d6:
b1:b3:50:9a:14:71:01:11:d4:40:4e:85:2b:0e:9b:b0:f4:f8:
5c:be:61:71:f5:5b:ae:20:4e:3b:29:59:e3:8f:93:99:37:07:
a1:ff:37:54:13:73:49:c9:39:fd:7f:c0:47:6e:85:e6:06:e4:
5e:de:eb:7b:62:54:c9:91:8b:c7:8d:e0:15:f7:c5:10:c2:27:
d1:95:5c:5c:9a:41:cc:6d:bf:33:d7:4f:7a:d0:4d:a6:71:d1:
18:c1:8c:2e:02:1a:51:a4:ef:26:5f:0a:7b:ff:e6:3c:7f:28:
64:01:33:97:64:d5:18:6b:52:ab:69:96:33:70:89:81:9e:99:
1a:10:b0:41:7c:e0:a0:c2:cd:2f:ce:9b:31:78:b4:05:41:3a:
01:e9:07:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYID5sbf0GEjgIQRLS1jtQB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjIwNzE1MjIwNzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzUwMGI3ZDFmNmU5YTQ2ZDlmODZiODg5OTk3NDFhYWQ5NmNlNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrCGlRqLwH/4JRYNtKGJvqgZIXeB
XM1ru0od/ZeZvJkP0HKwCYXHIkLdxQhbHBK3DL58LI2CUOY4WugwJneMQOlalanB
gJj0fHUMp+f4K01u5Swl3tBoaWOMvuGd7wTuMewBPlLMIf6pFU5KTVlfJcOHX7Mf
h0BIcbUGJbCERrLnxjku3bO0aUItv1sz7Q5+Nj2Z97M9fHNn/47Eek5pcX7jU3Gx
wMNgo1sldYTZ0MV+/vpq2rNyKG07212u+PJvhjXkwGlZCJ/pHzL5+vtKa8ZjNnK1
ZHnkiKMvqHgy2XB3s5fdmbVLT4iWmJlwDIfPNXsvPrZrbFomUT8ErXFwVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxQC30fbppG2fhriJmXQarZbOQnMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvUEZBTGZSOXVta2JaLUd1SW1aZEJxdGxzNUNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZVsMA0G
CSqGSIb3DQEBCwUAA4IBAQAhrZ0BZH8h3LHDEaq2+tBVOMbADIKZmoCvEgajg3yX
t8YjWTwRuHDdLS8kni1fD/+GdwDiefPBTpk9c1689msXpkbzofSCGy1hqPh2w5gR
+YqIEDFtTO08PthdYDmI+QX87fVWO3CLuuP+edaxs1CaFHEBEdRAToUrDpuw9Phc
vmFx9VuuIE47KVnjj5OZNweh/zdUE3NJyTn9f8BHboXmBuRe3ut7YlTJkYvHjeAV
98UQwifRlVxcmkHMbb8z10960E2mcdEYwYwuAhpRpO8mXwp7/+Y8fyhkATOXZNUY
a1KraZYzcImBnpkaELBBfOCgws0vzpsxeLQFQToB6QdS
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:11 2025 by rpki-client