Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/iq_I7nvGNzMGTO3BJzREMqXrX-Y.roa
File: iq_I7nvGNzMGTO3BJzREMqXrX-Y.roa (raw, json)
Hash identifier: ulc5aUAQEPVqlI32nMWzW2I7FgLsRkUbQbU3BkEF0hw=
Subject key identifier: 8A:AF:C8:EE:7B:C6:37:33:06:4C:ED:C1:27:34:44:32:A5:EB:5F:E6
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 045FCD5F
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/iq_I7nvGNzMGTO3BJzREMqXrX-Y.roa
Signing time: Thu 17 Feb 2022 21:13:47 +0000
ROA not before: Thu 17 Feb 2022 21:13:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59458
IP address blocks: 5.149.96.0/24 maxlen: 24
5.149.104.0/24 maxlen: 24
5.149.105.0/24 maxlen: 24
5.149.99.0/24 maxlen: 24
5.149.100.0/24 maxlen: 24
5.149.101.0/24 maxlen: 24
5.149.102.0/24 maxlen: 24
5.149.103.0/24 maxlen: 24
5.149.111.0/24 maxlen: 24
5.149.107.0/24 maxlen: 24
5.149.109.0/24 maxlen: 24
5.149.110.0/24 maxlen: 24
2a12:2340::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73387359 (0x45fcd5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Feb 17 21:13:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8aafc8ee7bc63733064cedc127344432a5eb5fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bc:27:af:ef:31:bc:21:b2:20:6f:e9:cf:c2:
8c:c4:5a:c1:dc:36:84:12:57:19:98:31:a7:71:d3:
c4:05:35:e6:ec:d0:03:13:6a:ea:b4:af:56:29:e1:
d2:96:26:c0:55:60:22:d4:50:98:5b:4d:c6:ef:8b:
a5:69:59:79:77:15:37:fb:3c:c8:91:26:6f:e4:5e:
62:19:b7:50:05:98:83:44:ea:7a:35:9f:e6:1d:da:
be:de:ae:d6:36:06:a8:e6:4f:b5:3c:2f:a7:be:85:
05:22:87:9e:ef:a4:08:fb:07:0a:ee:71:87:16:9b:
7d:e6:41:a3:2d:e2:a4:2c:e4:77:c8:64:6a:0c:00:
e2:b1:2a:a1:f5:f5:5e:21:92:54:cf:3e:41:7e:f1:
e0:78:84:c2:a0:3a:85:55:33:e8:48:c9:d1:db:67:
6b:09:32:13:ee:4f:a3:60:03:57:5a:9c:c4:0a:ea:
a3:63:cf:1a:2f:93:41:ec:b9:ed:ce:0f:06:55:af:
66:e4:ae:71:16:44:1d:a1:e4:59:96:5b:a8:06:fa:
3c:b8:98:87:da:3d:b0:3e:43:cc:bf:be:3c:1c:66:
9c:9c:7f:95:f5:29:c7:00:1b:51:db:fb:9c:aa:82:
78:04:bf:50:a2:b6:b9:56:a0:23:50:05:eb:12:09:
d8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AF:C8:EE:7B:C6:37:33:06:4C:ED:C1:27:34:44:32:A5:EB:5F:E6
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/iq_I7nvGNzMGTO3BJzREMqXrX-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.96.0/24
5.149.99.0-5.149.105.255
5.149.107.0/24
5.149.109.0-5.149.111.255
IPv6:
2a12:2340::/48
Signature Algorithm: sha256WithRSAEncryption
2b:dd:0c:87:4b:ee:fa:8c:f4:15:df:80:ff:02:03:63:d4:77:
85:08:f0:13:0e:eb:79:64:78:c2:16:eb:a6:ac:f0:c5:58:de:
d2:3b:91:cb:ce:b2:32:1f:39:85:9e:e9:b8:bf:89:a7:ab:93:
35:90:32:67:1b:80:6c:aa:86:59:9b:a5:c8:7c:fb:2b:95:7b:
7f:9c:1f:da:bc:48:e3:38:a3:46:1e:ae:a1:c3:df:40:c8:a9:
19:a6:e2:b8:c0:87:49:db:dd:37:09:7e:91:23:08:4c:07:dd:
c6:a9:96:38:e7:c3:69:a6:16:ad:a9:6f:e7:c1:a2:50:4a:fb:
61:36:fe:c0:80:5c:e8:16:79:1b:c2:84:23:e3:7d:ce:0e:89:
df:c2:7d:4a:02:91:49:92:1c:80:2d:a7:b0:ab:30:9e:f8:59:
68:dc:99:35:f4:70:77:55:fd:81:db:5d:ae:b0:a8:16:aa:f7:
57:0b:50:dd:3e:19:60:bc:43:a3:ad:7a:04:80:e0:23:72:37:
f1:c4:89:30:96:bb:75:a9:6c:00:d8:ce:26:08:d1:c5:96:03:
69:30:a6:66:f4:56:48:38:db:8f:d1:a2:4d:26:5f:9a:e7:ad:
02:5d:88:a7:ac:13:66:e6:b6:a6:3d:fb:1b:b2:ce:89:c9:1d:
ed:d7:4b:8b
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEBF/NXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWUwOGQ5MzM2ZjJlNmNkMTY1ZWI3MzAyOTdmZTZkMjBjODNjMzlhMB4XDTIyMDIx
NzIxMTM0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGFhZmM4ZWU3YmM2
MzczMzA2NGNlZGMxMjczNDQ0MzJhNWViNWZlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALK8J6/vMbwhsiBv6c/CjMRawdw2hBJXGZgxp3HTxAU15uzQ
AxNq6rSvVinh0pYmwFVgItRQmFtNxu+LpWlZeXcVN/s8yJEmb+ReYhm3UAWYg0Tq
ejWf5h3avt6u1jYGqOZPtTwvp76FBSKHnu+kCPsHCu5xhxabfeZBoy3ipCzkd8hk
agwA4rEqofX1XiGSVM8+QX7x4HiEwqA6hVUz6EjJ0dtnawkyE+5Po2ADV1qcxArq
o2PPGi+TQey57c4PBlWvZuSucRZEHaHkWZZbqAb6PLiYh9o9sD5DzL++PBxmnJx/
lfUpxwAbUdv7nKqCeAS/UKK2uVagI1AF6xIJ2MsCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBSKr8jue8Y3MwZM7cEnNEQypetf5jAfBgNVHSMEGDAWgBSu4I2TNvLmzRZe
tzApf+bSDIPDmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J1Q05remJ5NXMwV1hyY3dLWF9tMGd5RHc1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvZjg1M2Y4LTIwNzEtNDlkZS1iNmEwLTQ5N2JlZGQ3MWViOS8x
L2lxX0k3bnZHTnpNR1RPM0JKelJFTXFYclgtWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
Zjg1M2Y4LTIwNzEtNDlkZS1iNmEwLTQ5N2JlZGQ3MWViOS8xL3J1Q05remJ5NXMw
V1hyY3dLWF9tMGd5RHc1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwLgQCAAEwKAMEAAWVYDAMAwQABZVjAwQBBZVoAwQA
BZVrMAwDBAAFlW0DBAQFlWAwDwQCAAIwCQMHACoSI0AAADANBgkqhkiG9w0BAQsF
AAOCAQEAK90Mh0vu+oz0Fd+A/wIDY9R3hQjwEw7reWR4whbrpqzwxVje0juRy86y
Mh85hZ7puL+Jp6uTNZAyZxuAbKqGWZulyHz7K5V7f5wf2rxI4zijRh6uocPfQMip
GabiuMCHSdvdNwl+kSMITAfdxqmWOOfDaaYWralv58GiUEr7YTb+wIBc6BZ5G8KE
I+N9zg6J38J9SgKRSZIcgC2nsKswnvhZaNyZNfRwd1X9gdtdrrCoFqr3VwtQ3T4Z
YLxDo616BIDgI3I38cSJMJa7dalsANjOJgjRxZYDaTCmZvRWSDjbj9GiTSZfmuet
Al2Ip6wTZua2pj37G7LOickd7ddLiw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:14 2025 by rpki-client