Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/bQxiX-YACYcFoxJkv4B1NIu6Mho.roa
File: bQxiX-YACYcFoxJkv4B1NIu6Mho.roa (raw, json)
Hash identifier: kmaJE+KWU81TU9UbqPtU3gHt6iesaE66v86cQvHpt7Y=
Subject key identifier: 6D:0C:62:5F:E6:00:09:87:05:A3:12:64:BF:80:75:34:8B:BA:32:1A
Certificate issuer: /CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Certificate serial: 01827B3D2E08D692808C144DF8787CE5FB9E
Authority key identifier: 4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/bQxiX-YACYcFoxJkv4B1NIu6Mho.roa
Signing time: Mon 08 Aug 2022 02:16:23 +0000
ROA not before: Mon 08 Aug 2022 02:16:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60119
IP address blocks: 5.129.177.0/24 maxlen: 24
5.129.176.0/22 maxlen: 22
5.129.176.0/24 maxlen: 24
5.129.179.0/24 maxlen: 24
5.129.178.0/24 maxlen: 24
5.129.183.0/24 maxlen: 24
5.129.182.0/23 maxlen: 23
5.129.182.0/24 maxlen: 24
5.129.191.0/24 maxlen: 24
5.129.190.0/24 maxlen: 24
5.129.189.0/24 maxlen: 24
5.129.188.0/22 maxlen: 22
5.129.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7b:3d:2e:08:d6:92:80:8c:14:4d:f8:78:7c:e5:fb:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Validity
Not Before: Aug 8 02:16:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d0c625fe600098705a31264bf8075348bba321a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:36:17:d2:57:5f:20:bc:b1:09:70:31:4b:e9:
06:09:0a:bf:54:9d:e1:d6:b2:61:8c:87:1b:f3:c0:
29:fe:6f:8c:a7:f6:4e:59:96:9d:93:65:2c:7d:c1:
54:b4:b2:d3:b3:2f:e1:d5:6b:4e:1a:3e:de:53:84:
81:44:9a:03:88:7a:86:52:3f:f6:a1:ed:fe:da:8a:
49:2e:6f:a6:43:17:fc:0c:97:fe:4f:65:d8:20:28:
9d:63:55:ca:ac:cb:f7:f9:5a:9c:88:e0:c1:b2:40:
fe:49:35:08:e0:85:0b:60:c4:61:b9:17:18:59:19:
c1:26:12:00:9e:db:a3:24:4e:6c:f3:6b:c4:e9:76:
a7:1d:85:4f:3f:1c:10:d0:5d:e1:63:f6:93:45:8b:
66:7d:62:af:02:71:79:f6:8c:fc:94:17:00:c5:59:
38:86:f5:c5:f8:fc:c2:75:e3:e0:ce:c5:c3:42:83:
09:6d:95:e4:45:93:63:f5:3c:19:8b:4e:0e:ab:f5:
c3:6b:da:5c:52:6b:31:f9:f3:04:e9:be:6b:30:d8:
1b:d2:5c:ec:18:52:5c:cd:3e:fb:9e:4c:0a:92:58:
53:20:09:de:52:5d:19:4c:1b:a7:6e:a2:9d:47:b9:
b3:80:f6:4f:0b:c9:aa:a5:b3:38:b3:e6:54:dc:ff:
ad:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:0C:62:5F:E6:00:09:87:05:A3:12:64:BF:80:75:34:8B:BA:32:1A
X509v3 Authority Key Identifier:
keyid:4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/bQxiX-YACYcFoxJkv4B1NIu6Mho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.129.176.0/22
5.129.182.0/23
5.129.188.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:1c:a8:56:3c:fb:27:c6:b1:d8:d8:8a:f4:56:2e:9d:73:f2:
e1:b1:e8:16:7b:3b:cb:1b:f5:0c:15:81:aa:bc:5e:0f:05:ca:
70:23:f9:f8:27:20:5d:27:62:91:98:a5:14:97:7a:a5:b7:e2:
63:65:20:6c:4f:82:06:d7:bf:47:62:b4:99:94:4c:83:f2:97:
d2:9b:6c:68:fa:84:64:0c:0c:fe:6d:75:71:a8:a5:73:5e:bf:
87:ed:44:07:27:97:3c:ae:73:bc:cb:ba:52:9f:d1:38:bc:86:
02:52:15:47:3b:81:1e:d9:27:a6:97:89:80:71:60:50:70:cb:
db:64:f4:e1:59:91:74:f0:79:64:26:ab:1a:10:5d:cd:d7:89:
84:7f:d9:6d:a3:05:0c:ac:67:e4:68:ec:4a:8f:4b:dc:41:c4:
ec:8d:56:9d:6c:24:aa:4a:dd:df:a5:6f:2e:44:71:19:57:12:
71:37:e6:bd:ef:38:ac:89:12:f1:a3:ff:dd:08:0a:25:9b:17:
06:49:58:3f:57:fd:0a:d0:57:95:17:8b:26:b0:76:96:6e:54:
a5:6a:e6:e7:98:e6:4d:e3:87:3d:ab:b2:e9:9d:2b:38:b0:0b:
be:1b:64:48:51:f7:b1:45:f0:96:aa:58:21:e8:0b:ad:ab:5d:
78:f3:9d:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYJ7PS4I1pKAjBRN+Hh85fueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZGIzZGNkZjVlNmJlZTA5ODI1YzM3YmYzYjhiZGYyOGI2
ZmI1OTMwHhcNMjIwODA4MDIxNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDBjNjI1ZmU2MDAwOTg3MDVhMzEyNjRiZjgwNzUzNDhiYmEzMjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDYX0ldfILyxCXAxS+kGCQq/VJ3h
1rJhjIcb88Ap/m+Mp/ZOWZadk2UsfcFUtLLTsy/h1WtOGj7eU4SBRJoDiHqGUj/2
oe3+2opJLm+mQxf8DJf+T2XYICidY1XKrMv3+VqciODBskD+STUI4IULYMRhuRcY
WRnBJhIAntujJE5s82vE6XanHYVPPxwQ0F3hY/aTRYtmfWKvAnF59oz8lBcAxVk4
hvXF+PzCdePgzsXDQoMJbZXkRZNj9TwZi04Oq/XDa9pcUmsx+fME6b5rMNgb0lzs
GFJczT77nkwKklhTIAneUl0ZTBunbqKdR7mzgPZPC8mqpbM4s+ZU3P+tDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG0MYl/mAAmHBaMSZL+AdTSLujIaMB8GA1UdIwQY
MBaAFE3bPc315r7gmCXDe/O4vfKLb7WTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEt
MjE3MGM1YzFkM2VkLzEvYlF4aVgtWUFDWWNGb3hKa3Y0QjFOSXU2TWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEtMjE3MGM1YzFkM2Vk
LzEvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBYGwAwQB
BYG2AwQCBYG8MA0GCSqGSIb3DQEBCwUAA4IBAQCKHKhWPPsnxrHY2Ir0Vi6dc/Lh
segWezvLG/UMFYGqvF4PBcpwI/n4JyBdJ2KRmKUUl3qlt+JjZSBsT4IG179HYrSZ
lEyD8pfSm2xo+oRkDAz+bXVxqKVzXr+H7UQHJ5c8rnO8y7pSn9E4vIYCUhVHO4Ee
2Seml4mAcWBQcMvbZPThWZF08HlkJqsaEF3N14mEf9ltowUMrGfkaOxKj0vcQcTs
jVadbCSqSt3fpW8uRHEZVxJxN+a97zisiRLxo//dCAolmxcGSVg/V/0K0FeVF4sm
sHaWblSlaubnmOZN44c9q7LpnSs4sAu+G2RIUfexRfCWqlgh6Autq114853c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org