Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/OtmxPbcrlOyfLrdlSIl2yK9rtkk.roa
File: OtmxPbcrlOyfLrdlSIl2yK9rtkk.roa (raw, json)
Hash identifier: QWUtIqHmnOjYSK+stsZNiVxIE1hDNq8qWC3N4v6p0h4=
Subject key identifier: 3A:D9:B1:3D:B7:2B:94:EC:9F:2E:B7:65:48:89:76:C8:AF:6B:B6:49
Certificate issuer: /CN=6f5de9f9dbbd4618857b58105c6743720a11bc6e
Certificate serial: 018514ED975DA737EE1CB0ABB4F748D63563
Authority key identifier: 6F:5D:E9:F9:DB:BD:46:18:85:7B:58:10:5C:67:43:72:0A:11:BC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b13p-du9RhiFe1gQXGdDcgoRvG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/OtmxPbcrlOyfLrdlSIl2yK9rtkk.roa
Signing time: Thu 15 Dec 2022 08:36:33 +0000
ROA not before: Thu 15 Dec 2022 08:36:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213298
IP address blocks: 5.187.56.0/24 maxlen: 24
5.187.57.0/24 maxlen: 24
5.187.58.0/24 maxlen: 24
5.187.56.0/21 maxlen: 21
5.187.63.0/24 maxlen: 24
5.187.59.0/24 maxlen: 24
5.187.60.0/24 maxlen: 24
5.187.61.0/24 maxlen: 24
5.187.62.0/24 maxlen: 24
2a01:41c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:14:ed:97:5d:a7:37:ee:1c:b0:ab:b4:f7:48:d6:35:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5de9f9dbbd4618857b58105c6743720a11bc6e
Validity
Not Before: Dec 15 08:36:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ad9b13db72b94ec9f2eb765488976c8af6bb649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f6:87:82:a2:c8:64:43:e9:65:fb:28:36:73:
18:28:a2:04:23:d9:11:a9:71:54:91:78:4c:05:d2:
01:08:3c:eb:1a:02:66:73:4e:ba:e0:0f:39:e1:e5:
9a:21:9a:61:14:5a:73:5e:b8:ed:53:80:cd:59:40:
30:bb:cb:ff:22:f3:aa:5e:f3:ba:40:d0:86:39:46:
de:e3:2e:a3:7e:9d:96:80:9f:6c:2a:9a:95:e0:1e:
33:5d:25:b4:c8:7c:6d:92:5f:7a:d3:60:a6:7a:69:
d9:ef:f9:c3:16:04:43:96:6b:54:18:3c:79:0a:d8:
dc:69:bb:f8:54:8c:64:d6:d8:69:80:e6:ea:02:0f:
9f:cc:27:00:99:a8:51:fc:81:b1:79:0e:75:05:22:
4d:97:e7:7a:0a:d2:1b:d9:5e:c6:33:6f:02:67:53:
3a:a6:99:fd:db:bf:ec:3c:29:aa:f2:23:5b:0d:08:
e2:7f:f6:cc:0b:9b:8b:56:12:0e:5b:35:b4:68:66:
73:33:0b:47:fe:56:ed:ad:2a:d4:8e:7c:8e:4b:46:
51:11:ba:36:f8:6d:dc:fc:c5:be:db:fc:c7:ac:60:
99:ff:4a:15:06:35:9a:c8:a6:80:bf:64:0e:b3:8f:
c7:32:a6:ea:24:23:49:70:2a:fd:51:95:ee:73:46:
72:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D9:B1:3D:B7:2B:94:EC:9F:2E:B7:65:48:89:76:C8:AF:6B:B6:49
X509v3 Authority Key Identifier:
keyid:6F:5D:E9:F9:DB:BD:46:18:85:7B:58:10:5C:67:43:72:0A:11:BC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b13p-du9RhiFe1gQXGdDcgoRvG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/OtmxPbcrlOyfLrdlSIl2yK9rtkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/b13p-du9RhiFe1gQXGdDcgoRvG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.56.0/21
IPv6:
2a01:41c0::/32
Signature Algorithm: sha256WithRSAEncryption
06:63:ae:59:bc:5e:24:82:2a:73:eb:b2:9a:ab:26:65:94:d0:
4f:79:9f:71:fa:ad:d0:6c:eb:2a:5f:dc:02:b8:a5:3b:12:8b:
7b:cd:aa:db:c9:17:bd:b8:ac:bf:d6:6a:b3:40:b8:03:c7:bf:
5d:c5:43:0e:d5:75:d6:82:92:e1:08:dd:46:cc:e0:94:95:38:
f5:b5:f0:61:8b:38:db:e3:18:a5:41:82:34:40:91:a3:4b:fe:
22:58:5f:a6:5b:49:31:0b:8a:7c:ff:53:39:df:f0:dc:58:19:
6c:2f:5c:b7:22:b3:e0:ff:d0:15:d1:c0:e7:ef:c1:f4:65:1f:
d5:41:c3:ea:c2:8b:b2:34:a0:15:91:35:66:b8:99:b3:72:fa:
38:3c:c8:71:67:ae:44:53:66:75:ae:54:dc:14:d1:bd:77:5d:
02:59:d3:2e:2b:bf:81:cd:c5:72:60:0c:0d:02:99:ab:fb:e3:
b4:f9:e5:61:be:6c:57:3b:ec:d7:73:c3:92:f5:68:7f:4c:0d:
53:80:07:d1:57:99:7a:81:ee:ea:88:14:b1:67:cc:3e:c0:7b:
f1:51:78:84:a2:3e:ef:d4:d3:62:23:24:e6:46:a1:a2:e4:41:
dd:8d:a2:ef:51:ff:e6:80:1e:42:b6:91:fb:ab:79:45:dd:d0:
f7:b4:3e:8e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUU7ZddpzfuHLCrtPdI1jVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWRlOWY5ZGJiZDQ2MTg4NTdiNTgxMDVjNjc0MzcyMGEx
MWJjNmUwHhcNMjIxMjE1MDgzNjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWQ5YjEzZGI3MmI5NGVjOWYyZWI3NjU0ODg5NzZjOGFmNmJiNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPaHgqLIZEPpZfsoNnMYKKIEI9kR
qXFUkXhMBdIBCDzrGgJmc0664A854eWaIZphFFpzXrjtU4DNWUAwu8v/IvOqXvO6
QNCGOUbe4y6jfp2WgJ9sKpqV4B4zXSW0yHxtkl9602CmemnZ7/nDFgRDlmtUGDx5
Ctjcabv4VIxk1thpgObqAg+fzCcAmahR/IGxeQ51BSJNl+d6CtIb2V7GM28CZ1M6
ppn927/sPCmq8iNbDQjif/bMC5uLVhIOWzW0aGZzMwtH/lbtrSrUjnyOS0ZREbo2
+G3c/MW+2/zHrGCZ/0oVBjWayKaAv2QOs4/HMqbqJCNJcCr9UZXuc0ZyGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDrZsT23K5Tsny63ZUiJdsiva7ZJMB8GA1UdIwQY
MBaAFG9d6fnbvUYYhXtYEFxnQ3IKEbxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjEzcC1kdTlSaGlGZTFnUVhHZERjZ29Sdkc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82MWZjYjQtNTU3NC00ZTJlLWIyNTkt
YWUwNTc5NGM4ZTEzLzEvT3RteFBiY3JsT3lmTHJkbFNJbDJ5SzlydGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82MWZjYjQtNTU3NC00ZTJlLWIyNTktYWUwNTc5NGM4ZTEz
LzEvYjEzcC1kdTlSaGlGZTFnUVhHZERjZ29Sdkc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBbs4MA0E
AgACMAcDBQAqAUHAMA0GCSqGSIb3DQEBCwUAA4IBAQAGY65ZvF4kgipz67KaqyZl
lNBPeZ9x+q3QbOsqX9wCuKU7Eot7zarbyRe9uKy/1mqzQLgDx79dxUMO1XXWgpLh
CN1GzOCUlTj1tfBhizjb4xilQYI0QJGjS/4iWF+mW0kxC4p8/1M53/DcWBlsL1y3
IrPg/9AV0cDn78H0ZR/VQcPqwouyNKAVkTVmuJmzcvo4PMhxZ65EU2Z1rlTcFNG9
d10CWdMuK7+BzcVyYAwNApmr++O0+eVhvmxXO+zXc8OS9Wh/TA1TgAfRV5l6ge7q
iBSxZ8w+wHvxUXiEoj7v1NNiIyTmRqGi5EHdjaLvUf/mgB5CtpH7q3lF3dD3tD6O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:14 2024 by rpki-client on console-fra.rpki-client.org