Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/Cekbz8lCQInZJml8LV9RNu6Xw48.roa
File: Cekbz8lCQInZJml8LV9RNu6Xw48.roa (raw, json)
Hash identifier: VnV6rkkAUGClf7YvRglrEjgT7NquSSPo3HVDUh8V9RY=
Subject key identifier: 09:E9:1B:CF:C9:42:40:89:D9:26:69:7C:2D:5F:51:36:EE:97:C3:8F
Certificate issuer: /CN=274d91cfa0a6db9bfd9154a441858e00e38bdbd6
Certificate serial: 01856E2F8CB8CBF727859FBB20E6E3F6D56C
Authority key identifier: 27:4D:91:CF:A0:A6:DB:9B:FD:91:54:A4:41:85:8E:00:E3:8B:DB:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J02Rz6Cm25v9kVSkQYWOAOOL29Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/Cekbz8lCQInZJml8LV9RNu6Xw48.roa
Signing time: Sun 01 Jan 2023 16:34:48 +0000
ROA not before: Sun 01 Jan 2023 16:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209088
IP address blocks: 5.181.212.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:8c:b8:cb:f7:27:85:9f:bb:20:e6:e3:f6:d5:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=274d91cfa0a6db9bfd9154a441858e00e38bdbd6
Validity
Not Before: Jan 1 16:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09e91bcfc9424089d926697c2d5f5136ee97c38f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fd:00:ad:0b:7f:4a:a7:e4:9d:82:07:cd:60:
1b:fc:ea:ad:76:e9:25:30:00:8c:ae:0f:12:9a:a9:
a8:1f:e9:d8:32:ca:82:17:55:a1:6c:5e:97:fa:6a:
4b:e6:04:04:fc:9c:f4:91:6e:d8:c0:1b:46:55:65:
be:98:73:e6:5c:c1:2f:72:87:67:b7:14:ee:98:49:
a8:c6:3c:4d:20:a6:9e:9d:e2:82:43:d1:e2:a6:9b:
18:d8:db:b7:45:7e:ce:2c:4d:fb:a9:bc:bc:05:5a:
52:5c:65:19:65:15:a7:cc:3c:6c:13:83:c8:4b:16:
d4:1c:4c:78:d2:23:1e:9e:9f:7d:28:1d:b5:cc:4f:
dd:03:60:c2:98:be:dd:84:c8:1f:cb:ce:52:74:2f:
3f:90:c2:09:2f:9b:0d:30:fa:95:b4:f2:ab:ee:bf:
87:0b:cb:59:82:1b:e1:0e:1f:26:ad:76:cd:73:e2:
db:15:8e:3c:4e:ff:8a:37:0c:20:cd:26:e5:39:b9:
ba:fa:db:89:9a:3e:64:ea:04:2e:b6:67:08:a2:d2:
b5:f7:a4:19:be:ea:f6:17:cd:ef:97:91:6b:28:2c:
b1:84:5d:b4:ee:37:7a:c2:f8:f5:60:02:fd:d2:1f:
9f:4f:b0:d9:f2:2e:fd:77:23:0e:26:4e:0d:fe:ce:
0e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E9:1B:CF:C9:42:40:89:D9:26:69:7C:2D:5F:51:36:EE:97:C3:8F
X509v3 Authority Key Identifier:
keyid:27:4D:91:CF:A0:A6:DB:9B:FD:91:54:A4:41:85:8E:00:E3:8B:DB:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J02Rz6Cm25v9kVSkQYWOAOOL29Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/Cekbz8lCQInZJml8LV9RNu6Xw48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/J02Rz6Cm25v9kVSkQYWOAOOL29Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.212.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:e6:4c:b9:98:0b:98:94:92:b6:5f:f8:ef:ef:28:7e:69:b1:
e8:2d:53:66:82:4e:e9:bf:5e:c9:7e:d8:08:25:a5:1d:e8:b4:
9c:7c:b0:82:67:84:ec:20:0c:e7:29:b6:11:a3:4c:50:c1:1c:
75:49:c2:3f:d5:f4:31:b7:49:5b:a7:e9:c0:01:34:44:73:fa:
7c:ba:6d:d2:71:3f:6c:e2:13:84:1a:f3:ab:5c:f3:7a:3e:ee:
58:b5:81:b6:fa:e3:50:8f:4d:f0:0e:81:3b:d4:35:c0:a2:fa:
ad:b4:04:30:9f:fe:95:13:88:da:1a:62:3d:63:62:c1:f2:49:
6e:23:d3:2a:9e:48:60:d3:c3:ce:db:4d:22:81:8c:b6:dc:95:
90:13:6e:42:02:3d:c3:a0:71:75:b7:c4:2a:18:57:7a:6a:30:
a8:98:88:64:46:30:79:9d:04:61:fa:1b:bb:57:7e:04:8f:53:
a1:ec:83:ea:89:eb:70:dd:7e:ab:2e:d9:9b:fd:51:86:4d:ba:
d9:c2:c3:3a:da:1b:a8:65:70:7a:f4:2a:2d:10:b4:d6:1d:1c:
91:0e:43:25:2b:c8:ef:03:3b:fd:a5:a6:25:a6:43:a8:7a:87:
5a:41:4f:14:ba:5f:75:e3:04:00:bf:6c:2d:0d:76:7f:6e:f2:
cd:4e:76:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL4y4y/cnhZ+7IObj9tVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NGQ5MWNmYTBhNmRiOWJmZDkxNTRhNDQxODU4ZTAwZTM4
YmRiZDYwHhcNMjMwMTAxMTYzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWU5MWJjZmM5NDI0MDg5ZDkyNjY5N2MyZDVmNTEzNmVlOTdjMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP0ArQt/SqfknYIHzWAb/Oqtdukl
MACMrg8SmqmoH+nYMsqCF1WhbF6X+mpL5gQE/Jz0kW7YwBtGVWW+mHPmXMEvcodn
txTumEmoxjxNIKaeneKCQ9HippsY2Nu3RX7OLE37qby8BVpSXGUZZRWnzDxsE4PI
SxbUHEx40iMenp99KB21zE/dA2DCmL7dhMgfy85SdC8/kMIJL5sNMPqVtPKr7r+H
C8tZghvhDh8mrXbNc+LbFY48Tv+KNwwgzSblObm6+tuJmj5k6gQutmcIotK196QZ
vur2F83vl5FrKCyxhF207jd6wvj1YAL90h+fT7DZ8i79dyMOJk4N/s4OjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAnpG8/JQkCJ2SZpfC1fUTbul8OPMB8GA1UdIwQY
MBaAFCdNkc+gptub/ZFUpEGFjgDji9vWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjAyUno2Q20yNXY5a1ZTa1FZV09BT09MMjlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jNTFkNTgtZTM0OS00MjMxLTg2NGYt
OTc4MjM0YzNiYjcwLzEvQ2VrYno4bENRSW5aSm1sOExWOVJOdTZYdzQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jNTFkNTgtZTM0OS00MjMxLTg2NGYtOTc4MjM0YzNiYjcw
LzEvSjAyUno2Q20yNXY5a1ZTa1FZV09BT09MMjlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbXUMA0G
CSqGSIb3DQEBCwUAA4IBAQCg5ky5mAuYlJK2X/jv7yh+abHoLVNmgk7pv17JftgI
JaUd6LScfLCCZ4TsIAznKbYRo0xQwRx1ScI/1fQxt0lbp+nAATREc/p8um3ScT9s
4hOEGvOrXPN6Pu5YtYG2+uNQj03wDoE71DXAovqttAQwn/6VE4jaGmI9Y2LB8klu
I9Mqnkhg08PO200igYy23JWQE25CAj3DoHF1t8QqGFd6ajComIhkRjB5nQRh+hu7
V34Ej1Oh7IPqietw3X6rLtmb/VGGTbrZwsM62huoZXB69CotELTWHRyRDkMlK8jv
Azv9paYlpkOoeodaQU8Uul914wQAv2wtDXZ/bvLNTnZU
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:53 2025 by rpki-client