Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/kTBx1ZjR6ARYBgBAmokSS7qfSjo.roa
File: kTBx1ZjR6ARYBgBAmokSS7qfSjo.roa (raw, json)
Hash identifier: 4RTZP8Ar/BAMSpG6EujGg9JSqQ8SQnLxLgdFKtA8QOk=
Subject key identifier: 91:30:71:D5:98:D1:E8:04:58:06:00:40:9A:89:12:4B:BA:9F:4A:3A
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 01856E6FAB8D245C0D1ABA28D0D322CCED13
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/kTBx1ZjR6ARYBgBAmokSS7qfSjo.roa
Signing time: Sun 01 Jan 2023 17:44:50 +0000
ROA not before: Sun 01 Jan 2023 17:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51500
IP address blocks: 5.59.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:ab:8d:24:5c:0d:1a:ba:28:d0:d3:22:cc:ed:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Jan 1 17:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=913071d598d1e804580600409a89124bba9f4a3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a8:48:93:3f:ca:c4:8f:12:36:32:b8:3f:92:
9a:06:fd:53:c7:40:0c:20:b7:43:cb:e4:5f:30:b4:
12:5c:58:3e:18:1f:63:1d:e3:0a:98:8a:04:f2:7c:
fe:96:f1:f4:59:3a:ad:47:0d:30:2d:26:44:59:6b:
c0:51:0a:eb:83:69:89:d8:06:b3:82:e8:f4:bb:d2:
fb:80:db:96:6c:aa:6b:9b:55:51:cf:fa:93:a6:53:
44:87:2e:66:6e:49:8f:18:aa:c0:08:d4:88:03:0d:
e5:c3:b2:75:b5:3f:a7:95:b5:20:c5:41:9a:a4:e2:
94:92:d2:42:4e:11:75:bf:99:3c:ec:7c:b2:67:8e:
c2:a5:c4:e2:62:a0:9c:fb:31:ac:2a:1b:fc:aa:89:
86:9b:ca:4f:69:87:e8:e2:6c:86:a9:f8:e3:53:4d:
ef:99:63:d5:18:b8:59:de:b6:20:0b:8c:0a:68:60:
96:e5:c5:b7:b5:e1:7c:d5:9b:f3:d7:ff:b1:ac:eb:
ef:5d:f7:d2:18:46:2c:04:77:8a:41:d9:0d:cb:e3:
3b:ee:a5:e2:2b:96:36:ad:00:7b:b7:0b:65:31:6b:
72:7c:e5:78:0c:f4:5b:d3:c6:ab:e2:30:0a:5e:3d:
1a:88:41:17:9d:7e:81:3d:c0:7a:c0:fa:f3:12:11:
63:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:30:71:D5:98:D1:E8:04:58:06:00:40:9A:89:12:4B:BA:9F:4A:3A
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/kTBx1ZjR6ARYBgBAmokSS7qfSjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.59.198.0/24
Signature Algorithm: sha256WithRSAEncryption
30:ea:8e:74:b1:65:2a:53:33:20:55:f0:4f:93:7e:9e:8e:49:
78:78:63:12:d5:0d:d7:7c:26:37:df:b5:f8:6f:51:7b:21:9b:
92:2b:db:aa:18:70:db:b0:97:c9:c9:91:16:ef:d5:36:58:7c:
93:8b:0e:fc:59:bd:ba:98:b0:2c:5c:e9:1c:25:51:2d:14:96:
d5:6a:b2:45:0e:96:a8:7a:1b:18:cb:80:c7:4a:57:1f:46:85:
45:26:a2:6d:a6:9a:55:1e:c5:31:cb:5c:1b:c5:60:ec:3d:b8:
c0:8a:ed:93:2e:67:80:36:fb:3c:f5:99:d6:5d:06:9e:00:82:
1a:ef:38:b3:bd:d0:7f:4d:ae:79:7e:08:64:89:8f:3f:01:51:
16:38:88:c0:85:d9:9b:c9:05:e3:f2:10:9f:45:77:05:7f:82:
ef:f2:7f:3a:aa:7e:fc:10:9f:b3:bd:3e:59:ae:6b:f1:f8:09:
21:d8:5f:5e:ee:eb:1a:dc:0d:e2:48:4b:f9:50:05:1c:46:e4:
1d:df:95:7e:32:fb:50:1e:07:46:9f:e9:cc:3c:33:8e:40:fa:
9c:70:33:e1:02:d3:a7:35:90:c1:72:55:31:b5:99:1b:89:ed:
74:26:8d:42:36:5b:8b:0d:9e:d7:17:2d:a3:ea:af:f1:d2:a9:
c7:cb:8a:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVub6uNJFwNGroo0NMizO0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjMwMTAxMTc0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTMwNzFkNTk4ZDFlODA0NTgwNjAwNDA5YTg5MTI0YmJhOWY0YTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6hIkz/KxI8SNjK4P5KaBv1Tx0AM
ILdDy+RfMLQSXFg+GB9jHeMKmIoE8nz+lvH0WTqtRw0wLSZEWWvAUQrrg2mJ2Aaz
guj0u9L7gNuWbKprm1VRz/qTplNEhy5mbkmPGKrACNSIAw3lw7J1tT+nlbUgxUGa
pOKUktJCThF1v5k87HyyZ47CpcTiYqCc+zGsKhv8qomGm8pPaYfo4myGqfjjU03v
mWPVGLhZ3rYgC4wKaGCW5cW3teF81Zvz1/+xrOvvXffSGEYsBHeKQdkNy+M77qXi
K5Y2rQB7twtlMWtyfOV4DPRb08ar4jAKXj0aiEEXnX6BPcB6wPrzEhFjPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEwcdWY0egEWAYAQJqJEku6n0o6MB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEva1RCeDFaalI2QVJZQmdCQW1va1NTN3FmU2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABTvGMA0G
CSqGSIb3DQEBCwUAA4IBAQAw6o50sWUqUzMgVfBPk36ejkl4eGMS1Q3XfCY337X4
b1F7IZuSK9uqGHDbsJfJyZEW79U2WHyTiw78Wb26mLAsXOkcJVEtFJbVarJFDpao
ehsYy4DHSlcfRoVFJqJtpppVHsUxy1wbxWDsPbjAiu2TLmeANvs89ZnWXQaeAIIa
7zizvdB/Ta55fghkiY8/AVEWOIjAhdmbyQXj8hCfRXcFf4Lv8n86qn78EJ+zvT5Z
rmvx+Akh2F9e7usa3A3iSEv5UAUcRuQd35V+MvtQHgdGn+nMPDOOQPqccDPhAtOn
NZDBclUxtZkbie10Jo1CNluLDZ7XFy2j6q/x0qnHy4pE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:44 2025 by rpki-client