Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/Yxq1CqNgEesPnLQMa0g7YJoythk.roa
File: Yxq1CqNgEesPnLQMa0g7YJoythk.roa (raw, json)
Hash identifier: rQnf2Ti4CfPx42WfcFEI9kdCRCtrDtOOiH6p71hNewo=
Subject key identifier: 63:1A:B5:0A:A3:60:11:EB:0F:9C:B4:0C:6B:48:3B:60:9A:32:B6:19
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 018C61ECECE0A3AFE2A41E9655DCF91F2217
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/Yxq1CqNgEesPnLQMa0g7YJoythk.roa
Signing time: Wed 13 Dec 2023 06:46:06 +0000
ROA not before: Wed 13 Dec 2023 06:46:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36007
IP address blocks: 103.13.211.0/24 maxlen: 24
185.139.228.0/24 maxlen: 24
45.91.171.0/24 maxlen: 24
185.53.209.0/24 maxlen: 24
103.241.66.0/24 maxlen: 24
103.241.67.0/24 maxlen: 24
103.45.245.0/24 maxlen: 24
103.45.246.0/24 maxlen: 24
185.47.172.0/24 maxlen: 24
91.223.169.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
2a06:c5c0:1700::/48 maxlen: 48
2a06:c5c0:1600::/48 maxlen: 48
2a06:c5c0:1500::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:61:ec:ec:e0:a3:af:e2:a4:1e:96:55:dc:f9:1f:22:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Dec 13 06:46:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=631ab50aa36011eb0f9cb40c6b483b609a32b619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d2:da:3a:6b:fb:05:78:06:22:ee:19:32:f7:
70:03:d3:f8:87:f6:88:a1:d9:26:48:01:c0:00:08:
d9:f8:c1:92:71:62:c3:e7:c6:57:d7:a7:bb:fb:bb:
fe:62:dc:3d:c7:eb:b8:e8:7f:e7:5b:fe:9e:13:0e:
d0:d5:01:f4:92:60:51:46:de:09:43:58:6d:c5:e4:
ad:12:b8:64:05:34:83:15:c2:ba:45:75:10:ff:8e:
7e:ab:da:b0:4a:43:78:37:ab:51:cf:2e:de:d2:e0:
ba:09:87:e2:ac:82:1f:94:eb:fe:e3:48:0b:cd:ff:
c9:07:f0:4b:8b:55:9b:f3:fc:65:c3:a4:9f:89:40:
4b:04:92:99:22:c5:9a:74:cc:2d:8f:d6:7f:5a:59:
55:c8:8c:c6:af:11:ba:f5:c0:39:6c:ad:49:62:71:
9e:23:78:2b:e9:7a:03:cc:31:b7:8d:f3:fe:af:75:
55:d5:d2:fe:e1:fb:4c:ff:bd:d3:c6:89:d6:0e:c8:
6b:bd:14:17:28:ee:7b:81:0f:30:0c:52:95:26:5b:
47:62:7d:8f:d0:17:8a:40:05:98:a3:88:61:20:bd:
c1:39:4a:16:77:67:a0:f5:cf:17:e7:37:de:d1:67:
72:83:4d:88:1e:c4:ad:f9:a7:97:22:0c:e8:f6:20:
ab:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:1A:B5:0A:A3:60:11:EB:0F:9C:B4:0C:6B:48:3B:60:9A:32:B6:19
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/Yxq1CqNgEesPnLQMa0g7YJoythk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.171.0/24
91.202.170.0/24
91.223.169.0/24
103.13.211.0/24
103.45.245.0-103.45.246.255
103.241.66.0/23
185.47.172.0/24
185.53.209.0/24
185.139.228.0/24
IPv6:
2a06:c5c0:1500::/48
2a06:c5c0:1600::/48
2a06:c5c0:1700::/48
Signature Algorithm: sha256WithRSAEncryption
32:30:2b:71:e4:c0:68:a0:21:34:cc:82:92:03:f3:ea:99:ce:
66:70:7b:98:1d:34:4c:29:93:f0:11:9f:7c:f2:39:e1:bc:35:
4e:30:51:bf:eb:0a:2b:bb:6c:f0:49:59:2f:e5:8e:5e:c0:2b:
54:0e:7f:ee:4d:e5:9e:96:73:88:00:db:96:b8:fa:74:f2:66:
05:b7:26:45:12:e1:41:8e:22:79:9d:b4:73:ae:c1:75:17:0e:
08:ab:9a:e9:62:44:9e:b4:7e:c3:e7:c1:8d:fb:03:34:75:9e:
d7:80:c4:be:ee:dc:f9:fa:21:81:fa:7f:f8:33:d3:75:5b:a2:
f1:85:c4:e2:b7:57:a0:ab:3b:f5:1c:68:ed:a1:71:a8:4c:f8:
73:43:bd:65:9b:42:87:24:b1:a0:c1:d2:a0:0f:6e:7d:fe:77:
88:a5:25:ad:a6:82:85:c1:54:4b:3d:76:50:c1:fa:21:fc:ff:
3d:76:00:ac:44:33:95:36:d6:8f:c0:2a:aa:42:27:36:a2:f4:
cd:df:ca:21:8f:f7:3b:69:48:42:54:c9:d8:98:4e:52:61:18:
ea:41:1a:d9:e4:b6:a1:af:e6:26:35:ce:2e:23:bb:a0:2e:15:
2a:e7:7d:f6:5a:4d:ab:cc:ec:d5:2f:be:fc:aa:1c:3a:9a:6b:
34:9a:35:6e
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYxh7Ozgo6/ipB6WVdz5HyIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjMxMjEzMDY0NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzFhYjUwYWEzNjAxMWViMGY5Y2I0MGM2YjQ4M2I2MDlhMzJiNjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9LaOmv7BXgGIu4ZMvdwA9P4h/aI
odkmSAHAAAjZ+MGScWLD58ZX16e7+7v+Ytw9x+u46H/nW/6eEw7Q1QH0kmBRRt4J
Q1htxeStErhkBTSDFcK6RXUQ/45+q9qwSkN4N6tRzy7e0uC6CYfirIIflOv+40gL
zf/JB/BLi1Wb8/xlw6SfiUBLBJKZIsWadMwtj9Z/WllVyIzGrxG69cA5bK1JYnGe
I3gr6XoDzDG3jfP+r3VV1dL+4ftM/73TxonWDshrvRQXKO57gQ8wDFKVJltHYn2P
0BeKQAWYo4hhIL3BOUoWd2eg9c8X5zfe0Wdyg02IHsSt+aeXIgzo9iCrXwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFGMatQqjYBHrD5y0DGtIO2CaMrYZMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvWXhxMUNxTmdFZXNQbkxRTWEwZzdZSm95dGhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBEBAIAATA+AwQALVurAwQA
W8qqAwQAW9+pAwQAZw3TMAwDBABnLfUDBABnLfYDBAFn8UIDBAC5L6wDBAC5NdED
BAC5i+QwIQQCAAIwGwMHACoGxcAVAAMHACoGxcAWAAMHACoGxcAXADANBgkqhkiG
9w0BAQsFAAOCAQEAMjArceTAaKAhNMyCkgPz6pnOZnB7mB00TCmT8BGffPI54bw1
TjBRv+sKK7ts8ElZL+WOXsArVA5/7k3lnpZziADblrj6dPJmBbcmRRLhQY4ieZ20
c67BdRcOCKua6WJEnrR+w+fBjfsDNHWe14DEvu7c+fohgfp/+DPTdVui8YXE4rdX
oKs79Rxo7aFxqEz4c0O9ZZtChySxoMHSoA9uff53iKUlraaChcFUSz12UMH6Ifz/
PXYArEQzlTbWj8AqqkInNqL0zd/KIY/3O2lIQlTJ2JhOUmEY6kEa2eS2oa/mJjXO
LiO7oC4VKud99lpNq8zs1S++/KocOpprNJo1bg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:19 2025 by rpki-client