Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/6jwM7Si3qD-8hjj2zktcoObFs4o.roa
File: 6jwM7Si3qD-8hjj2zktcoObFs4o.roa (raw, json)
Hash identifier: ++lJSI9bKJMFO6/deDPCkKUD2Ji35p5gg1OeEIjYnZM=
Subject key identifier: EA:3C:0C:ED:28:B7:A8:3F:BC:86:38:F6:CE:4B:5C:A0:E6:C5:B3:8A
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 01878EC360EC3AC2771B0B9A1D9237FBF6A0
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/6jwM7Si3qD-8hjj2zktcoObFs4o.roa
Signing time: Mon 17 Apr 2023 10:29:41 +0000
ROA not before: Mon 17 Apr 2023 10:29:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59458
IP address blocks: 5.149.97.0/24 maxlen: 24
5.149.98.0/24 maxlen: 24
5.149.104.0/24 maxlen: 24
5.149.105.0/24 maxlen: 24
5.149.99.0/24 maxlen: 24
5.149.100.0/24 maxlen: 24
5.149.101.0/24 maxlen: 24
5.149.102.0/24 maxlen: 24
5.149.103.0/24 maxlen: 24
5.149.111.0/24 maxlen: 24
5.149.109.0/24 maxlen: 24
2a12:2340::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:c3:60:ec:3a:c2:77:1b:0b:9a:1d:92:37:fb:f6:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Apr 17 10:29:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea3c0ced28b7a83fbc8638f6ce4b5ca0e6c5b38a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:2c:a4:43:5a:af:1f:01:e5:93:51:a6:14:b0:
80:38:a3:21:6d:bf:e8:f4:6d:b9:57:be:90:a5:22:
ee:36:30:c0:be:e6:48:5e:4c:bf:65:64:a8:a1:5e:
0b:18:7f:15:d8:9d:97:63:44:3f:5b:a4:b4:c8:97:
5f:ac:a0:5b:f9:87:ee:fb:72:1c:2a:e2:21:ac:d1:
7f:53:9e:8b:a6:5d:4e:51:38:7a:73:ff:36:af:55:
1d:bd:9a:4a:9a:2c:a5:31:88:ea:5a:5a:26:ec:52:
a3:8c:48:72:71:d3:80:b5:5d:a6:a4:76:66:59:40:
77:79:61:6b:94:14:4e:60:8e:fa:d1:1b:41:a7:eb:
b5:53:71:9b:48:93:a8:f8:be:8c:a8:ae:08:32:21:
4d:28:0f:72:02:e9:77:ba:32:37:1c:8d:10:d1:a3:
63:36:91:cb:9d:5e:50:26:e9:6c:4b:9b:2b:95:9a:
a3:81:f0:4d:de:63:b1:82:fb:d9:04:ca:58:e4:59:
3c:70:44:7b:39:e6:ef:36:5c:2f:96:b0:8c:a5:2f:
2a:f1:31:f2:13:25:04:61:b8:ab:86:fa:aa:db:1d:
6f:f6:48:aa:61:11:a4:9f:2a:50:58:ae:d6:20:4c:
d1:79:e5:2d:25:51:3e:42:64:f4:51:51:2d:03:54:
7a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:3C:0C:ED:28:B7:A8:3F:BC:86:38:F6:CE:4B:5C:A0:E6:C5:B3:8A
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/6jwM7Si3qD-8hjj2zktcoObFs4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.97.0-5.149.105.255
5.149.109.0/24
5.149.111.0/24
IPv6:
2a12:2340::/48
Signature Algorithm: sha256WithRSAEncryption
0e:08:c2:db:be:f3:6e:2a:f6:32:4d:28:66:fd:33:16:9f:7b:
f5:9c:92:6c:c1:36:74:65:d7:8f:8c:a8:e6:62:1a:f5:d9:15:
0e:5b:e3:86:57:68:7b:37:89:3d:2b:84:4f:41:e2:ce:55:a0:
6f:46:4d:82:c8:c8:04:9b:51:78:f3:34:9e:4f:ef:dc:d9:5a:
b7:c2:07:5c:17:7d:7c:f9:f9:57:84:ba:39:73:67:e1:cf:10:
9a:e5:8a:e8:4b:58:e7:72:67:f6:2e:ae:48:8c:6e:77:33:20:
d5:5d:7d:17:07:1a:f9:07:2f:2d:8c:4e:5a:07:37:19:7a:e7:
a1:b5:c6:7d:0d:eb:6f:42:35:a7:91:6b:84:8c:7a:b4:66:d0:
63:6d:e1:4c:57:01:79:51:95:e9:3a:0d:54:1d:6b:c2:c7:31:
d5:e7:c4:5e:5b:8f:d8:44:64:91:c9:b3:78:de:25:67:44:a2:
52:fe:77:83:c4:52:78:61:13:23:1f:fa:be:91:99:85:2f:54:
8c:2d:00:61:a6:fd:dd:da:05:4b:4f:c6:43:ba:cd:41:09:05:
2a:6f:8c:d2:dc:97:fb:de:eb:ee:e5:50:dd:5c:4c:7e:7b:5e:
26:d3:ec:44:a2:f8:4b:0f:9f:6d:a8:e3:cb:20:8f:7e:5e:1a:
03:70:03:59
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYeOw2DsOsJ3GwuaHZI3+/agMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjMwNDE3MTAyOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTNjMGNlZDI4YjdhODNmYmM4NjM4ZjZjZTRiNWNhMGU2YzViMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SykQ1qvHwHlk1GmFLCAOKMhbb/o
9G25V76QpSLuNjDAvuZIXky/ZWSooV4LGH8V2J2XY0Q/W6S0yJdfrKBb+Yfu+3Ic
KuIhrNF/U56Lpl1OUTh6c/82r1UdvZpKmiylMYjqWlom7FKjjEhycdOAtV2mpHZm
WUB3eWFrlBROYI760RtBp+u1U3GbSJOo+L6MqK4IMiFNKA9yAul3ujI3HI0Q0aNj
NpHLnV5QJulsS5srlZqjgfBN3mOxgvvZBMpY5Fk8cER7OebvNlwvlrCMpS8q8THy
EyUEYbirhvqq2x1v9kiqYRGknypQWK7WIEzReeUtJVE+QmT0UVEtA1R68wIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFOo8DO0ot6g/vIY49s5LXKDmxbOKMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvNmp3TTdTaTNxRC04aGpqMnprdGNvT2JGczRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAAFlWED
BAEFlWgDBAAFlW0DBAAFlW8wDwQCAAIwCQMHACoSI0AAADANBgkqhkiG9w0BAQsF
AAOCAQEADgjC277zbir2Mk0oZv0zFp979ZySbME2dGXXj4yo5mIa9dkVDlvjhldo
ezeJPSuET0HizlWgb0ZNgsjIBJtRePM0nk/v3Nlat8IHXBd9fPn5V4S6OXNn4c8Q
muWK6EtY53Jn9i6uSIxudzMg1V19Fwca+QcvLYxOWgc3GXrnobXGfQ3rb0I1p5Fr
hIx6tGbQY23hTFcBeVGV6ToNVB1rwscx1efEXluP2ERkkcmzeN4lZ0SiUv53g8RS
eGETIx/6vpGZhS9UjC0AYab93doFS0/GQ7rNQQkFKm+M0tyX+97r7uVQ3VxMfnte
JtPsRKL4Sw+fbajjyyCPfl4aA3ADWQ==
-----END CERTIFICATE-----
Generated at Thu May 1 02:52:20 2025 by rpki-client