Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/piun0otlMmtpLQfulJSiOLlB-pA.roa
File: piun0otlMmtpLQfulJSiOLlB-pA.roa (raw, json)
Hash identifier: iCnQ0AtamuZvTthWwtZR4ZZXPia3mBMpL0aBr0qlqFY=
Subject key identifier: A6:2B:A7:D2:8B:65:32:6B:69:2D:07:EE:94:94:A2:38:B9:41:FA:90
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 01878EF9648BB1C9B9807B495F0AB1AA8975
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/piun0otlMmtpLQfulJSiOLlB-pA.roa
Signing time: Mon 17 Apr 2023 11:28:41 +0000
ROA not before: Mon 17 Apr 2023 11:28:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59422
IP address blocks: 5.149.110.0/24 maxlen: 24
5.149.107.0/24 maxlen: 24
2a12:2340::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:f9:64:8b:b1:c9:b9:80:7b:49:5f:0a:b1:aa:89:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Apr 17 11:28:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a62ba7d28b65326b692d07ee9494a238b941fa90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:01:de:e9:fd:8e:51:02:eb:dd:c0:c1:7a:e6:
6b:9a:de:2b:ff:04:da:67:19:f3:d7:0a:25:30:aa:
f9:c0:f9:7b:b9:39:a0:fa:a6:7e:5c:4d:8c:e9:92:
43:72:56:5e:d6:cd:42:ea:c5:30:96:07:d6:a4:02:
76:e7:fb:c9:4b:04:a0:a3:6c:90:27:3d:de:ce:28:
cd:71:3d:00:ec:51:fd:bb:a7:f2:81:79:4f:ec:26:
00:fa:b5:33:16:49:de:f0:ff:88:3b:89:83:a7:cf:
78:b1:d0:2c:43:d4:a5:4b:34:27:b9:b7:6a:4f:60:
fb:1e:84:28:2b:68:83:b0:ed:8c:27:b2:da:7e:1f:
d9:d4:21:ca:fa:ad:90:2d:e1:72:4f:a5:bd:11:20:
6b:a5:3d:c6:d5:51:fb:86:72:7a:5b:34:04:2f:9b:
27:96:7d:7b:ce:3f:1c:db:0c:5f:32:87:80:7e:98:
cb:1d:84:05:3f:39:c9:99:8b:de:fe:03:d4:e7:11:
cb:56:f2:10:a0:cf:e6:59:ac:5e:75:bd:2c:92:55:
51:42:85:b4:e4:8a:e8:9c:e2:d4:58:22:bb:60:cd:
e9:30:bd:58:07:2c:55:c3:e2:2a:db:88:23:be:50:
e9:70:ce:06:e5:48:0c:b6:b2:4e:85:7a:c4:61:d0:
e5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2B:A7:D2:8B:65:32:6B:69:2D:07:EE:94:94:A2:38:B9:41:FA:90
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/piun0otlMmtpLQfulJSiOLlB-pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.107.0/24
5.149.110.0/24
IPv6:
2a12:2340::/48
Signature Algorithm: sha256WithRSAEncryption
aa:25:9f:71:6b:82:6d:4f:af:e7:71:5f:a4:cd:cc:8f:43:2f:
a0:2b:1e:7b:21:d2:e0:1b:44:2a:c0:57:e4:25:94:e1:5e:e6:
ba:23:9c:1e:f8:7d:28:f5:56:06:2b:3e:b6:2c:f9:79:1b:ef:
bb:9b:82:88:2b:21:fc:e1:2a:00:3a:bf:a5:31:fc:2e:51:34:
b3:aa:52:f7:32:61:d7:da:04:52:bc:8a:5e:ed:f8:99:1c:59:
1f:7d:93:f3:28:b5:41:82:ce:f0:8e:66:8a:01:07:92:d0:bc:
6a:8c:85:de:ab:57:0d:80:82:ec:46:63:4a:1f:b6:5e:63:c7:
8b:d9:04:44:ce:90:0c:8a:d1:50:f0:d4:f2:ef:dd:12:7c:c0:
6e:23:e1:5b:22:d3:10:eb:7e:27:9b:68:f2:51:4d:80:c6:96:
0b:50:91:00:95:9d:9b:84:e1:66:2b:90:19:a4:7d:76:06:fa:
f2:97:dd:81:ad:a5:45:33:d0:65:1e:94:33:7d:d6:d9:91:98:
5d:96:2c:ed:a9:31:72:30:17:ce:fd:33:74:02:3a:6f:fe:6f:
bb:34:f2:5b:3c:6f:1c:e2:ca:37:97:c7:07:cd:f8:9c:05:c5:
ca:3c:5a:89:bd:63:8c:8c:49:cc:8b:99:f7:9e:12:b8:c8:cf:
3e:59:54:9a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYeO+WSLscm5gHtJXwqxqol1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjMwNDE3MTEyODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjJiYTdkMjhiNjUzMjZiNjkyZDA3ZWU5NDk0YTIzOGI5NDFmYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgHe6f2OUQLr3cDBeuZrmt4r/wTa
Zxnz1wolMKr5wPl7uTmg+qZ+XE2M6ZJDclZe1s1C6sUwlgfWpAJ25/vJSwSgo2yQ
Jz3ezijNcT0A7FH9u6fygXlP7CYA+rUzFkne8P+IO4mDp894sdAsQ9SlSzQnubdq
T2D7HoQoK2iDsO2MJ7Lafh/Z1CHK+q2QLeFyT6W9ESBrpT3G1VH7hnJ6WzQEL5sn
ln17zj8c2wxfMoeAfpjLHYQFPznJmYve/gPU5xHLVvIQoM/mWaxedb0sklVRQoW0
5IronOLUWCK7YM3pML1YByxVw+Iq24gjvlDpcM4G5UgMtrJOhXrEYdDl4wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKYrp9KLZTJraS0H7pSUoji5QfqQMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvcGl1bjBvdGxNbXRwTFFmdWxKU2lPTGxCLXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQABZVrAwQA
BZVuMA8EAgACMAkDBwAqEiNAAAAwDQYJKoZIhvcNAQELBQADggEBAKoln3Frgm1P
r+dxX6TNzI9DL6ArHnsh0uAbRCrAV+QllOFe5rojnB74fSj1VgYrPrYs+Xkb77ub
gogrIfzhKgA6v6Ux/C5RNLOqUvcyYdfaBFK8il7t+JkcWR99k/MotUGCzvCOZooB
B5LQvGqMhd6rVw2AguxGY0oftl5jx4vZBETOkAyK0VDw1PLv3RJ8wG4j4Vsi0xDr
fiebaPJRTYDGlgtQkQCVnZuE4WYrkBmkfXYG+vKX3YGtpUUz0GUelDN91tmRmF2W
LO2pMXIwF879M3QCOm/+b7s08ls8bxziyjeXxwfN+JwFxco8Wom9Y4yMScyLmfee
ErjIzz5ZVJo=
-----END CERTIFICATE-----
Generated at Tue Apr 29 21:42:33 2025 by rpki-client