Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/5jK3-vUpWewq3lIF0nHsC2yRfI0.roa
File: 5jK3-vUpWewq3lIF0nHsC2yRfI0.roa (raw, json)
Hash identifier: n4nilROaZoStN1wRKLS9XKd4ecP6XjaaShSZm76nP0Y=
Subject key identifier: E6:32:B7:FA:F5:29:59:EC:2A:DE:52:05:D2:71:EC:0B:6C:91:7C:8D
Certificate issuer: /CN=974661cb1c38e63bd78bd6b2b1d68686a5415bf5
Certificate serial: 077D28A7
Authority key identifier: 97:46:61:CB:1C:38:E6:3B:D7:8B:D6:B2:B1:D6:86:86:A5:41:5B:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0Zhyxw45jvXi9aysdaGhqVBW_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/5jK3-vUpWewq3lIF0nHsC2yRfI0.roa
Signing time: Thu 24 Mar 2022 19:28:33 +0000
ROA not before: Thu 24 Mar 2022 19:28:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30823
IP address blocks: 160.20.145.0/24 maxlen: 24
160.20.144.0/24 maxlen: 24
160.20.146.0/24 maxlen: 24
160.20.147.0/24 maxlen: 24
45.11.16.0/22 maxlen: 22
45.153.240.0/22 maxlen: 22
152.89.244.0/22 maxlen: 22
152.89.247.0/24 maxlen: 24
91.200.100.0/22 maxlen: 22
45.147.228.0/22 maxlen: 22
45.138.172.0/24 maxlen: 24
45.138.172.0/22 maxlen: 22
45.138.174.0/24 maxlen: 24
45.138.175.0/24 maxlen: 24
45.138.173.0/24 maxlen: 24
2a0c:6a41:f230::/48 maxlen: 48
2a0e:b540:ff03::/48 maxlen: 48
2a0e:b540::/29 maxlen: 29
2a0c:6a40::/29 maxlen: 29
2a09:38c0::/29 maxlen: 29
2a0d:4cc0::/29 maxlen: 29
2a10:9c00::/29 maxlen: 29
2a0e:5100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125642919 (0x77d28a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=974661cb1c38e63bd78bd6b2b1d68686a5415bf5
Validity
Not Before: Mar 24 19:28:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e632b7faf52959ec2ade5205d271ec0b6c917c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:20:e7:f3:ca:9e:73:25:64:84:70:55:45:8e:
a2:3b:0f:aa:df:89:d9:33:ed:04:91:52:5e:0b:ef:
7f:5d:2d:c0:e1:a9:32:26:15:eb:22:f4:d7:a4:bc:
0a:ba:f6:76:2b:be:ad:69:1b:94:d7:b2:5f:51:2e:
7e:6b:f7:c5:dd:29:e7:f8:7a:70:f9:f5:a4:0b:38:
7e:7a:60:53:67:cf:db:bf:4a:a1:ea:68:8b:b5:26:
c0:f9:67:14:c3:e6:1a:13:30:9f:8f:fb:4c:e9:16:
b2:b4:ac:81:21:c8:b5:96:50:63:73:9b:60:27:73:
56:b6:10:6f:60:5e:86:f6:9e:31:c2:bf:2b:fd:c9:
51:89:be:6c:0a:47:59:82:4b:28:4a:de:d6:aa:4d:
d9:00:56:3b:55:16:60:c7:a4:93:12:78:28:e4:82:
1e:81:49:4f:fb:e0:9b:33:61:00:24:82:47:cf:87:
35:cf:0f:25:0a:3b:69:d6:8b:22:82:c0:e3:75:72:
cd:b3:a4:7a:61:84:ca:35:e7:63:de:cf:5a:a3:bb:
f1:da:08:95:bb:64:06:a4:f5:39:c4:b6:a6:56:f0:
36:de:05:dc:78:bf:4b:9a:06:0b:1f:ef:59:80:c3:
a2:40:ab:c8:5a:a1:85:05:6a:54:a3:a5:c0:c3:ba:
e4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:32:B7:FA:F5:29:59:EC:2A:DE:52:05:D2:71:EC:0B:6C:91:7C:8D
X509v3 Authority Key Identifier:
keyid:97:46:61:CB:1C:38:E6:3B:D7:8B:D6:B2:B1:D6:86:86:A5:41:5B:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0Zhyxw45jvXi9aysdaGhqVBW_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/5jK3-vUpWewq3lIF0nHsC2yRfI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/l0Zhyxw45jvXi9aysdaGhqVBW_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.16.0/22
45.138.172.0/22
45.147.228.0/22
45.153.240.0/22
91.200.100.0/22
152.89.244.0/22
160.20.144.0/22
IPv6:
2a09:38c0::/29
2a0c:6a40::/29
2a0d:4cc0::/29
2a0e:5100::/29
2a0e:b540::/29
2a10:9c00::/29
Signature Algorithm: sha256WithRSAEncryption
36:19:c6:de:4c:2a:0d:fc:41:83:b7:22:5e:d1:e7:ab:96:44:
cd:54:87:9c:11:39:e4:50:e2:c2:70:6c:65:90:d9:14:19:2e:
b4:04:76:03:42:08:0e:a9:aa:70:12:7f:9a:00:9f:d5:86:43:
97:65:d8:c8:3b:d9:41:c4:40:c1:51:df:cf:12:02:eb:08:61:
15:ee:2d:af:55:05:bc:0a:78:ae:ed:df:ec:4f:bf:f1:30:8e:
bd:1b:96:fd:a8:f5:a3:8b:9c:64:4f:85:a8:cd:4f:49:8e:e9:
3c:a9:4d:d2:f6:3c:c6:82:2c:b8:98:e5:d4:08:b4:dd:6d:5d:
d6:90:b3:54:e1:53:b9:53:dc:73:ec:33:f1:43:16:6c:3b:a1:
77:7f:a6:15:11:b6:89:f5:68:01:3e:a4:af:08:4a:01:3d:6f:
9b:8f:fa:d1:5c:08:98:b8:b8:47:34:95:ea:ff:c7:d7:b5:62:
db:59:e8:1e:f0:a7:52:ad:4b:5f:00:23:f7:87:dd:65:b6:a0:
d2:4c:7e:85:1b:41:8b:be:b4:d8:91:da:10:49:6a:76:08:5c:
95:f5:ab:da:3d:5e:af:1a:58:aa:ab:ee:7d:00:1f:de:d1:9e:
96:0e:b9:dc:6e:61:27:fc:92:c1:9c:a9:af:03:53:b3:27:cf:
4e:a7:71:e6
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIEB30opzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NzQ2NjFjYjFjMzhlNjNiZDc4YmQ2YjJiMWQ2ODY4NmE1NDE1YmY1MB4XDTIyMDMy
NDE5MjgzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTYzMmI3ZmFmNTI5
NTllYzJhZGU1MjA1ZDI3MWVjMGI2YzkxN2M4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8g5/PKnnMlZIRwVUWOojsPqt+J2TPtBJFSXgvvf10twOGp
MiYV6yL016S8Crr2diu+rWkblNeyX1Eufmv3xd0p5/h6cPn1pAs4fnpgU2fP279K
oepoi7UmwPlnFMPmGhMwn4/7TOkWsrSsgSHItZZQY3ObYCdzVrYQb2BehvaeMcK/
K/3JUYm+bApHWYJLKEre1qpN2QBWO1UWYMekkxJ4KOSCHoFJT/vgmzNhACSCR8+H
Nc8PJQo7adaLIoLA43VyzbOkemGEyjXnY97PWqO78doIlbtkBqT1OcS2plbwNt4F
3Hi/S5oGCx/vWYDDokCryFqhhQVqVKOlwMO65DkCAwEAAaOCAl8wggJbMB0GA1Ud
DgQWBBTmMrf69SlZ7CreUgXScewLbJF8jTAfBgNVHSMEGDAWgBSXRmHLHDjmO9eL
1rKx1oaGpUFb9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2wwWmh5eHc0NWp2WGk5YXlzZGFHaHFWQldfVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvYTBiZjNlLTM2NDUtNGUxNi1iY2E5LThhZGFjMTdlOTBhZS8x
LzVqSzMtdlVwV2V3cTNsSUYwbkhzQzJ5UmZJMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
YTBiZjNlLTM2NDUtNGUxNi1iY2E5LThhZGFjMTdlOTBhZS8xL2wwWmh5eHc0NWp2
WGk5YXlzZGFHaHFWQldfVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB1
BggrBgEFBQcBBwEB/wRmMGQwMAQCAAEwKgMEAi0LEAMEAi2KrAMEAi2T5AMEAi2Z
8AMEAlvIZAMEAphZ9AMEAqAUkDAwBAIAAjAqAwUDKgk4wAMFAyoMakADBQMqDUzA
AwUDKg5RAAMFAyoOtUADBQMqEJwAMA0GCSqGSIb3DQEBCwUAA4IBAQA2GcbeTCoN
/EGDtyJe0eerlkTNVIecETnkUOLCcGxlkNkUGS60BHYDQggOqapwEn+aAJ/VhkOX
ZdjIO9lBxEDBUd/PEgLrCGEV7i2vVQW8Cniu7d/sT7/xMI69G5b9qPWji5xkT4Wo
zU9Jjuk8qU3S9jzGgiy4mOXUCLTdbV3WkLNU4VO5U9xz7DPxQxZsO6F3f6YVEbaJ
9WgBPqSvCEoBPW+bj/rRXAiYuLhHNJXq/8fXtWLbWege8KdSrUtfACP3h91ltqDS
TH6FG0GLvrTYkdoQSWp2CFyV9avaPV6vGliqq+59AB/e0Z6WDrncbmEn/JLBnKmv
A1OzJ89Op3Hm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:27 2024 by rpki-client on console-ams.rpki-client.org