Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/5CAKf2BE47kYeD7LKn-CtTdBgZ8.roa
File: 5CAKf2BE47kYeD7LKn-CtTdBgZ8.roa (raw, json)
Hash identifier: nIqbHr6aDhRGXpfGAeLWD3KtFfM2sW2znD9QdcFjZ2c=
Subject key identifier: E4:20:0A:7F:60:44:E3:B9:18:78:3E:CB:2A:7F:82:B5:37:41:81:9F
Certificate issuer: /CN=ba77301e14d65b3a3d686daac16dfc49ac48c7cd
Certificate serial: 02E77568
Authority key identifier: BA:77:30:1E:14:D6:5B:3A:3D:68:6D:AA:C1:6D:FC:49:AC:48:C7:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uncwHhTWWzo9aG2qwW38SaxIx80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/5CAKf2BE47kYeD7LKn-CtTdBgZ8.roa
Signing time: Sat 01 Jan 2022 14:00:27 +0000
ROA not before: Sat 01 Jan 2022 14:00:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211896
IP address blocks: 194.180.20.0/24 maxlen: 24
194.180.25.0/24 maxlen: 24
194.180.52.0/24 maxlen: 24
194.180.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48723304 (0x2e77568)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba77301e14d65b3a3d686daac16dfc49ac48c7cd
Validity
Not Before: Jan 1 14:00:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4200a7f6044e3b918783ecb2a7f82b53741819f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:94:51:d3:80:22:31:e0:2e:c5:04:c4:80:9d:
d1:6e:04:37:fe:3d:8c:89:04:02:d0:43:a6:1c:2a:
7c:10:95:b5:b1:58:66:32:ba:29:c5:c2:5d:30:de:
4d:6c:a3:89:e1:d4:cc:9d:cb:ed:db:0e:a7:c6:bb:
f4:21:04:b9:d0:73:97:66:97:93:2d:67:e7:5d:b4:
a7:2a:bd:64:cd:64:bf:77:55:e0:2f:f9:8c:1e:b0:
7e:b1:46:9c:66:db:12:a1:c5:fe:c0:d7:c1:7d:e1:
15:9a:74:d8:69:30:c5:ee:9f:51:b5:21:ea:de:f4:
02:c3:3d:e0:4c:03:2f:fe:f4:83:5d:a2:ce:81:68:
72:b1:48:9d:e3:89:72:78:fe:82:c8:12:ca:78:79:
03:67:69:53:17:7a:63:e4:bb:2a:ca:ff:19:95:78:
54:eb:04:19:cc:72:1d:d8:6b:a1:f1:9a:1c:a6:7f:
3b:a6:d9:f6:52:66:cc:07:58:17:bb:77:f6:a3:a3:
80:ce:e1:c4:5d:52:b3:63:49:60:ca:05:ab:08:ce:
07:36:0b:4e:a6:56:30:e2:55:88:3e:b3:05:2e:bc:
5b:ae:ae:12:9b:fc:ff:17:5d:98:87:74:3f:fc:38:
2c:8c:67:58:7b:98:1b:74:a2:67:61:30:9f:89:99:
66:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:20:0A:7F:60:44:E3:B9:18:78:3E:CB:2A:7F:82:B5:37:41:81:9F
X509v3 Authority Key Identifier:
keyid:BA:77:30:1E:14:D6:5B:3A:3D:68:6D:AA:C1:6D:FC:49:AC:48:C7:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uncwHhTWWzo9aG2qwW38SaxIx80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/5CAKf2BE47kYeD7LKn-CtTdBgZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/uncwHhTWWzo9aG2qwW38SaxIx80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.20.0/24
194.180.25.0/24
194.180.52.0/24
194.180.55.0/24
Signature Algorithm: sha256WithRSAEncryption
90:a7:8a:8e:a2:04:91:48:d7:43:3e:4f:90:04:4e:cb:1b:81:
91:ea:c6:e9:9d:23:ca:2a:af:4c:0d:21:2a:4f:d2:92:cb:4b:
e2:9c:18:ff:25:58:05:3c:08:ab:49:0f:38:a1:14:d2:56:a1:
24:64:3c:92:af:04:a9:9f:4a:65:e7:34:dc:8f:8e:f9:aa:a3:
2a:e5:1a:bb:f8:a3:f8:f3:c0:8c:a0:63:c9:47:f8:65:75:39:
ad:6e:74:6f:83:78:84:fd:20:d8:0c:8a:71:1a:c2:1a:90:9c:
8f:21:b4:0a:93:41:a2:81:2a:65:1e:cb:34:1f:3c:aa:d6:6b:
4b:86:8b:17:85:e0:32:fa:c6:4e:ef:1f:24:78:7e:86:4b:9d:
94:6e:c6:6e:66:1e:fa:bc:54:8d:30:41:d6:26:c9:e2:fb:4a:
58:4c:6c:1f:3c:15:b8:55:81:61:1b:53:53:21:ab:71:e4:ac:
93:d3:40:ba:3b:20:d8:66:90:0f:ef:52:0f:66:36:98:c3:f4:
cf:61:92:7e:2b:e7:4a:78:af:3f:56:dc:11:21:b4:7a:54:84:
c8:07:d7:ab:da:dc:c3:89:48:1e:7f:8d:5f:aa:93:6e:d5:f6:
91:ea:69:b2:60:ec:ca:99:84:68:d9:0c:0d:bf:cb:58:76:ef:
07:8b:48:0a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAud1aDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTc3MzAxZTE0ZDY1YjNhM2Q2ODZkYWFjMTZkZmM0OWFjNDhjN2NkMB4XDTIyMDEw
MTE0MDAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQyMDBhN2Y2MDQ0
ZTNiOTE4NzgzZWNiMmE3ZjgyYjUzNzQxODE5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMaUUdOAIjHgLsUExICd0W4EN/49jIkEAtBDphwqfBCVtbFY
ZjK6KcXCXTDeTWyjieHUzJ3L7dsOp8a79CEEudBzl2aXky1n5120pyq9ZM1kv3dV
4C/5jB6wfrFGnGbbEqHF/sDXwX3hFZp02Gkwxe6fUbUh6t70AsM94EwDL/70g12i
zoFocrFIneOJcnj+gsgSynh5A2dpUxd6Y+S7Ksr/GZV4VOsEGcxyHdhrofGaHKZ/
O6bZ9lJmzAdYF7t39qOjgM7hxF1Ss2NJYMoFqwjOBzYLTqZWMOJViD6zBS68W66u
Epv8/xddmId0P/w4LIxnWHuYG3SiZ2Ewn4mZZlMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTkIAp/YETjuRh4Pssqf4K1N0GBnzAfBgNVHSMEGDAWgBS6dzAeFNZbOj1o
barBbfxJrEjHzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VuY3dIaFRXV3pvOWFHMnF3VzM4U2F4SXg4MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYjczOTNiLTY4MTgtNDhkMy1iMDgxLTVjNjhmNmIwYjJjNy8x
LzVDQUtmMkJFNDdrWWVEN0xLbi1DdFRkQmdaOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YjczOTNiLTY4MTgtNDhkMy1iMDgxLTVjNjhmNmIwYjJjNy8xL3VuY3dIaFRXV3pv
OWFHMnF3VzM4U2F4SXg4MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMK0FAMEAMK0GQMEAMK0NAMEAMK0
NzANBgkqhkiG9w0BAQsFAAOCAQEAkKeKjqIEkUjXQz5PkAROyxuBkerG6Z0jyiqv
TA0hKk/SkstL4pwY/yVYBTwIq0kPOKEU0lahJGQ8kq8EqZ9KZec03I+O+aqjKuUa
u/ij+PPAjKBjyUf4ZXU5rW50b4N4hP0g2AyKcRrCGpCcjyG0CpNBooEqZR7LNB88
qtZrS4aLF4XgMvrGTu8fJHh+hkudlG7GbmYe+rxUjTBB1ibJ4vtKWExsHzwVuFWB
YRtTUyGrceSsk9NAujsg2GaQD+9SD2Y2mMP0z2GSfivnSnivP1bcESG0elSEyAfX
q9rcw4lIHn+NX6qTbtX2keppsmDsypmEaNkMDb/LWHbvB4tICg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org