Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/k5g8Wv0HwbQQUes2MSKMi15gUqc.roa
File: k5g8Wv0HwbQQUes2MSKMi15gUqc.roa (raw, json)
Hash identifier: j+f4Oy9mfRa+7eNfRt820V4lbNR22Hi+JYdG8rfnXYc=
Subject key identifier: 93:98:3C:5A:FD:07:C1:B4:10:51:EB:36:31:22:8C:8B:5E:60:52:A7
Certificate issuer: /CN=0ac1565a5f6c4e54ca2f19d364759b6a0ed61840
Certificate serial: 3340FA72
Authority key identifier: 0A:C1:56:5A:5F:6C:4E:54:CA:2F:19:D3:64:75:9B:6A:0E:D6:18:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CsFWWl9sTlTKLxnTZHWbag7WGEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/k5g8Wv0HwbQQUes2MSKMi15gUqc.roa
Signing time: Sat 01 Jan 2022 07:00:57 +0000
ROA not before: Sat 01 Jan 2022 07:00:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198288
IP address blocks: 185.44.156.0/22 maxlen: 22
5.34.248.0/21 maxlen: 22
2a00:f8c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 859896434 (0x3340fa72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ac1565a5f6c4e54ca2f19d364759b6a0ed61840
Validity
Not Before: Jan 1 07:00:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93983c5afd07c1b41051eb3631228c8b5e6052a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ed:3b:a3:25:bf:cd:3d:f6:9b:0d:ab:46:2f:
53:07:12:2c:57:b4:a6:48:47:e4:b3:3f:21:ed:9c:
57:17:0a:ac:c8:2b:2b:9c:1c:45:65:5a:46:5b:0f:
85:b9:5a:7b:3a:41:be:48:cd:09:d8:a9:41:b0:0c:
82:c1:2c:9c:ee:be:fc:45:ae:4e:63:d4:ab:fd:96:
f0:96:dd:72:4a:31:bc:a4:50:c9:17:75:f4:84:0c:
6c:17:cb:e2:8a:40:d3:43:42:31:29:c5:f3:7c:f2:
16:11:3a:fc:e1:1f:85:1f:3f:80:bc:03:44:c7:a5:
0a:f0:b2:58:ed:09:de:f0:7d:1e:13:f3:ae:1e:60:
ce:33:5c:00:ba:ec:ae:f0:55:68:af:78:28:15:f9:
9c:88:37:91:90:b7:36:b7:be:01:ca:a6:77:3c:cc:
a4:62:96:09:27:8f:01:51:85:e3:1f:97:c2:f0:ff:
38:e0:60:91:0c:65:89:d7:1d:fb:77:09:2a:d4:80:
f7:ed:0e:c4:a3:46:ea:6a:94:db:14:c5:d3:05:8d:
88:6d:cb:85:f3:c0:07:cd:bf:a5:58:d8:fa:ef:83:
3f:ce:0c:77:2e:a2:cd:23:9d:e5:32:1e:85:62:62:
32:2d:fb:0d:ab:33:87:ff:a9:99:8d:cf:de:c8:75:
e1:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:98:3C:5A:FD:07:C1:B4:10:51:EB:36:31:22:8C:8B:5E:60:52:A7
X509v3 Authority Key Identifier:
keyid:0A:C1:56:5A:5F:6C:4E:54:CA:2F:19:D3:64:75:9B:6A:0E:D6:18:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CsFWWl9sTlTKLxnTZHWbag7WGEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/k5g8Wv0HwbQQUes2MSKMi15gUqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/CsFWWl9sTlTKLxnTZHWbag7WGEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.248.0/21
185.44.156.0/22
IPv6:
2a00:f8c0::/32
Signature Algorithm: sha256WithRSAEncryption
85:d4:8a:d9:c0:92:b8:ce:72:ef:5b:40:66:ca:8a:72:6a:83:
ff:1b:12:4f:47:3a:43:24:a3:67:b7:42:71:cc:48:41:7c:28:
3c:5e:4b:a4:f5:04:db:6e:23:95:9c:61:67:8b:dd:37:ab:02:
d1:26:95:03:ed:19:e8:63:81:d9:80:28:0b:a8:98:eb:f4:b6:
43:61:dc:df:d9:6b:44:29:34:c2:e6:d7:0b:5d:31:8f:0d:8c:
48:07:0d:5e:bf:3f:c0:ea:c3:51:aa:17:bc:6d:7c:47:b2:b1:
83:05:3b:3a:12:f5:60:94:d6:78:a8:fe:7b:5f:83:62:0e:11:
9d:6a:7a:96:b4:db:97:ca:ed:0b:a1:d1:9d:f0:8b:dd:36:bc:
35:70:ec:9b:4f:cd:72:58:a5:bd:e7:9c:d5:20:69:9e:47:ea:
8d:35:ca:26:fb:5f:a6:55:57:99:24:06:3f:32:90:4e:09:dd:
d3:ce:64:bc:75:42:90:21:1a:88:8d:ad:88:d6:a6:b1:22:f7:
e5:28:a9:a1:7e:57:8f:57:2b:dc:98:0e:f5:69:62:72:b2:58:
c7:32:ba:fe:21:1a:a1:32:24:4f:e9:52:08:df:c4:8a:3b:2d:
7d:b6:3c:ee:bd:60:36:7d:13:7e:85:c4:e2:03:7f:8e:ca:21:
28:40:2f:30
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEM0D6cjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YWMxNTY1YTVmNmM0ZTU0Y2EyZjE5ZDM2NDc1OWI2YTBlZDYxODQwMB4XDTIyMDEw
MTA3MDA1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTM5ODNjNWFmZDA3
YzFiNDEwNTFlYjM2MzEyMjhjOGI1ZTYwNTJhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDtO6Mlv8099psNq0YvUwcSLFe0pkhH5LM/Ie2cVxcKrMgr
K5wcRWVaRlsPhblaezpBvkjNCdipQbAMgsEsnO6+/EWuTmPUq/2W8JbdckoxvKRQ
yRd19IQMbBfL4opA00NCMSnF83zyFhE6/OEfhR8/gLwDRMelCvCyWO0J3vB9HhPz
rh5gzjNcALrsrvBVaK94KBX5nIg3kZC3Nre+AcqmdzzMpGKWCSePAVGF4x+XwvD/
OOBgkQxlidcd+3cJKtSA9+0OxKNG6mqU2xTF0wWNiG3LhfPAB82/pVjY+u+DP84M
dy6izSOd5TIehWJiMi37Daszh/+pmY3P3sh14cECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSTmDxa/QfBtBBR6zYxIoyLXmBSpzAfBgNVHSMEGDAWgBQKwVZaX2xOVMov
GdNkdZtqDtYYQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NzRldXbDlzVGxUS0x4blRaSFdiYWc3V0dFQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvN2VkYjIyLWZmNDctNDY1Zi05MDY4LTVjNGEwZWIyMDE3Zi8x
L2s1ZzhXdjBId2JRUVVlczJNU0tNaTE1Z1VxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
N2VkYjIyLWZmNDctNDY1Zi05MDY4LTVjNGEwZWIyMDE3Zi8xL0NzRldXbDlzVGxU
S0x4blRaSFdiYWc3V0dFQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAwUi+AMEArksnDANBAIAAjAHAwUA
KgD4wDANBgkqhkiG9w0BAQsFAAOCAQEAhdSK2cCSuM5y71tAZsqKcmqD/xsST0c6
QySjZ7dCccxIQXwoPF5LpPUE224jlZxhZ4vdN6sC0SaVA+0Z6GOB2YAoC6iY6/S2
Q2Hc39lrRCk0wubXC10xjw2MSAcNXr8/wOrDUaoXvG18R7KxgwU7OhL1YJTWeKj+
e1+DYg4RnWp6lrTbl8rtC6HRnfCL3Ta8NXDsm0/Nclilveec1SBpnkfqjTXKJvtf
plVXmSQGPzKQTgnd085kvHVCkCEaiI2tiNamsSL35SipoX5Xj1cr3JgO9WlicrJY
xzK6/iEaoTIkT+lSCN/EijstfbY87r1gNn0TfoXE4gN/jsohKEAvMA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:49 2024 by rpki-client on console-ams.rpki-client.org