Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/jlk1xiFDBaEhSluwv3pv-JOG3Gg.roa
File: jlk1xiFDBaEhSluwv3pv-JOG3Gg.roa (raw, json)
Hash identifier: tmaTWtlU80qFTFwcxJTKSJK3PuhSsnESxipxzClezWA=
Subject key identifier: 8E:59:35:C6:21:43:05:A1:21:4A:5B:B0:BF:7A:6F:F8:93:86:DC:68
Certificate issuer: /CN=9870bf4f95350d0377fa8938bf4f2dcb7e72ff12
Certificate serial: 03F868A2
Authority key identifier: 98:70:BF:4F:95:35:0D:03:77:FA:89:38:BF:4F:2D:CB:7E:72:FF:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mHC_T5U1DQN3-ok4v08ty35y_xI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/jlk1xiFDBaEhSluwv3pv-JOG3Gg.roa
Signing time: Sat 01 Jan 2022 09:58:24 +0000
ROA not before: Sat 01 Jan 2022 09:58:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3194
IP address blocks: 5.10.225.0/24 maxlen: 24
5.10.226.0/24 maxlen: 24
5.10.224.0/24 maxlen: 24
5.10.229.0/24 maxlen: 24
5.10.230.0/24 maxlen: 24
5.10.227.0/24 maxlen: 24
5.10.231.0/24 maxlen: 24
5.10.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66611362 (0x3f868a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9870bf4f95350d0377fa8938bf4f2dcb7e72ff12
Validity
Not Before: Jan 1 09:58:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e5935c6214305a1214a5bb0bf7a6ff89386dc68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:91:c0:b3:de:1c:77:1f:9c:ca:cc:b7:f5:0a:
bc:c2:7c:1b:1a:f6:d7:a3:a1:e8:29:c3:80:a7:29:
94:1e:31:e9:6b:61:c1:19:e4:d8:31:b8:af:9f:6d:
b3:a9:21:ae:fa:b9:23:26:d5:c8:3b:0f:f3:eb:df:
f4:b5:4e:cd:19:da:bf:b4:bf:7f:a8:31:78:e3:56:
65:23:4d:5b:16:d9:61:27:37:b2:b4:d2:56:b6:ce:
c4:97:cb:ca:0f:c7:5a:a5:31:b7:9e:b4:fe:15:bf:
48:6d:1d:ec:ad:ff:b8:7c:43:09:9c:ee:22:93:c8:
35:f2:9c:3b:dd:35:de:fd:98:41:c9:d8:90:f9:1e:
75:ae:f9:11:fb:61:ce:bc:5a:ab:47:8b:d3:54:1d:
a0:d9:66:33:55:57:4e:46:61:f4:c7:bf:f5:44:27:
d8:49:af:20:3b:3f:ff:79:ce:f1:49:65:e1:e5:0d:
4c:62:98:6f:30:80:cf:fa:60:08:be:15:d1:d8:62:
0c:92:a0:2f:f1:32:7f:97:31:ca:10:4a:8c:0e:c7:
50:f3:6e:95:a0:fe:63:2b:c8:9c:15:43:56:b1:72:
49:79:40:f3:e9:97:34:a5:b9:88:5a:9f:d7:a8:94:
c1:31:0f:d7:73:3b:dd:45:c2:03:60:d7:84:66:c8:
67:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:59:35:C6:21:43:05:A1:21:4A:5B:B0:BF:7A:6F:F8:93:86:DC:68
X509v3 Authority Key Identifier:
keyid:98:70:BF:4F:95:35:0D:03:77:FA:89:38:BF:4F:2D:CB:7E:72:FF:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHC_T5U1DQN3-ok4v08ty35y_xI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/jlk1xiFDBaEhSluwv3pv-JOG3Gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/mHC_T5U1DQN3-ok4v08ty35y_xI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.224.0/21
Signature Algorithm: sha256WithRSAEncryption
28:7a:48:c3:56:90:88:9a:63:7b:e2:24:24:85:36:46:b3:ca:
68:bc:36:79:74:00:49:2a:9c:10:f2:a0:78:3d:fa:d3:45:db:
1e:40:f2:e7:4e:c4:51:d4:71:be:76:d7:35:de:34:68:a1:b2:
87:b4:b4:46:29:ad:e5:66:cc:75:27:cd:f6:27:5c:a8:6d:ae:
56:66:93:95:8a:2f:ab:a2:a1:df:d8:29:7a:d6:11:15:44:91:
6c:b3:5f:22:1d:72:ee:a3:88:f4:66:d2:e8:00:52:70:33:53:
22:a6:47:a4:ba:5a:a4:86:02:1d:68:95:ea:60:aa:2f:66:a0:
48:4a:cc:33:a4:69:56:e1:24:52:be:6c:68:c1:9d:f0:8c:8f:
8b:75:aa:08:83:c8:77:ba:ce:22:9e:be:76:ec:0d:69:59:95:
21:b8:11:11:2e:8f:6e:35:65:95:77:99:52:ff:f3:5c:06:2d:
0d:50:5e:79:2d:f9:80:36:05:30:cb:19:89:c5:92:ff:55:28:
9a:aa:72:61:07:0a:42:9e:e6:07:22:a4:42:c3:96:3a:2c:dc:
32:ef:41:cc:5c:e9:39:86:e4:44:83:38:63:8c:6f:25:d3:da:
9f:d5:aa:ac:c1:67:f3:1f:23:0a:d5:72:a6:5a:c3:fb:48:b4:
a1:68:58:ba
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA/hoojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODcwYmY0Zjk1MzUwZDAzNzdmYTg5MzhiZjRmMmRjYjdlNzJmZjEyMB4XDTIyMDEw
MTA5NTgyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU1OTM1YzYyMTQz
MDVhMTIxNGE1YmIwYmY3YTZmZjg5Mzg2ZGM2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANORwLPeHHcfnMrMt/UKvMJ8Gxr216Oh6CnDgKcplB4x6Wth
wRnk2DG4r59ts6khrvq5IybVyDsP8+vf9LVOzRnav7S/f6gxeONWZSNNWxbZYSc3
srTSVrbOxJfLyg/HWqUxt560/hW/SG0d7K3/uHxDCZzuIpPINfKcO9013v2YQcnY
kPkeda75Efthzrxaq0eL01QdoNlmM1VXTkZh9Me/9UQn2EmvIDs//3nO8Ull4eUN
TGKYbzCAz/pgCL4V0dhiDJKgL/Eyf5cxyhBKjA7HUPNulaD+YyvInBVDVrFySXlA
8+mXNKW5iFqf16iUwTEP13M73UXCA2DXhGbIZ48CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSOWTXGIUMFoSFKW7C/em/4k4bcaDAfBgNVHSMEGDAWgBSYcL9PlTUNA3f6
iTi/Ty3LfnL/EjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21IQ19UNVUxRFFOMy1vazR2MDh0eTM1eV94SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvNjAwYTM3LWY5NjctNDViMS1hMWRkLTA3YTMxNWU5MDMzZC8x
L2psazF4aUZEQmFFaFNsdXd2M3B2LUpPRzNHZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
NjAwYTM3LWY5NjctNDViMS1hMWRkLTA3YTMxNWU5MDMzZC8xL21IQ19UNVUxRFFO
My1vazR2MDh0eTM1eV94SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAwUK4DANBgkqhkiG9w0BAQsFAAOC
AQEAKHpIw1aQiJpje+IkJIU2RrPKaLw2eXQASSqcEPKgeD3600XbHkDy507EUdRx
vnbXNd40aKGyh7S0Rimt5WbMdSfN9idcqG2uVmaTlYovq6Kh39gpetYRFUSRbLNf
Ih1y7qOI9GbS6ABScDNTIqZHpLpapIYCHWiV6mCqL2agSErMM6RpVuEkUr5saMGd
8IyPi3WqCIPId7rOIp6+duwNaVmVIbgRES6PbjVllXeZUv/zXAYtDVBeeS35gDYF
MMsZicWS/1UomqpyYQcKQp7mByKkQsOWOizcMu9BzFzpOYbkRIM4Y4xvJdPan9Wq
rMFn8x8jCtVyplrD+0i0oWhYug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:44 2024 by rpki-client on console-fra.rpki-client.org