Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/nKbz4ZFOtHtTGaW5gPh-Fkb445k.roa
File: nKbz4ZFOtHtTGaW5gPh-Fkb445k.roa (raw, json)
Hash identifier: 3bXaN0PWjh4a8Z2DmNKSAxkjK1JHy5BBY9Xfm0pFvJA=
Subject key identifier: 9C:A6:F3:E1:91:4E:B4:7B:53:19:A5:B9:80:F8:7E:16:46:F8:E3:99
Certificate issuer: /CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Certificate serial: 070E097F
Authority key identifier: 5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/nKbz4ZFOtHtTGaW5gPh-Fkb445k.roa
Signing time: Sat 01 Jan 2022 06:54:13 +0000
ROA not before: Sat 01 Jan 2022 06:54:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 5.57.80.0/22 maxlen: 22
2001:7f8:17::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118360447 (0x70e097f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Validity
Not Before: Jan 1 06:54:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ca6f3e1914eb47b5319a5b980f87e1646f8e399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a6:6f:19:c6:7d:b5:6d:a0:0f:7c:4c:de:c6:
d8:b4:82:c0:55:de:47:5f:d2:aa:42:04:64:36:94:
56:ba:ef:d9:93:d4:e9:83:44:52:d5:95:ea:b2:7e:
44:e7:8a:18:ac:e3:21:1e:5d:3b:b1:2e:2b:c6:3e:
0e:7e:c5:38:f6:0e:65:92:35:a4:81:e9:70:bb:c0:
08:38:9c:a9:1d:9e:75:86:f4:75:4c:2c:4d:2e:07:
08:4e:0c:9e:c2:77:74:56:63:1e:69:19:74:08:f1:
d2:24:f6:93:e6:cf:f6:8f:b2:d5:5a:60:c7:71:58:
e7:c9:61:43:2f:20:71:d3:c2:7f:1a:4c:c9:00:55:
10:e5:92:ed:a6:92:e2:4d:bd:5d:1e:f3:5a:08:04:
cb:4e:be:f3:13:83:d0:03:1b:fd:4d:0f:b4:b9:ba:
28:e8:af:6f:0d:ec:0c:22:9d:11:6e:45:b2:12:3b:
1c:83:44:74:3e:51:d5:05:5d:e2:f5:e5:95:60:f1:
e4:41:8a:7a:48:6a:0e:79:49:d7:44:a8:b7:d4:31:
ff:9e:37:05:4e:0b:2f:e4:1b:c6:bd:6a:c9:fc:a3:
b0:15:88:a1:a4:6f:2c:9c:38:07:b3:62:88:b4:b2:
9f:d1:65:9e:62:b7:03:61:2c:19:84:6b:88:dd:68:
69:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A6:F3:E1:91:4E:B4:7B:53:19:A5:B9:80:F8:7E:16:46:F8:E3:99
X509v3 Authority Key Identifier:
keyid:5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/nKbz4ZFOtHtTGaW5gPh-Fkb445k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.80.0/22
IPv6:
2001:7f8:17::/64
Signature Algorithm: sha256WithRSAEncryption
30:c1:e9:3a:7b:d7:87:12:85:b3:66:0d:d6:ce:ef:cc:48:8d:
1b:60:52:1b:e2:66:5b:a8:8d:ec:fc:e5:3a:75:e6:df:f1:81:
a1:f1:27:5e:77:ad:9c:0a:d8:95:4d:af:9c:5f:d4:ea:84:37:
d8:6e:a4:b1:7b:98:7c:bf:61:9d:73:33:ce:ad:13:f5:2d:91:
d8:9c:53:93:d8:a5:c9:28:15:84:56:c1:83:72:d9:be:80:89:
85:a5:5a:02:f9:bd:0c:52:27:6e:54:9b:8d:e0:ff:2a:1b:43:
97:9f:45:79:c5:2d:92:bc:c8:7b:fd:06:be:ec:d2:a1:37:0c:
1e:e7:7b:10:f4:71:58:a6:11:28:8b:a7:1e:56:f2:10:74:7f:
2a:00:c7:9e:dc:b0:0a:82:8e:50:57:b0:e7:24:82:7f:74:00:
78:37:6b:5e:da:0a:85:35:3c:70:c0:b1:49:0d:af:bd:bc:9b:
ea:ed:01:3e:fc:ac:4d:4c:e7:29:d2:96:bb:31:be:06:3f:5d:
df:45:43:77:43:6c:6d:23:45:6b:be:72:28:ff:10:e8:56:dd:
a6:54:80:37:dd:5a:3d:e5:f1:1f:16:30:07:55:37:2e:48:ce:
0d:95:3e:81:ae:97:9d:ed:4d:8e:fc:a4:46:c4:4e:15:c2:78:
12:d2:52:df
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIEBw4JfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZThkMDdiNDVmN2Q4MzEyNGM5ZjhjMGZhYzAzYmVjMDI0NjhiMzdlMB4XDTIyMDEw
MTA2NTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNhNmYzZTE5MTRl
YjQ3YjUzMTlhNWI5ODBmODdlMTY0NmY4ZTM5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSmbxnGfbVtoA98TN7G2LSCwFXeR1/SqkIEZDaUVrrv2ZPU
6YNEUtWV6rJ+ROeKGKzjIR5dO7EuK8Y+Dn7FOPYOZZI1pIHpcLvACDicqR2edYb0
dUwsTS4HCE4MnsJ3dFZjHmkZdAjx0iT2k+bP9o+y1Vpgx3FY58lhQy8gcdPCfxpM
yQBVEOWS7aaS4k29XR7zWggEy06+8xOD0AMb/U0PtLm6KOivbw3sDCKdEW5FshI7
HINEdD5R1QVd4vXllWDx5EGKekhqDnlJ10Sot9Qx/543BU4LL+Qbxr1qyfyjsBWI
oaRvLJw4B7NiiLSyn9FlnmK3A2EsGYRriN1oaRUCAwEAAaOCAhwwggIYMB0GA1Ud
DgQWBBScpvPhkU60e1MZpbmA+H4WRvjjmTAfBgNVHSMEGDAWgBRejQe0X32DEkyf
jA+sA77AJGizfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hvMEh0Rjk5Z3hKTW40d1ByQU8td0NSb3MzNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvYTE2OGU5LWQwNzAtNDRlMC05NGE0LTZjOGZkODRiYjVmNS8x
L25LYno0WkZPdEh0VEdhVzVnUGgtRmtiNDQ1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
YTE2OGU5LWQwNzAtNDRlMC05NGE0LTZjOGZkODRiYjVmNS8xL1hvMEh0Rjk5Z3hK
TW40d1ByQU8td0NSb3MzNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAy
BggrBgEFBQcBBwEB/wQjMCEwDAQCAAEwBgMEAgU5UDARBAIAAjALAwkAIAEH+AAX
AAAwDQYJKoZIhvcNAQELBQADggEBADDB6Tp714cShbNmDdbO78xIjRtgUhviZluo
jez85Tp15t/xgaHxJ153rZwK2JVNr5xf1OqEN9hupLF7mHy/YZ1zM86tE/Utkdic
U5PYpckoFYRWwYNy2b6AiYWlWgL5vQxSJ25Um43g/yobQ5efRXnFLZK8yHv9Br7s
0qE3DB7nexD0cVimESiLpx5W8hB0fyoAx57csAqCjlBXsOckgn90AHg3a17aCoU1
PHDAsUkNr728m+rtAT78rE1M5ynSlrsxvgY/Xd9FQ3dDbG0jRWu+cij/EOhW3aZU
gDfdWj3l8R8WMAdVNy5Izg2VPoGul53tTY78pEbEThXCeBLSUt8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:16 2024 by rpki-client on console-ams.rpki-client.org