Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/5GapKuUklDHHN1OVlP42xQH7pp8.roa
File: 5GapKuUklDHHN1OVlP42xQH7pp8.roa (raw, json)
Hash identifier: HLOQu+A/QVNKXZB5zJlYRi7xVEJhbCYWZjvKqdg8+TU=
Subject key identifier: E4:66:A9:2A:E5:24:94:31:C7:37:53:95:94:FE:36:C5:01:FB:A6:9F
Certificate issuer: /CN=2665c17fa028b31348f630f6b56df422ce062b3b
Certificate serial: 37006A94
Authority key identifier: 26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/5GapKuUklDHHN1OVlP42xQH7pp8.roa
Signing time: Sat 01 Jan 2022 08:01:54 +0000
ROA not before: Sat 01 Jan 2022 08:01:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197637
IP address blocks: 31.25.152.0/21 maxlen: 21
153.92.32.0/21 maxlen: 21
185.62.88.0/22 maxlen: 22
185.68.76.0/22 maxlen: 22
37.123.120.0/21 maxlen: 21
2a04:6ec0::/32 maxlen: 32
2a04:6ec0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 922774164 (0x37006a94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2665c17fa028b31348f630f6b56df422ce062b3b
Validity
Not Before: Jan 1 08:01:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e466a92ae5249431c737539594fe36c501fba69f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4c:b9:57:19:89:81:6e:a6:78:df:f8:d5:62:
45:34:c5:c0:4b:08:1f:a0:4a:ab:b0:a3:57:0b:a5:
8b:70:53:3f:94:d6:8b:8e:6b:aa:8d:82:52:aa:49:
0a:67:a7:8e:00:f2:ed:d9:97:f7:8e:a3:e0:ba:41:
fe:7f:81:19:2f:e1:09:1b:ed:a4:b0:df:43:82:67:
fb:63:0e:80:36:43:03:9d:fb:21:05:88:21:8f:5f:
e5:91:37:a4:da:0d:9c:d1:6f:07:e1:5b:9f:52:6f:
a0:eb:53:e9:35:14:04:a5:17:81:9a:3f:aa:f1:88:
28:7e:24:84:57:e1:6a:b3:74:d8:b0:e9:69:9e:66:
61:30:bb:d9:de:fe:70:a9:a4:74:75:36:b9:ac:2e:
61:76:3a:ca:8a:f4:18:4c:92:55:8e:ae:41:b6:8e:
b7:e6:e5:af:47:ac:66:3d:82:51:e8:7d:a3:51:a3:
cb:77:85:13:52:79:7c:9a:9d:f1:00:53:1a:1c:2d:
63:48:39:5d:63:dc:7f:54:97:45:f9:cb:35:7f:70:
db:1c:1b:c8:9a:78:d3:ac:75:e7:27:6d:1e:a3:23:
d2:d9:d2:33:92:92:ba:c2:6c:d4:d5:50:8c:ef:5b:
87:88:40:4d:44:7b:e4:b6:71:76:7a:e6:d6:ce:45:
50:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:66:A9:2A:E5:24:94:31:C7:37:53:95:94:FE:36:C5:01:FB:A6:9F
X509v3 Authority Key Identifier:
keyid:26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/5GapKuUklDHHN1OVlP42xQH7pp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.152.0/21
37.123.120.0/21
153.92.32.0/21
185.62.88.0/22
185.68.76.0/22
IPv6:
2a04:6ec0::/29
Signature Algorithm: sha256WithRSAEncryption
33:de:a7:fc:6e:ff:41:06:4d:a3:4f:3b:ea:71:15:a9:27:af:
5e:f7:8c:05:84:22:df:5c:ed:a2:a1:a2:9a:f2:1a:a9:e8:d2:
ea:b6:33:73:4c:3e:bb:b6:d3:1c:01:5d:7b:2a:e8:c4:95:8e:
59:b5:f8:85:c0:28:08:53:78:db:35:a0:d2:c7:78:71:38:df:
bc:96:6d:58:31:d4:28:a4:60:6a:41:43:2e:fe:63:86:90:cd:
95:5f:7a:ba:9f:6b:a4:04:db:1d:77:da:da:7f:38:e8:49:56:
28:4f:7a:b5:a4:48:b9:bf:5d:8e:5b:c7:01:b8:19:4c:54:56:
86:4d:68:f8:b3:58:d2:ba:c1:d4:e9:39:9f:dc:11:79:3c:b6:
52:a9:d7:aa:98:a5:44:43:e4:61:c1:1d:d9:d4:20:a3:7e:33:
5d:dd:c6:ef:fc:db:bb:8a:7a:9d:d5:5c:a2:1e:aa:38:43:cb:
6d:6e:3d:5f:df:02:f6:ed:03:3b:4c:3a:c9:ad:41:7d:9a:54:
21:83:60:a8:d5:b6:28:4c:d9:2f:48:1f:2b:b0:26:2c:06:e0:
e5:78:5c:18:ae:0d:b0:8a:1a:cf:a1:cf:11:a5:cb:5c:e6:41:
cd:15:0b:69:ed:ea:82:3c:96:18:ba:80:0c:8a:da:a5:fd:22:
20:db:fa:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIENwBqlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjY1YzE3ZmEwMjhiMzEzNDhmNjMwZjZiNTZkZjQyMmNlMDYyYjNiMB4XDTIyMDEw
MTA4MDE1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQ2NmE5MmFlNTI0
OTQzMWM3Mzc1Mzk1OTRmZTM2YzUwMWZiYTY5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxMuVcZiYFupnjf+NViRTTFwEsIH6BKq7CjVwuli3BTP5TW
i45rqo2CUqpJCmenjgDy7dmX946j4LpB/n+BGS/hCRvtpLDfQ4Jn+2MOgDZDA537
IQWIIY9f5ZE3pNoNnNFvB+Fbn1JvoOtT6TUUBKUXgZo/qvGIKH4khFfharN02LDp
aZ5mYTC72d7+cKmkdHU2uawuYXY6yor0GEySVY6uQbaOt+blr0esZj2CUeh9o1Gj
y3eFE1J5fJqd8QBTGhwtY0g5XWPcf1SXRfnLNX9w2xwbyJp406x15ydtHqMj0tnS
M5KSusJs1NVQjO9bh4hATUR75LZxdnrm1s5FUAUCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTkZqkq5SSUMcc3U5WU/jbFAfumnzAfBgNVHSMEGDAWgBQmZcF/oCizE0j2
MPa1bfQizgYrOzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ptWEJmNkFvc3hOSTlqRDJ0VzMwSXM0R0t6cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvZmM5MGEwLTgwNGMtNDBmYS1iMjdhLWMzODNhOTAxMDAwNS8x
LzVHYXBLdVVrbERISE4xT1ZsUDQyeFFIN3BwOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
ZmM5MGEwLTgwNGMtNDBmYS1iMjdhLWMzODNhOTAxMDAwNS8xL0ptWEJmNkFvc3hO
STlqRDJ0VzMwSXM0R0t6cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAx8ZmAMEAyV7eAMEA5lcIAMEArk+
WAMEArlETDANBAIAAjAHAwUDKgRuwDANBgkqhkiG9w0BAQsFAAOCAQEAM96n/G7/
QQZNo0876nEVqSevXveMBYQi31ztoqGimvIaqejS6rYzc0w+u7bTHAFdeyroxJWO
WbX4hcAoCFN42zWg0sd4cTjfvJZtWDHUKKRgakFDLv5jhpDNlV96up9rpATbHXfa
2n846ElWKE96taRIub9djlvHAbgZTFRWhk1o+LNY0rrB1Ok5n9wReTy2UqnXqpil
REPkYcEd2dQgo34zXd3G7/zbu4p6ndVcoh6qOEPLbW49X98C9u0DO0w6ya1BfZpU
IYNgqNW2KEzZL0gfK7AmLAbg5XhcGK4NsIoaz6HPEaXLXOZBzRULae3qgjyWGLqA
DIrapf0iINv6PQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:20 2024 by rpki-client on console-ams.rpki-client.org