Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/v3sOFKz5mv123ysrgf1y8zdsz1A.roa
File: v3sOFKz5mv123ysrgf1y8zdsz1A.roa (raw, json)
Hash identifier: dzdU7EwPPC4WTovs3eP+irVV6nly2ELOYaBtINGtA2Q=
Subject key identifier: BF:7B:0E:14:AC:F9:9A:FD:76:DF:2B:2B:81:FD:72:F3:37:6C:CF:50
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 384FA143
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/v3sOFKz5mv123ysrgf1y8zdsz1A.roa
Signing time: Sat 01 Jan 2022 10:00:48 +0000
ROA not before: Sat 01 Jan 2022 10:00:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8468
IP address blocks: 5.144.154.0/23 maxlen: 23
2a02:98:d51::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 944742723 (0x384fa143)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Jan 1 10:00:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf7b0e14acf99afd76df2b2b81fd72f3376ccf50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:19:d0:45:c9:86:fc:75:49:d0:4c:52:32:66:
c7:86:70:f9:bc:1f:9c:01:56:f2:5e:41:a5:54:35:
8a:56:57:b3:5d:3e:15:8f:34:04:f6:6e:97:23:d9:
77:68:2f:96:f8:ad:5e:55:6b:40:98:a1:0d:b9:5a:
1f:09:3f:04:1d:9a:5e:a1:b7:9b:57:84:3e:f2:4d:
0f:8b:29:c7:5c:e0:7a:95:8b:29:13:c1:a5:16:f1:
16:1c:dd:a3:15:15:1f:cc:5d:23:e3:38:90:d4:dc:
15:cc:45:b3:f8:60:ed:45:94:32:0d:07:c9:8d:71:
b1:b8:85:64:1f:82:58:54:e9:16:db:24:12:0a:a7:
59:45:ef:d6:c9:3f:22:8d:00:24:28:bf:ef:73:ce:
f8:29:f8:5a:29:05:b2:94:16:22:3c:ba:b8:16:aa:
6b:c7:ab:7a:b3:15:34:eb:55:9c:29:62:c7:32:3b:
49:b0:47:d2:ba:9d:56:9c:95:48:30:8b:26:9e:43:
b9:a2:f0:0d:f4:62:e2:ec:3e:ca:02:7c:1e:df:90:
cf:9c:ac:81:d4:2c:6a:df:d9:d3:3d:c5:57:5e:da:
f2:51:04:7f:48:bc:da:fc:13:0e:2a:0b:b2:fd:e9:
c5:80:ea:a0:88:de:74:95:06:b6:89:b6:7a:1c:df:
96:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:7B:0E:14:AC:F9:9A:FD:76:DF:2B:2B:81:FD:72:F3:37:6C:CF:50
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/v3sOFKz5mv123ysrgf1y8zdsz1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.154.0/23
IPv6:
2a02:98:d51::/48
Signature Algorithm: sha256WithRSAEncryption
14:50:9e:68:49:c9:44:cb:d8:5f:08:5e:34:54:cf:4f:c7:74:
18:e0:b5:5a:c7:c5:37:ee:bc:88:16:c7:b1:ff:63:57:55:15:
05:24:17:13:4b:d9:5f:4c:9d:7a:ad:61:12:5e:6d:7b:80:e6:
24:83:b1:46:51:72:fa:9e:c0:b8:ef:b8:86:fa:d7:74:86:c9:
4a:42:5a:0f:83:b3:04:9b:19:9c:2e:0f:93:f3:d5:5b:b9:40:
e8:b7:1f:1c:fa:5b:99:58:72:8d:05:48:76:bd:3f:f4:68:bb:
e2:3b:c2:ea:88:f7:7b:42:f3:a3:8c:8a:b2:1d:fd:e9:ef:26:
87:08:51:90:c7:f6:45:ba:30:d2:45:79:0e:7a:d0:af:15:61:
18:75:e1:d3:9f:11:48:b2:9d:73:ef:c9:b7:42:fc:e4:3f:1f:
04:50:cf:07:34:c8:70:d5:76:11:3f:36:3e:6f:99:95:ef:fc:
ea:43:b8:65:ea:29:84:7f:2d:9c:61:a8:dd:de:dd:43:65:72:
f4:62:77:32:54:90:aa:0a:44:2d:ee:a3:dc:0e:17:c8:f7:bf:
5d:da:de:17:8c:e6:ac:67:be:4b:70:9a:6e:9e:84:b6:87:63:
bc:9b:0d:09:ed:90:f3:00:6e:96:5e:94:65:14:de:6a:af:5e:
eb:d5:bf:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEOE+hQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjBkNGU4NTkzN2I3YTBmMjcxMDU0ZDI4NjE0ZjI5MzRkNGVhNTAwMB4XDTIyMDEw
MTEwMDA0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmY3YjBlMTRhY2Y5
OWFmZDc2ZGYyYjJiODFmZDcyZjMzNzZjY2Y1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcZ0EXJhvx1SdBMUjJmx4Zw+bwfnAFW8l5BpVQ1ilZXs10+
FY80BPZulyPZd2gvlvitXlVrQJihDblaHwk/BB2aXqG3m1eEPvJND4spx1zgepWL
KRPBpRbxFhzdoxUVH8xdI+M4kNTcFcxFs/hg7UWUMg0HyY1xsbiFZB+CWFTpFtsk
EgqnWUXv1sk/Io0AJCi/73PO+Cn4WikFspQWIjy6uBaqa8ererMVNOtVnClixzI7
SbBH0rqdVpyVSDCLJp5DuaLwDfRi4uw+ygJ8Ht+Qz5ysgdQsat/Z0z3FV17a8lEE
f0i82vwTDioLsv3pxYDqoIjedJUGtom2ehzflmkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBS/ew4UrPma/XbfKyuB/XLzN2zPUDAfBgNVHSMEGDAWgBS7DU6Fk3t6DycQ
VNKGFPKTTU6lADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3V3MU9oWk43ZWc4bkVGVFNoaFR5azAxT3BRQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvZDE3NTI3LWNmOTgtNGQzNy04NjZmLThlOWI5OGE5OWNkYi8x
L3Yzc09GS3o1bXYxMjN5c3JnZjF5OHpkc3oxQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
ZDE3NTI3LWNmOTgtNGQzNy04NjZmLThlOWI5OGE5OWNkYi8xL3V3MU9oWk43ZWc4
bkVGVFNoaFR5azAxT3BRQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAQWQmjAPBAIAAjAJAwcAKgIAmA1R
MA0GCSqGSIb3DQEBCwUAA4IBAQAUUJ5oSclEy9hfCF40VM9Px3QY4LVax8U37ryI
Fsex/2NXVRUFJBcTS9lfTJ16rWESXm17gOYkg7FGUXL6nsC477iG+td0hslKQloP
g7MEmxmcLg+T89VbuUDotx8c+luZWHKNBUh2vT/0aLviO8LqiPd7QvOjjIqyHf3p
7yaHCFGQx/ZFujDSRXkOetCvFWEYdeHTnxFIsp1z78m3QvzkPx8EUM8HNMhw1XYR
PzY+b5mV7/zqQ7hl6imEfy2cYajd3t1DZXL0YncyVJCqCkQt7qPcDhfI979d2t4X
jOasZ75LcJpunoS2h2O8mw0J7ZDzAG6WXpRlFN5qr17r1b8l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:19 2024 by rpki-client on console-fra.rpki-client.org