Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/3bkZDaLCNMxr5htfY-jk2zNEQ3Q.roa
File: 3bkZDaLCNMxr5htfY-jk2zNEQ3Q.roa (raw, json)
Hash identifier: fqwBDrTlZnNaw0BMyVwYtczR8qyY89m2Z9DyREyAVyw=
Subject key identifier: DD:B9:19:0D:A2:C2:34:CC:6B:E6:1B:5F:63:E8:E4:DB:33:44:43:74
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 4862299D
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/3bkZDaLCNMxr5htfY-jk2zNEQ3Q.roa
Signing time: Sat 01 Jan 2022 03:00:25 +0000
ROA not before: Sat 01 Jan 2022 03:00:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41909
IP address blocks: 5.8.88.0/22 maxlen: 24
5.8.0.0/21 maxlen: 22
5.188.68.0/23 maxlen: 24
5.188.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1214392733 (0x4862299d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 03:00:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddb9190da2c234cc6be61b5f63e8e4db33444374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2f:78:07:48:93:e8:93:28:b4:bc:45:cc:c7:
42:92:cf:65:01:9f:3f:59:4b:50:db:c3:00:82:33:
4d:18:36:45:3d:34:18:5e:33:ea:56:68:a5:2e:81:
46:02:0e:e0:d9:42:e4:65:f3:1d:5e:cd:c7:d7:f4:
88:8f:03:5b:55:2e:b6:96:94:b2:c3:99:aa:d4:7a:
10:56:c0:5d:36:29:73:92:af:fb:14:48:56:b4:46:
c1:4a:94:73:9b:e8:8c:4f:6c:84:04:66:2f:b6:8d:
de:c8:69:a3:f3:82:ce:50:bf:b2:20:d6:40:6b:f4:
e6:27:97:20:23:23:18:c8:2d:4e:85:ff:f0:a9:20:
61:08:0a:3a:e8:22:cf:e7:2e:e2:18:ab:28:1c:b4:
7e:d6:a6:12:57:9b:e8:b6:a9:a7:f9:45:eb:d8:a2:
05:f6:95:16:67:2d:18:66:5a:f8:11:1b:9e:1e:49:
26:a4:b0:2b:1d:06:4a:76:5c:64:f3:be:bd:7c:b6:
c0:33:ee:83:78:a8:2b:8c:8d:ff:8e:0a:7c:98:a9:
a4:72:ee:3d:50:58:05:ab:90:a2:fc:cc:44:ef:fc:
0e:21:43:ea:ce:80:82:45:0f:b1:ce:53:bd:5f:10:
fc:1c:66:79:33:00:d4:55:8d:b1:7f:d4:fd:8d:e1:
97:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B9:19:0D:A2:C2:34:CC:6B:E6:1B:5F:63:E8:E4:DB:33:44:43:74
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/3bkZDaLCNMxr5htfY-jk2zNEQ3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.0.0/21
5.8.88.0/22
5.188.68.0/23
5.188.88.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:d6:9a:de:51:1f:10:06:9f:50:34:6c:62:34:6a:0d:50:f9:
51:07:e7:a3:40:5a:d4:62:ba:33:98:38:c6:96:2b:9e:f1:91:
6a:93:09:35:f3:3c:4f:65:5b:71:3d:4f:ce:b7:dd:0c:d3:a3:
12:80:7d:62:92:de:5f:e6:dc:87:d8:73:78:40:c1:a3:5a:17:
ca:a2:00:53:92:2f:44:1a:26:1b:06:a3:1b:e6:18:63:42:e5:
c9:0b:93:53:ca:4b:e0:c9:9d:5e:c3:13:b0:7d:79:bc:e5:f8:
ae:bf:25:27:d0:52:8b:9e:43:5b:44:89:2d:1c:3e:aa:9c:f7:
fc:4f:ec:dc:e1:8c:5f:70:e4:8f:b2:b5:10:65:36:cf:11:53:
8b:48:cf:10:b1:d7:bc:4b:07:04:8d:e3:a3:e0:65:28:30:9e:
39:e8:a1:1d:3e:65:bc:c3:ce:24:ce:a7:aa:21:9d:a7:97:2d:
27:7b:7c:79:02:57:b0:d9:44:ff:28:7a:20:da:9d:44:80:27:
b8:f9:aa:c1:26:9e:26:e5:14:a1:ea:bb:cf:67:63:24:99:ea:
fd:7c:98:7e:02:59:84:67:98:62:59:74:a3:e9:3c:6d:31:2e:
02:46:05:3a:05:ee:64:c4:03:e9:16:a3:a8:a9:b2:0d:a9:89:
d6:d0:82:53
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIESGIpnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEw
MTAzMDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRiOTE5MGRhMmMy
MzRjYzZiZTYxYjVmNjNlOGU0ZGIzMzQ0NDM3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8veAdIk+iTKLS8RczHQpLPZQGfP1lLUNvDAIIzTRg2RT00
GF4z6lZopS6BRgIO4NlC5GXzHV7Nx9f0iI8DW1UutpaUssOZqtR6EFbAXTYpc5Kv
+xRIVrRGwUqUc5vojE9shARmL7aN3shpo/OCzlC/siDWQGv05ieXICMjGMgtToX/
8KkgYQgKOugiz+cu4hirKBy0ftamEleb6Lapp/lF69iiBfaVFmctGGZa+BEbnh5J
JqSwKx0GSnZcZPO+vXy2wDPug3ioK4yN/44KfJippHLuPVBYBauQovzMRO/8DiFD
6s6AgkUPsc5TvV8Q/BxmeTMA1FWNsX/U/Y3hl1ECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTduRkNosI0zGvmG19j6OTbM0RDdDAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
LzNia1pEYUxDTk14cjVodGZZLWprMnpORVEzUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAwUIAAMEAgUIWAMEAQW8RAMEAgW8
WDANBgkqhkiG9w0BAQsFAAOCAQEAT9aa3lEfEAafUDRsYjRqDVD5UQfno0Ba1GK6
M5g4xpYrnvGRapMJNfM8T2VbcT1PzrfdDNOjEoB9YpLeX+bch9hzeEDBo1oXyqIA
U5IvRBomGwajG+YYY0LlyQuTU8pL4MmdXsMTsH15vOX4rr8lJ9BSi55DW0SJLRw+
qpz3/E/s3OGMX3Dkj7K1EGU2zxFTi0jPELHXvEsHBI3jo+BlKDCeOeihHT5lvMPO
JM6nqiGdp5ctJ3t8eQJXsNlE/yh6INqdRIAnuPmqwSaeJuUUoeq7z2djJJnq/XyY
fgJZhGeYYll0o+k8bTEuAkYFOgXuZMQD6RajqKmyDamJ1tCCUw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org