Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/DwgtlOhd0bE6PsEDWFLrQaXadqc.roa
File: DwgtlOhd0bE6PsEDWFLrQaXadqc.roa (raw, json)
Hash identifier: o7ZwA83MUiq7gT7blOrq2c71rcMcDMoinR+qODqKYAo=
Subject key identifier: 0F:08:2D:94:E8:5D:D1:B1:3A:3E:C1:03:58:52:EB:41:A5:DA:76:A7
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 485BB0CD
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/DwgtlOhd0bE6PsEDWFLrQaXadqc.roa
Signing time: Sat 01 Jan 2022 03:00:22 +0000
ROA not before: Sat 01 Jan 2022 03:00:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39047
IP address blocks: 5.101.212.0/22 maxlen: 22
5.101.208.0/22 maxlen: 22
5.101.208.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1213968589 (0x485bb0cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 03:00:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f082d94e85dd1b13a3ec1035852eb41a5da76a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ae:27:d7:0d:9b:6e:26:b9:30:3c:ae:c6:4f:
e9:2b:fe:79:ac:4d:ab:4e:b0:a7:9c:b6:28:80:c5:
d0:7f:1b:85:c6:38:2f:ac:a1:ca:b2:2b:49:7b:8a:
73:45:37:c5:1d:97:2e:09:a2:29:68:2f:66:66:5c:
88:44:6f:e6:47:f8:3f:7b:ed:5a:28:da:f2:07:97:
f8:ae:22:1f:0e:66:44:ae:5b:85:c5:31:f6:a6:d2:
f6:66:fe:89:3f:0b:65:85:d9:ad:2d:81:3c:b1:3f:
e2:59:e6:35:39:f3:9d:4f:aa:00:77:a9:6a:b7:31:
d7:81:fe:11:9f:e9:b6:d8:e2:c6:d9:d5:17:11:d1:
53:7d:6a:7d:48:ce:15:2d:e8:e0:83:68:17:ae:67:
48:77:44:9e:6b:52:00:0e:1a:3b:0a:66:7c:f3:d7:
21:a3:a9:01:9a:02:04:f6:01:0f:f3:33:b7:d3:dc:
41:77:2c:0c:3f:9f:00:c3:b1:3a:0c:5b:e5:33:e7:
5c:e9:68:d3:77:3a:87:40:9f:80:1c:34:27:08:24:
5e:f1:1b:9b:7c:98:0b:dc:e2:43:c4:02:5c:b7:33:
1d:34:72:1d:61:52:c9:58:1b:eb:d7:4f:e8:58:8c:
7e:9e:ec:ef:4a:89:42:fd:c3:4b:bb:15:c8:c3:08:
f2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:08:2D:94:E8:5D:D1:B1:3A:3E:C1:03:58:52:EB:41:A5:DA:76:A7
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/DwgtlOhd0bE6PsEDWFLrQaXadqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.208.0/21
Signature Algorithm: sha256WithRSAEncryption
38:d1:7c:a7:52:7a:10:ad:20:60:4e:b5:9a:73:a5:76:4f:bc:
85:35:77:c9:5a:ad:bf:29:99:3c:45:a8:62:ec:57:24:72:fd:
8d:5a:eb:55:f6:b5:51:3a:d7:98:a8:2d:12:9d:7f:f8:e1:e7:
aa:00:0f:19:3e:d6:0c:9d:5d:c0:8b:11:dd:14:45:65:94:5e:
10:8f:14:4c:d7:29:78:e5:b3:45:68:bd:fa:0f:c4:22:04:d6:
a6:17:0c:c0:aa:47:86:71:7a:39:1d:59:3b:64:f0:7d:80:60:
a5:98:72:2c:d6:c7:28:66:2e:42:3e:96:d4:68:6e:94:69:03:
2b:4a:4a:0b:f3:e6:bf:da:1b:78:b9:58:b6:10:58:a2:97:c9:
61:84:27:a3:f8:56:5a:93:00:ed:1f:2d:dc:0e:cd:59:de:9a:
61:e1:ae:43:95:24:cb:6b:5d:79:00:21:73:17:6b:b5:fa:0f:
c9:75:db:dc:d2:80:4a:df:64:84:07:bc:3d:85:1b:8a:5a:f0:
64:a8:6f:ee:c9:5b:d5:45:ad:ce:60:69:a6:eb:b0:10:9d:c8:
90:30:40:90:5f:c0:c3:d7:2f:3f:db:1d:cc:8a:a1:f0:47:60:
23:17:83:00:0e:56:40:61:23:e2:e6:15:e9:74:02:50:e2:81:
00:1c:a9:eb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIESFuwzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEw
MTAzMDAyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGYwODJkOTRlODVk
ZDFiMTNhM2VjMTAzNTg1MmViNDFhNWRhNzZhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSuJ9cNm24muTA8rsZP6Sv+eaxNq06wp5y2KIDF0H8bhcY4
L6yhyrIrSXuKc0U3xR2XLgmiKWgvZmZciERv5kf4P3vtWija8geX+K4iHw5mRK5b
hcUx9qbS9mb+iT8LZYXZrS2BPLE/4lnmNTnznU+qAHeparcx14H+EZ/pttjixtnV
FxHRU31qfUjOFS3o4INoF65nSHdEnmtSAA4aOwpmfPPXIaOpAZoCBPYBD/Mzt9Pc
QXcsDD+fAMOxOgxb5TPnXOlo03c6h0CfgBw0JwgkXvEbm3yYC9ziQ8QCXLczHTRy
HWFSyVgb69dP6FiMfp7s70qJQv3DS7sVyMMI8qkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQPCC2U6F3RsTo+wQNYUutBpdp2pzAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L0R3Z3RsT2hkMGJFNlBzRURXRkxyUWFYYWRxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAwVl0DANBgkqhkiG9w0BAQsFAAOC
AQEAONF8p1J6EK0gYE61mnOldk+8hTV3yVqtvymZPEWoYuxXJHL9jVrrVfa1UTrX
mKgtEp1/+OHnqgAPGT7WDJ1dwIsR3RRFZZReEI8UTNcpeOWzRWi9+g/EIgTWphcM
wKpHhnF6OR1ZO2TwfYBgpZhyLNbHKGYuQj6W1GhulGkDK0pKC/Pmv9obeLlYthBY
opfJYYQno/hWWpMA7R8t3A7NWd6aYeGuQ5Uky2tdeQAhcxdrtfoPyXXb3NKASt9k
hAe8PYUbilrwZKhv7slb1UWtzmBppuuwEJ3IkDBAkF/Aw9cvP9sdzIqh8EdgIxeD
AA5WQGEj4uYV6XQCUOKBAByp6w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org