Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/IFz2bmd8rPkX7KpBcIo79hzDN_0.roa
File: IFz2bmd8rPkX7KpBcIo79hzDN_0.roa (raw, json)
Hash identifier: qFVUb+ll2lDpxCwoPnMSd76zFwEGNpA5AOs8Cx5sJo4=
Subject key identifier: 20:5C:F6:6E:67:7C:AC:F9:17:EC:AA:41:70:8A:3B:F6:1C:C3:37:FD
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 4858C311
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/IFz2bmd8rPkX7KpBcIo79hzDN_0.roa
Signing time: Sat 01 Jan 2022 03:00:20 +0000
ROA not before: Sat 01 Jan 2022 03:00:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30823
IP address blocks: 5.8.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1213776657 (0x4858c311)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 03:00:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=205cf66e677cacf917ecaa41708a3bf61cc337fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:56:80:a6:29:69:97:4a:0c:42:87:dd:22:b7:
ac:be:7d:74:ad:80:55:c2:ba:e4:0b:8c:2a:40:75:
2f:97:28:0f:c1:65:6f:f5:cd:72:07:ef:fe:e2:0e:
21:3a:e0:ed:31:1f:84:05:58:93:1d:4e:2b:6b:36:
db:47:7d:d1:34:c8:96:bc:70:6f:58:97:4d:6a:f1:
3a:2b:f5:e1:cf:4c:fb:41:6c:3e:af:f6:81:58:77:
1d:04:bd:b0:7e:5f:74:dd:c7:16:a8:56:3f:24:aa:
c8:6f:3b:eb:7a:b6:27:65:28:f7:4c:66:59:39:74:
72:42:c6:06:ba:a5:2c:2e:df:23:54:08:72:15:f9:
82:be:3e:de:0a:93:24:34:f8:22:82:6d:5b:35:63:
2c:4b:de:aa:0b:48:1a:25:5d:97:5e:73:1f:6d:3a:
b5:b5:63:1e:d1:82:69:19:81:d0:31:92:08:8a:c2:
08:b9:16:de:1d:05:25:d1:b2:8b:05:ed:8a:43:9d:
41:91:3a:15:a7:a3:21:aa:63:d0:09:6d:a6:3c:e7:
64:6f:aa:75:94:e3:3d:bd:1e:ce:ba:1d:f8:13:f0:
69:3e:2a:04:7c:7b:a1:d6:3c:19:e6:78:b9:13:d4:
1a:ce:89:68:8c:92:f8:9c:ee:a4:33:5c:2a:ca:df:
a6:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:5C:F6:6E:67:7C:AC:F9:17:EC:AA:41:70:8A:3B:F6:1C:C3:37:FD
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/IFz2bmd8rPkX7KpBcIo79hzDN_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.19.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:09:fa:6a:e2:ac:c0:2d:23:0d:05:27:1a:7c:07:a7:fb:5d:
c0:b6:2c:0b:7d:73:2e:55:45:cc:92:15:c0:70:01:ec:29:24:
88:2c:a5:10:67:d2:3d:a8:7d:53:b3:dd:a1:a2:06:f3:41:cf:
b5:28:e7:09:a6:cf:5c:a7:9b:71:2c:e0:d2:2e:0e:ea:f5:4f:
c5:4c:a4:24:f5:51:71:57:63:ba:65:34:68:2e:c5:c3:6b:75:
07:b6:06:4d:8c:50:d3:d6:f7:8e:1e:94:1a:d2:0d:21:57:fa:
2b:c8:1f:f9:4f:ce:1d:c0:e1:87:51:f7:e5:8c:49:d1:56:9e:
ea:51:ba:93:1f:34:80:23:96:6e:9e:27:b5:59:64:08:62:5f:
76:61:2e:4c:36:e2:38:96:57:92:e9:ea:36:1d:e8:e1:71:41:
40:77:cd:20:b2:8c:d0:ef:73:9d:4a:2e:aa:2d:22:48:15:ad:
e0:0e:cc:16:e4:b7:34:16:b0:df:b6:b4:67:5d:f8:f6:c5:bd:
f6:6a:79:91:38:58:20:02:df:7d:08:07:73:11:13:77:c6:94:
79:b4:58:40:6b:8c:ac:b2:01:a6:61:99:54:0b:4e:34:09:07:
d1:26:2e:ab:67:af:71:d5:88:17:88:9e:a1:db:a8:d6:58:24:
ec:05:98:00
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIESFjDETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEw
MTAzMDAyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjA1Y2Y2NmU2Nzdj
YWNmOTE3ZWNhYTQxNzA4YTNiZjYxY2MzMzdmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdWgKYpaZdKDEKH3SK3rL59dK2AVcK65AuMKkB1L5coD8Fl
b/XNcgfv/uIOITrg7TEfhAVYkx1OK2s220d90TTIlrxwb1iXTWrxOiv14c9M+0Fs
Pq/2gVh3HQS9sH5fdN3HFqhWPySqyG8763q2J2Uo90xmWTl0ckLGBrqlLC7fI1QI
chX5gr4+3gqTJDT4IoJtWzVjLEveqgtIGiVdl15zH206tbVjHtGCaRmB0DGSCIrC
CLkW3h0FJdGyiwXtikOdQZE6FaejIapj0AltpjznZG+qdZTjPb0ezrod+BPwaT4q
BHx7odY8GeZ4uRPUGs6JaIyS+JzupDNcKsrfpuECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQgXPZuZ3ys+RfsqkFwijv2HMM3/TAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L0lGejJibWQ4clBrWDdLcEJjSW83OWh6RE5fMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAUIEzANBgkqhkiG9w0BAQsFAAOC
AQEAtgn6auKswC0jDQUnGnwHp/tdwLYsC31zLlVFzJIVwHAB7CkkiCylEGfSPah9
U7PdoaIG80HPtSjnCabPXKebcSzg0i4O6vVPxUykJPVRcVdjumU0aC7Fw2t1B7YG
TYxQ09b3jh6UGtINIVf6K8gf+U/OHcDhh1H35YxJ0Vae6lG6kx80gCOWbp4ntVlk
CGJfdmEuTDbiOJZXkunqNh3o4XFBQHfNILKM0O9znUouqi0iSBWt4A7MFuS3NBaw
37a0Z1349sW99mp5kThYIALffQgHcxETd8aUebRYQGuMrLIBpmGZVAtONAkH0SYu
q2evcdWIF4ieoduo1lgk7AWYAA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org