Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/SWiFECHxbS0X6z6ns01vSry7rII.roa
File: SWiFECHxbS0X6z6ns01vSry7rII.roa (raw, json)
Hash identifier: pIb1emRknYftBQd2RLbTPEedRtr1LTPVBgjXtEAjzoc=
Subject key identifier: 49:68:85:10:21:F1:6D:2D:17:EB:3E:A7:B3:4D:6F:4A:BC:BB:AC:82
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0184E159CBA63FB6A1282C358FE72A1D6A11
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/SWiFECHxbS0X6z6ns01vSry7rII.roa
Signing time: Mon 05 Dec 2022 08:14:29 +0000
ROA not before: Mon 05 Dec 2022 08:14:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39558
IP address blocks: 5.8.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:59:cb:a6:3f:b6:a1:28:2c:35:8f:e7:2a:1d:6a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Dec 5 08:14:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4968851021f16d2d17eb3ea7b34d6f4abcbbac82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:dc:8e:58:d6:e2:01:f7:cb:6a:fd:58:74:bb:
ef:ec:e4:eb:2a:ed:da:19:70:6d:ce:85:98:bd:e9:
08:6f:9d:b5:76:55:f7:f0:c8:05:66:7d:56:56:f1:
ac:c0:c4:05:e5:e8:d1:f9:b9:a8:b7:72:93:fb:ba:
db:1f:04:bf:68:49:07:01:1e:ef:03:c3:e7:50:34:
6d:7d:9d:9f:4d:9d:0e:d2:7e:15:58:aa:93:88:42:
80:98:19:59:56:87:79:0c:dc:8e:0e:25:8d:70:a5:
72:bd:3a:d0:3d:67:7c:2d:a0:a7:2a:7b:8b:92:fd:
18:88:af:84:44:c9:76:35:dc:9d:ac:ed:98:d4:eb:
c4:c3:50:64:53:e3:75:d6:70:5f:3c:b9:46:9b:3e:
ec:21:58:5d:5a:e7:97:e2:90:1c:4d:8e:c8:88:9b:
a7:eb:42:24:55:9c:a5:0f:e4:90:6d:d3:67:ff:81:
04:7f:b5:d7:fd:f4:77:e5:ec:e6:50:2b:67:3b:41:
5d:a5:03:0d:d4:19:3b:0f:8c:ff:16:ab:38:8c:ed:
16:49:02:41:ed:2a:26:7d:be:af:ec:bb:63:54:a1:
09:85:db:e2:b5:42:33:c7:04:8f:0a:c4:f7:01:cc:
8f:2d:ff:89:23:8f:3d:4c:5e:00:ba:15:6e:b1:1e:
ab:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:68:85:10:21:F1:6D:2D:17:EB:3E:A7:B3:4D:6F:4A:BC:BB:AC:82
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/SWiFECHxbS0X6z6ns01vSry7rII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.20.0/22
Signature Algorithm: sha256WithRSAEncryption
96:92:ad:2a:27:bf:d6:66:34:82:9c:b1:c1:98:32:be:fb:c2:
fc:6c:c2:26:fb:1f:68:a9:82:ce:77:c5:b5:16:f7:f2:c5:0c:
b1:c8:89:f6:af:96:3a:09:1a:0e:cd:a0:4f:cf:db:27:24:d7:
5d:27:63:36:5a:8f:14:33:27:4a:6b:77:fc:0b:cb:5c:b8:e9:
32:21:d8:ea:cd:20:7d:98:fa:f0:c3:3c:5e:db:33:71:f8:9f:
69:43:f5:13:22:ec:0b:06:50:0c:25:49:6f:76:e9:1f:d7:42:
c0:83:83:4b:9a:15:e1:1e:18:3b:b6:84:f4:17:ef:a2:6f:17:
b4:8f:e0:fa:87:2e:ff:26:da:6c:e8:82:c4:44:c3:d7:7d:0f:
19:89:ae:7e:e8:68:1c:c1:66:91:26:d5:af:a1:23:ba:6d:52:
74:03:40:5a:91:a1:83:c1:95:63:18:c1:49:25:51:17:4b:61:
ed:86:ed:f5:0c:79:a5:17:c6:43:d5:b7:47:fa:d8:80:aa:27:
04:d6:cd:8e:3e:f6:33:2b:0e:7b:bc:72:b7:b1:9f:d2:8b:f0:
0a:a8:81:0d:da:a2:24:c7:7c:3f:0a:37:a7:89:24:d6:af:9f:
d4:40:ad:c6:72:f0:b1:6a:31:cd:6c:65:1b:fa:9d:e5:07:73:
ed:b4:cc:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYThWcumP7ahKCw1j+cqHWoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIxMjA1MDgxNDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTY4ODUxMDIxZjE2ZDJkMTdlYjNlYTdiMzRkNmY0YWJjYmJhYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NyOWNbiAffLav1YdLvv7OTrKu3a
GXBtzoWYvekIb521dlX38MgFZn1WVvGswMQF5ejR+bmot3KT+7rbHwS/aEkHAR7v
A8PnUDRtfZ2fTZ0O0n4VWKqTiEKAmBlZVod5DNyODiWNcKVyvTrQPWd8LaCnKnuL
kv0YiK+ERMl2NdydrO2Y1OvEw1BkU+N11nBfPLlGmz7sIVhdWueX4pAcTY7IiJun
60IkVZylD+SQbdNn/4EEf7XX/fR35ezmUCtnO0FdpQMN1Bk7D4z/Fqs4jO0WSQJB
7Somfb6v7LtjVKEJhdvitUIzxwSPCsT3AcyPLf+JI489TF4AuhVusR6rkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFElohRAh8W0tF+s+p7NNb0q8u6yCMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvU1dpRkVDSHhiUzBYNno2bnMwMXZTcnk3cklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBQgUMA0G
CSqGSIb3DQEBCwUAA4IBAQCWkq0qJ7/WZjSCnLHBmDK++8L8bMIm+x9oqYLOd8W1
FvfyxQyxyIn2r5Y6CRoOzaBPz9snJNddJ2M2Wo8UMydKa3f8C8tcuOkyIdjqzSB9
mPrwwzxe2zNx+J9pQ/UTIuwLBlAMJUlvdukf10LAg4NLmhXhHhg7toT0F++ibxe0
j+D6hy7/Jtps6ILERMPXfQ8Zia5+6GgcwWaRJtWvoSO6bVJ0A0BakaGDwZVjGMFJ
JVEXS2Hthu31DHmlF8ZD1bdH+tiAqicE1s2OPvYzKw57vHK3sZ/Si/AKqIEN2qIk
x3w/CjeniSTWr5/UQK3GcvCxajHNbGUb+p3lB3PttMz8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org