Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/aBzuTvSf48UPqJVNPYKFaYYXcs8.roa
File: aBzuTvSf48UPqJVNPYKFaYYXcs8.roa (raw, json)
Hash identifier: TweZepgVK0qB//aCmoCBS6CDPqZ11SL9Np8cLtYzxFE=
Subject key identifier: 68:1C:EE:4E:F4:9F:E3:C5:0F:A8:95:4D:3D:82:85:69:86:17:72:CF
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018559BF3710A0DCB859FE2FF72073F83AA6
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/aBzuTvSf48UPqJVNPYKFaYYXcs8.roa
Signing time: Wed 28 Dec 2022 17:19:41 +0000
ROA not before: Wed 28 Dec 2022 17:19:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39047
IP address blocks: 5.101.212.0/22 maxlen: 22
5.101.208.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:59:bf:37:10:a0:dc:b8:59:fe:2f:f7:20:73:f8:3a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Dec 28 17:19:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=681cee4ef49fe3c50fa8954d3d828569861772cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9f:ae:ba:d4:08:0e:fe:ac:11:bf:54:f1:22:
87:c3:11:c1:34:5e:9d:bf:73:29:21:4e:ec:ff:15:
7b:7c:40:3d:f6:24:fe:77:2d:ee:4c:b6:97:03:4e:
35:26:3a:a6:45:c2:82:8a:64:0c:38:dc:05:8a:70:
d0:58:f1:b9:09:4a:b7:d7:16:73:06:00:9c:05:8f:
2f:a0:f2:f9:a5:64:e1:c6:30:a7:4a:94:00:bd:c2:
b9:6c:08:e8:7c:e5:be:3e:18:ee:6f:05:91:a3:11:
17:47:5f:d9:3a:4c:c8:55:05:27:1a:0f:e6:b0:06:
c0:7d:4b:f8:78:71:0e:05:e3:ce:f2:60:64:61:2e:
f9:1e:bf:3a:31:bf:a9:da:3c:70:f5:fb:4d:9c:58:
91:3d:63:2a:fb:9a:49:f8:93:ca:1b:74:d7:7a:89:
43:2d:cd:17:68:40:fd:39:0d:1b:8f:42:36:b8:75:
6f:73:de:b4:25:b7:04:ce:d0:4b:7c:6d:e5:1c:e2:
22:7f:ec:37:b8:cc:8e:18:dc:77:f2:6f:73:21:7c:
73:b7:cd:24:35:f9:a5:f0:9d:c0:bc:37:fc:99:d7:
62:df:f1:f3:e5:42:f4:e8:c8:10:98:7f:a3:f6:8c:
b9:7e:5f:a1:eb:27:3a:89:44:13:5b:d8:cf:0d:fe:
38:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:1C:EE:4E:F4:9F:E3:C5:0F:A8:95:4D:3D:82:85:69:86:17:72:CF
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/aBzuTvSf48UPqJVNPYKFaYYXcs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.208.0/21
Signature Algorithm: sha256WithRSAEncryption
00:96:f2:d5:25:95:34:00:49:12:d8:e8:47:18:b8:d3:34:e7:
d7:40:59:a0:0c:eb:65:30:b0:23:b8:5d:48:51:3a:7d:15:74:
3a:e3:94:59:c3:ad:49:a4:95:cc:82:80:0e:61:64:f4:87:c4:
1b:4f:83:34:d4:51:03:8a:4d:97:8d:6d:36:73:be:91:fa:97:
e3:f2:95:ee:35:db:f3:eb:8a:d6:93:d3:69:ab:3c:18:45:13:
fe:7f:6a:e6:29:61:2a:75:ae:ac:d1:6c:01:a5:21:79:3d:a8:
32:2c:ab:86:e7:dc:de:32:58:3c:2b:e9:7e:d6:fa:7e:1e:4e:
14:4f:57:f2:5c:49:86:81:9e:5d:6e:79:ea:ab:62:cc:67:d5:
dc:ab:5b:4b:8f:a6:38:08:df:73:66:8c:cb:ae:86:8e:5e:6c:
05:87:3c:ea:b0:17:17:fc:28:e4:2b:6b:fb:81:77:97:07:c7:
eb:11:74:a7:72:9e:f0:84:67:e8:eb:78:40:15:a1:48:ca:ac:
06:14:8a:0c:45:c4:b9:d7:33:27:a4:94:f9:f6:b3:5b:49:1b:
06:4e:2c:a3:2d:5e:a5:80:4f:87:cb:b1:12:c7:58:02:0b:b3:
5b:cc:a4:48:8a:8d:36:b2:0c:21:d7:45:be:dd:80:49:41:a5:
d6:43:b5:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVZvzcQoNy4Wf4v9yBz+DqmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIxMjI4MTcxOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODFjZWU0ZWY0OWZlM2M1MGZhODk1NGQzZDgyODU2OTg2MTc3MmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5+uutQIDv6sEb9U8SKHwxHBNF6d
v3MpIU7s/xV7fEA99iT+dy3uTLaXA041JjqmRcKCimQMONwFinDQWPG5CUq31xZz
BgCcBY8voPL5pWThxjCnSpQAvcK5bAjofOW+PhjubwWRoxEXR1/ZOkzIVQUnGg/m
sAbAfUv4eHEOBePO8mBkYS75Hr86Mb+p2jxw9ftNnFiRPWMq+5pJ+JPKG3TXeolD
Lc0XaED9OQ0bj0I2uHVvc960JbcEztBLfG3lHOIif+w3uMyOGNx38m9zIXxzt80k
Nfml8J3AvDf8mddi3/Hz5UL06MgQmH+j9oy5fl+h6yc6iUQTW9jPDf44qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGgc7k70n+PFD6iVTT2ChWmGF3LPMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvYUJ6dVR2U2Y0OFVQcUpWTlBZS0ZhWVlYY3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBWXQMA0G
CSqGSIb3DQEBCwUAA4IBAQAAlvLVJZU0AEkS2OhHGLjTNOfXQFmgDOtlMLAjuF1I
UTp9FXQ645RZw61JpJXMgoAOYWT0h8QbT4M01FEDik2XjW02c76R+pfj8pXuNdvz
64rWk9NpqzwYRRP+f2rmKWEqda6s0WwBpSF5PagyLKuG59zeMlg8K+l+1vp+Hk4U
T1fyXEmGgZ5dbnnqq2LMZ9Xcq1tLj6Y4CN9zZozLroaOXmwFhzzqsBcX/CjkK2v7
gXeXB8frEXSncp7whGfo63hAFaFIyqwGFIoMRcS51zMnpJT59rNbSRsGTiyjLV6l
gE+Hy7ESx1gCC7NbzKRIio02sgwh10W+3YBJQaXWQ7Vc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org