Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7e89f5-3f07-4ce1-8c4f-9701e00e3f03/1/thc8KUzkpyH6UcQcXUI4bZVBC-c.roa
File: thc8KUzkpyH6UcQcXUI4bZVBC-c.roa (raw, json)
Hash identifier: bp/wQDdvuUn10LC+BM4z9gTGEdK7o0d6infNp+tOa/E=
Subject key identifier: B6:17:3C:29:4C:E4:A7:21:FA:51:C4:1C:5D:42:38:6D:95:41:0B:E7
Certificate issuer: /CN=0cbec386ce9cc04e7fb7f97549cce3d6c05e8e45
Certificate serial: 0152CC1A
Authority key identifier: 0C:BE:C3:86:CE:9C:C0:4E:7F:B7:F9:75:49:CC:E3:D6:C0:5E:8E:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DL7Dhs6cwE5_t_l1Sczj1sBejkU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7e89f5-3f07-4ce1-8c4f-9701e00e3f03/1/thc8KUzkpyH6UcQcXUI4bZVBC-c.roa
Signing time: Sat 01 Jan 2022 04:58:14 +0000
ROA not before: Sat 01 Jan 2022 04:58:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 27176
IP address blocks: 5.172.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22203418 (0x152cc1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cbec386ce9cc04e7fb7f97549cce3d6c05e8e45
Validity
Not Before: Jan 1 04:58:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6173c294ce4a721fa51c41c5d42386d95410be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:85:81:0b:61:75:64:05:f1:10:3e:df:96:ea:
6a:8c:7c:30:40:50:cd:1d:a2:0b:c4:78:f7:2f:8a:
f3:d1:59:f4:e0:d2:86:92:a0:d9:76:b0:da:ba:75:
09:5e:5c:6f:7a:4f:cb:14:bb:16:11:75:36:b7:2a:
d3:45:8d:00:91:14:0e:08:a3:53:bd:9f:8d:bf:2c:
8d:44:0c:be:f4:e9:82:22:ca:f9:54:c2:ff:17:53:
0f:33:ac:4b:7c:8a:f0:66:87:cc:09:02:52:48:fc:
28:c3:7f:b2:9a:ec:ea:5a:cd:20:b2:f0:d8:d8:8c:
73:aa:24:39:07:c7:1f:f1:7a:53:a1:ba:de:3e:c8:
33:d5:e2:a1:33:e2:d3:3a:11:4c:68:c1:3d:da:c8:
4c:95:fd:24:21:80:40:04:bc:10:5c:39:5d:18:2b:
6e:b8:90:e5:0e:94:8f:9d:08:c4:dd:1b:9f:d5:01:
64:f6:e3:28:bc:7e:cc:16:ee:2a:71:f7:54:bd:f0:
cb:41:76:b4:60:36:81:49:71:a2:50:66:93:60:0f:
72:63:96:c3:af:40:58:93:9e:4c:2a:60:d9:38:ce:
58:0b:8b:5d:ce:7c:0a:e4:dc:32:07:8d:96:dc:b3:
20:97:3d:27:41:bd:64:85:e4:39:bf:1c:aa:ab:53:
a3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:17:3C:29:4C:E4:A7:21:FA:51:C4:1C:5D:42:38:6D:95:41:0B:E7
X509v3 Authority Key Identifier:
keyid:0C:BE:C3:86:CE:9C:C0:4E:7F:B7:F9:75:49:CC:E3:D6:C0:5E:8E:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DL7Dhs6cwE5_t_l1Sczj1sBejkU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7e89f5-3f07-4ce1-8c4f-9701e00e3f03/1/thc8KUzkpyH6UcQcXUI4bZVBC-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7e89f5-3f07-4ce1-8c4f-9701e00e3f03/1/DL7Dhs6cwE5_t_l1Sczj1sBejkU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.181.0/24
Signature Algorithm: sha256WithRSAEncryption
82:79:dc:b3:14:8c:e5:4d:ed:e8:72:5f:ee:9b:56:3d:51:25:
eb:16:a7:79:dc:40:15:18:b8:44:43:d4:3f:c4:d2:98:83:34:
f3:ec:14:9f:58:bd:21:d1:56:9d:88:99:a5:d7:cc:12:1f:f7:
34:e7:b4:60:e0:53:d3:b5:80:4f:38:31:30:5c:a2:5a:4d:ca:
16:32:b6:50:0e:51:95:11:f1:e1:79:0a:81:b1:4f:70:8f:09:
3e:8a:4f:12:50:0e:d1:3d:e8:ac:03:fc:21:c3:7f:9e:7b:d0:
91:54:3b:ad:bb:6d:9e:9f:91:61:c2:52:50:8b:5c:0d:a8:23:
87:11:68:1b:f7:94:b5:bb:90:17:0a:d2:32:18:bb:fd:4c:ba:
6d:3f:64:3d:9c:3d:43:8f:2c:68:f9:49:b6:10:9b:fe:d6:f1:
07:53:55:66:2e:22:e0:63:14:bc:fa:9c:90:8c:4f:f3:df:f4:
36:f0:17:1c:50:0b:bb:08:87:a0:52:85:a6:b9:08:de:e3:f4:
4f:25:a2:d3:2e:dd:8c:20:04:f8:c7:f5:24:78:94:b0:68:e0:
f8:c9:e6:b6:91:71:20:4e:18:d4:1c:89:9a:c6:fc:d8:82:54:
61:9c:9c:01:34:a1:47:47:d2:67:60:73:10:fd:8e:e4:15:e5:
f3:0a:95:9d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAVLMGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
Y2JlYzM4NmNlOWNjMDRlN2ZiN2Y5NzU0OWNjZTNkNmMwNWU4ZTQ1MB4XDTIyMDEw
MTA0NTgxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjYxNzNjMjk0Y2U0
YTcyMWZhNTFjNDFjNWQ0MjM4NmQ5NTQxMGJlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANCFgQthdWQF8RA+35bqaox8MEBQzR2iC8R49y+K89FZ9ODS
hpKg2Xaw2rp1CV5cb3pPyxS7FhF1Nrcq00WNAJEUDgijU72fjb8sjUQMvvTpgiLK
+VTC/xdTDzOsS3yK8GaHzAkCUkj8KMN/sprs6lrNILLw2NiMc6okOQfHH/F6U6G6
3j7IM9XioTPi0zoRTGjBPdrITJX9JCGAQAS8EFw5XRgrbriQ5Q6Uj50IxN0bn9UB
ZPbjKLx+zBbuKnH3VL3wy0F2tGA2gUlxolBmk2APcmOWw69AWJOeTCpg2TjOWAuL
Xc58CuTcMgeNltyzIJc9J0G9ZIXkOb8cqqtTo68CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS2FzwpTOSnIfpRxBxdQjhtlUEL5zAfBgNVHSMEGDAWgBQMvsOGzpzATn+3
+XVJzOPWwF6ORTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RMN0RoczZjd0U1X3RfbDFTY3pqMXNCZWprVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvN2U4OWY1LTNmMDctNGNlMS04YzRmLTk3MDFlMDBlM2YwMy8x
L3RoYzhLVXprcHlINlVjUWNYVUk0YlpWQkMtYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
N2U4OWY1LTNmMDctNGNlMS04YzRmLTk3MDFlMDBlM2YwMy8xL0RMN0RoczZjd0U1
X3RfbDFTY3pqMXNCZWprVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWstTANBgkqhkiG9w0BAQsFAAOC
AQEAgnncsxSM5U3t6HJf7ptWPVEl6xanedxAFRi4REPUP8TSmIM08+wUn1i9IdFW
nYiZpdfMEh/3NOe0YOBT07WATzgxMFyiWk3KFjK2UA5RlRHx4XkKgbFPcI8JPopP
ElAO0T3orAP8IcN/nnvQkVQ7rbttnp+RYcJSUItcDagjhxFoG/eUtbuQFwrSMhi7
/Uy6bT9kPZw9Q48saPlJthCb/tbxB1NVZi4i4GMUvPqckIxP89/0NvAXHFALuwiH
oFKFprkI3uP0TyWi0y7djCAE+Mf1JHiUsGjg+MnmtpFxIE4Y1ByJmsb82IJUYZyc
ATShR0fSZ2BzEP2O5BXl8wqVnQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:01 2023 by rpki-client on console-ams.rpki-client.org