Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/5VjNeBLavTAQ9UdYyWLkmL-aZfE.roa
File: 5VjNeBLavTAQ9UdYyWLkmL-aZfE.roa (raw, json)
Hash identifier: 3jMBhKyivRm046NrRViPQT0BKNbua5XS1+V1/NzvjlE=
Subject key identifier: E5:58:CD:78:12:DA:BD:30:10:F5:47:58:C9:62:E4:98:BF:9A:65:F1
Certificate issuer: /CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Certificate serial: 32B2A70E
Authority key identifier: 0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/5VjNeBLavTAQ9UdYyWLkmL-aZfE.roa
Signing time: Sat 01 Jan 2022 06:56:48 +0000
ROA not before: Sat 01 Jan 2022 06:56:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201785
IP address blocks: 91.223.211.0/24 maxlen: 24
195.43.88.0/23 maxlen: 24
195.43.88.0/24 maxlen: 24
193.200.230.0/24 maxlen: 24
62.69.145.0/24 maxlen: 24
62.69.151.0/24 maxlen: 24
2a01:9ec0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 850568974 (0x32b2a70e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Validity
Not Before: Jan 1 06:56:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e558cd7812dabd3010f54758c962e498bf9a65f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:63:94:cc:f4:60:a2:a1:90:0f:01:bf:98:d0:
f8:91:ab:f8:f4:d3:59:1e:f6:97:2c:93:c7:f8:84:
2d:f7:87:b5:08:7b:59:83:1b:39:a3:ab:90:4d:be:
55:a6:e8:f9:30:57:34:cf:3a:c8:f3:2e:cf:45:85:
bf:27:95:10:04:cc:b1:cb:cd:58:66:e1:e6:bb:84:
e1:e0:05:73:24:14:14:7c:4b:46:b5:cd:08:f0:82:
4c:93:e1:50:e1:92:b7:6a:aa:9d:fa:95:97:55:ea:
b3:34:88:67:a3:8d:63:37:a4:75:8e:4e:38:4a:d2:
d9:24:61:1c:c8:b8:4a:9f:a0:3d:e1:37:bc:a8:31:
80:86:37:8a:7f:47:38:08:0a:c1:2b:09:63:01:51:
46:5b:e1:11:6b:d7:8c:5b:e7:2a:e9:d7:0d:f0:51:
30:5d:4d:59:3e:c6:b9:35:17:27:34:79:04:17:30:
25:f0:bc:88:c4:57:6d:8c:24:2a:13:ab:a0:29:7c:
c6:fa:59:89:a8:ce:73:2d:85:99:6d:ee:69:d2:6e:
86:53:f7:7e:56:b2:df:6f:25:40:59:6e:a2:b4:06:
18:d0:00:91:1e:cd:bc:1e:df:92:30:de:48:d4:56:
23:11:ba:8e:97:02:38:74:05:03:93:56:9c:1e:4c:
69:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:58:CD:78:12:DA:BD:30:10:F5:47:58:C9:62:E4:98:BF:9A:65:F1
X509v3 Authority Key Identifier:
keyid:0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/5VjNeBLavTAQ9UdYyWLkmL-aZfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.69.145.0/24
62.69.151.0/24
91.223.211.0/24
193.200.230.0/24
195.43.88.0/23
IPv6:
2a01:9ec0::/29
Signature Algorithm: sha256WithRSAEncryption
57:7e:b5:dc:04:aa:bc:b6:e3:f4:17:23:14:3b:ca:87:1d:57:
4a:61:e8:fc:17:2a:7d:4e:97:8c:44:f9:48:1d:56:22:fe:cd:
0e:9e:1c:67:af:d0:95:d9:10:e8:1e:1b:41:8b:8d:fd:22:58:
fb:b8:6f:8d:ae:d8:a2:6f:3c:7d:b7:c0:73:09:67:31:ee:cf:
c8:15:21:96:8b:77:cb:50:b4:94:4f:a2:6d:72:bd:3c:ff:1b:
9e:69:42:38:f8:e5:12:88:dd:f4:99:46:fd:7d:ee:df:d1:4e:
48:45:2a:9c:fa:ed:5b:94:07:c4:23:4e:c6:c6:5d:bf:03:47:
fd:1c:a5:0d:e7:cd:a3:3e:e9:ed:2e:49:a3:6d:67:42:33:eb:
14:02:61:ec:92:77:60:52:50:7f:23:f9:71:d8:55:a2:7e:80:
83:78:23:91:38:3a:9d:ed:05:1f:c4:d0:ce:60:a5:37:bf:bd:
ef:2b:49:cf:d1:2c:0a:a5:b1:75:7e:c5:51:97:b8:de:ab:ed:
a5:1f:39:cb:7a:cb:57:0c:b9:ae:77:ed:07:96:dc:2b:00:f9:
4b:d3:7c:18:ac:6a:c0:73:d0:4c:6d:4f:5f:cf:77:f1:b3:17:
98:19:21:bc:a7:b1:25:1c:55:10:09:e3:c9:6b:71:d6:82:5d:
21:f3:ba:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEMrKnDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjIxNTIxYTcxMjcxNTdmN2RhZjBhZDA5MTM5NGFkNWExY2NlNzc5MB4XDTIyMDEw
MTA2NTY0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTU1OGNkNzgxMmRh
YmQzMDEwZjU0NzU4Yzk2MmU0OThiZjlhNjVmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtjlMz0YKKhkA8Bv5jQ+JGr+PTTWR72lyyTx/iELfeHtQh7
WYMbOaOrkE2+Vabo+TBXNM86yPMuz0WFvyeVEATMscvNWGbh5ruE4eAFcyQUFHxL
RrXNCPCCTJPhUOGSt2qqnfqVl1XqszSIZ6ONYzekdY5OOErS2SRhHMi4Sp+gPeE3
vKgxgIY3in9HOAgKwSsJYwFRRlvhEWvXjFvnKunXDfBRMF1NWT7GuTUXJzR5BBcw
JfC8iMRXbYwkKhOroCl8xvpZiajOcy2FmW3uadJuhlP3flay328lQFluorQGGNAA
kR7NvB7fkjDeSNRWIxG6jpcCOHQFA5NWnB5MaVkCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTlWM14Etq9MBD1R1jJYuSYv5pl8TAfBgNVHSMEGDAWgBQPIVIacScVf32v
CtCROUrVoczneTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0R5RlNHbkVuRlg5OXJ3clFrVGxLMWFITTUzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvZTgzMWIxLTllYzAtNDZmMi04NjBkLWZhZDVmZDc5NzBiYS8x
LzVWak5lQkxhdlRBUTlVZFl5V0xrbUwtYVpmRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
ZTgzMWIxLTllYzAtNDZmMi04NjBkLWZhZDVmZDc5NzBiYS8xL0R5RlNHbkVuRlg5
OXJ3clFrVGxLMWFITTUzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAD5FkQMEAD5FlwMEAFvf0wMEAMHI
5gMEAcMrWDANBAIAAjAHAwUDKgGewDANBgkqhkiG9w0BAQsFAAOCAQEAV3613ASq
vLbj9BcjFDvKhx1XSmHo/BcqfU6XjET5SB1WIv7NDp4cZ6/QldkQ6B4bQYuN/SJY
+7hvja7Yom88fbfAcwlnMe7PyBUhlot3y1C0lE+ibXK9PP8bnmlCOPjlEojd9JlG
/X3u39FOSEUqnPrtW5QHxCNOxsZdvwNH/RylDefNoz7p7S5Jo21nQjPrFAJh7JJ3
YFJQfyP5cdhVon6Ag3gjkTg6ne0FH8TQzmClN7+97ytJz9EsCqWxdX7FUZe43qvt
pR85y3rLVwy5rnftB5bcKwD5S9N8GKxqwHPQTG1PX8938bMXmBkhvKexJRxVEAnj
yWtx1oJdIfO6oQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:02 2023 by rpki-client on console-ams.rpki-client.org