Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/3VdP8uJFuXTfw2V7TUll8ldJ2kA.roa
File: 3VdP8uJFuXTfw2V7TUll8ldJ2kA.roa (raw, json)
Hash identifier: F54m9l3AMvkXfUezd+7oXfFY0pjCei2yokTGmw/039M=
Subject key identifier: DD:57:4F:F2:E2:45:B9:74:DF:C3:65:7B:4D:49:65:F2:57:49:DA:40
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 3A4C6484
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/3VdP8uJFuXTfw2V7TUll8ldJ2kA.roa
Signing time: Sat 01 Jan 2022 14:56:22 +0000
ROA not before: Sat 01 Jan 2022 14:56:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50892
IP address blocks: 5.160.17.0/24 maxlen: 24
5.160.22.0/24 maxlen: 24
5.160.20.0/24 maxlen: 24
5.160.18.0/24 maxlen: 24
5.160.23.0/24 maxlen: 24
5.160.21.0/24 maxlen: 24
5.160.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 978084996 (0x3a4c6484)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 14:56:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd574ff2e245b974dfc3657b4d4965f25749da40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b4:56:32:10:15:9e:4a:23:89:7b:69:82:a5:
f4:d3:3a:15:ae:0b:43:d0:c2:63:13:ef:72:15:40:
03:5e:c7:55:09:9a:e0:19:34:94:be:f1:46:d8:0e:
2b:9f:bd:4b:55:2c:52:a0:4a:0c:83:75:9a:6b:9d:
37:db:ad:90:a6:3b:32:df:a7:62:ca:1b:55:fc:34:
e4:90:3b:07:e6:86:84:cf:e6:29:93:93:73:a0:5f:
fc:5d:4d:cb:90:27:52:58:1f:dc:60:5d:03:15:ba:
2b:38:c6:88:c3:cb:be:af:ee:5c:12:3c:cb:96:91:
b8:41:ba:7a:26:71:3d:7a:8c:91:7e:79:90:c1:fc:
32:ea:97:da:f6:31:79:b1:b1:97:cf:c7:ee:88:0b:
c1:f0:54:74:94:7c:64:10:4f:f0:5c:9b:4c:3b:66:
58:b5:2f:dd:66:d9:ec:ea:cd:2b:e3:ca:25:5e:9d:
7a:9d:e3:5d:36:09:98:44:ae:28:68:bf:ed:db:fb:
52:03:c2:a0:c0:1a:fe:e4:d2:aa:3a:02:05:55:b9:
0d:00:ba:e4:2a:6a:9c:fc:7c:82:2e:ff:61:bc:c6:
9e:eb:4e:11:69:5e:60:c8:8e:70:03:f1:b7:01:20:
42:be:41:82:e6:a3:b9:4b:70:e3:bb:1e:28:c0:c9:
a2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:57:4F:F2:E2:45:B9:74:DF:C3:65:7B:4D:49:65:F2:57:49:DA:40
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/3VdP8uJFuXTfw2V7TUll8ldJ2kA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.17.0-5.160.23.255
Signature Algorithm: sha256WithRSAEncryption
36:68:1f:07:b4:d2:3c:f9:ae:3d:36:3a:f7:ac:99:f8:1f:49:
dc:37:66:e5:cf:05:6e:78:c7:67:46:c8:a8:20:6b:d7:34:13:
3a:c0:cb:47:5f:7d:a3:3e:65:d7:e8:52:c9:dc:e6:ae:a9:f8:
81:57:71:54:95:91:b2:99:19:21:50:84:dd:16:cf:10:2a:a0:
a4:a1:ce:61:0f:98:03:d8:e4:be:08:e4:28:31:6c:13:23:41:
8e:ad:24:86:3f:13:7b:6d:cc:00:8e:ae:97:8e:fb:bd:df:30:
bd:60:ae:5f:07:1b:84:77:ba:e2:04:c9:b8:b7:af:9d:74:c6:
e1:8a:81:1d:0f:9c:df:2b:b7:65:2e:b3:94:27:2d:54:76:9f:
40:b4:1f:2f:7c:35:ae:62:03:d8:cc:28:b1:67:bf:41:7a:24:
8f:84:bf:97:ee:e9:df:74:6b:12:30:4f:72:e1:5e:c5:eb:af:
4b:bb:50:c0:f6:0c:78:74:2d:4b:82:b7:a9:20:46:fc:73:68:
03:65:27:1c:c3:ab:78:e5:58:f2:f8:33:1a:4a:19:4f:4e:6f:
00:be:23:04:c6:53:ff:cd:96:0f:d6:e6:e0:18:26:61:de:97:
3f:56:e6:02:f5:cc:16:e7:cd:a5:20:b1:1d:5a:69:a8:de:34:
2a:49:e9:bc
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEOkxkhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ1NzRmZjJlMjQ1
Yjk3NGRmYzM2NTdiNGQ0OTY1ZjI1NzQ5ZGE0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANi0VjIQFZ5KI4l7aYKl9NM6Fa4LQ9DCYxPvchVAA17HVQma
4Bk0lL7xRtgOK5+9S1UsUqBKDIN1mmudN9utkKY7Mt+nYsobVfw05JA7B+aGhM/m
KZOTc6Bf/F1Ny5AnUlgf3GBdAxW6KzjGiMPLvq/uXBI8y5aRuEG6eiZxPXqMkX55
kMH8MuqX2vYxebGxl8/H7ogLwfBUdJR8ZBBP8FybTDtmWLUv3WbZ7OrNK+PKJV6d
ep3jXTYJmESuKGi/7dv7UgPCoMAa/uTSqjoCBVW5DQC65CpqnPx8gi7/YbzGnutO
EWleYMiOcAPxtwEgQr5BguajuUtw47seKMDJoscCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTdV0/y4kW5dN/DZXtNSWXyV0naQDAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
LzNWZFA4dUpGdVhUZncyVjdUVWxsOGxkSjJrQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQABaARAwQDBaAQMA0GCSqGSIb3
DQEBCwUAA4IBAQA2aB8HtNI8+a49Njr3rJn4H0ncN2blzwVueMdnRsioIGvXNBM6
wMtHX32jPmXX6FLJ3OauqfiBV3FUlZGymRkhUITdFs8QKqCkoc5hD5gD2OS+COQo
MWwTI0GOrSSGPxN7bcwAjq6Xjvu93zC9YK5fBxuEd7riBMm4t6+ddMbhioEdD5zf
K7dlLrOUJy1Udp9AtB8vfDWuYgPYzCixZ79BeiSPhL+X7unfdGsSME9y4V7F669L
u1DA9gx4dC1LgrepIEb8c2gDZSccw6t45Vjy+DMaShlPTm8AviMExlP/zZYP1ubg
GCZh3pc/VuYC9cwW582lILEdWmmo3jQqSem8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:19 2023 by rpki-client on console-fra.rpki-client.org