Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/3l0AhOwQ0_4DOZM-PK66iMv0Zkg.roa
File: 3l0AhOwQ0_4DOZM-PK66iMv0Zkg.roa (raw, json)
Hash identifier: HJI98zd3w3E3K0SfRfClw1RZ1JjMjjMRbyIqiPgndwQ=
Subject key identifier: DE:5D:00:84:EC:10:D3:FE:03:39:93:3E:3C:AE:BA:88:CB:F4:66:48
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 0185487DCDA6D6B8F5807C9B44B5A3EC7A35
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/3l0AhOwQ0_4DOZM-PK66iMv0Zkg.roa
Signing time: Sun 25 Dec 2022 08:54:42 +0000
ROA not before: Sun 25 Dec 2022 08:54:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51235
IP address blocks: 92.242.208.0/24 maxlen: 24
5.160.180.0/22 maxlen: 22
5.160.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:48:7d:cd:a6:d6:b8:f5:80:7c:9b:44:b5:a3:ec:7a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Dec 25 08:54:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de5d0084ec10d3fe0339933e3caeba88cbf46648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:cf:4e:48:65:d4:6f:2e:84:22:df:9c:fe:c0:
90:45:f8:9e:92:a5:f6:bb:02:7b:ae:5f:54:e7:0d:
74:25:b8:a9:43:22:16:a2:97:07:66:58:8f:ea:41:
7b:f6:53:47:28:60:75:18:c6:51:95:b2:9a:3d:5c:
f0:c1:e5:04:f6:5d:83:93:8a:d8:c7:67:78:2f:ce:
62:c6:95:77:f3:35:2f:c0:8a:ac:73:c3:e1:68:72:
f6:43:86:99:de:bb:9d:30:df:cd:87:65:57:64:ef:
be:35:69:0f:5e:e4:74:fe:13:1e:c4:1c:58:ca:80:
0a:45:74:95:fa:74:79:84:33:4e:8d:23:5c:75:8a:
3f:03:d8:4f:9c:32:6f:e9:7c:9e:84:7d:2f:19:0a:
df:26:4a:44:cb:20:08:f2:94:2b:41:9b:a4:2b:b5:
b2:2a:0d:43:b6:ce:56:24:c6:dc:f4:df:fd:44:dc:
6c:79:ac:13:29:d9:63:cf:be:41:d7:f7:8b:d8:80:
81:1f:7a:18:fd:a7:b6:94:ea:20:37:f4:c8:65:73:
1a:12:f8:92:5b:b0:f7:f9:ac:66:f3:9e:34:d1:41:
1e:da:09:a6:e8:6e:c9:a6:b3:ea:b7:2a:e5:0f:b2:
20:02:58:f1:f0:ad:f3:dd:bb:f8:c1:6f:36:0f:2a:
02:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:5D:00:84:EC:10:D3:FE:03:39:93:3E:3C:AE:BA:88:CB:F4:66:48
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/3l0AhOwQ0_4DOZM-PK66iMv0Zkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.128.0/24
5.160.180.0/22
92.242.208.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:fa:45:98:aa:93:d6:c4:95:d7:cf:ab:69:a2:12:29:62:d4:
02:a9:3a:08:5a:ed:12:60:ea:76:bb:d0:7f:91:37:b1:2c:6f:
68:ee:e5:38:7e:e2:47:35:5c:04:64:34:5e:6b:61:e0:be:e5:
1e:7e:92:6c:65:2b:5d:c4:3e:78:c7:b6:fe:01:88:75:74:3c:
38:37:89:1c:de:cb:d6:b1:3c:e7:36:19:b4:fa:67:66:e8:9a:
6d:0a:e1:4e:cf:f2:ba:9c:f4:1d:41:c1:98:20:b5:1c:af:8e:
79:43:e8:32:dd:57:54:8a:1d:f6:bc:12:03:aa:50:e7:dd:08:
4c:bd:a1:e2:98:67:dd:cf:03:f5:c5:b9:d6:e6:c9:fb:4f:75:
6a:39:69:7f:38:35:64:8d:4a:6f:93:53:96:95:0f:ca:bb:f3:
b4:10:1f:01:a7:b5:b7:4e:0d:76:69:f7:3e:58:2b:cd:9c:f9:
ea:07:2e:af:25:0c:40:37:bf:7f:e8:2f:45:8c:27:9c:c6:87:
c8:64:ea:d6:14:eb:72:d6:c0:0a:38:66:c0:b1:9a:b3:48:12:
02:72:40:35:83:f7:b9:60:2d:08:44:0e:48:70:c2:dc:27:96:
69:37:35:51:94:ee:45:6c:ac:94:1d:dd:59:e2:d2:6e:4a:6e:
d4:cb:17:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVIfc2m1rj1gHybRLWj7Ho1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjIxMjI1MDg1NDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTVkMDA4NGVjMTBkM2ZlMDMzOTkzM2UzY2FlYmE4OGNiZjQ2NjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkc9OSGXUby6EIt+c/sCQRfiekqX2
uwJ7rl9U5w10JbipQyIWopcHZliP6kF79lNHKGB1GMZRlbKaPVzwweUE9l2Dk4rY
x2d4L85ixpV38zUvwIqsc8PhaHL2Q4aZ3rudMN/Nh2VXZO++NWkPXuR0/hMexBxY
yoAKRXSV+nR5hDNOjSNcdYo/A9hPnDJv6XyehH0vGQrfJkpEyyAI8pQrQZukK7Wy
Kg1Dts5WJMbc9N/9RNxseawTKdljz75B1/eL2ICBH3oY/ae2lOogN/TIZXMaEviS
W7D3+axm85400UEe2gmm6G7JprPqtyrlD7IgAljx8K3z3bv4wW82DyoCtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN5dAITsENP+AzmTPjyuuojL9GZIMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvM2wwQWhPd1EwXzRET1pNLVBLNjZpTXYwWmtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABaCAAwQC
BaC0AwQAXPLQMA0GCSqGSIb3DQEBCwUAA4IBAQAO+kWYqpPWxJXXz6tpohIpYtQC
qToIWu0SYOp2u9B/kTexLG9o7uU4fuJHNVwEZDRea2HgvuUefpJsZStdxD54x7b+
AYh1dDw4N4kc3svWsTznNhm0+mdm6JptCuFOz/K6nPQdQcGYILUcr455Q+gy3VdU
ih32vBIDqlDn3QhMvaHimGfdzwP1xbnW5sn7T3VqOWl/ODVkjUpvk1OWlQ/Ku/O0
EB8Bp7W3Tg12afc+WCvNnPnqBy6vJQxAN79/6C9FjCecxofIZOrWFOty1sAKOGbA
sZqzSBICckA1g/e5YC0IRA5IcMLcJ5ZpNzVRlO5FbKyUHd1Z4tJuSm7Uyxez
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:19 2023 by rpki-client on console-fra.rpki-client.org