Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/4qja_2pgpoWRfMdwDqftaubMPPo.roa
File: 4qja_2pgpoWRfMdwDqftaubMPPo.roa (raw, json)
Hash identifier: /UiMmhRC8uzwiFwHQw0zlNUwLx7FkwLtgB8f/G9tsTU=
Subject key identifier: E2:A8:DA:FF:6A:60:A6:85:91:7C:C7:70:0E:A7:ED:6A:E6:CC:3C:FA
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 3ACE90EC
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/4qja_2pgpoWRfMdwDqftaubMPPo.roa
Signing time: Tue 08 Feb 2022 09:55:54 +0000
ROA not before: Tue 08 Feb 2022 09:55:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62039
IP address blocks: 5.160.204.0/23 maxlen: 24
5.160.206.0/23 maxlen: 24
5.160.205.0/24 maxlen: 24
5.160.204.0/22 maxlen: 24
5.160.204.0/24 maxlen: 24
5.160.206.0/24 maxlen: 24
5.160.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 986616044 (0x3ace90ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Feb 8 09:55:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2a8daff6a60a685917cc7700ea7ed6ae6cc3cfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:83:ec:6b:9e:1c:98:8f:54:ac:d4:72:98:f7:
1e:79:ca:57:99:f3:9b:71:08:56:1c:15:9b:58:07:
25:15:43:ef:7d:0d:bf:2f:1d:d1:13:d5:0a:85:41:
09:9c:62:5c:0b:ed:a6:33:54:42:06:91:43:70:91:
48:10:02:9e:0c:66:a2:75:3c:cb:f4:7a:fe:75:04:
ca:24:4e:63:06:22:5c:8c:c3:ab:24:38:85:12:a5:
f5:60:c1:82:65:22:50:86:fb:15:f1:40:7c:bc:43:
47:95:9a:71:82:90:cf:4a:2d:6e:e1:8a:ed:4f:ed:
42:fb:17:f6:e3:be:14:d2:b7:66:e9:32:b7:55:9a:
9f:c9:c6:92:fe:9e:11:28:28:f3:95:e8:94:0d:7f:
d6:e0:5a:6a:0f:a7:a5:21:86:c3:85:13:62:d5:a1:
75:1b:17:f4:d7:dc:34:c8:04:dc:20:17:86:13:7f:
ee:87:49:18:70:f0:9c:ab:4e:5d:c7:6b:43:58:a4:
eb:e6:89:51:31:e6:95:32:99:e4:6c:d4:91:b8:7c:
7b:f2:a1:b2:81:df:d3:99:f4:9c:80:18:28:3f:3a:
bd:51:cd:9b:60:fb:db:10:39:08:ab:40:a2:cf:20:
cb:38:37:07:27:73:98:2d:b3:d8:05:bc:a5:e9:18:
6b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A8:DA:FF:6A:60:A6:85:91:7C:C7:70:0E:A7:ED:6A:E6:CC:3C:FA
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/4qja_2pgpoWRfMdwDqftaubMPPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.204.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:a3:47:39:96:d3:55:00:e6:a0:a0:dd:fc:b5:88:f5:29:2c:
e2:33:50:cd:e8:ee:a5:ce:44:ad:0c:28:fd:42:8d:65:0d:d6:
ce:35:64:38:aa:46:49:95:32:c3:0b:b2:d2:b8:31:d2:56:89:
b2:2c:29:4a:f7:70:da:d3:e7:15:31:16:43:79:a9:09:b4:6c:
50:bd:09:55:ee:4c:8d:9c:9a:a0:f4:98:a4:1c:60:36:9e:2a:
69:b4:12:2c:29:56:fb:cd:b1:97:df:b6:39:53:01:13:f2:ba:
3b:77:36:51:44:3b:39:fe:8f:8d:58:52:f0:66:87:f1:78:6b:
0f:fa:8c:d2:9a:5f:5a:aa:43:81:32:c2:28:56:12:66:30:25:
a7:f8:25:3f:5f:cc:8e:c1:ba:98:c0:f0:3f:32:10:61:10:71:
a2:d3:78:52:c6:93:b0:82:57:32:d9:12:c4:48:8e:30:13:5b:
e4:b5:fb:a7:a5:50:b3:0d:f4:47:36:0f:1f:10:e4:a6:f4:1b:
fe:ef:35:cd:cc:cc:7c:96:72:cd:72:60:a6:2c:46:70:aa:36:
1a:e8:17:d2:1b:b9:33:fc:01:6e:d5:4b:70:87:1f:4d:dd:02:
18:b6:d3:8f:1a:a5:fc:ed:dd:e2:a2:37:0b:86:b4:ef:86:ed:
e8:e3:a1:e9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOs6Q7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDIw
ODA5NTU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJhOGRhZmY2YTYw
YTY4NTkxN2NjNzcwMGVhN2VkNmFlNmNjM2NmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ6D7GueHJiPVKzUcpj3HnnKV5nzm3EIVhwVm1gHJRVD730N
vy8d0RPVCoVBCZxiXAvtpjNUQgaRQ3CRSBACngxmonU8y/R6/nUEyiROYwYiXIzD
qyQ4hRKl9WDBgmUiUIb7FfFAfLxDR5WacYKQz0otbuGK7U/tQvsX9uO+FNK3Zuky
t1Wan8nGkv6eESgo85XolA1/1uBaag+npSGGw4UTYtWhdRsX9NfcNMgE3CAXhhN/
7odJGHDwnKtOXcdrQ1ik6+aJUTHmlTKZ5GzUkbh8e/KhsoHf05n0nIAYKD86vVHN
m2D72xA5CKtAos8gyzg3BydzmC2z2AW8pekYaxECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTiqNr/amCmhZF8x3AOp+1q5sw8+jAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
LzRxamFfMnBncG9XUmZNZHdEcWZ0YXViTVBQby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgWgzDANBgkqhkiG9w0BAQsFAAOC
AQEAD6NHOZbTVQDmoKDd/LWI9Sks4jNQzejupc5ErQwo/UKNZQ3WzjVkOKpGSZUy
wwuy0rgx0laJsiwpSvdw2tPnFTEWQ3mpCbRsUL0JVe5MjZyaoPSYpBxgNp4qabQS
LClW+82xl9+2OVMBE/K6O3c2UUQ7Of6PjVhS8GaH8XhrD/qM0ppfWqpDgTLCKFYS
ZjAlp/glP1/MjsG6mMDwPzIQYRBxotN4UsaTsIJXMtkSxEiOMBNb5LX7p6VQsw30
RzYPHxDkpvQb/u81zczMfJZyzXJgpixGcKo2GugX0hu5M/wBbtVLcIcfTd0CGLbT
jxql/O3d4qI3C4a074bt6OOh6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:20 2024 by rpki-client on console-ams.rpki-client.org