Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/AkzdY1oB0Vs0iZZY_PYHB378iqw.roa
File: AkzdY1oB0Vs0iZZY_PYHB378iqw.roa (raw, json)
Hash identifier: aBhkpSqpE8xgUy7f3F+vL/1VXEkL+lfIEPtauasMXi4=
Subject key identifier: 02:4C:DD:63:5A:01:D1:5B:34:89:96:58:FC:F6:07:07:7E:FC:8A:AC
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 3A450212
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/AkzdY1oB0Vs0iZZY_PYHB378iqw.roa
Signing time: Sat 01 Jan 2022 14:56:18 +0000
ROA not before: Sat 01 Jan 2022 14:56:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43395
IP address blocks: 92.242.198.0/23 maxlen: 23
5.160.196.0/23 maxlen: 23
92.242.220.0/23 maxlen: 23
5.160.240.0/23 maxlen: 23
5.160.158.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 977601042 (0x3a450212)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 14:56:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=024cdd635a01d15b34899658fcf607077efc8aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8b:f7:26:72:95:a6:92:9a:13:3a:5f:b2:ce:
e0:cd:4d:9c:3b:4a:1f:44:90:c2:5d:a6:ec:50:89:
48:15:2a:57:60:e0:3c:e4:4f:df:23:33:e1:46:40:
6a:e0:7f:ba:56:9e:02:1a:10:6e:4f:7a:40:b4:a2:
39:2d:90:c9:9c:b0:11:1d:27:c9:ad:4c:0c:9c:b6:
38:35:c8:fc:96:95:ff:75:66:3e:e6:52:07:e5:ab:
6d:fe:f7:31:ee:47:38:da:8b:85:36:23:13:f9:36:
87:40:e6:55:cd:47:a4:b6:23:cf:9b:f6:c9:ad:44:
97:0c:0b:53:15:50:fe:20:a7:ec:a9:8b:bf:65:7e:
90:ee:8f:5a:d8:38:77:2b:a9:18:e3:d9:53:e4:fd:
94:53:b0:86:b6:cf:e8:9f:8b:37:e0:ae:a7:b6:89:
48:a8:c7:02:5c:1c:0f:37:c9:a5:8b:c9:aa:62:e9:
f8:fb:27:f9:ac:59:cc:b4:aa:9d:b7:d3:8c:54:93:
8a:b5:c3:4a:02:67:d8:a0:79:5d:ec:34:b5:79:79:
83:6d:33:5a:01:c6:e1:f7:c0:d1:a5:d2:81:9e:a8:
a6:c1:e6:69:0f:51:ae:ed:54:59:a6:24:3a:62:45:
18:37:0a:2b:8e:a7:1e:45:6a:33:4a:15:8b:79:49:
97:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:4C:DD:63:5A:01:D1:5B:34:89:96:58:FC:F6:07:07:7E:FC:8A:AC
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/AkzdY1oB0Vs0iZZY_PYHB378iqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.158.0/23
5.160.196.0/23
5.160.240.0/23
92.242.198.0/23
92.242.220.0/23
Signature Algorithm: sha256WithRSAEncryption
92:8d:38:dd:72:1e:98:ba:4c:1c:cf:28:fd:00:1d:ae:f1:b4:
24:66:96:37:44:8e:9e:78:29:11:6b:4f:67:6e:9b:9f:71:38:
4b:b3:fa:a8:77:02:bc:6d:1f:8e:e6:9f:0e:47:49:11:be:05:
ba:b7:98:61:5d:d5:62:dd:c5:50:e9:85:84:d7:e2:3c:8f:16:
74:27:0f:0a:03:79:cd:a3:b1:43:a8:9a:90:0a:a2:7e:7d:c6:
cd:1d:b5:bf:c7:dd:18:98:f2:03:95:2c:00:16:27:6d:73:4a:
0b:0e:5d:78:e0:54:01:77:e5:2d:3d:b5:6b:6b:b1:93:a0:ea:
e7:dd:81:16:c9:e1:03:00:fb:5b:95:7b:0f:15:28:cf:7f:4c:
dc:1b:76:4f:06:38:e2:08:71:c1:ad:46:1c:96:20:f3:eb:32:
22:cd:06:49:ae:05:d1:7e:93:36:69:5c:09:c2:ae:d9:93:4e:
37:2b:f9:80:4b:ee:ce:48:b3:64:c0:06:74:fb:00:da:65:ed:
64:00:ad:a7:c5:72:df:dc:4b:d9:32:b8:1c:78:0f:3f:d4:47:
b1:6d:b7:b1:18:ab:56:cb:82:f2:88:e3:7b:f1:37:78:bf:21:
e5:e0:78:24:15:92:bc:ae:8f:cf:cc:5f:e3:ee:3f:35:a1:5b:
cd:84:d7:c7
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEOkUCEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDI0Y2RkNjM1YTAx
ZDE1YjM0ODk5NjU4ZmNmNjA3MDc3ZWZjOGFhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANaL9yZylaaSmhM6X7LO4M1NnDtKH0SQwl2m7FCJSBUqV2Dg
PORP3yMz4UZAauB/ulaeAhoQbk96QLSiOS2QyZywER0nya1MDJy2ODXI/JaV/3Vm
PuZSB+Wrbf73Me5HONqLhTYjE/k2h0DmVc1HpLYjz5v2ya1ElwwLUxVQ/iCn7KmL
v2V+kO6PWtg4dyupGOPZU+T9lFOwhrbP6J+LN+Cup7aJSKjHAlwcDzfJpYvJqmLp
+Psn+axZzLSqnbfTjFSTirXDSgJn2KB5Xew0tXl5g20zWgHG4ffA0aXSgZ6opsHm
aQ9Rru1UWaYkOmJFGDcKK46nHkVqM0oVi3lJl58CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQCTN1jWgHRWzSJllj89gcHfvyKrDAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L0FremRZMW9CMFZzMGlaWllfUFlIQjM3OGlxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAQWgngMEAQWgxAMEAQWg8AMEAVzy
xgMEAVzy3DANBgkqhkiG9w0BAQsFAAOCAQEAko043XIemLpMHM8o/QAdrvG0JGaW
N0SOnngpEWtPZ26bn3E4S7P6qHcCvG0fjuafDkdJEb4FureYYV3VYt3FUOmFhNfi
PI8WdCcPCgN5zaOxQ6iakAqifn3GzR21v8fdGJjyA5UsABYnbXNKCw5deOBUAXfl
LT21a2uxk6Dq592BFsnhAwD7W5V7DxUoz39M3Bt2TwY44ghxwa1GHJYg8+syIs0G
Sa4F0X6TNmlcCcKu2ZNONyv5gEvuzkizZMAGdPsA2mXtZACtp8Vy39xL2TK4HHgP
P9RHsW23sRirVsuC8ojje/E3eL8h5eB4JBWSvK6Pz8xf4+4/NaFbzYTXxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org