Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/Dy95FlhZf9aYQhLB6wn8N2E_BrA.roa
File: Dy95FlhZf9aYQhLB6wn8N2E_BrA.roa (raw, json)
Hash identifier: NqqzQRnpBH5HqzViDduM0Y0aus3tKt7ZI0JbAQWqmAo=
Subject key identifier: 0F:2F:79:16:58:59:7F:D6:98:42:12:C1:EB:09:FC:37:61:3F:06:B0
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 0184C2A19A5289851F4A43B5B325957C6E5A
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/Dy95FlhZf9aYQhLB6wn8N2E_BrA.roa
Signing time: Tue 29 Nov 2022 09:04:41 +0000
ROA not before: Tue 29 Nov 2022 09:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43395
IP address blocks: 5.160.62.0/23 maxlen: 23
92.242.198.0/23 maxlen: 23
5.160.196.0/23 maxlen: 23
92.242.220.0/23 maxlen: 23
5.160.240.0/23 maxlen: 23
5.160.158.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c2:a1:9a:52:89:85:1f:4a:43:b5:b3:25:95:7c:6e:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Nov 29 09:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f2f791658597fd6984212c1eb09fc37613f06b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:14:5b:cf:66:69:d6:9c:98:01:af:12:be:fe:
c0:31:7a:3e:e5:29:c3:b9:dd:cb:e8:d7:0d:da:4a:
77:6d:55:08:bb:6f:ff:85:04:28:4d:bd:3c:8f:64:
47:f2:18:ec:10:24:63:66:b2:73:10:bd:90:7d:4c:
a9:f8:ec:07:68:a1:f8:17:e8:7c:ce:e7:52:64:7f:
b9:93:d8:72:8d:7d:40:92:9a:b1:a8:8f:48:15:ec:
da:7a:43:93:c2:04:b4:16:21:5d:9e:86:c5:c6:56:
83:1d:62:b6:d8:ff:9f:25:9e:0e:9c:b3:58:6c:c3:
6f:65:28:1b:55:f0:bb:13:10:6b:fc:13:aa:e4:85:
73:9f:00:1a:38:09:f9:6e:7c:64:7a:a3:ab:cd:20:
cc:92:69:dc:56:0d:a7:78:c6:14:86:c1:e6:d1:7f:
0e:02:3f:e9:fc:c4:02:fb:8d:e5:13:97:fc:80:63:
28:98:82:61:eb:8f:04:15:de:f8:86:d6:e9:69:34:
ef:20:19:f1:34:7b:c6:9b:9f:eb:2e:de:db:f1:43:
c2:81:0a:75:57:5a:f3:5f:88:be:5a:d6:d9:a1:b6:
02:6f:69:da:e1:d2:da:cf:07:ee:2c:43:b3:d1:db:
44:a7:4e:ba:1a:ba:43:3f:41:87:36:07:9f:53:85:
24:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:2F:79:16:58:59:7F:D6:98:42:12:C1:EB:09:FC:37:61:3F:06:B0
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/Dy95FlhZf9aYQhLB6wn8N2E_BrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.62.0/23
5.160.158.0/23
5.160.196.0/23
5.160.240.0/23
92.242.198.0/23
92.242.220.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:42:42:4f:53:3c:c1:02:c9:3c:95:54:50:3f:95:0f:36:ef:
77:52:6e:4c:ab:37:b4:0a:55:16:24:e5:90:03:94:94:db:6f:
2e:ed:e2:ed:85:2d:2d:a9:b0:80:77:65:8a:d1:7f:76:f0:e1:
8f:0c:7f:86:37:75:0a:29:47:ee:db:0d:15:c2:22:1e:c6:79:
e4:f7:71:22:56:8e:8f:fd:02:37:b1:a3:88:c3:c9:8c:1d:99:
73:5d:aa:52:1c:5a:c9:40:7b:1b:50:0b:08:24:84:30:73:21:
a2:c8:95:9c:f1:a3:bc:d0:b9:df:10:f9:96:b4:70:cb:0c:a3:
83:d6:b4:77:32:17:f9:16:8f:69:65:17:e1:65:22:b6:21:fc:
e0:cf:4b:8a:fc:48:8d:ec:45:5e:ce:bc:47:53:e4:fd:55:22:
cf:a1:2e:16:2b:72:49:6c:82:ff:6f:dc:6b:24:d2:cc:32:45:
8b:a1:72:51:d3:9d:d7:82:0a:3c:56:d2:bb:a7:70:46:c9:d2:
51:28:64:27:c9:b6:c0:3f:d8:df:8f:c7:50:15:f2:93:99:2c:
fa:f7:cd:ba:2e:f5:a2:c4:6c:a5:2d:3a:52:42:52:50:3e:6a:
84:a3:70:7f:2b:bc:7b:0d:c4:49:fc:92:6d:35:c5:f8:cf:58:
74:ed:59:ca
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYTCoZpSiYUfSkO1syWVfG5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjIxMTI5MDkwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjJmNzkxNjU4NTk3ZmQ2OTg0MjEyYzFlYjA5ZmMzNzYxM2YwNmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBRbz2Zp1pyYAa8Svv7AMXo+5SnD
ud3L6NcN2kp3bVUIu2//hQQoTb08j2RH8hjsECRjZrJzEL2QfUyp+OwHaKH4F+h8
zudSZH+5k9hyjX1AkpqxqI9IFezaekOTwgS0FiFdnobFxlaDHWK22P+fJZ4OnLNY
bMNvZSgbVfC7ExBr/BOq5IVznwAaOAn5bnxkeqOrzSDMkmncVg2neMYUhsHm0X8O
Aj/p/MQC+43lE5f8gGMomIJh648EFd74htbpaTTvIBnxNHvGm5/rLt7b8UPCgQp1
V1rzX4i+WtbZobYCb2na4dLazwfuLEOz0dtEp066GrpDP0GHNgefU4UkGQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA8veRZYWX/WmEISwesJ/DdhPwawMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvRHk5NUZsaFpmOWFZUWhMQjZ3bjhOMkVfQnJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBBaA+AwQB
BaCeAwQBBaDEAwQBBaDwAwQBXPLGAwQBXPLcMA0GCSqGSIb3DQEBCwUAA4IBAQAM
QkJPUzzBAsk8lVRQP5UPNu93Um5Mqze0ClUWJOWQA5SU228u7eLthS0tqbCAd2WK
0X928OGPDH+GN3UKKUfu2w0VwiIexnnk93EiVo6P/QI3saOIw8mMHZlzXapSHFrJ
QHsbUAsIJIQwcyGiyJWc8aO80LnfEPmWtHDLDKOD1rR3Mhf5Fo9pZRfhZSK2Ifzg
z0uK/EiN7EVezrxHU+T9VSLPoS4WK3JJbIL/b9xrJNLMMkWLoXJR053Xggo8VtK7
p3BGydJRKGQnybbAP9jfj8dQFfKTmSz69826LvWixGylLTpSQlJQPmqEo3B/K7x7
DcRJ/JJtNcX4z1h07VnK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:20 2024 by rpki-client on console-ams.rpki-client.org