Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/af1c6Q21tJUvH-hlJxegpaICjH0.roa
File: af1c6Q21tJUvH-hlJxegpaICjH0.roa (raw, json)
Hash identifier: /PcJf0Vr3TeRbylIeZwjyk5gRVJGvCrtrCHAuR9JyJ0=
Subject key identifier: 69:FD:5C:E9:0D:B5:B4:95:2F:1F:E8:65:27:17:A0:A5:A2:02:8C:7D
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 3A5DAC6E
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/af1c6Q21tJUvH-hlJxegpaICjH0.roa
Signing time: Sat 01 Jan 2022 14:56:35 +0000
ROA not before: Sat 01 Jan 2022 14:56:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64436
IP address blocks: 5.160.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 979217518 (0x3a5dac6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 14:56:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69fd5ce90db5b4952f1fe8652717a0a5a2028c7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:08:bd:f1:fd:98:4b:70:7d:5a:1f:09:ef:1d:
36:2a:e9:37:df:68:ba:50:72:d2:21:62:33:41:54:
1a:ac:68:1f:b7:5a:45:05:fb:12:75:32:c1:5f:9c:
af:f1:6c:db:d6:66:dc:42:07:b0:29:12:02:21:b6:
f9:aa:2e:ec:97:30:0b:d0:f0:67:be:09:87:29:fa:
33:74:a4:61:c6:cf:c5:a9:22:00:73:06:50:aa:31:
53:b4:4c:49:8d:90:81:ba:88:b2:dc:1e:56:3c:3a:
e6:77:af:74:2a:3b:f3:ca:8b:c8:11:26:2a:04:2d:
7e:c8:a6:28:10:0b:c6:b4:7b:06:e5:8e:a2:7c:28:
f1:1b:4b:05:8e:12:b9:1a:e0:0a:3e:7a:4a:7e:59:
7f:2e:f5:1a:9b:08:0a:e3:c1:9f:fd:d8:40:4e:69:
09:de:6e:84:bf:22:f0:ad:28:2e:07:11:8b:94:9d:
fe:55:e1:b0:96:d3:ef:82:72:2a:1e:69:b4:44:88:
b3:f9:f7:82:4e:9d:b2:61:c8:4a:0b:d4:8b:08:62:
6a:1b:15:5b:10:4f:ba:15:d9:a6:de:04:53:a8:69:
9d:df:48:77:43:cd:d5:15:19:6a:42:95:b8:56:c4:
a6:5c:93:b2:37:40:cb:db:cf:1c:22:f0:29:a5:ec:
60:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FD:5C:E9:0D:B5:B4:95:2F:1F:E8:65:27:17:A0:A5:A2:02:8C:7D
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/af1c6Q21tJUvH-hlJxegpaICjH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.157.0/24
Signature Algorithm: sha256WithRSAEncryption
65:80:d7:82:c4:8a:da:1b:c4:35:9c:f0:df:36:16:fe:c7:26:
1f:f6:70:be:c0:f9:04:7f:70:1d:85:af:cd:14:3d:ac:02:0a:
e5:48:65:c9:ae:f8:84:06:02:a6:e7:9d:f5:2d:bd:44:5a:ba:
55:d7:92:88:21:83:52:f9:03:fa:4c:36:b6:c0:eb:3a:d3:50:
90:3a:a3:b9:6b:eb:aa:a0:5b:14:7d:b5:fa:d4:89:3f:f1:45:
50:92:b3:92:cf:8f:d5:cc:b8:b7:cb:e7:48:54:c7:9b:c4:7a:
ca:67:03:0e:be:c5:11:aa:76:57:d7:d9:56:8c:c4:87:9b:ca:
93:78:72:ca:f7:a3:fc:dc:08:a8:14:5a:20:f9:b4:f9:d8:e3:
dd:b7:3b:d8:ec:c5:54:8a:9c:45:57:60:cb:08:dc:8e:10:b0:
d0:b0:5a:65:8b:ad:79:ef:85:86:80:3e:73:39:83:11:39:94:
dc:2e:79:c4:70:b0:b4:92:c3:49:6c:2b:c1:d4:98:3f:18:43:
1c:c7:af:9e:03:1d:0f:87:94:69:42:5c:dd:9d:84:0b:f8:7d:
94:4c:92:dd:64:f4:30:24:0b:b2:50:b8:64:d8:b3:9e:a4:92:
75:39:12:55:5d:49:9a:94:69:b8:9d:f1:fe:29:40:0d:6b:50:
03:1e:9f:ba
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOl2sbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjlmZDVjZTkwZGI1
YjQ5NTJmMWZlODY1MjcxN2EwYTVhMjAyOGM3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANMIvfH9mEtwfVofCe8dNirpN99oulBy0iFiM0FUGqxoH7da
RQX7EnUywV+cr/Fs29Zm3EIHsCkSAiG2+aou7JcwC9DwZ74Jhyn6M3SkYcbPxaki
AHMGUKoxU7RMSY2QgbqIstweVjw65nevdCo788qLyBEmKgQtfsimKBALxrR7BuWO
onwo8RtLBY4SuRrgCj56Sn5Zfy71GpsICuPBn/3YQE5pCd5uhL8i8K0oLgcRi5Sd
/lXhsJbT74JyKh5ptESIs/n3gk6dsmHISgvUiwhiahsVWxBPuhXZpt4EU6hpnd9I
d0PN1RUZakKVuFbEplyTsjdAy9vPHCLwKaXsYKUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRp/VzpDbW0lS8f6GUnF6ClogKMfTAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L2FmMWM2UTIxdEpVdkgtaGxKeGVncGFJQ2pIMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWgnTANBgkqhkiG9w0BAQsFAAOC
AQEAZYDXgsSK2hvENZzw3zYW/scmH/ZwvsD5BH9wHYWvzRQ9rAIK5Uhlya74hAYC
pued9S29RFq6VdeSiCGDUvkD+kw2tsDrOtNQkDqjuWvrqqBbFH21+tSJP/FFUJKz
ks+P1cy4t8vnSFTHm8R6ymcDDr7FEap2V9fZVozEh5vKk3hyyvej/NwIqBRaIPm0
+djj3bc72OzFVIqcRVdgywjcjhCw0LBaZYutee+FhoA+czmDETmU3C55xHCwtJLD
SWwrwdSYPxhDHMevngMdD4eUaUJc3Z2EC/h9lEyS3WT0MCQLslC4ZNiznqSSdTkS
VV1JmpRpuJ3x/ilADWtQAx6fug==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:19 2023 by rpki-client on console-fra.rpki-client.org