Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/wJc9krbAfTkumL8HgcjxD9tkeuA.roa
File: wJc9krbAfTkumL8HgcjxD9tkeuA.roa (raw, json)
Hash identifier: CCaeUNVwHyNeHhH8PjLE8EnYmXpF4IpIUZB//d4GuQ0=
Subject key identifier: C0:97:3D:92:B6:C0:7D:39:2E:98:BF:07:81:C8:F1:0F:DB:64:7A:E0
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 3A4A5A2C
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/wJc9krbAfTkumL8HgcjxD9tkeuA.roa
Signing time: Sat 01 Jan 2022 14:56:21 +0000
ROA not before: Sat 01 Jan 2022 14:56:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50530
IP address blocks: 5.160.201.0/24 maxlen: 24
5.160.200.0/23 maxlen: 23
5.160.200.0/24 maxlen: 24
5.160.209.0/24 maxlen: 24
5.160.208.0/23 maxlen: 23
5.160.208.0/24 maxlen: 24
5.160.215.0/24 maxlen: 24
5.160.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 977951276 (0x3a4a5a2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 14:56:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c0973d92b6c07d392e98bf0781c8f10fdb647ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:51:dc:f2:7c:86:d3:49:1b:5d:80:0b:5c:52:
5c:60:86:83:04:bb:8e:9c:f7:9c:a8:2d:e7:ea:5d:
cf:81:4c:49:63:37:e7:a2:a2:7d:2d:33:7f:9c:c5:
03:36:aa:7e:9d:8f:9e:0d:9d:8f:82:ef:f0:2d:51:
43:c6:14:b9:4d:10:57:f9:1d:f7:30:ca:00:c3:50:
44:72:e3:a6:62:2d:10:d6:1c:d4:cb:d8:d6:25:35:
39:16:f7:07:84:d4:c6:42:e9:2e:42:2a:6c:90:6c:
2f:aa:57:b4:61:6b:70:83:9f:13:11:49:c1:2f:be:
ae:ef:6f:a5:bc:ed:35:37:5e:0c:7b:ef:20:b4:17:
9a:94:0c:3a:90:35:4b:1e:4e:5a:f7:0e:bc:aa:81:
ed:ab:40:bf:ff:b2:d1:f9:66:25:d9:f7:16:e1:0c:
71:5d:f4:3f:c3:e0:6f:22:4a:d5:ed:7b:2e:28:e1:
06:4e:79:7d:a8:71:a4:dc:3f:e6:eb:92:46:a0:3f:
29:fb:bf:99:aa:a3:1a:e7:9c:ba:12:54:c3:20:9f:
36:37:4f:72:0b:d7:52:6a:82:4f:05:c2:ec:fc:b1:
43:19:9a:76:9a:40:38:90:52:b6:6a:3e:6d:61:4a:
f5:a5:3c:8c:7b:7e:ac:c0:07:1c:8d:59:5c:88:e9:
32:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:97:3D:92:B6:C0:7D:39:2E:98:BF:07:81:C8:F1:0F:DB:64:7A:E0
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/wJc9krbAfTkumL8HgcjxD9tkeuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.157.0/24
5.160.200.0/23
5.160.208.0/23
5.160.215.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:51:7e:4c:c2:ce:21:f1:83:db:48:69:ca:f8:2d:8f:96:9b:
c6:33:7d:45:3e:56:cc:8e:e3:48:ff:d4:6a:72:d8:51:3e:a5:
d2:51:a5:82:ea:aa:25:f2:d2:85:93:77:8a:25:c2:e1:c4:34:
ef:14:8d:5d:c1:de:d1:e8:c6:fa:72:af:18:6c:5f:36:55:09:
8e:b6:30:02:ed:91:a5:1e:12:94:94:09:bd:6e:fb:69:e1:73:
cf:a6:8b:af:d8:36:96:c4:88:db:57:b0:d8:93:52:63:18:30:
ea:64:8c:84:55:1e:84:a1:4d:c7:1f:d8:07:36:a3:d7:5c:c4:
64:d2:de:eb:6e:0b:d3:08:35:22:e3:02:39:96:50:76:1b:b3:
af:24:d4:04:42:c4:10:97:2c:04:b2:5b:48:db:96:20:2a:59:
dd:98:be:0d:c7:88:e3:b2:04:e1:ca:32:d5:62:9d:0d:b5:37:
16:35:82:76:60:5e:db:8e:85:85:97:6a:78:e6:f3:83:7d:2a:
af:5b:44:01:a0:68:5e:82:00:0b:53:20:77:52:34:a7:93:d5:
c4:6b:6c:1d:5d:45:ea:47:85:a8:76:5e:09:fa:b4:f2:b7:9b:
9a:ca:57:c1:86:31:e7:51:a3:3f:36:b4:e7:c1:7c:5f:cd:b9:
91:41:92:6c
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEOkpaLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzA5NzNkOTJiNmMw
N2QzOTJlOThiZjA3ODFjOGYxMGZkYjY0N2FlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1R3PJ8htNJG12AC1xSXGCGgwS7jpz3nKgt5+pdz4FMSWM3
56KifS0zf5zFAzaqfp2Png2dj4Lv8C1RQ8YUuU0QV/kd9zDKAMNQRHLjpmItENYc
1MvY1iU1ORb3B4TUxkLpLkIqbJBsL6pXtGFrcIOfExFJwS++ru9vpbztNTdeDHvv
ILQXmpQMOpA1Sx5OWvcOvKqB7atAv/+y0flmJdn3FuEMcV30P8PgbyJK1e17Lijh
Bk55fahxpNw/5uuSRqA/Kfu/maqjGuecuhJUwyCfNjdPcgvXUmqCTwXC7PyxQxma
dppAOJBStmo+bWFK9aU8jHt+rMAHHI1ZXIjpMisCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTAlz2StsB9OS6YvweByPEP22R64DAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L3dKYzlrcmJBZlRrdW1MOEhnY2p4RDl0a2V1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAAWgnQMEAQWgyAMEAQWg0AMEAAWg
1zANBgkqhkiG9w0BAQsFAAOCAQEAOlF+TMLOIfGD20hpyvgtj5abxjN9RT5WzI7j
SP/UanLYUT6l0lGlguqqJfLShZN3iiXC4cQ07xSNXcHe0ejG+nKvGGxfNlUJjrYw
Au2RpR4SlJQJvW77aeFzz6aLr9g2lsSI21ew2JNSYxgw6mSMhFUehKFNxx/YBzaj
11zEZNLe624L0wg1IuMCOZZQdhuzryTUBELEEJcsBLJbSNuWICpZ3Zi+DceI47IE
4coy1WKdDbU3FjWCdmBe246FhZdqeObzg30qr1tEAaBoXoIAC1Mgd1I0p5PVxGts
HV1F6keFqHZeCfq08rebmspXwYYx51GjPza058F8X825kUGSbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org