Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/NpwtPnDZVFkn6wI_oKzKcd8pGVA.roa
File: NpwtPnDZVFkn6wI_oKzKcd8pGVA.roa (raw, json)
Hash identifier: ztz+AHx/00zBiGG9WBmjIIWdZtc6S9doSV9z4qVj74Q=
Subject key identifier: 36:9C:2D:3E:70:D9:54:59:27:EB:02:3F:A0:AC:CA:71:DF:29:19:50
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01841EAD6DC94C1FAF618C99E29689FBE1DE
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/NpwtPnDZVFkn6wI_oKzKcd8pGVA.roa
Signing time: Fri 28 Oct 2022 12:59:53 +0000
ROA not before: Fri 28 Oct 2022 12:59:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399989
IP address blocks: 62.182.32.0/23 maxlen: 23
62.182.34.0/23 maxlen: 23
5.133.100.0/23 maxlen: 23
5.133.102.0/23 maxlen: 23
31.40.204.0/23 maxlen: 23
31.40.206.0/23 maxlen: 23
212.107.4.0/23 maxlen: 23
212.107.6.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:ad:6d:c9:4c:1f:af:61:8c:99:e2:96:89:fb:e1:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Oct 28 12:59:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=369c2d3e70d9545927eb023fa0acca71df291950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9b:f5:42:64:93:9d:d7:ea:33:3d:bf:11:21:
c1:0e:ec:ef:9a:d2:26:bc:6a:8e:0b:f5:9f:3a:a8:
70:a5:c6:da:49:71:01:4e:51:dd:89:90:bf:bc:05:
79:d1:a5:d8:e0:08:31:d7:d2:b7:3a:8d:ba:3c:f7:
8b:2f:5d:04:2a:c2:eb:a9:c2:42:c7:fa:e6:9e:60:
77:63:de:67:7e:5b:14:f6:40:2c:c4:76:27:a6:da:
5d:65:6f:37:83:96:44:3a:98:ce:d1:3b:8b:45:46:
e5:20:e9:6a:f1:e8:17:8d:0f:3e:b6:86:9d:5d:ef:
ce:da:fb:18:e4:d6:73:0c:1c:0c:93:e0:2d:3e:9c:
97:cd:01:ff:96:95:0e:0d:e5:0c:f6:1f:51:f1:0f:
c5:60:97:ef:4f:92:c6:9a:f2:86:f4:c7:8a:79:6c:
74:92:5d:2f:f8:ae:52:c6:49:18:0e:6e:08:d0:f5:
c5:27:5b:34:92:ee:6c:0b:db:1c:b9:81:f1:a5:8b:
5e:b1:55:15:ee:a2:98:b0:f0:03:3d:d4:78:8b:54:
bc:60:bc:d6:ee:12:8a:01:3d:29:94:ce:e5:40:67:
18:76:d2:87:5f:61:3f:a9:07:bc:3a:05:8b:27:bc:
a6:22:0a:e8:5b:2b:92:80:58:23:41:d3:c1:7b:a7:
ec:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:9C:2D:3E:70:D9:54:59:27:EB:02:3F:A0:AC:CA:71:DF:29:19:50
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/NpwtPnDZVFkn6wI_oKzKcd8pGVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.100.0/22
31.40.204.0/22
62.182.32.0/22
212.107.4.0/22
Signature Algorithm: sha256WithRSAEncryption
14:cc:43:4f:83:f1:56:a2:89:09:99:9e:7e:70:21:37:08:02:
56:02:19:b4:b0:5a:de:82:8e:00:3b:59:92:a1:99:39:45:81:
bb:8e:0d:e8:ef:94:e0:9e:15:07:8e:e0:fa:63:49:c5:95:79:
0b:4b:b5:d6:77:01:36:fb:eb:78:cb:ca:a8:6f:63:ca:c0:22:
ea:75:b3:3b:36:22:47:ac:93:e0:cd:c8:87:4d:93:9d:4c:a1:
2a:0e:19:dd:4e:8f:5e:ed:fc:48:73:ba:20:36:11:ae:4d:d8:
0c:62:f7:c5:88:db:a4:30:1b:38:40:c8:82:cb:37:ef:71:52:
55:16:a1:30:db:88:36:83:ff:9b:6f:03:43:5f:70:71:10:a8:
b3:6e:fb:f8:40:25:36:e1:f6:cf:83:bf:41:32:d2:bf:7f:0e:
fe:6e:fa:e9:8b:83:32:03:fd:f9:1b:d3:0c:34:5b:83:ab:4a:
d6:03:ff:f8:9c:ce:5f:1e:cf:bc:28:bd:16:be:8e:6a:61:8e:
8b:63:71:1b:a5:8d:fc:4e:ae:e0:5f:dd:b6:02:ac:e4:e5:aa:
ad:bd:ce:8c:46:7c:dd:12:43:a3:0a:7f:59:43:8b:ac:e4:44:
58:66:b2:d0:79:3d:6a:6b:27:3f:28:c9:db:17:d2:9d:21:51:
38:23:f7:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQerW3JTB+vYYyZ4paJ++HeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjIxMDI4MTI1OTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjljMmQzZTcwZDk1NDU5MjdlYjAyM2ZhMGFjY2E3MWRmMjkxOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpv1QmSTndfqMz2/ESHBDuzvmtIm
vGqOC/WfOqhwpcbaSXEBTlHdiZC/vAV50aXY4Agx19K3Oo26PPeLL10EKsLrqcJC
x/rmnmB3Y95nflsU9kAsxHYnptpdZW83g5ZEOpjO0TuLRUblIOlq8egXjQ8+toad
Xe/O2vsY5NZzDBwMk+AtPpyXzQH/lpUODeUM9h9R8Q/FYJfvT5LGmvKG9MeKeWx0
kl0v+K5SxkkYDm4I0PXFJ1s0ku5sC9scuYHxpYtesVUV7qKYsPADPdR4i1S8YLzW
7hKKAT0plM7lQGcYdtKHX2E/qQe8OgWLJ7ymIgroWyuSgFgjQdPBe6fsaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDacLT5w2VRZJ+sCP6CsynHfKRlQMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvTnB3dFBuRFpWRmtuNndJX29LektjZDhwR1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBYVkAwQC
HyjMAwQCPrYgAwQC1GsEMA0GCSqGSIb3DQEBCwUAA4IBAQAUzENPg/FWookJmZ5+
cCE3CAJWAhm0sFrego4AO1mSoZk5RYG7jg3o75TgnhUHjuD6Y0nFlXkLS7XWdwE2
++t4y8qob2PKwCLqdbM7NiJHrJPgzciHTZOdTKEqDhndTo9e7fxIc7ogNhGuTdgM
YvfFiNukMBs4QMiCyzfvcVJVFqEw24g2g/+bbwNDX3BxEKizbvv4QCU24fbPg79B
MtK/fw7+bvrpi4MyA/35G9MMNFuDq0rWA//4nM5fHs+8KL0Wvo5qYY6LY3EbpY38
Tq7gX922Aqzk5aqtvc6MRnzdEkOjCn9ZQ4us5ERYZrLQeT1qayc/KMnbF9KdIVE4
I/fw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org