Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/M5Er6Sq-okmpjxEa3kVZe3I5RD0.roa
File: M5Er6Sq-okmpjxEa3kVZe3I5RD0.roa (raw, json)
Hash identifier: cP2L9cpDa6BaVZC7Lug0JIoqtF2gXFw6zbfB2VIi0pE=
Subject key identifier: 33:91:2B:E9:2A:BE:A2:49:A9:8F:11:1A:DE:45:59:7B:72:39:44:3D
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 0183F9A60E4D44D880A7254AA0DC2383FC56
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/M5Er6Sq-okmpjxEa3kVZe3I5RD0.roa
Signing time: Fri 21 Oct 2022 08:25:52 +0000
ROA not before: Fri 21 Oct 2022 08:25:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 94.154.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f9:a6:0e:4d:44:d8:80:a7:25:4a:a0:dc:23:83:fc:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Oct 21 08:25:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33912be92abea249a98f111ade45597b7239443d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fa:eb:9a:2f:dd:2e:85:7d:d3:5a:03:20:8e:
56:ca:3a:cc:37:c5:63:32:71:eb:56:b7:9e:05:37:
14:f2:40:fe:68:72:38:32:61:d7:e9:e5:aa:fb:07:
3a:b6:8f:1a:e6:cd:58:a6:c1:d0:7e:52:42:b3:9e:
33:97:d4:12:cb:61:f3:f0:da:b9:b0:a0:94:b3:34:
c8:a7:b1:28:6a:6c:bb:0d:9e:78:61:bf:5d:20:4e:
69:0c:79:fb:d3:b7:02:00:63:2b:24:52:7a:9d:7f:
61:2c:11:c2:a7:85:a1:12:f1:b1:7e:c5:22:aa:fb:
46:6a:56:ef:93:38:5c:0c:cd:88:f8:e0:1e:24:f1:
24:f5:39:40:f6:e6:a9:30:34:11:61:4f:d9:ad:62:
7b:02:c7:8e:c0:71:b2:39:e2:4a:ba:ea:25:7a:0b:
b4:4b:14:38:70:fa:7a:d3:0e:1c:e4:a5:ba:76:65:
78:24:ac:18:d0:af:b6:19:a4:5f:66:54:65:62:38:
fb:3e:c1:20:93:15:62:56:f5:9a:4c:94:9a:f0:9f:
8e:a0:d1:d3:ee:ab:61:75:35:33:cc:98:55:d8:e4:
6c:42:fc:49:3d:64:9e:05:85:47:0d:f6:af:cb:ac:
fd:9a:c6:9c:5a:ba:df:15:7d:47:9a:b9:c9:d3:f8:
39:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:91:2B:E9:2A:BE:A2:49:A9:8F:11:1A:DE:45:59:7B:72:39:44:3D
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/M5Er6Sq-okmpjxEa3kVZe3I5RD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.32.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:1b:b5:99:fa:92:cc:de:aa:a2:bc:45:94:af:02:db:1e:d9:
b8:b5:b1:22:60:32:7d:35:7b:3d:8c:c7:f6:a2:e0:24:11:b4:
1a:d7:7d:39:7e:eb:3d:0c:82:44:31:d2:ff:ab:8a:a1:4d:b9:
ed:24:30:33:61:5a:fc:b8:94:27:1f:db:45:44:3e:84:cc:6d:
c6:16:de:9f:b8:6a:c0:d5:f8:f7:43:33:c2:a2:86:21:88:55:
d6:5f:9e:22:25:d8:ab:cf:74:eb:ab:82:e2:3f:63:3e:a1:81:
45:9e:dd:6c:71:3b:1d:89:1e:e5:a4:c2:3c:72:7b:17:76:d8:
51:cd:05:19:9b:8b:4c:19:6f:bb:86:3c:06:9f:c2:6d:c3:dd:
19:a3:7b:09:b7:31:56:0c:34:3f:73:77:80:b7:38:d5:4c:29:
ba:a7:81:af:e8:06:c7:05:35:79:28:47:5d:d4:67:9f:13:15:
71:4b:a8:69:4e:0e:a0:92:cb:28:18:eb:1f:22:a2:bb:b8:9f:
fa:51:bc:25:1e:3c:3d:90:ed:b7:d6:f2:4d:3b:f8:5e:5c:c4:
c0:4d:0d:fc:21:e8:2e:0c:0b:20:7d:74:5c:3d:95:40:68:d7:
e0:1f:fc:c6:5f:8c:e7:54:e8:2f:79:22:2f:bc:6c:39:17:7c:
4b:ff:dc:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP5pg5NRNiApyVKoNwjg/xWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjIxMDIxMDgyNTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzkxMmJlOTJhYmVhMjQ5YTk4ZjExMWFkZTQ1NTk3YjcyMzk0NDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfrrmi/dLoV901oDII5WyjrMN8Vj
MnHrVreeBTcU8kD+aHI4MmHX6eWq+wc6to8a5s1YpsHQflJCs54zl9QSy2Hz8Nq5
sKCUszTIp7Eoamy7DZ54Yb9dIE5pDHn707cCAGMrJFJ6nX9hLBHCp4WhEvGxfsUi
qvtGalbvkzhcDM2I+OAeJPEk9TlA9uapMDQRYU/ZrWJ7AseOwHGyOeJKuuolegu0
SxQ4cPp60w4c5KW6dmV4JKwY0K+2GaRfZlRlYjj7PsEgkxViVvWaTJSa8J+OoNHT
7qthdTUzzJhV2ORsQvxJPWSeBYVHDfavy6z9msacWrrfFX1HmrnJ0/g5SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDORK+kqvqJJqY8RGt5FWXtyOUQ9MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvTTVFcjZTcS1va21wanhFYTNrVlplM0k1UkQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXpogMA0G
CSqGSIb3DQEBCwUAA4IBAQAOG7WZ+pLM3qqivEWUrwLbHtm4tbEiYDJ9NXs9jMf2
ouAkEbQa1305fus9DIJEMdL/q4qhTbntJDAzYVr8uJQnH9tFRD6EzG3GFt6fuGrA
1fj3QzPCooYhiFXWX54iJdirz3Trq4LiP2M+oYFFnt1scTsdiR7lpMI8cnsXdthR
zQUZm4tMGW+7hjwGn8Jtw90Zo3sJtzFWDDQ/c3eAtzjVTCm6p4Gv6AbHBTV5KEdd
1GefExVxS6hpTg6gkssoGOsfIqK7uJ/6UbwlHjw9kO231vJNO/heXMTATQ38Iegu
DAsgfXRcPZVAaNfgH/zGX4znVOgveSIvvGw5F3xL/9yn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:52 2023 by rpki-client on console-ams.rpki-client.org