Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/s8rKPleoMgC7E7WlUPs3fKgfOjg.roa
File: s8rKPleoMgC7E7WlUPs3fKgfOjg.roa (raw, json)
Hash identifier: aJ4RrhMzlxWfdw1hpCC8AZFt4sN6c0MsH0IX7DQxIa4=
Subject key identifier: B3:CA:CA:3E:57:A8:32:00:BB:13:B5:A5:50:FB:37:7C:A8:1F:3A:38
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 01837F726B3802AF205E4F0CEDBCE73C4C11
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/s8rKPleoMgC7E7WlUPs3fKgfOjg.roa
Signing time: Tue 27 Sep 2022 14:55:48 +0000
ROA not before: Tue 27 Sep 2022 14:55:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203499
IP address blocks: 5.154.98.0/24 maxlen: 24
151.237.198.0/24 maxlen: 24
109.167.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7f:72:6b:38:02:af:20:5e:4f:0c:ed:bc:e7:3c:4c:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Sep 27 14:55:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3caca3e57a83200bb13b5a550fb377ca81f3a38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cd:42:54:59:26:96:be:01:2e:e5:c8:04:b3:
78:c2:3d:ed:be:85:4c:89:7b:10:a7:6f:68:f3:f5:
84:a6:58:00:1f:a0:8b:07:7c:f1:ee:46:fb:6e:0e:
53:2d:7b:cd:1a:ac:2f:33:bb:6b:ea:80:a7:f2:11:
87:54:6c:99:be:e2:2b:d9:f2:85:73:4d:5b:fe:93:
b0:4c:42:19:5b:55:d5:8c:0f:07:44:44:7b:05:85:
28:ec:98:d4:62:d6:09:40:74:88:ea:7e:ad:75:9a:
d1:c7:1a:4b:54:8f:07:d9:20:13:09:c3:79:a5:06:
09:f8:6b:7b:c9:11:e0:7b:9b:6e:21:d1:fc:35:30:
78:f1:50:eb:7e:fc:c7:96:08:71:20:b0:73:e8:4a:
ef:0c:e3:5a:79:49:b3:81:9b:9d:ce:8a:27:86:5a:
61:94:88:ae:8e:c4:43:f3:da:61:c4:56:c6:39:a1:
30:1a:8c:66:8a:5b:31:b7:2f:cf:b0:eb:c7:47:3f:
e8:bc:c8:36:7a:0a:6a:d2:5a:53:64:29:6e:05:58:
79:39:22:d2:7e:a3:f1:65:0f:46:78:90:4a:9b:e9:
08:ce:55:21:92:3d:ad:8c:0a:9f:94:18:a4:72:8a:
c4:5e:32:9a:62:07:24:14:57:8d:6a:7f:bb:bd:fb:
c0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:CA:CA:3E:57:A8:32:00:BB:13:B5:A5:50:FB:37:7C:A8:1F:3A:38
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/s8rKPleoMgC7E7WlUPs3fKgfOjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.98.0/24
109.167.46.0/24
151.237.198.0/24
Signature Algorithm: sha256WithRSAEncryption
23:4f:3b:a5:e4:e1:38:98:66:00:92:5b:df:88:2d:3a:41:7f:
36:be:9d:2c:74:6d:65:32:86:38:fa:15:62:65:bf:3e:71:76:
31:57:ba:d5:bb:14:3e:8b:42:02:6e:d8:3d:5c:63:e3:e7:d9:
2c:63:e8:96:34:e0:21:2b:2c:63:f5:c9:d5:6b:5f:06:53:e1:
ae:9d:cc:d4:28:20:bb:be:3a:fc:14:a2:f0:02:03:a4:77:d4:
ab:09:96:cd:2b:a1:d2:a3:88:af:3d:f7:19:98:38:28:71:85:
c3:a8:9b:26:c6:6c:d6:e6:56:d7:d5:fb:ff:8c:0f:35:48:cd:
3b:f9:1d:26:37:70:6a:40:a7:03:7b:fb:28:05:35:f3:5e:a6:
64:9f:f4:a7:e2:72:b6:75:9a:7f:bb:79:25:f0:6a:32:02:f7:
25:99:0c:de:1e:f2:ab:c5:6f:7e:c3:09:be:e6:c0:7d:c2:d7:
3a:64:7c:44:89:76:11:4b:83:f6:a8:2f:a3:eb:5d:3b:6e:47:
4d:d6:0b:93:66:9b:9d:ee:c7:02:17:79:da:69:ca:59:66:af:
93:0f:c2:3f:0d:ef:88:b9:c3:c9:4f:b9:b5:4b:d1:a2:f3:07:
af:e3:a0:af:bc:31:c5:1c:a0:28:c8:e7:8c:ca:73:81:bc:69:
fa:ea:63:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYN/cms4Aq8gXk8M7bznPEwRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjIwOTI3MTQ1NTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2NhY2EzZTU3YTgzMjAwYmIxM2I1YTU1MGZiMzc3Y2E4MWYzYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzs1CVFkmlr4BLuXIBLN4wj3tvoVM
iXsQp29o8/WEplgAH6CLB3zx7kb7bg5TLXvNGqwvM7tr6oCn8hGHVGyZvuIr2fKF
c01b/pOwTEIZW1XVjA8HRER7BYUo7JjUYtYJQHSI6n6tdZrRxxpLVI8H2SATCcN5
pQYJ+Gt7yRHge5tuIdH8NTB48VDrfvzHlghxILBz6ErvDONaeUmzgZudzoonhlph
lIiujsRD89phxFbGOaEwGoxmilsxty/PsOvHRz/ovMg2egpq0lpTZCluBVh5OSLS
fqPxZQ9GeJBKm+kIzlUhkj2tjAqflBikcorEXjKaYgckFFeNan+7vfvABwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLPKyj5XqDIAuxO1pVD7N3yoHzo4MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvczhyS1BsZW9NZ0M3RTdXbFVQczNmS2dmT2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZpiAwQA
bacuAwQAl+3GMA0GCSqGSIb3DQEBCwUAA4IBAQAjTzul5OE4mGYAklvfiC06QX82
vp0sdG1lMoY4+hViZb8+cXYxV7rVuxQ+i0ICbtg9XGPj59ksY+iWNOAhKyxj9cnV
a18GU+GunczUKCC7vjr8FKLwAgOkd9SrCZbNK6HSo4ivPfcZmDgocYXDqJsmxmzW
5lbX1fv/jA81SM07+R0mN3BqQKcDe/soBTXzXqZkn/Sn4nK2dZp/u3kl8GoyAvcl
mQzeHvKrxW9+wwm+5sB9wtc6ZHxEiXYRS4P2qC+j6107bkdN1guTZpud7scCF3na
acpZZq+TD8I/De+IucPJT7m1S9Gi8wev46CvvDHFHKAoyOeMynOBvGn66mMq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:01 2024 by rpki-client on console-ams.rpki-client.org