Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/aVeqa44zHsyIsuUMPgITyC754DY.roa
File: aVeqa44zHsyIsuUMPgITyC754DY.roa (raw, json)
Hash identifier: hmIUwCEw4clImysxqEVkIuLnlNyVAtIw4p03zW8pXk0=
Subject key identifier: 69:57:AA:6B:8E:33:1E:CC:88:B2:E5:0C:3E:02:13:C8:2E:F9:E0:36
Certificate issuer: /CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Certificate serial: 0183F532979ABF843427D7535904EC5242F1
Authority key identifier: AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/aVeqa44zHsyIsuUMPgITyC754DY.roa
Signing time: Thu 20 Oct 2022 11:41:16 +0000
ROA not before: Thu 20 Oct 2022 11:41:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59395
IP address blocks: 185.136.73.0/24 maxlen: 24
5.175.61.0/24 maxlen: 24
5.175.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:32:97:9a:bf:84:34:27:d7:53:59:04:ec:52:42:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Validity
Not Before: Oct 20 11:41:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6957aa6b8e331ecc88b2e50c3e0213c82ef9e036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:39:0e:61:8d:16:c0:73:e0:38:82:11:3e:a7:
b1:a5:85:e2:51:5a:e1:6b:aa:1b:1b:57:d2:91:30:
5c:dd:38:60:36:73:be:40:df:5a:d5:96:7d:3e:d0:
7c:28:81:9c:98:b6:ec:51:b2:76:31:fa:88:19:7e:
70:12:a5:1c:8f:b0:5f:e1:0b:6a:30:79:92:6c:be:
c9:5b:a3:45:ea:0e:15:53:94:fd:af:dd:40:77:31:
a8:ae:e7:dd:a5:4e:00:bb:2f:32:0b:11:71:c5:44:
91:b2:62:d3:fc:5e:73:37:89:5d:86:f4:a3:ea:6d:
1f:c0:8e:93:e9:8e:04:ba:51:8b:8f:ff:68:74:32:
fa:8a:c0:ac:23:01:18:70:f7:e8:ac:9d:2e:59:d7:
dd:11:86:33:28:e0:e2:51:5d:f3:23:91:58:77:d4:
12:55:72:f2:93:91:ce:6c:ee:16:d0:2e:d6:76:9d:
95:bf:1c:bb:db:65:d0:6c:86:e7:a4:9d:7e:4c:29:
5a:ca:72:38:9d:ed:97:24:44:13:c7:90:c5:ff:02:
44:03:8a:5a:14:86:93:46:4a:4d:ba:63:5b:f4:d4:
56:72:58:c3:bc:e5:6f:7f:b8:b5:83:52:73:5e:e7:
73:70:27:b7:01:1a:8b:7d:e4:54:c5:63:e1:57:84:
3b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:57:AA:6B:8E:33:1E:CC:88:B2:E5:0C:3E:02:13:C8:2E:F9:E0:36
X509v3 Authority Key Identifier:
keyid:AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/aVeqa44zHsyIsuUMPgITyC754DY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/qlTEdj6gGMPccCA9BO_nH9SxsGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.59.0/24
5.175.61.0/24
185.136.73.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:ab:bd:69:4d:e4:7e:eb:fd:0b:db:6b:05:19:6d:ef:09:be:
da:e6:38:5c:1e:a6:95:2c:c3:79:ab:20:d3:d3:5f:dd:e1:f5:
84:75:b9:db:ff:25:77:57:42:05:e2:65:bb:5f:b3:df:ec:eb:
63:79:6d:f4:f7:2c:ec:b3:c0:7b:aa:6d:f2:1f:79:a8:30:1e:
66:d0:03:45:a7:13:64:30:74:7a:32:7b:09:7d:9e:36:78:6e:
7b:45:26:1b:9b:43:08:d1:b4:6e:1b:d4:28:e5:89:b5:52:96:
34:c8:1e:d0:39:7e:bc:32:a0:2d:ce:fe:13:dc:dd:c9:b8:72:
c6:a9:0c:df:6d:59:f3:31:89:77:ed:8f:0d:69:04:ff:cd:b8:
dd:8e:77:2c:c8:fd:ed:98:67:9e:62:33:be:cd:80:65:86:21:
d2:b9:b5:8a:d3:2b:4c:7c:51:b0:bb:12:17:96:c3:85:d4:5b:
76:e2:4a:ab:5a:79:84:7b:a6:a0:a7:1f:51:da:51:21:72:d9:
72:46:f2:bf:3f:1c:8a:ee:6e:1a:93:3d:d8:57:fa:8a:81:f2:
ff:4f:db:45:63:cd:5f:00:da:d1:53:2c:25:e7:94:6c:ae:90:
66:df:13:c6:12:37:59:4f:de:05:4f:56:51:32:15:99:95:29:
1c:2f:10:bd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYP1Mpeav4Q0J9dTWQTsUkLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNTRjNDc2M2VhMDE4YzNkYzcwMjAzZDA0ZWZlNzFmZDRi
MWIwNjYwHhcNMjIxMDIwMTE0MTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTU3YWE2YjhlMzMxZWNjODhiMmU1MGMzZTAyMTNjODJlZjllMDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzkOYY0WwHPgOIIRPqexpYXiUVrh
a6obG1fSkTBc3ThgNnO+QN9a1ZZ9PtB8KIGcmLbsUbJ2MfqIGX5wEqUcj7Bf4Qtq
MHmSbL7JW6NF6g4VU5T9r91AdzGorufdpU4Auy8yCxFxxUSRsmLT/F5zN4ldhvSj
6m0fwI6T6Y4EulGLj/9odDL6isCsIwEYcPforJ0uWdfdEYYzKODiUV3zI5FYd9QS
VXLyk5HObO4W0C7Wdp2Vvxy722XQbIbnpJ1+TClaynI4ne2XJEQTx5DF/wJEA4pa
FIaTRkpNumNb9NRWcljDvOVvf7i1g1JzXudzcCe3ARqLfeRUxWPhV4Q7UQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGlXqmuOMx7MiLLlDD4CE8gu+eA2MB8GA1UdIwQY
MBaAFKpUxHY+oBjD3HAgPQTv5x/UsbBmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQt
ZGUzNzY3M2M0MDljLzEvYVZlcWE0NHpIc3lJc3VVTVBnSVR5Qzc1NERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQtZGUzNzY3M2M0MDlj
LzEvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABa87AwQA
Ba89AwQAuYhJMA0GCSqGSIb3DQEBCwUAA4IBAQBdq71pTeR+6/0L22sFGW3vCb7a
5jhcHqaVLMN5qyDT01/d4fWEdbnb/yV3V0IF4mW7X7Pf7OtjeW309yzss8B7qm3y
H3moMB5m0ANFpxNkMHR6MnsJfZ42eG57RSYbm0MI0bRuG9Qo5Ym1UpY0yB7QOX68
MqAtzv4T3N3JuHLGqQzfbVnzMYl37Y8NaQT/zbjdjncsyP3tmGeeYjO+zYBlhiHS
ubWK0ytMfFGwuxIXlsOF1Ft24kqrWnmEe6agpx9R2lEhctlyRvK/PxyK7m4akz3Y
V/qKgfL/T9tFY81fANrRUywl55RsrpBm3xPGEjdZT94FT1ZRMhWZlSkcLxC9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:56 2024 by rpki-client on console-fra.rpki-client.org