Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/urrsj9tB1fWk-LNFSkypvaMwHQ4.roa
File: urrsj9tB1fWk-LNFSkypvaMwHQ4.roa (raw, json)
Hash identifier: v/XoD7sHV/Bc569NVcP5f2upHN5RUIOZz9L+jkH5pQk=
Subject key identifier: BA:BA:EC:8F:DB:41:D5:F5:A4:F8:B3:45:4A:4C:A9:BD:A3:30:1D:0E
Certificate issuer: /CN=aecd64c97837d7bfac06637dd952bdede0c25d85
Certificate serial: C5C45D
Authority key identifier: AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/urrsj9tB1fWk-LNFSkypvaMwHQ4.roa
Signing time: Sat 01 Jan 2022 02:54:04 +0000
ROA not before: Sat 01 Jan 2022 02:54:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24982
IP address blocks: 85.112.68.0/24 maxlen: 24
5.57.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12960861 (0xc5c45d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aecd64c97837d7bfac06637dd952bdede0c25d85
Validity
Not Before: Jan 1 02:54:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=babaec8fdb41d5f5a4f8b3454a4ca9bda3301d0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2d:5c:d4:1f:aa:37:72:bf:fb:e0:e7:5f:57:
49:35:36:e3:6a:7d:8c:64:c1:d9:de:37:cb:f8:ae:
4c:90:8b:06:d4:50:6b:30:b2:31:33:87:96:a6:66:
36:22:1e:21:e0:54:7d:4f:21:36:02:4d:b9:0b:4e:
24:ca:83:fb:40:c8:2f:7f:14:ac:80:3a:f6:73:06:
9a:91:94:2d:6e:45:29:1d:0e:ed:02:41:04:96:7c:
44:e8:bb:9c:b4:7f:32:42:d0:af:58:36:3b:c2:93:
8b:0b:29:c4:68:83:2f:c6:6e:4c:3d:51:ac:a2:1c:
b7:88:27:e2:16:ab:17:c8:f7:6a:73:1a:2d:7f:66:
fc:94:88:67:d0:c0:7c:9e:e3:12:35:4d:4b:bd:f4:
0d:30:76:61:24:cb:f2:c9:cb:2c:87:a0:0e:13:f8:
6c:23:d0:ea:43:38:89:2e:1c:e8:7a:72:92:03:cc:
d0:54:c2:fd:58:24:63:48:ac:09:e7:81:6c:ed:72:
8e:b3:1b:77:75:79:48:1d:27:48:19:54:5c:26:55:
ca:08:5a:29:36:56:57:37:7a:fb:2a:15:b2:82:b6:
b8:73:19:1c:d3:dc:5b:f9:c1:cb:1f:64:b4:68:03:
e6:c8:63:66:d6:f7:ed:b7:ce:ec:90:84:1a:89:46:
37:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:BA:EC:8F:DB:41:D5:F5:A4:F8:B3:45:4A:4C:A9:BD:A3:30:1D:0E
X509v3 Authority Key Identifier:
keyid:AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/urrsj9tB1fWk-LNFSkypvaMwHQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/rs1kyXg317-sBmN92VK97eDCXYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.2.0/24
85.112.68.0/24
Signature Algorithm: sha256WithRSAEncryption
05:8b:59:69:48:af:c1:4d:39:4a:19:11:01:61:e2:7e:0a:7b:
ba:29:60:27:a5:81:67:c3:f0:9c:dc:da:87:48:64:7e:25:7e:
d6:5c:93:b9:f5:c5:11:c4:91:f5:47:c7:dc:19:ac:27:90:0d:
72:2d:69:01:8f:17:41:cb:9d:5d:4a:5d:2b:40:f1:8e:92:44:
02:cc:88:71:5c:ab:95:e1:f6:a0:5c:6d:7d:a5:9b:04:05:a1:
c5:48:d7:61:10:51:d6:46:cf:8c:2a:00:35:47:49:4a:d8:85:
df:5b:57:23:89:31:bb:9c:c7:d3:24:ba:c7:84:6e:5b:6f:34:
90:86:b7:9d:c2:49:3d:18:0d:98:12:12:92:a4:1b:b4:2a:2c:
e0:ff:bc:90:ed:ea:02:56:59:6c:d7:61:6e:80:53:49:96:6f:
25:39:2e:c5:3b:f9:19:da:94:03:75:99:ac:a7:42:bd:94:89:
c7:1d:88:e6:0d:84:bf:33:31:c1:6e:85:4b:9f:67:e5:c7:a1:
2e:92:39:d9:83:27:8b:e5:77:d6:3e:8d:47:fa:1d:e1:89:b5:
97:9a:e8:a7:50:6a:89:13:c1:92:e1:dc:fb:40:21:1c:5d:6e:
44:33:74:4c:48:77:ad:99:4d:65:3f:75:3a:7d:7e:f9:9d:fa:
da:04:ee:6a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAMXEXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWNkNjRjOTc4MzdkN2JmYWMwNjYzN2RkOTUyYmRlZGUwYzI1ZDg1MB4XDTIyMDEw
MTAyNTQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmFiYWVjOGZkYjQx
ZDVmNWE0ZjhiMzQ1NGE0Y2E5YmRhMzMwMWQwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKktXNQfqjdyv/vg519XSTU242p9jGTB2d43y/iuTJCLBtRQ
azCyMTOHlqZmNiIeIeBUfU8hNgJNuQtOJMqD+0DIL38UrIA69nMGmpGULW5FKR0O
7QJBBJZ8ROi7nLR/MkLQr1g2O8KTiwspxGiDL8ZuTD1RrKIct4gn4harF8j3anMa
LX9m/JSIZ9DAfJ7jEjVNS730DTB2YSTL8snLLIegDhP4bCPQ6kM4iS4c6HpykgPM
0FTC/VgkY0isCeeBbO1yjrMbd3V5SB0nSBlUXCZVyghaKTZWVzd6+yoVsoK2uHMZ
HNPcW/nByx9ktGgD5shjZtb37bfO7JCEGolGN20CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS6uuyP20HV9aT4s0VKTKm9ozAdDjAfBgNVHSMEGDAWgBSuzWTJeDfXv6wG
Y33ZUr3t4MJdhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JzMWt5WGczMTctc0JtTjkyVks5N2VEQ1hZVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvNTkyZDRmLWQ3MWUtNGU4Yi1hNjMyLTFlY2RlMTc5MTUxMS8x
L3VycnNqOXRCMWZXay1MTkZTa3lwdmFNd0hRNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
NTkyZDRmLWQ3MWUtNGU4Yi1hNjMyLTFlY2RlMTc5MTUxMS8xL3JzMWt5WGczMTct
c0JtTjkyVks5N2VEQ1hZVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAAU5AgMEAFVwRDANBgkqhkiG9w0B
AQsFAAOCAQEABYtZaUivwU05ShkRAWHifgp7uilgJ6WBZ8PwnNzah0hkfiV+1lyT
ufXFEcSR9UfH3BmsJ5ANci1pAY8XQcudXUpdK0DxjpJEAsyIcVyrleH2oFxtfaWb
BAWhxUjXYRBR1kbPjCoANUdJStiF31tXI4kxu5zH0yS6x4RuW280kIa3ncJJPRgN
mBISkqQbtCos4P+8kO3qAlZZbNdhboBTSZZvJTkuxTv5GdqUA3WZrKdCvZSJxx2I
5g2EvzMxwW6FS59n5cehLpI52YMni+V31j6NR/od4Ym1l5rop1BqiRPBkuHc+0Ah
HF1uRDN0TEh3rZlNZT91On1++Z362gTuag==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:02 2023 by rpki-client on console-fra.rpki-client.org