Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/2nboLPTBknd_kn21ubKNlFCR-0w.roa
File: 2nboLPTBknd_kn21ubKNlFCR-0w.roa (raw, json)
Hash identifier: sdbDMNyHtEbUkS8PJ5y8Qn6gCEx9YVwlgPf0W25Tloo=
Subject key identifier: DA:76:E8:2C:F4:C1:92:77:7F:92:7D:B5:B9:B2:8D:94:50:91:FB:4C
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 0183EACEA03C35EA078D5A8D0422BD7DFEB7
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/2nboLPTBknd_kn21ubKNlFCR-0w.roa
Signing time: Tue 18 Oct 2022 11:15:53 +0000
ROA not before: Tue 18 Oct 2022 11:15:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56466
IP address blocks: 5.200.64.0/19 maxlen: 24
5.200.80.0/20 maxlen: 20
89.235.77.0/24 maxlen: 24
31.24.200.0/21 maxlen: 21
188.75.108.0/24 maxlen: 24
86.109.39.0/24 maxlen: 24
87.247.179.0/24 maxlen: 24
86.109.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ea:ce:a0:3c:35:ea:07:8d:5a:8d:04:22:bd:7d:fe:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Oct 18 11:15:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da76e82cf4c192777f927db5b9b28d945091fb4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e0:65:60:db:26:0b:b7:a0:f1:ca:87:c7:f4:
cd:7e:be:7c:60:69:d5:65:37:30:ed:c7:2e:23:54:
a0:d9:10:25:d7:50:15:b6:90:bd:26:13:8b:ee:5d:
f1:e8:9d:f8:4e:87:28:64:c1:9f:90:8c:02:60:bc:
67:1e:4f:1f:14:cd:15:df:c7:75:0e:b5:ee:15:28:
d5:7a:45:81:83:e8:f1:9a:db:5e:1e:f3:4b:e5:0d:
ac:56:d0:ff:29:12:74:55:90:35:72:e8:84:e4:fc:
3b:63:2f:50:d3:ec:24:aa:35:43:dc:00:96:69:a9:
b5:d8:f4:29:38:3f:90:b2:76:41:a5:1f:88:f5:ed:
72:34:cd:92:cb:ed:fc:c8:38:2c:12:99:9a:70:dd:
00:09:da:96:5d:bd:9d:b6:65:1f:27:90:89:5e:20:
a8:ba:9e:5f:08:c3:b3:ab:64:fd:33:ea:82:eb:78:
58:f2:a2:e0:40:a9:c7:1d:7f:42:ab:68:56:3d:e6:
2a:a7:2e:29:c9:dc:48:48:48:05:16:07:71:0f:78:
12:cb:ae:80:b6:83:dd:61:b0:a6:d2:ed:cd:86:91:
8c:07:71:ae:38:89:3d:8f:d8:73:23:31:26:00:42:
35:dc:3b:b6:f7:0a:b2:6c:4f:62:bb:81:7a:2f:bd:
3e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:76:E8:2C:F4:C1:92:77:7F:92:7D:B5:B9:B2:8D:94:50:91:FB:4C
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/2nboLPTBknd_kn21ubKNlFCR-0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.200.64.0/19
31.24.200.0/21
86.109.39.0/24
86.109.59.0/24
87.247.179.0/24
89.235.77.0/24
188.75.108.0/24
Signature Algorithm: sha256WithRSAEncryption
74:0b:31:be:99:c2:cd:ed:42:18:54:e4:9d:e4:05:ab:31:c8:
97:1e:86:15:33:9d:81:06:c2:c1:ad:25:56:c1:4d:64:bc:70:
31:3f:81:23:79:b8:e6:17:a1:9c:16:64:a5:f7:b0:fd:8f:1d:
71:8b:6e:39:3c:32:f9:e6:ce:30:53:4b:6a:6d:ae:6e:c0:78:
3b:c4:bf:12:70:7b:f3:2f:29:8e:1a:62:87:a8:47:6f:48:34:
b8:c8:2e:2d:11:61:6a:b1:e1:2c:c4:76:57:15:f2:98:88:ff:
37:a9:ff:d5:39:4f:60:22:c3:54:4c:5b:ca:19:bd:ad:1d:3c:
e7:35:07:ed:5c:4b:aa:65:52:be:9c:e4:8e:db:27:28:3a:58:
53:f3:d4:78:10:b1:26:01:95:dc:a0:9f:b7:77:dd:2c:7b:e1:
b3:09:3c:6c:1c:65:93:09:20:34:a1:40:1d:4d:e6:fb:71:72:
19:79:69:c3:6c:65:19:0f:78:f4:7c:47:da:02:61:72:4e:52:
7e:e3:c0:3c:98:0d:64:91:d0:ad:e3:69:a9:f5:cf:73:fe:f5:
f3:56:a1:5b:7c:10:d0:7c:07:78:ce:94:ba:d1:b7:ba:8f:18:
64:ee:a9:cd:45:9c:13:10:8f:f3:d4:9c:e0:7f:1a:7a:18:ad:
59:95:3b:dc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYPqzqA8NeoHjVqNBCK9ff63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjIxMDE4MTExNTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTc2ZTgyY2Y0YzE5Mjc3N2Y5MjdkYjViOWIyOGQ5NDUwOTFmYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeBlYNsmC7eg8cqHx/TNfr58YGnV
ZTcw7ccuI1Sg2RAl11AVtpC9JhOL7l3x6J34TocoZMGfkIwCYLxnHk8fFM0V38d1
DrXuFSjVekWBg+jxmtteHvNL5Q2sVtD/KRJ0VZA1cuiE5Pw7Yy9Q0+wkqjVD3ACW
aam12PQpOD+QsnZBpR+I9e1yNM2Sy+38yDgsEpmacN0ACdqWXb2dtmUfJ5CJXiCo
up5fCMOzq2T9M+qC63hY8qLgQKnHHX9Cq2hWPeYqpy4pydxISEgFFgdxD3gSy66A
toPdYbCm0u3NhpGMB3GuOIk9j9hzIzEmAEI13Du29wqybE9iu4F6L70+ewIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNp26Cz0wZJ3f5J9tbmyjZRQkftMMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvMm5ib0xQVEJrbmRfa24yMXViS05sRkNSLTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQFBchAAwQD
HxjIAwQAVm0nAwQAVm07AwQAV/ezAwQAWetNAwQAvEtsMA0GCSqGSIb3DQEBCwUA
A4IBAQB0CzG+mcLN7UIYVOSd5AWrMciXHoYVM52BBsLBrSVWwU1kvHAxP4Ejebjm
F6GcFmSl97D9jx1xi245PDL55s4wU0tqba5uwHg7xL8ScHvzLymOGmKHqEdvSDS4
yC4tEWFqseEsxHZXFfKYiP83qf/VOU9gIsNUTFvKGb2tHTznNQftXEuqZVK+nOSO
2ycoOlhT89R4ELEmAZXcoJ+3d90se+GzCTxsHGWTCSA0oUAdTeb7cXIZeWnDbGUZ
D3j0fEfaAmFyTlJ+48A8mA1kkdCt42mp9c9z/vXzVqFbfBDQfAd4zpS60be6jxhk
7qnNRZwTEI/z1Jzgfxp6GK1ZlTvc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org