Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/CB8sLpShlmb2omjoqDM5nEntsVY.roa
File: CB8sLpShlmb2omjoqDM5nEntsVY.roa (raw, json)
Hash identifier: URN4Me6jLyvWGjn3Uktnm9NGtHKWihanrcjC9zOfdvg=
Subject key identifier: 08:1F:2C:2E:94:A1:96:66:F6:A2:68:E8:A8:33:39:9C:49:ED:B1:56
Certificate issuer: /CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Certificate serial: 0182316D9C26E728337ACD285CED235DFB42
Authority key identifier: 3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/CB8sLpShlmb2omjoqDM5nEntsVY.roa
Signing time: Sun 24 Jul 2022 18:17:23 +0000
ROA not before: Sun 24 Jul 2022 18:17:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212602
IP address blocks: 5.133.114.0/24 maxlen: 24
2a10:7040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:31:6d:9c:26:e7:28:33:7a:cd:28:5c:ed:23:5d:fb:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Validity
Not Before: Jul 24 18:17:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=081f2c2e94a19666f6a268e8a833399c49edb156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6e:74:62:b1:99:24:d1:84:b9:86:b1:87:79:
b1:62:83:92:22:00:27:87:5a:ec:b2:2f:88:ca:10:
4e:9d:f0:8b:ee:41:e7:ad:b4:83:af:7b:3b:22:d8:
39:c3:fe:5f:7d:74:64:c5:89:77:1d:f6:88:8f:3d:
0d:34:20:ef:7c:a7:23:a0:28:6e:d2:01:e8:b7:7c:
af:9e:ba:c4:73:f4:b8:ea:fe:91:23:81:e8:39:f5:
e0:f2:83:84:57:0e:ae:51:b3:a7:4b:26:b8:a7:bf:
9f:f0:31:e2:eb:1f:4b:54:52:22:89:15:1a:b8:d1:
88:15:57:29:2b:59:68:b4:12:25:3f:e4:c6:b7:6b:
38:f7:78:84:69:e6:0b:e7:26:b9:ae:3b:75:42:67:
5f:65:6f:0c:15:50:17:f9:0d:af:c2:b0:c8:33:15:
ba:c3:a9:22:67:3c:23:fb:4f:c2:d8:c0:c4:a2:8e:
b7:55:d0:a5:ac:65:7f:50:3e:f0:be:6c:70:40:9c:
f3:c7:9c:5e:f7:b3:86:25:ea:c7:60:1e:59:39:20:
31:75:7a:7a:68:68:2d:c8:8c:cb:d9:66:63:1d:a4:
57:d1:63:79:f6:2d:24:41:f2:5a:79:2c:1f:b0:26:
38:55:81:e3:2a:95:20:5c:66:4e:24:ba:14:87:0d:
39:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1F:2C:2E:94:A1:96:66:F6:A2:68:E8:A8:33:39:9C:49:ED:B1:56
X509v3 Authority Key Identifier:
keyid:3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/CB8sLpShlmb2omjoqDM5nEntsVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/P__L7IiMEEfyIdfPk5a_FBKrr5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.114.0/24
IPv6:
2a10:7040::/29
Signature Algorithm: sha256WithRSAEncryption
34:e7:ef:e7:53:3e:9a:f3:ab:47:42:20:26:f7:d2:f3:70:d3:
37:41:3e:ed:71:f1:18:ac:ce:bc:62:19:62:f8:cb:18:60:fc:
44:93:98:0c:2f:9f:f0:f6:cf:3b:80:3e:c3:88:3b:c0:07:a1:
58:d7:f1:6a:8f:19:f9:99:65:1d:16:c2:09:c5:40:6e:51:2e:
4d:ec:4b:7e:a9:17:75:01:e8:64:e8:93:c2:b8:67:24:2c:6c:
b8:42:a5:94:1c:8d:45:01:51:f0:b5:d9:e7:35:06:d9:c8:4b:
ba:e5:b2:7a:f2:5e:30:4b:6a:1c:e3:ea:5e:23:ee:32:57:1e:
76:ee:0b:de:9a:30:43:75:7e:eb:7f:db:be:c4:f6:af:c4:fd:
1f:54:8c:58:34:38:b4:eb:a1:4f:3e:e5:84:3a:aa:de:eb:dd:
ff:b4:27:e4:ac:79:cd:78:0e:6a:da:53:3e:3b:d4:8e:77:16:
23:93:2b:ad:28:7b:ce:87:e4:30:4c:5c:f2:2b:8a:98:2f:7e:
40:7a:33:3c:3f:b5:10:e3:31:89:93:3b:5f:7e:81:89:f8:20:
ad:a7:a5:f7:92:52:cc:3d:41:1a:a3:d2:f8:2d:ad:64:e0:26:
08:80:e2:0a:e2:b2:ff:63:ff:1a:0f:6e:d3:83:a5:2e:26:50:
4b:80:20:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYIxbZwm5ygzes0oXO0jXftCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZmZjYmVjODg4YzEwNDdmMjIxZDdjZjkzOTZiZjE0MTJh
YmFmOWIwHhcNMjIwNzI0MTgxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODFmMmMyZTk0YTE5NjY2ZjZhMjY4ZThhODMzMzk5YzQ5ZWRiMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhW50YrGZJNGEuYaxh3mxYoOSIgAn
h1rssi+IyhBOnfCL7kHnrbSDr3s7Itg5w/5ffXRkxYl3HfaIjz0NNCDvfKcjoChu
0gHot3yvnrrEc/S46v6RI4HoOfXg8oOEVw6uUbOnSya4p7+f8DHi6x9LVFIiiRUa
uNGIFVcpK1lotBIlP+TGt2s493iEaeYL5ya5rjt1QmdfZW8MFVAX+Q2vwrDIMxW6
w6kiZzwj+0/C2MDEoo63VdClrGV/UD7wvmxwQJzzx5xe97OGJerHYB5ZOSAxdXp6
aGgtyIzL2WZjHaRX0WN59i0kQfJaeSwfsCY4VYHjKpUgXGZOJLoUhw052QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAgfLC6UoZZm9qJo6KgzOZxJ7bFWMB8GA1UdIwQY
MBaAFD//y+yIjBBH8iHXz5OWvxQSq6+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2It
NjE2NjdjNzY5MWIyLzEvQ0I4c0xwU2hsbWIyb21qb3FETTVuRW50c1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2ItNjE2NjdjNzY5MWIy
LzEvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABYVyMA0E
AgACMAcDBQMqEHBAMA0GCSqGSIb3DQEBCwUAA4IBAQA05+/nUz6a86tHQiAm99Lz
cNM3QT7tcfEYrM68Yhli+MsYYPxEk5gML5/w9s87gD7DiDvAB6FY1/Fqjxn5mWUd
FsIJxUBuUS5N7Et+qRd1Aehk6JPCuGckLGy4QqWUHI1FAVHwtdnnNQbZyEu65bJ6
8l4wS2oc4+peI+4yVx527gvemjBDdX7rf9u+xPavxP0fVIxYNDi066FPPuWEOqre
693/tCfkrHnNeA5q2lM+O9SOdxYjkyutKHvOh+QwTFzyK4qYL35AejM8P7UQ4zGJ
kztffoGJ+CCtp6X3klLMPUEao9L4La1k4CYIgOIK4rL/Y/8aD27Tg6UuJlBLgCCL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:28 2024 by rpki-client on console-fra.rpki-client.org