Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/h8KLMir1akCetRLCxr0VWOF5rtM.roa
File: h8KLMir1akCetRLCxr0VWOF5rtM.roa (raw, json)
Hash identifier: CbIVRyrGVsf/X35apPj+bwp7/jmSf2yFH0WI84w5QmQ=
Subject key identifier: 87:C2:8B:32:2A:F5:6A:40:9E:B5:12:C2:C6:BD:15:58:E1:79:AE:D3
Certificate issuer: /CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
Certificate serial: 33209C5B
Authority key identifier: 17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/h8KLMir1akCetRLCxr0VWOF5rtM.roa
Signing time: Sat 01 Jan 2022 02:56:56 +0000
ROA not before: Sat 01 Jan 2022 02:56:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35567
IP address blocks: 5.149.71.0/24 maxlen: 24
5.149.70.0/24 maxlen: 24
5.149.69.0/24 maxlen: 24
5.149.68.0/24 maxlen: 24
5.149.67.0/24 maxlen: 24
5.149.65.0/24 maxlen: 24
5.149.77.0/24 maxlen: 24
5.149.76.0/24 maxlen: 24
5.149.75.0/24 maxlen: 24
5.149.74.0/24 maxlen: 24
5.149.73.0/24 maxlen: 24
5.149.72.0/24 maxlen: 24
5.149.85.0/24 maxlen: 24
5.149.84.0/24 maxlen: 24
5.149.83.0/24 maxlen: 24
5.149.82.0/24 maxlen: 24
5.149.81.0/24 maxlen: 24
5.149.87.0/24 maxlen: 24
5.149.86.0/24 maxlen: 24
5.149.95.0/24 maxlen: 24
5.149.94.0/24 maxlen: 24
5.149.93.0/24 maxlen: 24
5.149.92.0/24 maxlen: 24
5.149.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 857775195 (0x33209c5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
Validity
Not Before: Jan 1 02:56:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87c28b322af56a409eb512c2c6bd1558e179aed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c7:80:d2:71:a6:1f:14:77:72:89:44:8f:c4:
5d:e2:79:39:9b:84:f9:18:54:88:a5:4b:49:06:2a:
38:64:05:30:92:ca:55:ba:df:a9:be:e9:06:aa:7e:
e0:47:69:f4:86:5f:c7:ff:b4:b5:91:a7:e0:41:86:
ff:5e:32:62:1e:75:08:3c:4c:3d:a3:b4:5d:64:b6:
cb:29:39:1e:7e:0e:e5:f5:7e:3f:32:b5:98:fd:6c:
ff:ec:14:32:a1:03:6b:f1:ef:67:8a:5e:d2:a7:bf:
0f:b8:f2:96:bf:e1:56:db:57:48:bc:ce:1c:40:df:
cf:2f:9b:60:83:6f:06:ce:41:f1:1e:49:df:94:4c:
c2:7d:85:85:fc:0d:08:b4:25:0a:e1:f3:e4:b8:d5:
54:97:8c:d5:f6:98:37:45:e5:76:d7:0d:35:ed:84:
fc:0a:60:3b:24:14:a6:b8:92:ae:cb:97:6c:3a:d3:
5d:92:3e:75:70:c3:9e:b5:67:43:56:85:1d:8f:77:
92:72:3f:48:fa:cf:b7:10:17:a8:1b:64:1f:f3:4c:
7c:9d:97:d5:7f:18:97:56:1c:08:82:74:93:46:27:
13:0e:85:02:70:bd:7a:eb:76:de:50:c2:64:78:85:
d3:5e:58:99:8b:ab:6e:23:dd:b3:ee:90:08:80:05:
b2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C2:8B:32:2A:F5:6A:40:9E:B5:12:C2:C6:BD:15:58:E1:79:AE:D3
X509v3 Authority Key Identifier:
keyid:17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/h8KLMir1akCetRLCxr0VWOF5rtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/F1lDaGkInNnH5tAgKPJKL-SbhtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.64.0/23
5.149.67.0-5.149.77.255
5.149.81.0-5.149.87.255
5.149.92.0/22
Signature Algorithm: sha256WithRSAEncryption
d1:e8:f8:c0:8d:c1:53:1b:f6:86:26:7c:f1:1f:98:ec:c0:f7:
6e:81:a5:e5:4f:45:e3:92:7a:22:19:c3:4c:21:0c:6d:b9:e4:
77:f4:48:5b:2e:98:d9:35:de:5c:95:c0:a4:5a:bb:b0:5e:20:
3b:df:af:d6:51:48:73:0a:42:9e:9f:dd:66:2a:5f:7d:1f:e0:
5a:a3:bd:97:36:3e:80:14:21:0d:f5:7f:8f:7c:61:74:c2:e2:
35:12:2d:e2:e2:1e:69:c5:9c:38:6e:6d:3a:ae:64:3d:d0:ca:
f3:f2:24:98:d5:f1:c6:81:b9:15:83:06:50:cd:20:ce:77:d3:
11:20:d6:fb:56:30:ac:5d:8b:7e:06:7a:c6:4f:13:f9:f7:b8:
ad:11:e9:b2:8e:97:2e:8d:fd:f4:4b:88:22:70:f6:2f:1a:46:
b5:62:6f:fc:95:4f:f1:5c:0e:af:46:6a:6e:10:2c:db:5f:83:
81:8e:f0:46:ea:ab:eb:f0:f9:7e:1f:ce:4f:95:13:99:6d:a3:
2f:28:6f:67:91:79:c1:c4:53:04:3a:38:98:ac:b9:c6:eb:83:
56:8c:ba:5e:cf:1a:36:2a:03:f6:dd:c5:49:f3:33:6c:15:bc:
5d:d0:d1:3c:c4:a3:3f:19:66:65:71:b2:9c:19:fb:43:d3:52:
28:da:1e:ac
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEMyCcWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzU5NDM2ODY5MDg5Y2Q5YzdlNmQwMjAyOGYyNGEyZmU0OWI4NmQ1MB4XDTIyMDEw
MTAyNTY1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdjMjhiMzIyYWY1
NmE0MDllYjUxMmMyYzZiZDE1NThlMTc5YWVkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXHgNJxph8Ud3KJRI/EXeJ5OZuE+RhUiKVLSQYqOGQFMJLK
Vbrfqb7pBqp+4Edp9IZfx/+0tZGn4EGG/14yYh51CDxMPaO0XWS2yyk5Hn4O5fV+
PzK1mP1s/+wUMqEDa/HvZ4pe0qe/D7jylr/hVttXSLzOHEDfzy+bYINvBs5B8R5J
35RMwn2FhfwNCLQlCuHz5LjVVJeM1faYN0XldtcNNe2E/ApgOyQUpriSrsuXbDrT
XZI+dXDDnrVnQ1aFHY93knI/SPrPtxAXqBtkH/NMfJ2X1X8Yl1YcCIJ0k0YnEw6F
AnC9eut23lDCZHiF015YmYurbiPds+6QCIAFsokCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSHwosyKvVqQJ61EsLGvRVY4Xmu0zAfBgNVHSMEGDAWgBQXWUNoaQic2cfm
0CAo8kov5JuG1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0YxbERhR2tJbk5uSDV0QWdLUEpLTC1TYmh0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvNzI0N2QyLTBhMjgtNGU0YS1hYTBjLWZlZjQxZGQ4NzZjMC8x
L2g4S0xNaXIxYWtDZXRSTEN4cjBWV09GNXJ0TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
NzI0N2QyLTBhMjgtNGU0YS1hYTBjLWZlZjQxZGQ4NzZjMC8xL0YxbERhR2tJbk5u
SDV0QWdLUEpLTC1TYmh0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKAMEAQWVQDAMAwQABZVDAwQBBZVMMAwD
BAAFlVEDBAMFlVADBAIFlVwwDQYJKoZIhvcNAQELBQADggEBANHo+MCNwVMb9oYm
fPEfmOzA926BpeVPReOSeiIZw0whDG255Hf0SFsumNk13lyVwKRau7BeIDvfr9ZR
SHMKQp6f3WYqX30f4FqjvZc2PoAUIQ31f498YXTC4jUSLeLiHmnFnDhubTquZD3Q
yvPyJJjV8caBuRWDBlDNIM530xEg1vtWMKxdi34GesZPE/n3uK0R6bKOly6N/fRL
iCJw9i8aRrVib/yVT/FcDq9Gam4QLNtfg4GO8Ebqq+vw+X4fzk+VE5ltoy8ob2eR
ecHEUwQ6OJisucbrg1aMul7PGjYqA/bdxUnzM2wVvF3Q0TzEoz8ZZmVxspwZ+0PT
UijaHqw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:09 2024 by rpki-client on console-ams.rpki-client.org