Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/5Ns6W15SiVZyibttF94_GWmntsA.roa
File: 5Ns6W15SiVZyibttF94_GWmntsA.roa (raw, json)
Hash identifier: UWffEGl+etalGAmqMFvqQeFKzcHI7UOqDnpEcS8MPzY=
Subject key identifier: E4:DB:3A:5B:5E:52:89:56:72:89:BB:6D:17:DE:3F:19:69:A7:B6:C0
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 446565BC
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/5Ns6W15SiVZyibttF94_GWmntsA.roa
Signing time: Sat 01 Jan 2022 03:58:13 +0000
ROA not before: Sat 01 Jan 2022 03:58:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2278
IP address blocks: 161.105.128.0/17 maxlen: 17
139.100.0.0/16 maxlen: 16
192.144.77.0/24 maxlen: 24
161.106.0.0/16 maxlen: 16
2a01:cf00::/42 maxlen: 48
2a01:cf00:f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1147495868 (0x446565bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 03:58:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4db3a5b5e5289567289bb6d17de3f1969a7b6c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4a:f6:9b:5d:de:aa:6f:e8:89:4a:7b:d9:ac:
ce:73:5c:36:95:ce:0c:5e:f2:49:91:f2:f4:10:b5:
54:c6:b1:ca:25:ed:1d:3c:17:7f:ce:17:3a:c5:de:
07:70:e7:2f:82:d2:fc:fe:37:fa:39:c4:bb:03:88:
69:03:39:bc:2b:e5:ae:9d:fa:fb:89:cd:0d:08:f9:
56:77:fb:24:6b:f4:73:17:3f:0c:8c:40:32:2e:f5:
c7:d1:6e:9b:53:96:4d:43:28:63:a9:28:02:44:e1:
65:c9:26:0b:c4:d4:4c:e7:e5:98:ef:e4:d3:c8:71:
7b:b5:69:de:59:3f:9b:45:42:83:69:5e:6c:90:4d:
13:42:15:cd:21:07:af:f7:15:26:96:d6:4a:58:83:
43:c5:31:ec:a8:24:56:a3:67:7e:48:85:28:5b:8c:
27:31:dd:1a:45:f5:d6:10:c4:6b:98:ad:1a:5d:4f:
da:f6:3f:30:86:18:fa:55:6b:54:b8:7d:4f:97:b8:
e1:fa:4d:c2:ab:02:8c:09:79:78:44:2d:e3:14:66:
3b:71:c7:65:df:4c:c7:8e:7d:db:84:6e:59:44:83:
d5:7e:9d:6a:76:3a:66:38:23:0a:61:a6:67:cd:d0:
2c:4c:14:60:50:01:bb:58:2c:e0:10:50:82:7f:19:
47:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:DB:3A:5B:5E:52:89:56:72:89:BB:6D:17:DE:3F:19:69:A7:B6:C0
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/5Ns6W15SiVZyibttF94_GWmntsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.100.0.0/16
161.105.128.0-161.106.255.255
192.144.77.0/24
IPv6:
2a01:cf00::/42
Signature Algorithm: sha256WithRSAEncryption
6d:e4:d6:d7:db:3f:65:8a:80:64:61:19:a4:ff:fc:b6:79:8e:
1e:b4:fa:3a:7c:5a:63:fb:ca:dd:46:74:d3:7f:82:d7:73:98:
cc:80:0d:25:21:48:49:36:b6:9a:19:07:97:9c:a7:31:ba:79:
56:a0:e5:78:3e:bd:fe:b0:a6:c5:43:f0:6f:1c:00:75:c7:b0:
2c:79:8f:f6:c2:d7:c9:ef:aa:a2:fd:fb:84:17:70:f2:90:04:
3b:2a:06:00:a8:60:be:45:a4:2f:a2:09:76:8b:0d:2b:87:ba:
45:39:22:49:6d:33:1c:3e:50:27:d9:40:df:a4:c2:b2:33:a1:
e8:ab:38:51:02:b4:3a:b5:42:91:95:3f:dc:e4:41:e8:8a:f0:
c7:2d:8c:d5:db:1b:21:61:53:01:76:d0:eb:70:8c:e4:a7:92:
f1:54:c7:85:5e:29:ea:3e:84:c3:fb:eb:b6:5f:c0:6d:d9:bc:
c8:4b:42:66:2e:f0:ab:91:9b:29:4c:6f:4f:a0:28:7f:a0:46:
72:32:c8:f4:ad:8c:02:6d:cc:2e:3b:bb:2e:4c:b6:ed:2d:4e:
7e:a8:4c:7b:cb:9e:f0:1a:d7:b2:07:eb:5f:39:2d:c8:d2:a3:
0d:30:e9:ed:e7:66:70:73:25:68:bb:7c:10:ae:55:b1:cd:ca:
1e:ba:0f:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIERGVlvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYwOWJhMzNiNWFlNTgxYjBkMjkzMjMyNDkzMTRmNzZhYTEwNTExMB4XDTIyMDEw
MTAzNTgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTRkYjNhNWI1ZTUy
ODk1NjcyODliYjZkMTdkZTNmMTk2OWE3YjZjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxK9ptd3qpv6IlKe9msznNcNpXODF7ySZHy9BC1VMaxyiXt
HTwXf84XOsXeB3DnL4LS/P43+jnEuwOIaQM5vCvlrp36+4nNDQj5Vnf7JGv0cxc/
DIxAMi71x9Fum1OWTUMoY6koAkThZckmC8TUTOflmO/k08hxe7Vp3lk/m0VCg2le
bJBNE0IVzSEHr/cVJpbWSliDQ8Ux7KgkVqNnfkiFKFuMJzHdGkX11hDEa5itGl1P
2vY/MIYY+lVrVLh9T5e44fpNwqsCjAl5eEQt4xRmO3HHZd9Mx45924RuWUSD1X6d
anY6ZjgjCmGmZ83QLEwUYFABu1gs4BBQgn8ZRx0CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBTk2zpbXlKJVnKJu20X3j8Zaae2wDAfBgNVHSMEGDAWgBQ68JujO1rlgbDS
kyMkkxT3aqEFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8x
LzVOczZXMTVTaVZaeWlidHRGOTRfR1dtbnRzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8xL092Q2JvenRhNVlH
dzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMDAItkMAsDBAehaYADAwChagMEAMCQ
TTAPBAIAAjAJAwcGKgHPAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBt5NbX2z9lioBk
YRmk//y2eY4etPo6fFpj+8rdRnTTf4LXc5jMgA0lIUhJNraaGQeXnKcxunlWoOV4
Pr3+sKbFQ/BvHAB1x7AseY/2wtfJ76qi/fuEF3DykAQ7KgYAqGC+RaQvogl2iw0r
h7pFOSJJbTMcPlAn2UDfpMKyM6HoqzhRArQ6tUKRlT/c5EHoivDHLYzV2xshYVMB
dtDrcIzkp5LxVMeFXinqPoTD++u2X8Bt2bzIS0JmLvCrkZspTG9PoCh/oEZyMsj0
rYwCbcwuO7suTLbtLU5+qEx7y57wGteyB+tfOS3I0qMNMOnt52ZwcyVou3wQrlWx
zcoeug9F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org