Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/4t--F_4faiPkxsPg9Tm58gqonvA.roa
File: 4t--F_4faiPkxsPg9Tm58gqonvA.roa (raw, json)
Hash identifier: 5K1FFDlbBqE1B09tCway7slS23uw8i2ihbNl8IPAQgI=
Subject key identifier: E2:DF:BE:17:FE:1F:6A:23:E4:C6:C3:E0:F5:39:B9:F2:0A:A8:9E:F0
Certificate issuer: /CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Certificate serial: 07AEB3A4
Authority key identifier: EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/4t--F_4faiPkxsPg9Tm58gqonvA.roa
Signing time: Sat 01 Jan 2022 02:01:08 +0000
ROA not before: Sat 01 Jan 2022 02:01:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197216
IP address blocks: 5.182.20.0/24 maxlen: 24
5.182.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128889764 (0x7aeb3a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Validity
Not Before: Jan 1 02:01:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2dfbe17fe1f6a23e4c6c3e0f539b9f20aa89ef0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cf:68:fb:1e:79:04:c7:5a:5b:84:f0:c5:99:
69:ad:27:74:13:78:ef:66:2b:ac:5f:cb:81:0b:f2:
38:bc:bd:df:cb:3c:af:78:89:4d:ae:63:92:dd:ae:
4e:42:bd:70:1e:98:8d:47:e4:38:ae:63:77:f9:26:
39:dd:44:e8:bd:f6:e4:63:2b:f5:68:e1:97:b4:c6:
f4:04:4a:7f:42:83:dc:5c:7e:de:64:19:50:d9:db:
f5:86:2c:05:48:87:c0:0a:0a:dc:ab:02:9b:28:f9:
03:6f:36:71:c1:1f:7f:1a:53:80:29:eb:4a:13:ce:
a0:48:7c:10:fc:3b:83:2f:a4:02:ff:c4:3e:8b:78:
7f:82:ad:99:1a:fe:9a:ee:20:90:ae:f7:bf:2e:71:
ad:1f:5e:3c:7c:9c:f0:2f:e6:68:bd:46:c1:89:16:
18:23:44:ca:fe:95:09:8c:f9:db:c4:65:ac:bf:60:
28:1c:02:0f:70:49:3c:18:34:68:9c:b4:57:50:43:
0c:ea:2d:6d:13:15:d4:e1:6e:13:2d:bc:90:fb:90:
61:92:07:cf:ff:b5:cf:30:e9:11:c3:d8:71:12:af:
34:02:e6:73:5c:5f:f7:87:c0:9b:49:2b:26:f7:3f:
76:4b:11:b4:9e:95:6a:91:3f:c3:52:bf:e1:5e:bd:
1b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DF:BE:17:FE:1F:6A:23:E4:C6:C3:E0:F5:39:B9:F2:0A:A8:9E:F0
X509v3 Authority Key Identifier:
keyid:EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/4t--F_4faiPkxsPg9Tm58gqonvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.20.0/23
Signature Algorithm: sha256WithRSAEncryption
16:7f:b9:37:0b:ff:9d:58:66:91:23:ea:e4:de:68:02:f5:33:
f8:05:bb:58:7d:33:a4:9c:d3:71:13:25:97:26:17:bb:7e:c2:
e5:cc:d5:6b:18:d9:9e:d5:9b:b8:8d:17:21:62:ab:a7:2d:ab:
bc:d3:98:35:b7:b4:48:cf:76:c1:a1:d0:7d:23:34:62:6b:2c:
2c:25:a5:ee:82:73:6c:ba:96:51:06:0d:a5:4f:c0:d9:7a:fe:
b2:ec:f9:9e:bb:82:7e:5c:0b:9d:63:bd:8b:d4:44:48:a0:78:
e7:ef:d3:33:d0:9c:e3:1b:4e:e1:41:d2:e8:19:f0:17:f7:80:
bd:e9:e3:e2:37:9e:9e:b0:99:db:12:71:74:51:2f:ff:09:ce:
89:03:db:72:55:fa:3c:ea:57:5c:20:24:ba:18:e0:2a:15:6d:
28:99:d8:f8:11:00:7e:7f:31:86:29:a6:a9:50:ad:cc:76:bc:
40:16:b7:6b:a6:5d:6a:81:96:64:11:eb:c8:3a:b1:1f:a4:a2:
a5:6d:a1:70:ab:00:95:c0:d5:d9:f7:da:7f:bd:5d:38:69:4c:
8f:f5:f8:87:91:5d:44:69:87:3e:a6:70:45:4b:7a:cd:5a:ec:
dc:5e:63:e7:e0:d1:50:06:03:11:fc:09:27:18:35:76:1a:14:
9b:a1:80:57
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB66zpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjlkNzYzYjQ5ZTAyNGE3YjZhMTllYWY3ZGZiOTg5MTFhOWM5NGM4MB4XDTIyMDEw
MTAyMDEwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJkZmJlMTdmZTFm
NmEyM2U0YzZjM2UwZjUzOWI5ZjIwYWE4OWVmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJnPaPseeQTHWluE8MWZaa0ndBN472YrrF/LgQvyOLy938s8
r3iJTa5jkt2uTkK9cB6YjUfkOK5jd/kmOd1E6L325GMr9Wjhl7TG9ARKf0KD3Fx+
3mQZUNnb9YYsBUiHwAoK3KsCmyj5A282ccEffxpTgCnrShPOoEh8EPw7gy+kAv/E
Pot4f4KtmRr+mu4gkK73vy5xrR9ePHyc8C/maL1GwYkWGCNEyv6VCYz528RlrL9g
KBwCD3BJPBg0aJy0V1BDDOotbRMV1OFuEy28kPuQYZIHz/+1zzDpEcPYcRKvNALm
c1xf94fAm0krJvc/dksRtJ6VapE/w1K/4V69G5ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTi374X/h9qI+TGw+D1ObnyCqie8DAfBgNVHSMEGDAWgBTvnXY7SeAkp7ah
nq99+5iRGpyUyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzc1MTJPMG5nSktlMm9aNnZmZnVZa1JxY2xNZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvNTljZjhlLWRjNjctNDNmYi1iZDM3LTA4NzBlNjU5NjQ1Yi8x
LzR0LS1GXzRmYWlQa3hzUGc5VG01OGdxb252QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
NTljZjhlLWRjNjctNDNmYi1iZDM3LTA4NzBlNjU5NjQ1Yi8xLzc1MTJPMG5nSktl
Mm9aNnZmZnVZa1JxY2xNZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQW2FDANBgkqhkiG9w0BAQsFAAOC
AQEAFn+5Nwv/nVhmkSPq5N5oAvUz+AW7WH0zpJzTcRMllyYXu37C5czVaxjZntWb
uI0XIWKrpy2rvNOYNbe0SM92waHQfSM0YmssLCWl7oJzbLqWUQYNpU/A2Xr+suz5
nruCflwLnWO9i9RESKB45+/TM9Cc4xtO4UHS6BnwF/eAvenj4jeenrCZ2xJxdFEv
/wnOiQPbclX6POpXXCAkuhjgKhVtKJnY+BEAfn8xhimmqVCtzHa8QBa3a6ZdaoGW
ZBHryDqxH6SipW2hcKsAlcDV2ffaf71dOGlMj/X4h5FdRGmHPqZwRUt6zVrs3F5j
5+DRUAYDEfwJJxg1dhoUm6GAVw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:13 2023 by rpki-client on console-fra.rpki-client.org