Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/5T_GkE7_MAixTWMmHMNXAUmpajE.roa
File: 5T_GkE7_MAixTWMmHMNXAUmpajE.roa (raw, json)
Hash identifier: bpKx4s57YgjFodfafingrASKVPk7cUK/GGq69kUvirI=
Subject key identifier: E5:3F:C6:90:4E:FF:30:08:B1:4D:63:26:1C:C3:57:01:49:A9:6A:31
Certificate issuer: /CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
Certificate serial: 08C96AE5
Authority key identifier: A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/5T_GkE7_MAixTWMmHMNXAUmpajE.roa
Signing time: Sat 01 Jan 2022 04:04:25 +0000
ROA not before: Sat 01 Jan 2022 04:04:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8473
IP address blocks: 109.228.128.0/18 maxlen: 18
213.80.96.0/19 maxlen: 19
5.150.192.0/18 maxlen: 18
85.24.128.0/17 maxlen: 17
82.196.96.0/19 maxlen: 19
178.174.128.0/17 maxlen: 17
212.85.64.0/19 maxlen: 19
79.136.0.0/17 maxlen: 17
217.31.160.0/19 maxlen: 19
94.254.0.0/17 maxlen: 17
213.164.192.0/19 maxlen: 19
213.136.32.0/19 maxlen: 19
185.57.4.0/22 maxlen: 22
185.90.176.0/22 maxlen: 22
62.63.192.0/18 maxlen: 18
81.170.128.0/17 maxlen: 17
176.10.128.0/17 maxlen: 17
98.128.0.0/16 maxlen: 16
212.116.64.0/19 maxlen: 19
46.59.0.0/17 maxlen: 17
195.178.160.0/19 maxlen: 19
217.27.160.0/19 maxlen: 19
37.123.128.0/18 maxlen: 18
2a02:508::/32 maxlen: 32
2001:9b0::/32 maxlen: 32
2001:9b0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147417829 (0x8c96ae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
Validity
Not Before: Jan 1 04:04:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e53fc6904eff3008b14d63261cc3570149a96a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c1:47:ed:24:02:04:95:44:3d:11:83:85:4c:
90:50:bd:fc:31:31:b2:ea:16:09:31:7a:b2:1b:08:
81:3f:0b:3e:ab:25:0c:33:2f:74:58:dc:66:22:c2:
54:c3:41:04:c1:26:98:cd:cd:fc:da:0f:aa:51:e9:
18:50:d1:3d:01:4d:12:59:f9:3c:d4:ac:28:fb:44:
32:0c:58:6b:4c:85:b6:22:7b:e6:bc:3c:81:ec:71:
fd:6e:6a:b4:68:a7:e8:d5:39:5d:17:48:c8:9d:18:
3c:df:be:a6:79:ca:74:5b:48:0e:81:d1:c5:d1:73:
77:75:9e:62:3b:16:7e:23:20:3e:b7:3a:43:50:5c:
7b:ad:47:9b:22:74:ed:4f:70:52:9f:d7:ff:12:01:
12:27:5f:9b:28:b8:88:fc:6a:f0:28:9a:30:f1:03:
bd:c2:1a:21:b5:6f:90:32:04:8d:a2:25:a8:01:6d:
c4:1f:ef:e2:3e:b8:1e:92:86:c1:e3:38:1c:38:ea:
8f:66:a2:10:ef:4e:dd:7e:1b:0a:95:92:de:eb:72:
3f:84:fe:0c:44:d4:bb:a4:d5:b8:ce:24:64:ad:fa:
82:c4:34:a2:b4:54:0c:cf:a1:c8:ee:70:86:79:00:
af:78:13:51:18:ca:8f:bb:77:af:14:ff:b6:f8:59:
6c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:3F:C6:90:4E:FF:30:08:B1:4D:63:26:1C:C3:57:01:49:A9:6A:31
X509v3 Authority Key Identifier:
keyid:A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/5T_GkE7_MAixTWMmHMNXAUmpajE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/oyLyKe3C8xSi-l7w168d3bSZ6jE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.192.0/18
37.123.128.0/18
46.59.0.0/17
62.63.192.0/18
79.136.0.0/17
81.170.128.0/17
82.196.96.0/19
85.24.128.0/17
94.254.0.0/17
98.128.0.0/16
109.228.128.0/18
176.10.128.0/17
178.174.128.0/17
185.57.4.0/22
185.90.176.0/22
195.178.160.0/19
212.85.64.0/19
212.116.64.0/19
213.80.96.0/19
213.136.32.0/19
213.164.192.0/19
217.27.160.0/19
217.31.160.0/19
IPv6:
2001:9b0::/29
2a02:508::/32
Signature Algorithm: sha256WithRSAEncryption
82:58:5b:b7:23:93:43:5c:71:a6:39:78:51:87:31:49:dd:eb:
e3:e0:19:0a:cf:6c:5a:f6:0d:4f:c7:31:1d:c3:ba:9e:71:06:
a5:19:c4:44:2a:bf:fe:50:c8:58:30:cb:de:21:82:cf:35:87:
63:9f:a3:ec:f3:c6:3d:57:62:bf:69:d1:f3:f4:73:ec:d7:38:
1c:ce:31:56:27:0d:4e:86:0e:f0:bf:6a:54:ef:36:f6:d7:db:
4c:40:67:9d:60:6a:5e:c9:9f:92:6f:98:ff:02:f5:1e:ef:c7:
22:d4:eb:fd:4c:b1:f1:ab:53:c8:3b:a7:1d:8f:b9:30:d2:0c:
69:e4:2b:db:2b:d3:c6:d9:8f:0a:06:ea:53:a7:fa:4d:ac:20:
70:a8:b8:5a:08:9a:7f:f0:c8:f5:27:08:e1:4a:9c:41:52:e2:
4d:1b:60:9a:cb:3c:1a:aa:b3:b7:f0:f5:e6:87:cd:eb:8f:44:
64:5c:65:36:79:4c:a0:99:ed:fc:b6:a5:a1:bf:5f:72:66:b5:
cd:f0:c7:01:98:fb:66:55:0f:9e:2e:f7:6b:3e:24:3c:d6:bc:
d0:3e:4a:11:0a:74:44:4a:d7:ae:ee:79:53:58:83:59:68:54:
69:50:b9:2f:f6:90:6b:a0:45:f9:d7:f3:61:63:ce:45:c6:74:
b8:b3:1f:0d
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIECMlq5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzIyZjIyOWVkYzJmMzE0YTJmYTVlZjBkN2FmMWRkZGI0OTllYTMxMB4XDTIyMDEw
MTA0MDQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTUzZmM2OTA0ZWZm
MzAwOGIxNGQ2MzI2MWNjMzU3MDE0OWE5NmEzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjBR+0kAgSVRD0Rg4VMkFC9/DExsuoWCTF6shsIgT8LPqsl
DDMvdFjcZiLCVMNBBMEmmM3N/NoPqlHpGFDRPQFNEln5PNSsKPtEMgxYa0yFtiJ7
5rw8gexx/W5qtGin6NU5XRdIyJ0YPN++pnnKdFtIDoHRxdFzd3WeYjsWfiMgPrc6
Q1Bce61HmyJ07U9wUp/X/xIBEidfmyi4iPxq8CiaMPEDvcIaIbVvkDIEjaIlqAFt
xB/v4j64HpKGweM4HDjqj2aiEO9O3X4bCpWS3utyP4T+DETUu6TVuM4kZK36gsQ0
orRUDM+hyO5whnkAr3gTURjKj7t3rxT/tvhZbDsCAwEAAaOCAqcwggKjMB0GA1Ud
DgQWBBTlP8aQTv8wCLFNYyYcw1cBSalqMTAfBgNVHSMEGDAWgBSjIvIp7cLzFKL6
XvDXrx3dtJnqMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L295THlLZTNDOHhTaS1sN3cxNjhkM2JTWjZqRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvZWRmZmJiLTEwODItNDQ4Mi04YTA4LTY1ZjgyNDdmZmE5MS8x
LzVUX0drRTdfTUFpeFRXTW1ITU5YQVVtcGFqRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
ZWRmZmJiLTEwODItNDQ4Mi04YTA4LTY1ZjgyNDdmZmE5MS8xL295THlLZTNDOHhT
aS1sN3cxNjhkM2JTWjZqRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vAYIKwYBBQUHAQcBAf8EgawwgakwgZAEAgABMIGJAwQGBZbAAwQGJXuAAwQHLjsA
AwQGPj/AAwQHT4gAAwQHUaqAAwQFUsRgAwQHVRiAAwQHXv4AAwMAYoADBAZt5IAD
BAewCoADBAeyroADBAK5OQQDBAK5WrADBAXDsqADBAXUVUADBAXUdEADBAXVUGAD
BAXViCADBAXVpMADBAXZG6ADBAXZH6AwFAQCAAIwDgMFAyABCbADBQAqAgUIMA0G
CSqGSIb3DQEBCwUAA4IBAQCCWFu3I5NDXHGmOXhRhzFJ3evj4BkKz2xa9g1PxzEd
w7qecQalGcREKr/+UMhYMMveIYLPNYdjn6Ps88Y9V2K/adHz9HPs1zgczjFWJw1O
hg7wv2pU7zb219tMQGedYGpeyZ+Sb5j/AvUe78ci1Ov9TLHxq1PIO6cdj7kw0gxp
5CvbK9PG2Y8KBupTp/pNrCBwqLhaCJp/8Mj1JwjhSpxBUuJNG2CayzwaqrO38PXm
h83rj0RkXGU2eUygme38tqWhv19yZrXN8McBmPtmVQ+eLvdrPiQ81rzQPkoRCnRE
Steu7nlTWINZaFRpULkv9pBroEX51/NhY85FxnS4sx8N
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:55 2024 by rpki-client on console-ams.rpki-client.org