Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/5cQG3Lz5PUlGihSXKOhoTkxkwfI.roa
File: 5cQG3Lz5PUlGihSXKOhoTkxkwfI.roa (raw, json)
Hash identifier: QkUQ0dt8RYuJ4/UMOXpXJBCA+AKj8Xck6u9a8O3Ks9M=
Subject key identifier: E5:C4:06:DC:BC:F9:3D:49:46:8A:14:97:28:E8:68:4E:4C:64:C1:F2
Certificate issuer: /CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
Certificate serial: 04B9A565
Authority key identifier: 5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/5cQG3Lz5PUlGihSXKOhoTkxkwfI.roa
Signing time: Wed 09 Feb 2022 10:38:21 +0000
ROA not before: Wed 09 Feb 2022 10:38:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208914
IP address blocks: 2a10:4741:32::/48 maxlen: 48
2a10:4741:30::/48 maxlen: 48
2a10:4741:31::/48 maxlen: 48
2a10:4741:21::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79275365 (0x4b9a565)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
Validity
Not Before: Feb 9 10:38:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5c406dcbcf93d49468a149728e8684e4c64c1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d0:45:78:03:68:66:a3:02:08:c2:20:20:32:
27:d5:aa:a4:fc:bf:d6:cd:00:fc:87:83:47:13:5c:
17:38:54:8d:42:0d:41:ac:b0:e3:ea:5c:59:5a:f5:
90:42:8b:97:0a:87:63:f8:9f:2f:fe:fe:b6:84:1e:
91:52:77:27:c6:e7:17:bb:6d:57:45:8b:6e:56:94:
b8:4d:06:c9:28:a7:1c:f4:72:3e:a4:3c:c9:30:f0:
77:5f:26:a8:4c:0b:6f:19:c4:29:1b:1a:7d:38:52:
fc:18:58:56:1f:ea:36:d0:7b:8a:d3:e7:16:9a:41:
51:68:6f:9a:09:c0:8d:56:d1:64:25:46:d4:d7:dd:
1a:d7:46:3f:57:c7:e9:e8:ce:02:26:43:9f:ec:05:
59:be:cc:d4:84:b9:ee:16:e6:59:ef:c4:fc:c5:19:
8d:eb:67:19:dc:1c:b9:68:5a:bc:88:f1:31:b6:1b:
85:df:12:24:99:e2:ac:ac:b8:4d:06:fb:28:88:91:
78:c9:e3:da:38:52:49:4c:37:50:7c:0b:bd:65:02:
36:fe:87:c3:90:f6:08:49:e3:c1:01:83:16:a1:77:
ea:a9:7f:29:00:ad:58:86:3a:d7:a3:4e:24:cd:45:
9e:fd:79:50:dc:1f:57:d2:9f:ff:0a:05:a5:ac:fa:
df:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C4:06:DC:BC:F9:3D:49:46:8A:14:97:28:E8:68:4E:4C:64:C1:F2
X509v3 Authority Key Identifier:
keyid:5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/5cQG3Lz5PUlGihSXKOhoTkxkwfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/XfU2RYQ-bSiD3I-cT0FcHq279go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4741:21::/48
2a10:4741:30::-2a10:4741:32:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
96:f0:de:ee:19:67:45:04:d4:4a:a7:20:0e:57:b0:f8:34:e3:
d6:a5:0c:19:38:40:42:e5:2b:8a:36:3f:46:1b:56:83:67:3f:
6b:fe:d7:78:b4:01:ad:58:a9:75:4c:ea:93:0a:da:4c:d3:98:
68:85:e8:8e:69:9a:9e:c5:b5:e9:ab:9f:d0:6f:27:65:3c:db:
7c:dd:19:6d:fc:69:d4:9c:ce:86:f6:7e:2a:30:c1:46:4f:ee:
cd:c3:23:19:8f:87:9d:f2:04:56:84:ca:fa:b0:b0:1f:1e:f1:
0d:5e:cb:cb:87:db:29:88:31:93:a2:77:96:a1:89:26:42:bc:
ec:af:67:c7:80:a6:80:e6:07:a0:a5:0e:dc:5f:82:91:4a:50:
47:56:8d:a1:33:eb:64:61:b1:51:ab:bf:cd:3c:4e:eb:44:fa:
d5:a4:86:2a:c1:55:97:d3:22:d9:19:9b:3c:c3:22:a5:ce:f2:
b3:15:b6:88:a9:40:7f:69:84:b0:8b:9f:a9:55:18:4d:94:62:
7c:b7:23:74:1f:13:c2:65:64:c2:50:98:ef:55:c9:85:f2:6b:
82:62:74:35:aa:c4:b5:fa:3d:da:1b:c3:9c:15:f0:3b:88:41:
ec:72:9b:a8:58:dd:93:98:0a:d5:95:fe:f9:0f:bf:40:01:d4:
1a:8a:ef:f0
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEBLmlZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGY1MzY0NTg0M2U2ZDI4ODNkYzhmOWM0ZjQxNWMxZWFkYmJmNjBhMB4XDTIyMDIw
OTEwMzgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTVjNDA2ZGNiY2Y5
M2Q0OTQ2OGExNDk3MjhlODY4NGU0YzY0YzFmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHQRXgDaGajAgjCICAyJ9WqpPy/1s0A/IeDRxNcFzhUjUIN
Qayw4+pcWVr1kEKLlwqHY/ifL/7+toQekVJ3J8bnF7ttV0WLblaUuE0GySinHPRy
PqQ8yTDwd18mqEwLbxnEKRsafThS/BhYVh/qNtB7itPnFppBUWhvmgnAjVbRZCVG
1NfdGtdGP1fH6ejOAiZDn+wFWb7M1IS57hbmWe/E/MUZjetnGdwcuWhavIjxMbYb
hd8SJJnirKy4TQb7KIiReMnj2jhSSUw3UHwLvWUCNv6Hw5D2CEnjwQGDFqF36ql/
KQCtWIY616NOJM1Fnv15UNwfV9Kf/woFpaz6360CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBTlxAbcvPk9SUaKFJco6GhOTGTB8jAfBgNVHSMEGDAWgBRd9TZFhD5tKIPc
j5xPQVwerbv2CjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hmVTJSWVEtYlNpRDNJLWNUMEZjSHEyNzlnby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvZDEwN2RlLWUyZTUtNDcyNy05OGFkLTM4MjE4MTAzNDRlNi8x
LzVjUUczTHo1UFVsR2loU1hLT2hvVGt4a3dmSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
ZDEwN2RlLWUyZTUtNDcyNy05OGFkLTM4MjE4MTAzNDRlNi8xL1hmVTJSWVEtYlNp
RDNJLWNUMEZjSHEyNzlnby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwIwQCAAIwHQMHACoQR0EAITASAwcEKhBHQQAwAwcA
KhBHQQAyMA0GCSqGSIb3DQEBCwUAA4IBAQCW8N7uGWdFBNRKpyAOV7D4NOPWpQwZ
OEBC5SuKNj9GG1aDZz9r/td4tAGtWKl1TOqTCtpM05hoheiOaZqexbXpq5/Qbydl
PNt83Rlt/GnUnM6G9n4qMMFGT+7NwyMZj4ed8gRWhMr6sLAfHvENXsvLh9spiDGT
oneWoYkmQrzsr2fHgKaA5gegpQ7cX4KRSlBHVo2hM+tkYbFRq7/NPE7rRPrVpIYq
wVWX0yLZGZs8wyKlzvKzFbaIqUB/aYSwi5+pVRhNlGJ8tyN0HxPCZWTCUJjvVcmF
8muCYnQ1qsS1+j3aG8OcFfA7iEHscpuoWN2TmArVlf75D79AAdQaiu/w
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:04 2023 by rpki-client on console-fra.rpki-client.org