Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/qEx2r-4POsqwliPHgfBighT-gKs.roa
File: qEx2r-4POsqwliPHgfBighT-gKs.roa (raw, json)
Hash identifier: 4XI0rxRtCNsbdqLW+30GZLTSDZjhgXh5ncwKP6UusNA=
Subject key identifier: A8:4C:76:AF:EE:0F:3A:CA:B0:96:23:C7:81:F0:62:82:14:FE:80:AB
Certificate issuer: /CN=1e4a2020b82d0294e90a2d6b2c0f28d1173b6465
Certificate serial: 424AA5AE
Authority key identifier: 1E:4A:20:20:B8:2D:02:94:E9:0A:2D:6B:2C:0F:28:D1:17:3B:64:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HkogILgtApTpCi1rLA8o0Rc7ZGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/qEx2r-4POsqwliPHgfBighT-gKs.roa
Signing time: Sat 01 Jan 2022 01:50:50 +0000
ROA not before: Sat 01 Jan 2022 01:50:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47692
IP address blocks: 5.132.159.0/24 maxlen: 24
5.132.157.0/24 maxlen: 24
5.132.160.0/24 maxlen: 24
5.132.191.0/24 maxlen: 24
2a03:3180:f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1112188334 (0x424aa5ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e4a2020b82d0294e90a2d6b2c0f28d1173b6465
Validity
Not Before: Jan 1 01:50:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a84c76afee0f3acab09623c781f0628214fe80ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:20:0f:58:91:15:79:45:d2:cd:7b:e7:59:0d:
ef:ac:33:f6:cc:71:a8:f6:f4:41:4c:03:86:2a:bd:
f7:10:ca:86:2e:96:34:11:f0:37:74:42:1a:b2:c7:
42:b9:6a:81:aa:03:6e:14:8f:65:92:85:af:58:7b:
28:b5:72:91:37:2f:9f:8d:f1:af:7c:4d:8a:2e:50:
67:68:b1:59:61:60:d4:77:d8:04:a7:2d:b9:67:04:
a9:81:52:ba:4f:6f:9d:ca:a5:d0:d3:38:28:5f:27:
d8:d8:74:50:16:1d:02:6f:a6:50:05:4c:47:0c:00:
44:33:91:f9:73:25:d4:01:72:9c:6a:b2:0e:46:b9:
8f:e0:fd:2c:95:31:db:95:f9:00:84:22:65:76:e9:
57:a7:16:e7:2f:8a:c5:da:c4:f2:df:12:5c:ad:64:
85:3b:9d:82:28:57:31:ee:e7:19:e1:4b:55:16:f7:
8b:b4:21:88:9c:23:15:0f:a0:f9:7d:62:fd:3b:bd:
66:ba:09:e7:e1:35:42:9c:bf:96:37:90:94:f2:da:
b4:09:74:1b:b0:57:19:3b:c3:aa:35:40:12:c2:c1:
56:87:71:de:35:c9:07:87:69:cf:40:97:98:53:18:
5f:14:dd:02:4a:57:12:c6:d9:01:6a:4d:9e:cf:68:
e6:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:4C:76:AF:EE:0F:3A:CA:B0:96:23:C7:81:F0:62:82:14:FE:80:AB
X509v3 Authority Key Identifier:
keyid:1E:4A:20:20:B8:2D:02:94:E9:0A:2D:6B:2C:0F:28:D1:17:3B:64:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HkogILgtApTpCi1rLA8o0Rc7ZGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/qEx2r-4POsqwliPHgfBighT-gKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/HkogILgtApTpCi1rLA8o0Rc7ZGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.132.157.0/24
5.132.159.0-5.132.160.255
5.132.191.0/24
IPv6:
2a03:3180:f::/48
Signature Algorithm: sha256WithRSAEncryption
7b:8a:d6:ef:ca:8c:41:c5:84:00:43:b1:6c:84:14:de:62:d7:
d2:15:33:e9:75:1d:7e:e3:65:62:fc:c9:f7:da:3a:dc:b6:34:
60:3e:f9:ad:c7:5a:7a:5d:9b:51:84:cd:95:49:28:31:09:af:
b7:23:91:59:6e:2b:5e:fa:ef:62:21:9f:eb:8a:8c:f2:f3:0b:
be:1b:3b:69:ce:c4:46:53:c1:2d:58:7f:32:b2:93:a9:5f:dd:
e9:bf:39:40:29:66:15:e4:f5:17:6c:70:d1:f6:23:59:7c:02:
db:1f:15:43:00:a7:7b:5a:fa:bb:37:7d:fe:fa:27:dd:71:05:
cf:74:86:06:e9:cd:1a:1e:13:3e:79:ad:22:9f:6b:16:4e:57:
9b:cf:7b:d0:d4:90:e0:ae:cf:48:42:a8:d6:14:6e:13:4e:c5:
9f:97:85:45:83:03:e1:7a:0a:41:3b:00:f0:35:af:ec:e0:92:
b0:b8:a9:fc:ed:30:b6:64:f8:3a:2b:02:6a:5f:11:69:14:52:
76:61:1c:71:28:9c:91:c4:7b:52:36:2a:44:22:d2:85:bb:94:
ff:05:5c:f6:f2:e7:72:fa:90:f9:6a:01:55:df:61:a0:d1:4f:
54:68:f9:1c:15:bf:f0:5a:01:0d:e9:c6:aa:12:1a:43:37:1a:
9e:d9:64:7a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIEQkqlrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZTRhMjAyMGI4MmQwMjk0ZTkwYTJkNmIyYzBmMjhkMTE3M2I2NDY1MB4XDTIyMDEw
MTAxNTA1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg0Yzc2YWZlZTBm
M2FjYWIwOTYyM2M3ODFmMDYyODIxNGZlODBhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAgD1iRFXlF0s1751kN76wz9sxxqPb0QUwDhiq99xDKhi6W
NBHwN3RCGrLHQrlqgaoDbhSPZZKFr1h7KLVykTcvn43xr3xNii5QZ2ixWWFg1HfY
BKctuWcEqYFSuk9vncql0NM4KF8n2Nh0UBYdAm+mUAVMRwwARDOR+XMl1AFynGqy
Dka5j+D9LJUx25X5AIQiZXbpV6cW5y+KxdrE8t8SXK1khTudgihXMe7nGeFLVRb3
i7QhiJwjFQ+g+X1i/Tu9ZroJ5+E1Qpy/ljeQlPLatAl0G7BXGTvDqjVAEsLBVodx
3jXJB4dpz0CXmFMYXxTdAkpXEsbZAWpNns9o5qUCAwEAAaOCAi4wggIqMB0GA1Ud
DgQWBBSoTHav7g86yrCWI8eB8GKCFP6AqzAfBgNVHSMEGDAWgBQeSiAguC0ClOkK
LWssDyjRFztkZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hrb2dJTGd0QXBUcENpMXJMQThvMFJjN1pHVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvNGM0OGJiLTM2NmMtNDFmNS05YjJkLTUzMDQ0MGM0ZmEyOS8x
L3FFeDJyLTRQT3Nxd2xpUEhnZkJpZ2hULWdLcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
NGM0OGJiLTM2NmMtNDFmNS05YjJkLTUzMDQ0MGM0ZmEyOS8xL0hrb2dJTGd0QXBU
cENpMXJMQThvMFJjN1pHVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBE
BggrBgEFBQcBBwEB/wQ1MDMwIAQCAAEwGgMEAAWEnTAMAwQABYSfAwQABYSgAwQA
BYS/MA8EAgACMAkDBwAqAzGAAA8wDQYJKoZIhvcNAQELBQADggEBAHuK1u/KjEHF
hABDsWyEFN5i19IVM+l1HX7jZWL8yffaOty2NGA++a3HWnpdm1GEzZVJKDEJr7cj
kVluK17672Ihn+uKjPLzC74bO2nOxEZTwS1YfzKyk6lf3em/OUApZhXk9RdscNH2
I1l8AtsfFUMAp3ta+rs3ff76J91xBc90hgbpzRoeEz55rSKfaxZOV5vPe9DUkOCu
z0hCqNYUbhNOxZ+XhUWDA+F6CkE7APA1r+zgkrC4qfztMLZk+DorAmpfEWkUUnZh
HHEonJHEe1I2KkQi0oW7lP8FXPby53L6kPlqAVXfYaDRT1Ro+RwVv/BaAQ3pxqoS
GkM3Gp7ZZHo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:13 2023 by rpki-client on console-fra.rpki-client.org