Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/ALG1B3gle6zllHxtg2kSi7jXo64.roa
File: ALG1B3gle6zllHxtg2kSi7jXo64.roa (raw, json)
Hash identifier: URW90kkSW9OgSfZUbCkAFgYqz7VpvG0F71fUw+u8CCY=
Subject key identifier: 00:B1:B5:07:78:25:7B:AC:E5:94:7C:6D:83:69:12:8B:B8:D7:A3:AE
Certificate issuer: /CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Certificate serial: 07D9A26E
Authority key identifier: 3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/ALG1B3gle6zllHxtg2kSi7jXo64.roa
Signing time: Sat 01 Jan 2022 10:03:24 +0000
ROA not before: Sat 01 Jan 2022 10:03:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206801
IP address blocks: 5.180.168.0/24 maxlen: 24
5.180.170.0/24 maxlen: 24
5.180.168.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131703406 (0x7d9a26e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Validity
Not Before: Jan 1 10:03:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00b1b50778257bace5947c6d8369128bb8d7a3ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:de:0d:31:7d:a1:c5:86:2e:a8:db:27:61:e6:
76:d2:b9:18:22:58:7a:c2:6e:71:23:1e:a3:1e:c0:
c0:fc:98:53:33:52:e5:86:58:47:41:79:34:0b:b9:
a8:18:7d:1c:27:8b:27:0e:98:83:7e:47:6e:3c:6f:
e9:84:7d:ba:a3:48:5e:99:09:9a:13:75:85:a0:39:
50:83:97:0f:a0:93:ad:7a:6c:6a:52:6c:7f:e8:72:
55:88:ea:60:b3:08:95:f9:df:54:b3:d3:b9:4d:d4:
f2:16:f3:30:12:bf:2b:bf:20:6e:d7:56:7f:e1:52:
a4:61:d2:75:3c:72:21:7e:cc:3b:34:54:86:47:58:
4a:a3:29:e7:cc:38:e2:c6:97:04:e3:35:59:5d:a0:
13:4d:40:e9:04:e3:ca:01:2f:35:05:8b:5c:fe:b5:
b7:e3:f5:67:50:7e:fa:00:8e:b2:e3:c3:cf:67:9a:
fb:36:40:24:6e:f7:73:48:2f:e0:e3:3c:c5:22:ef:
28:66:b0:0f:33:08:c6:d6:29:f5:70:8c:08:c3:98:
b8:e0:4b:dd:09:88:50:2b:fc:54:14:fe:02:ca:6e:
45:4d:5d:5d:20:bf:0d:6b:6f:5c:4e:83:5f:cb:89:
b2:33:1e:2b:9c:9f:d9:02:a0:10:4a:1f:f2:70:78:
94:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B1:B5:07:78:25:7B:AC:E5:94:7C:6D:83:69:12:8B:B8:D7:A3:AE
X509v3 Authority Key Identifier:
keyid:3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/ALG1B3gle6zllHxtg2kSi7jXo64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/PYAS-hSs56DDvS6C4KKdmkS_4pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.168.0-5.180.170.255
Signature Algorithm: sha256WithRSAEncryption
7c:ad:2f:d0:72:4f:16:f0:cc:4d:42:e6:94:53:9b:97:55:23:
55:2f:2a:39:dd:43:e9:ff:05:eb:65:0f:f9:f3:a3:e2:4c:01:
fa:2e:ef:c1:2a:e1:0b:cd:0a:6b:c9:f8:d2:53:17:21:54:35:
96:b9:8a:10:9b:c9:8f:d6:12:eb:9b:9a:c1:28:64:44:e5:67:
d7:71:b4:27:b2:2f:48:db:6a:16:0e:d8:11:6c:98:1a:1a:64:
38:15:55:c0:89:56:bd:68:73:c6:28:27:1c:89:db:a8:a8:68:
bc:84:38:6a:9b:54:35:89:d9:99:63:9e:30:9e:3f:75:08:70:
2d:46:4b:9a:bf:3d:b4:20:6f:ff:a3:ce:0b:29:0d:bf:db:11:
52:b4:bf:fd:d8:92:06:c7:b3:2c:72:40:22:bd:5f:f9:f9:c8:
c2:14:43:74:11:df:58:a7:45:42:98:79:4d:11:e6:91:1b:96:
86:8a:58:44:1c:98:3a:2d:0f:63:ff:5a:58:38:ce:49:bd:d8:
da:14:39:dd:43:63:62:5b:4b:11:09:4c:62:e4:93:fd:fe:64:
a4:43:d6:92:b1:90:06:a7:38:54:8d:d3:d1:4b:5d:db:b6:9f:
23:36:29:47:1e:5b:c4:f9:07:4c:25:5c:9f:9d:1e:b4:13:e5:
f9:71:01:5d
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEB9mibjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZDgwMTJmYTE0YWNlN2EwYzNiZDJlODJlMGEyOWQ5YTQ0YmZlMjkwMB4XDTIyMDEw
MTEwMDMyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDBiMWI1MDc3ODI1
N2JhY2U1OTQ3YzZkODM2OTEyOGJiOGQ3YTNhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbeDTF9ocWGLqjbJ2HmdtK5GCJYesJucSMeox7AwPyYUzNS
5YZYR0F5NAu5qBh9HCeLJw6Yg35Hbjxv6YR9uqNIXpkJmhN1haA5UIOXD6CTrXps
alJsf+hyVYjqYLMIlfnfVLPTuU3U8hbzMBK/K78gbtdWf+FSpGHSdTxyIX7MOzRU
hkdYSqMp58w44saXBOM1WV2gE01A6QTjygEvNQWLXP61t+P1Z1B++gCOsuPDz2ea
+zZAJG73c0gv4OM8xSLvKGawDzMIxtYp9XCMCMOYuOBL3QmIUCv8VBT+AspuRU1d
XSC/DWtvXE6DX8uJsjMeK5yf2QKgEEof8nB4lIECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQAsbUHeCV7rOWUfG2DaRKLuNejrjAfBgNVHSMEGDAWgBQ9gBL6FKznoMO9
LoLgop2aRL/ikDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BZQVMtaFNzNTZERHZTNkM0S0tkbWtTXzRwQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvZWY1ZWQxLWJkZWUtNDYzOS05MjQ4LTc3Zjg0YzU2MmE1Zi8x
L0FMRzFCM2dsZTZ6bGxIeHRnMmtTaTdqWG82NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
ZWY1ZWQxLWJkZWUtNDYzOS05MjQ4LTc3Zjg0YzU2MmE1Zi8xL1BZQVMtaFNzNTZE
RHZTNkM0S0tkbWtTXzRwQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQDBbSoAwQABbSqMA0GCSqGSIb3
DQEBCwUAA4IBAQB8rS/Qck8W8MxNQuaUU5uXVSNVLyo53UPp/wXrZQ/586PiTAH6
Lu/BKuELzQpryfjSUxchVDWWuYoQm8mP1hLrm5rBKGRE5WfXcbQnsi9I22oWDtgR
bJgaGmQ4FVXAiVa9aHPGKCcciduoqGi8hDhqm1Q1idmZY54wnj91CHAtRkuavz20
IG//o84LKQ2/2xFStL/92JIGx7MsckAivV/5+cjCFEN0Ed9Yp0VCmHlNEeaRG5aG
ilhEHJg6LQ9j/1pYOM5JvdjaFDndQ2NiW0sRCUxi5JP9/mSkQ9aSsZAGpzhUjdPR
S13btp8jNilHHlvE+QdMJVyfnR60E+X5cQFd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:41 2024 by rpki-client on console-fra.rpki-client.org