Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/dkCiftsN8RLjyfHjPsxasIYhGgI.roa
File: dkCiftsN8RLjyfHjPsxasIYhGgI.roa (raw, json)
Hash identifier: Km8xirqB4A+tiapybv3qlK9FlDJiMn7spf+e3CPZiUU=
Subject key identifier: 76:40:A2:7E:DB:0D:F1:12:E3:C9:F1:E3:3E:CC:5A:B0:86:21:1A:02
Certificate issuer: /CN=1b78dbf3e859582fd1eda2f2dcde5422295146f1
Certificate serial: 0882AAC9
Authority key identifier: 1B:78:DB:F3:E8:59:58:2F:D1:ED:A2:F2:DC:DE:54:22:29:51:46:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G3jb8-hZWC_R7aLy3N5UIilRRvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/dkCiftsN8RLjyfHjPsxasIYhGgI.roa
Signing time: Sat 01 Jan 2022 00:54:58 +0000
ROA not before: Sat 01 Jan 2022 00:54:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15600
IP address blocks: 5.172.128.0/20 maxlen: 20
185.74.136.0/22 maxlen: 22
2a00:d4e0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142781129 (0x882aac9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b78dbf3e859582fd1eda2f2dcde5422295146f1
Validity
Not Before: Jan 1 00:54:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7640a27edb0df112e3c9f1e33ecc5ab086211a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9f:e4:db:d7:ed:56:76:b0:6a:04:f7:cf:83:
dd:20:97:d8:5e:97:da:a6:e6:c7:55:b9:d4:e1:44:
a4:92:76:94:f3:26:c2:01:8b:a3:f6:7f:b5:27:b5:
8f:6f:ba:b3:23:88:66:d7:da:71:0a:c4:d1:56:51:
e1:d3:12:3a:43:0f:dc:0a:6e:9a:7d:48:44:4c:0c:
5d:eb:45:f8:81:1a:27:05:03:c3:69:49:53:fc:58:
31:dd:ed:01:12:97:3f:10:5c:ed:d1:2c:f8:4e:06:
13:38:90:6f:66:d3:58:0a:67:57:95:b0:79:ef:94:
fb:c7:40:92:7e:63:55:fc:b3:f1:4c:d2:25:6b:58:
42:f1:ac:0c:30:06:ec:fc:3a:95:09:2e:76:76:70:
4a:0d:05:ad:66:55:71:b2:77:1f:7c:7f:fd:08:ae:
db:b1:2e:95:58:06:74:4d:5f:8f:14:30:a2:f0:53:
59:1a:65:3d:bc:49:54:9c:39:46:fd:8c:2e:0e:41:
f4:a0:e9:68:7d:10:ed:49:51:83:f7:67:20:73:86:
e4:65:3d:29:85:92:ab:c2:22:54:a6:2b:39:5c:1c:
49:7e:ec:7a:e0:b5:4c:de:53:bf:9a:a5:9d:3c:4c:
70:3b:c8:06:bf:08:28:80:15:1d:38:7b:f9:57:7d:
c6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:40:A2:7E:DB:0D:F1:12:E3:C9:F1:E3:3E:CC:5A:B0:86:21:1A:02
X509v3 Authority Key Identifier:
keyid:1B:78:DB:F3:E8:59:58:2F:D1:ED:A2:F2:DC:DE:54:22:29:51:46:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G3jb8-hZWC_R7aLy3N5UIilRRvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/dkCiftsN8RLjyfHjPsxasIYhGgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/G3jb8-hZWC_R7aLy3N5UIilRRvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.128.0/20
185.74.136.0/22
IPv6:
2a00:d4e0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:9d:58:93:5b:5b:cf:95:68:93:f5:9f:4f:31:ff:6c:4f:3e:
c2:67:94:f1:80:3f:0b:52:99:2c:cc:24:1d:51:42:05:1b:9c:
a6:73:66:45:10:fa:37:fc:98:41:e8:47:af:d7:80:58:eb:b4:
77:e7:2c:6b:83:51:62:06:ed:43:f6:1f:56:d1:9d:b7:88:d2:
0f:eb:44:cb:dc:3e:f4:04:54:f7:e5:d9:37:57:3f:9e:18:23:
d3:ae:1b:47:c0:99:58:ba:63:45:b3:b5:bb:86:e7:e2:b0:b4:
79:a7:3a:df:ff:19:ff:d9:d6:bd:a7:47:d4:af:40:89:be:bd:
e6:9c:e0:fa:43:be:fb:4e:33:f0:be:70:63:93:63:e1:d6:1a:
11:89:7f:b4:35:14:13:a6:75:22:b9:1e:6c:54:df:b8:4c:a6:
b8:9b:d0:e7:8a:c9:41:93:05:71:82:bb:88:a0:ad:0f:0a:1e:
82:e1:20:47:e6:7e:8d:24:ee:92:ac:62:1a:36:25:65:8e:b9:
37:9b:c2:68:40:af:fc:c7:b5:c7:35:87:33:f3:f2:b0:16:b2:
6e:c4:c3:02:b5:46:33:2d:71:38:b9:db:24:0f:dd:21:33:83:
c6:2b:22:6b:35:8d:a3:83:af:ad:ed:4f:0d:93:45:df:8e:27:
47:27:35:c2
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECIKqyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Yjc4ZGJmM2U4NTk1ODJmZDFlZGEyZjJkY2RlNTQyMjI5NTE0NmYxMB4XDTIyMDEw
MTAwNTQ1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY0MGEyN2VkYjBk
ZjExMmUzYzlmMWUzM2VjYzVhYjA4NjIxMWEwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIaf5NvX7VZ2sGoE98+D3SCX2F6X2qbmx1W51OFEpJJ2lPMm
wgGLo/Z/tSe1j2+6syOIZtfacQrE0VZR4dMSOkMP3Apumn1IREwMXetF+IEaJwUD
w2lJU/xYMd3tARKXPxBc7dEs+E4GEziQb2bTWApnV5Wwee+U+8dAkn5jVfyz8UzS
JWtYQvGsDDAG7Pw6lQkudnZwSg0FrWZVcbJ3H3x//Qiu27EulVgGdE1fjxQwovBT
WRplPbxJVJw5Rv2MLg5B9KDpaH0Q7UlRg/dnIHOG5GU9KYWSq8IiVKYrOVwcSX7s
euC1TN5Tv5qlnTxMcDvIBr8IKIAVHTh7+Vd9xhsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR2QKJ+2w3xEuPJ8eM+zFqwhiEaAjAfBgNVHSMEGDAWgBQbeNvz6FlYL9Ht
ovLc3lQiKVFG8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0czamI4LWhaV0NfUjdhTHkzTjVVSWlsUlJ2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvOTliNTM1LWM0MmItNGUwMS04NzkzLTcyMjI5NDc4M2U5ZS8x
L2RrQ2lmdHNOOFJManlmSGpQc3hhc0lZaEdnSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
OTliNTM1LWM0MmItNGUwMS04NzkzLTcyMjI5NDc4M2U5ZS8xL0czamI4LWhaV0Nf
UjdhTHkzTjVVSWlsUlJ2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBAWsgAMEArlKiDANBAIAAjAHAwUD
KgDU4DANBgkqhkiG9w0BAQsFAAOCAQEAOp1Yk1tbz5Vok/WfTzH/bE8+wmeU8YA/
C1KZLMwkHVFCBRucpnNmRRD6N/yYQehHr9eAWOu0d+csa4NRYgbtQ/YfVtGdt4jS
D+tEy9w+9ARU9+XZN1c/nhgj064bR8CZWLpjRbO1u4bn4rC0eac63/8Z/9nWvadH
1K9Aib695pzg+kO++04z8L5wY5Nj4dYaEYl/tDUUE6Z1IrkebFTfuEymuJvQ54rJ
QZMFcYK7iKCtDwoeguEgR+Z+jSTukqxiGjYlZY65N5vCaECv/Me1xzWHM/PysBay
bsTDArVGMy1xOLnbJA/dITODxisiazWNo4Ovre1PDZNF344nRyc1wg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:10 2024 by rpki-client on console-ams.rpki-client.org