Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/5A3iKSxANllVPjyPJErHKbKqA6I.roa
File: 5A3iKSxANllVPjyPJErHKbKqA6I.roa (raw, json)
Hash identifier: 0OQ+M+SpTnWReHhfwtJBML5SfAQDdl8rl09Kf+p2dlM=
Subject key identifier: E4:0D:E2:29:2C:40:36:59:55:3E:3C:8F:24:4A:C7:29:B2:AA:03:A2
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 03C75E94
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/5A3iKSxANllVPjyPJErHKbKqA6I.roa
Signing time: Sat 01 Jan 2022 09:02:42 +0000
ROA not before: Sat 01 Jan 2022 09:02:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207743
IP address blocks: 178.157.72.0/22 maxlen: 24
178.157.102.0/23 maxlen: 23
188.74.240.0/22 maxlen: 24
188.74.132.0/22 maxlen: 24
188.119.156.0/23 maxlen: 24
5.157.130.0/23 maxlen: 23
5.157.129.0/24 maxlen: 24
188.74.168.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63397524 (0x3c75e94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 09:02:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e40de2292c403659553e3c8f244ac729b2aa03a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:20:f4:c2:e2:6f:b9:d4:26:af:11:df:32:09:
52:e1:4a:70:ca:3d:ec:0f:c4:b0:d3:aa:8a:54:7a:
fe:85:85:7a:e8:6e:7a:10:ac:25:c9:38:4a:24:0a:
33:19:04:7e:5a:2f:03:94:57:7a:ba:f8:f0:bb:5e:
a9:66:7b:e8:f3:61:c0:b0:18:0a:b5:3d:c7:57:b8:
57:7d:b9:c8:4a:e5:7a:ea:34:e7:6b:e8:f8:51:d1:
9c:21:42:d6:c0:67:33:1e:0d:da:6e:a5:c7:fd:58:
66:47:dc:ae:aa:51:82:49:c2:cc:70:04:1a:f4:69:
dd:8d:bc:88:80:74:3b:6b:98:71:cd:63:7d:70:f3:
b9:96:c1:4a:90:ba:85:b5:73:b4:11:60:0b:53:56:
81:d0:1e:43:09:91:cc:d3:b1:ce:10:e5:2f:89:53:
d8:db:a7:e3:81:88:da:e7:81:9c:b6:16:f9:52:6f:
69:71:e2:98:a8:b0:f4:7a:71:9c:9f:8c:e6:52:83:
36:56:0a:72:ee:bf:4e:e6:32:14:39:94:d1:5f:36:
b7:5c:c0:76:40:6e:19:54:4e:30:d9:1e:9a:85:cd:
e4:fe:27:08:4e:d4:0e:86:f7:f2:83:91:c6:bd:2b:
ff:5d:e2:29:dd:fa:23:1e:1a:12:f4:83:e8:69:02:
f9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0D:E2:29:2C:40:36:59:55:3E:3C:8F:24:4A:C7:29:B2:AA:03:A2
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/5A3iKSxANllVPjyPJErHKbKqA6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.129.0-5.157.131.255
178.157.72.0/22
178.157.102.0/23
188.74.132.0/22
188.74.168.0/23
188.74.240.0/22
188.119.156.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:29:41:3d:96:85:84:76:d3:d2:4a:b1:ad:a5:18:f9:88:74:
52:4b:8f:dd:7f:d0:36:c2:8f:db:66:5e:4c:67:92:fd:be:08:
80:6d:fc:aa:11:1d:b6:de:de:13:45:23:37:4d:e5:e8:7c:cb:
61:0e:2b:a4:0b:66:33:96:12:48:7c:46:9c:ce:1c:05:cb:ff:
55:a7:e6:12:48:c5:5d:cb:89:d6:55:80:87:3c:fe:1d:87:02:
37:d1:93:79:91:97:63:bd:26:2a:3f:74:65:d8:22:6a:39:24:
4f:d0:e0:1d:95:1b:e4:fa:c6:f6:7c:3c:72:27:c2:e8:62:12:
26:66:fa:69:6e:f0:9f:28:36:ca:73:31:b3:f2:c7:27:c8:4e:
16:3b:09:c8:d1:4b:88:fb:66:1e:c9:b6:12:51:44:e1:d4:54:
7c:bc:b6:b2:2c:5f:47:0e:00:f5:2d:64:a5:f6:9a:ca:d5:d5:
14:e7:06:a2:88:12:52:e9:ff:1a:60:04:88:20:eb:53:14:92:
b9:86:3b:27:29:be:07:ea:81:26:a7:60:38:7a:be:23:79:81:
3c:8c:af:b3:c5:40:ae:bd:0e:cd:6a:09:a8:89:a7:4a:2e:2a:
95:b8:9f:0a:f0:02:c3:1d:4c:8b:0c:da:7a:e6:f0:bb:2b:42:
fa:fc:94:7a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEA8delDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YjIzM2Q3NTUwOGI0ZTg1Y2NjZjQ0MzQ5YTdjYjcwMzE5OGQxZDI2MB4XDTIyMDEw
MTA5MDI0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQwZGUyMjkyYzQw
MzY1OTU1M2UzYzhmMjQ0YWM3MjliMmFhMDNhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkg9MLib7nUJq8R3zIJUuFKcMo97A/EsNOqilR6/oWFeuhu
ehCsJck4SiQKMxkEflovA5RXerr48LteqWZ76PNhwLAYCrU9x1e4V325yErleuo0
52vo+FHRnCFC1sBnMx4N2m6lx/1YZkfcrqpRgknCzHAEGvRp3Y28iIB0O2uYcc1j
fXDzuZbBSpC6hbVztBFgC1NWgdAeQwmRzNOxzhDlL4lT2Nun44GI2ueBnLYW+VJv
aXHimKiw9HpxnJ+M5lKDNlYKcu6/TuYyFDmU0V82t1zAdkBuGVROMNkemoXN5P4n
CE7UDob38oORxr0r/13iKd36Ix4aEvSD6GkC+YsCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBTkDeIpLEA2WVU+PI8kSscpsqoDojAfBgNVHSMEGDAWgBRrIz11UItOhczP
RDSafLcDGY0dJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2F5TTlkVkNMVG9YTXowUTBtbnkzQXhtTkhTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvOWQ5MTkyLTI3M2MtNGNhOS1iMmJhLWZhOWNiNTFjZDBmMS8x
LzVBM2lLU3hBTmxsVlBqeVBKRXJIS2JLcUE2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
OWQ5MTkyLTI3M2MtNGNhOS1iMmJhLWZhOWNiNTFjZDBmMS8xL2F5TTlkVkNMVG9Y
TXowUTBtbnkzQXhtTkhTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMjAMAwQABZ2BAwQCBZ2AAwQCsp1IAwQB
sp1mAwQCvEqEAwQBvEqoAwQCvErwAwQBvHecMA0GCSqGSIb3DQEBCwUAA4IBAQAa
KUE9loWEdtPSSrGtpRj5iHRSS4/df9A2wo/bZl5MZ5L9vgiAbfyqER223t4TRSM3
TeXofMthDiukC2YzlhJIfEaczhwFy/9Vp+YSSMVdy4nWVYCHPP4dhwI30ZN5kZdj
vSYqP3Rl2CJqOSRP0OAdlRvk+sb2fDxyJ8LoYhImZvppbvCfKDbKczGz8scnyE4W
OwnI0UuI+2YeybYSUUTh1FR8vLayLF9HDgD1LWSl9prK1dUU5waiiBJS6f8aYASI
IOtTFJK5hjsnKb4H6oEmp2A4er4jeYE8jK+zxUCuvQ7NagmoiadKLiqVuJ8K8ALD
HUyLDNp65vC7K0L6/JR6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org