Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/5AwG2RbTIpVKXSJ6SDfkS0CUXGY.roa
File: 5AwG2RbTIpVKXSJ6SDfkS0CUXGY.roa (raw, json)
Hash identifier: 0xdNpNT8kvCTsA30c/r4SheRQ/89qJmhGenmnkpR9t8=
Subject key identifier: E4:0C:06:D9:16:D3:22:95:4A:5D:22:7A:48:37:E4:4B:40:94:5C:66
Certificate issuer: /CN=bfe3971a32c0692c4e342e911790662470cf31b2
Certificate serial: 04EA393F
Authority key identifier: BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/5AwG2RbTIpVKXSJ6SDfkS0CUXGY.roa
Signing time: Thu 05 May 2022 13:22:00 +0000
ROA not before: Thu 05 May 2022 13:22:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201814
IP address blocks: 5.181.189.0/24 maxlen: 24
5.181.188.0/22 maxlen: 22
95.214.52.0/22 maxlen: 22
185.16.36.0/22 maxlen: 22
2a03:cfc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82458943 (0x4ea393f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3971a32c0692c4e342e911790662470cf31b2
Validity
Not Before: May 5 13:22:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e40c06d916d322954a5d227a4837e44b40945c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ad:12:df:03:96:53:7f:d0:e1:65:ba:00:da:
34:4b:07:83:84:33:68:31:68:77:1f:cb:c8:83:26:
8f:fb:bc:77:d7:0d:82:5a:83:20:7f:65:54:1d:1d:
92:a0:cf:16:7e:e6:e2:11:15:a9:2a:8b:c7:64:7e:
08:79:99:c8:6a:b1:ff:d8:6c:e3:98:f1:46:15:61:
b0:53:dc:71:62:50:9f:c5:d1:4f:b4:39:5b:f7:8a:
ba:2a:59:31:40:20:34:68:70:a7:fa:4d:52:a4:54:
ad:e2:37:8d:c6:a1:1f:c8:8a:c7:f6:79:cc:81:46:
09:7b:66:ad:be:68:bd:6f:b9:f6:ba:aa:8e:97:f1:
6f:c9:bb:fe:eb:fb:5f:4e:06:45:18:52:4c:34:81:
71:35:82:62:16:ef:28:8f:7e:14:ef:39:bf:98:1b:
d0:58:4d:7f:b7:81:35:28:39:1d:b6:da:d7:c6:08:
cb:58:30:e1:dc:25:a4:25:c2:05:a8:dd:26:2c:3b:
da:0a:6c:16:9a:de:bb:14:b0:19:59:d2:65:4a:79:
01:cb:5b:bb:40:46:77:1a:15:c1:f9:f2:5e:96:90:
3c:1f:f2:88:a9:08:f7:78:a2:cf:83:93:da:3e:c4:
4f:36:17:fd:a1:48:d5:7e:c5:55:ab:1e:92:db:54:
a6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0C:06:D9:16:D3:22:95:4A:5D:22:7A:48:37:E4:4B:40:94:5C:66
X509v3 Authority Key Identifier:
keyid:BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/5AwG2RbTIpVKXSJ6SDfkS0CUXGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.188.0/22
95.214.52.0/22
185.16.36.0/22
IPv6:
2a03:cfc0::/32
Signature Algorithm: sha256WithRSAEncryption
01:08:73:39:ab:68:e8:59:36:4b:53:30:f9:5c:f5:10:ef:27:
7a:b7:80:46:57:51:bc:e8:3d:aa:e1:79:cd:57:f5:c0:fb:97:
21:77:b2:dc:85:23:c6:78:48:01:03:2f:b0:15:41:7c:0a:36:
b0:d0:18:49:c9:58:b4:12:fd:9d:be:10:e9:1c:c6:95:16:9d:
b5:0e:44:e5:ab:83:d7:cb:bd:6a:eb:63:3f:56:a1:22:5c:9c:
97:60:d6:6e:c9:08:4f:6d:fb:5c:90:92:ab:86:61:42:c1:58:
e2:1f:24:f3:f1:c4:cb:6b:16:cb:82:80:8b:ab:e8:5e:11:6e:
7f:31:d0:2f:61:23:16:6a:93:53:74:f8:6f:0c:8f:d5:a3:65:
fe:db:8a:a9:02:a0:9b:48:e3:d7:c1:37:1c:a2:71:2a:4d:00:
ab:d4:0c:57:e4:3e:63:e4:71:2e:b8:dd:87:dc:af:a5:7f:0c:
75:4d:b9:b8:da:7a:b1:69:ce:68:04:a8:d9:c6:e6:60:91:19:
c8:10:14:9a:b9:d9:4e:fb:2c:4b:04:e5:3b:9e:3b:85:66:bc:
a4:66:f5:65:15:66:54:95:ed:bf:21:34:8e:f3:92:90:e1:5f:
a5:60:fc:2f:42:98:a6:2a:78:8a:c0:7c:76:73:74:61:40:d1:
37:8a:65:67
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBOo5PzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmUzOTcxYTMyYzA2OTJjNGUzNDJlOTExNzkwNjYyNDcwY2YzMWIyMB4XDTIyMDUw
NTEzMjIwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQwYzA2ZDkxNmQz
MjI5NTRhNWQyMjdhNDgzN2U0NGI0MDk0NWM2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOetEt8DllN/0OFlugDaNEsHg4QzaDFodx/LyIMmj/u8d9cN
glqDIH9lVB0dkqDPFn7m4hEVqSqLx2R+CHmZyGqx/9hs45jxRhVhsFPccWJQn8XR
T7Q5W/eKuipZMUAgNGhwp/pNUqRUreI3jcahH8iKx/Z5zIFGCXtmrb5ovW+59rqq
jpfxb8m7/uv7X04GRRhSTDSBcTWCYhbvKI9+FO85v5gb0FhNf7eBNSg5Hbba18YI
y1gw4dwlpCXCBajdJiw72gpsFpreuxSwGVnSZUp5Actbu0BGdxoVwfnyXpaQPB/y
iKkI93iiz4OT2j7ETzYX/aFI1X7FVasekttUpkcCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTkDAbZFtMilUpdInpIN+RLQJRcZjAfBgNVHSMEGDAWgBS/45caMsBpLE40
LpEXkGYkcM8xsjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3YtT1hHakxBYVN4T05DNlJGNUJtSkhEUE1iSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvZDc2YmY4LTU0MWYtNGVmYy05OGM1LWM0ZGNjN2Y2YjdkZi8x
LzVBd0cyUmJUSXBWS1hTSjZTRGZrUzBDVVhHWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
ZDc2YmY4LTU0MWYtNGVmYy05OGM1LWM0ZGNjN2Y2YjdkZi8xL3YtT1hHakxBYVN4
T05DNlJGNUJtSkhEUE1iSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAgW1vAMEAl/WNAMEArkQJDANBAIA
AjAHAwUAKgPPwDANBgkqhkiG9w0BAQsFAAOCAQEAAQhzOato6Fk2S1Mw+Vz1EO8n
ereARldRvOg9quF5zVf1wPuXIXey3IUjxnhIAQMvsBVBfAo2sNAYSclYtBL9nb4Q
6RzGlRadtQ5E5auD18u9autjP1ahIlycl2DWbskIT237XJCSq4ZhQsFY4h8k8/HE
y2sWy4KAi6voXhFufzHQL2EjFmqTU3T4bwyP1aNl/tuKqQKgm0jj18E3HKJxKk0A
q9QMV+Q+Y+RxLrjdh9yvpX8MdU25uNp6sWnOaASo2cbmYJEZyBAUmrnZTvssSwTl
O547hWa8pGb1ZRVmVJXtvyE0jvOSkOFfpWD8L0KYpip4isB8dnN0YUDRN4plZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:25 2024 by rpki-client on console-fra.rpki-client.org