Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/5ME6x3Z8-4sa9ziUHAEu6fX7X_k.roa
File: 5ME6x3Z8-4sa9ziUHAEu6fX7X_k.roa (raw, json)
Hash identifier: lXGXYHYDW0y0y9DTCXqOgFAgbE6glMnWWYHdyeJ3X0M=
Subject key identifier: E4:C1:3A:C7:76:7C:FB:8B:1A:F7:38:94:1C:01:2E:E9:F5:FB:5F:F9
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 0184E8B0074712C68017CE51793833920D7F
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/5ME6x3Z8-4sa9ziUHAEu6fX7X_k.roa
Signing time: Tue 06 Dec 2022 18:26:00 +0000
ROA not before: Tue 06 Dec 2022 18:26:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197343
IP address blocks: 5.57.32.0/21 maxlen: 24
185.215.230.0/24 maxlen: 24
185.212.48.0/24 maxlen: 24
185.212.49.0/24 maxlen: 24
178.239.150.0/24 maxlen: 24
178.239.156.0/23 maxlen: 23
178.239.156.0/22 maxlen: 22
5.56.128.0/22 maxlen: 22
37.32.42.0/24 maxlen: 24
37.32.41.0/24 maxlen: 24
37.32.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e8:b0:07:47:12:c6:80:17:ce:51:79:38:33:92:0d:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Dec 6 18:26:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4c13ac7767cfb8b1af738941c012ee9f5fb5ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:75:02:f9:ce:d0:03:4f:81:a5:47:6c:9a:c1:
68:5e:3a:87:0a:16:08:1b:74:15:d1:0a:95:70:70:
54:6f:45:87:ce:14:b7:ce:fe:8c:b7:7c:89:f2:27:
fa:38:d3:31:26:0a:19:a5:8c:1f:f1:0a:56:2a:fc:
4c:08:9d:ab:a9:8b:6c:e5:56:bc:9d:41:eb:1f:8b:
15:a9:37:de:bb:e4:de:cf:e7:e7:a4:f5:d7:ed:4e:
4a:c2:f1:82:7f:c7:b7:b1:da:5e:a0:9a:6c:99:94:
a3:f2:12:cf:72:9c:e8:6e:7c:a2:09:ab:c9:e8:4f:
f7:6d:b7:cc:cb:27:46:15:8b:df:f2:0f:6a:65:4e:
9d:b0:f7:b4:30:6d:2e:a9:82:b7:06:6f:65:dc:7e:
50:f3:53:20:49:49:34:02:5d:47:db:fb:6f:6a:89:
3f:df:35:f5:72:fd:49:f4:4c:1f:61:e8:8b:bf:6b:
f0:a7:32:4b:80:bc:08:5c:54:97:b1:70:87:c1:42:
5d:4f:ff:d9:8c:78:53:9f:f7:59:6d:ec:61:4f:33:
f9:4b:ce:2f:57:40:4d:51:65:53:ca:34:1b:22:4e:
84:53:62:0b:de:85:35:69:77:1f:8e:87:d1:dc:16:
86:4d:c0:74:40:c6:cd:42:cb:05:09:11:db:4a:14:
22:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C1:3A:C7:76:7C:FB:8B:1A:F7:38:94:1C:01:2E:E9:F5:FB:5F:F9
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/5ME6x3Z8-4sa9ziUHAEu6fX7X_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.128.0/22
5.57.32.0/21
37.32.40.0/22
178.239.150.0/24
178.239.156.0/22
185.212.48.0/23
185.215.230.0/24
Signature Algorithm: sha256WithRSAEncryption
51:75:71:4a:40:63:54:dc:13:33:21:1e:8d:f1:85:ba:25:17:
14:73:d6:26:a3:e6:6a:95:81:4a:61:7c:32:34:9e:20:28:77:
f1:04:7d:f1:86:0c:93:dd:07:e6:e1:8c:75:fd:45:f4:90:f5:
2d:b3:91:2a:55:b5:d6:ce:12:c8:03:74:4d:99:74:9c:44:5f:
13:d6:7b:ad:2e:75:0c:ee:03:47:a5:32:5b:d7:41:3f:09:49:
f5:ec:54:ae:6f:61:ff:b5:e7:1e:22:c8:a7:a9:4c:08:3e:bf:
1c:64:b3:2e:23:f7:1e:bd:d5:60:95:c2:9a:8b:cc:d4:af:34:
19:c3:54:69:ba:b8:99:bf:6a:20:23:00:09:03:0b:ae:dd:4b:
4c:55:e3:83:b7:c0:bc:be:40:ea:1c:8b:e1:06:91:5c:93:59:
2e:9b:30:e4:43:35:cb:c5:d4:f1:0a:ea:7e:24:b0:97:e8:29:
14:b7:2d:37:80:a0:37:27:de:54:e8:57:4b:e3:ac:94:b5:be:
cb:72:79:61:77:85:22:93:04:65:65:3d:1c:c0:9f:a3:0d:0c:
c0:d2:20:41:c5:81:04:87:07:35:ce:3c:1d:8c:f3:e3:3a:ef:
6a:ff:0b:4c:ac:2d:99:ab:03:66:cf:47:21:a2:b7:ec:1d:71:
69:4f:d5:4c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYTosAdHEsaAF85ReTgzkg1/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjIxMjA2MTgyNjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGMxM2FjNzc2N2NmYjhiMWFmNzM4OTQxYzAxMmVlOWY1ZmI1ZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3UC+c7QA0+BpUdsmsFoXjqHChYI
G3QV0QqVcHBUb0WHzhS3zv6Mt3yJ8if6ONMxJgoZpYwf8QpWKvxMCJ2rqYts5Va8
nUHrH4sVqTfeu+Tez+fnpPXX7U5KwvGCf8e3sdpeoJpsmZSj8hLPcpzobnyiCavJ
6E/3bbfMyydGFYvf8g9qZU6dsPe0MG0uqYK3Bm9l3H5Q81MgSUk0Al1H2/tvaok/
3zX1cv1J9EwfYeiLv2vwpzJLgLwIXFSXsXCHwUJdT//ZjHhTn/dZbexhTzP5S84v
V0BNUWVTyjQbIk6EU2IL3oU1aXcfjofR3BaGTcB0QMbNQssFCRHbShQi2QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOTBOsd2fPuLGvc4lBwBLun1+1/5MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvNU1FNngzWjgtNHNhOXppVUhBRXU2Zlg3WF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCBTiAAwQD
BTkgAwQCJSAoAwQAsu+WAwQCsu+cAwQBudQwAwQAudfmMA0GCSqGSIb3DQEBCwUA
A4IBAQBRdXFKQGNU3BMzIR6N8YW6JRcUc9Ymo+ZqlYFKYXwyNJ4gKHfxBH3xhgyT
3Qfm4Yx1/UX0kPUts5EqVbXWzhLIA3RNmXScRF8T1nutLnUM7gNHpTJb10E/CUn1
7FSub2H/teceIsinqUwIPr8cZLMuI/cevdVglcKai8zUrzQZw1RpuriZv2ogIwAJ
Awuu3UtMVeODt8C8vkDqHIvhBpFck1kumzDkQzXLxdTxCup+JLCX6CkUty03gKA3
J95U6FdL46yUtb7Lcnlhd4UikwRlZT0cwJ+jDQzA0iBBxYEEhwc1zjwdjPPjOu9q
/wtMrC2ZqwNmz0chorfsHXFpT9VM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:19 2023 by rpki-client on console-ams.rpki-client.org