Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/4v7jBiKCK2ddWylN8TdXCxjhBdo.roa
File: 4v7jBiKCK2ddWylN8TdXCxjhBdo.roa (raw, json)
Hash identifier: SjB4ebNnkAxcuxNNuN4Dv2QnVzOyOXAibKE3WTLF7ds=
Subject key identifier: E2:FE:E3:06:22:82:2B:67:5D:5B:29:4D:F1:37:57:0B:18:E1:05:DA
Certificate issuer: /CN=5a4a47d582bb0e9680f89258ab96d05867d352ef
Certificate serial: 01823E1693FCFFB971AFB4C3B0B4EBD9DEAA
Authority key identifier: 5A:4A:47:D5:82:BB:0E:96:80:F8:92:58:AB:96:D0:58:67:D3:52:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkpH1YK7DpaA-JJYq5bQWGfTUu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/4v7jBiKCK2ddWylN8TdXCxjhBdo.roa
Signing time: Wed 27 Jul 2022 05:17:23 +0000
ROA not before: Wed 27 Jul 2022 05:17:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61137
IP address blocks: 91.229.65.0/24 maxlen: 24
185.76.128.0/22 maxlen: 22
185.76.130.0/24 maxlen: 24
185.76.131.0/24 maxlen: 24
5.53.96.0/22 maxlen: 22
5.53.100.0/24 maxlen: 24
109.205.28.0/23 maxlen: 23
91.229.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3e:16:93:fc:ff:b9:71:af:b4:c3:b0:b4:eb:d9:de:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a4a47d582bb0e9680f89258ab96d05867d352ef
Validity
Not Before: Jul 27 05:17:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2fee30622822b675d5b294df137570b18e105da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:94:14:71:f6:ea:b1:dc:7c:94:16:51:ed:9d:
0d:f5:2b:31:9f:74:e0:8e:ff:ef:12:86:2b:55:50:
c1:e9:98:47:18:0c:af:6c:de:98:08:54:1d:89:0f:
0f:bc:d0:a3:ab:b3:c8:a8:ad:8e:c7:fc:fb:69:76:
2f:9b:82:ca:db:93:15:27:ca:35:c0:38:88:c8:a4:
c6:ab:c2:03:da:57:ce:73:8d:bd:53:5f:ac:41:fd:
eb:43:17:e7:78:75:5f:f3:ce:29:69:2f:df:db:2b:
12:8a:10:c6:06:a9:c5:c0:fb:96:1a:00:6b:fa:95:
35:89:69:f7:34:67:fc:fe:2d:a5:27:9a:d1:8f:02:
82:a5:b2:b3:bc:d9:b9:0c:cb:b1:ae:67:26:b2:14:
51:fe:ab:bc:7b:f4:e6:04:32:8f:0d:de:0a:42:97:
1a:b3:38:31:dc:36:b4:67:cd:cc:18:3c:22:d3:13:
52:c0:3b:9c:1b:3c:58:e6:aa:fd:7e:0a:74:25:f6:
3a:9f:63:08:54:5b:3a:09:1e:e0:1c:d9:0a:15:27:
bc:ec:9b:62:e0:94:ea:35:95:90:5e:6e:f7:e9:15:
78:aa:5b:4f:33:08:62:da:8f:68:72:db:40:48:c2:
7e:5a:cc:42:4a:9e:ec:1f:61:ad:15:94:90:1d:78:
94:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:FE:E3:06:22:82:2B:67:5D:5B:29:4D:F1:37:57:0B:18:E1:05:DA
X509v3 Authority Key Identifier:
keyid:5A:4A:47:D5:82:BB:0E:96:80:F8:92:58:AB:96:D0:58:67:D3:52:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkpH1YK7DpaA-JJYq5bQWGfTUu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/4v7jBiKCK2ddWylN8TdXCxjhBdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/WkpH1YK7DpaA-JJYq5bQWGfTUu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.96.0-5.53.100.255
91.229.64.0/23
109.205.28.0/23
185.76.128.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:13:ca:c1:f4:88:5c:5a:ac:10:5c:7d:5e:09:db:0d:d6:e9:
85:73:3c:05:9f:5b:b0:e9:da:b2:a9:9b:e4:8b:5c:4e:48:b4:
b7:aa:b1:e8:ab:eb:d4:9d:4b:24:3c:a1:b6:9d:1a:7b:3d:01:
64:54:24:01:1b:ea:5c:7b:2e:6e:9a:8a:c0:84:cd:c0:ed:2c:
98:63:57:a0:17:4c:0c:7c:fd:8b:44:ff:9a:95:33:8e:cf:2a:
bc:4b:64:6b:00:72:0a:7d:bd:00:4b:31:44:76:20:a9:cd:fd:
91:6a:8b:66:fd:52:7f:98:44:b5:cc:0c:d7:98:d6:07:64:f2:
46:62:f9:e4:1b:ab:2e:0f:5a:2a:ac:08:c3:ad:19:e6:d1:f8:
e8:bd:94:dd:c1:4c:3b:d5:5b:90:0d:14:ba:b9:fe:15:8f:eb:
1f:50:f3:68:14:d3:83:b5:a4:4c:74:6e:c1:66:b4:76:11:19:
4b:99:39:59:d8:35:1c:42:54:42:75:53:e4:66:0b:16:ef:99:
05:50:14:8a:21:f6:ca:ea:5d:c0:ee:2d:b2:a5:8d:d9:75:fe:
70:95:15:02:40:d6:9f:61:e6:f8:df:b9:c9:4d:fb:27:99:d6:
6f:61:e9:4b:62:17:65:48:a0:2a:88:12:0d:3e:f0:66:ea:87:
e2:72:34:7f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYI+FpP8/7lxr7TDsLTr2d6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNGE0N2Q1ODJiYjBlOTY4MGY4OTI1OGFiOTZkMDU4Njdk
MzUyZWYwHhcNMjIwNzI3MDUxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmZlZTMwNjIyODIyYjY3NWQ1YjI5NGRmMTM3NTcwYjE4ZTEwNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpQUcfbqsdx8lBZR7Z0N9Ssxn3Tg
jv/vEoYrVVDB6ZhHGAyvbN6YCFQdiQ8PvNCjq7PIqK2Ox/z7aXYvm4LK25MVJ8o1
wDiIyKTGq8ID2lfOc429U1+sQf3rQxfneHVf884paS/f2ysSihDGBqnFwPuWGgBr
+pU1iWn3NGf8/i2lJ5rRjwKCpbKzvNm5DMuxrmcmshRR/qu8e/TmBDKPDd4KQpca
szgx3Da0Z83MGDwi0xNSwDucGzxY5qr9fgp0JfY6n2MIVFs6CR7gHNkKFSe87Jti
4JTqNZWQXm736RV4qltPMwhi2o9octtASMJ+WsxCSp7sH2GtFZSQHXiUawIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOL+4wYigitnXVspTfE3VwsY4QXaMB8GA1UdIwQY
MBaAFFpKR9WCuw6WgPiSWKuW0Fhn01LvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2twSDFZSzdEcGFBLUpKWXE1YlFXR2ZUVXU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Yjc1NzYtMmI5Yy00M2FmLTg4MTct
NmIwMDY1NTA4OTk2LzEvNHY3akJpS0NLMmRkV3lsTjhUZFhDeGpoQmRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80Yjc1NzYtMmI5Yy00M2FmLTg4MTctNmIwMDY1NTA4OTk2
LzEvV2twSDFZSzdEcGFBLUpKWXE1YlFXR2ZUVXU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUFNWAD
BAAFNWQDBAFb5UADBAFtzRwDBAK5TIAwDQYJKoZIhvcNAQELBQADggEBAJ8TysH0
iFxarBBcfV4J2w3W6YVzPAWfW7Dp2rKpm+SLXE5ItLeqseir69SdSyQ8obadGns9
AWRUJAEb6lx7Lm6aisCEzcDtLJhjV6AXTAx8/YtE/5qVM47PKrxLZGsAcgp9vQBL
MUR2IKnN/ZFqi2b9Un+YRLXMDNeY1gdk8kZi+eQbqy4PWiqsCMOtGebR+Oi9lN3B
TDvVW5ANFLq5/hWP6x9Q82gU04O1pEx0bsFmtHYRGUuZOVnYNRxCVEJ1U+RmCxbv
mQVQFIoh9srqXcDuLbKljdl1/nCVFQJA1p9h5vjfuclN+yeZ1m9h6UtiF2VIoCqI
Eg0+8Gbqh+JyNH8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:55 2024 by rpki-client on console-ams.rpki-client.org