Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/odMDN6L3SV9lRLJx1Y--n9sd7GE.roa
File: odMDN6L3SV9lRLJx1Y--n9sd7GE.roa (raw, json)
Hash identifier: Xxe5TL4hPz7rOLpSXXNuAIPGXbMMWoEKXGGUJsgUeVw=
Subject key identifier: A1:D3:03:37:A2:F7:49:5F:65:44:B2:71:D5:8F:BE:9F:DB:1D:EC:61
Certificate issuer: /CN=1f046cde8512802b14933b34a22f7765e295d2ab
Certificate serial: 0183C20ED9152644800B45C95C561128AB7F
Authority key identifier: 1F:04:6C:DE:85:12:80:2B:14:93:3B:34:A2:2F:77:65:E2:95:D2:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HwRs3oUSgCsUkzs0oi93ZeKV0qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/odMDN6L3SV9lRLJx1Y--n9sd7GE.roa
Signing time: Mon 10 Oct 2022 13:21:36 +0000
ROA not before: Mon 10 Oct 2022 13:21:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198292
IP address blocks: 134.255.164.0/22 maxlen: 22
134.255.160.0/22 maxlen: 22
134.255.172.0/22 maxlen: 22
185.11.224.0/22 maxlen: 22
5.133.48.0/22 maxlen: 22
5.133.61.0/24 maxlen: 24
5.133.62.0/24 maxlen: 24
5.133.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:0e:d9:15:26:44:80:0b:45:c9:5c:56:11:28:ab:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f046cde8512802b14933b34a22f7765e295d2ab
Validity
Not Before: Oct 10 13:21:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1d30337a2f7495f6544b271d58fbe9fdb1dec61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:39:37:14:1e:d6:79:be:9e:02:80:6a:f6:c4:
6d:61:75:db:9d:1d:94:bd:e1:69:8c:cd:3b:fc:da:
f6:c3:3b:d2:dc:b7:bd:67:69:75:58:03:86:48:7a:
72:f9:a1:df:41:aa:b1:ce:26:37:93:1b:a4:dd:03:
6c:af:3c:f4:d5:6c:66:30:b9:b4:09:dd:02:2e:a1:
3d:0f:ca:60:88:d2:35:4a:56:6c:00:04:d7:b6:26:
43:b8:65:7a:da:18:a7:08:37:e2:3d:bf:92:d3:95:
31:e0:07:fe:09:8c:ab:fb:f3:16:68:99:c1:5c:14:
ba:1a:90:62:1b:f7:69:b7:bc:1f:2e:e0:ec:c7:da:
9d:51:c9:72:18:2e:8d:5b:1a:43:bf:41:fb:48:f5:
b3:57:7b:ae:3d:83:d5:b1:76:ab:02:b8:1f:31:27:
1b:cd:cb:83:b8:46:81:90:13:04:73:77:ae:fd:60:
9f:af:f3:96:2c:ea:da:93:7b:5e:97:07:b7:a1:87:
43:6c:da:e1:68:7d:a5:c7:60:49:c0:c0:97:73:bb:
17:b3:81:73:03:7a:db:e3:0e:f8:81:65:09:b0:7a:
bf:28:4a:7f:69:88:b4:c4:8d:fb:8b:97:0c:f6:6f:
ac:f4:30:24:b2:98:46:2a:59:7d:68:8c:5c:b2:b7:
4d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D3:03:37:A2:F7:49:5F:65:44:B2:71:D5:8F:BE:9F:DB:1D:EC:61
X509v3 Authority Key Identifier:
keyid:1F:04:6C:DE:85:12:80:2B:14:93:3B:34:A2:2F:77:65:E2:95:D2:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwRs3oUSgCsUkzs0oi93ZeKV0qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/odMDN6L3SV9lRLJx1Y--n9sd7GE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/HwRs3oUSgCsUkzs0oi93ZeKV0qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.48.0/22
5.133.61.0-5.133.63.255
134.255.160.0/21
134.255.172.0/22
185.11.224.0/22
Signature Algorithm: sha256WithRSAEncryption
61:51:73:85:81:a3:fd:e7:5d:9f:41:7d:e2:9e:24:f7:56:75:
f0:e0:6a:35:7b:32:d0:27:93:3b:23:ba:8f:d9:18:9e:65:a9:
13:90:0a:ff:6e:75:09:7b:aa:64:9d:47:56:6b:3f:7f:09:48:
3e:96:74:6e:bf:05:6f:29:83:fc:f7:df:b8:56:7b:b9:b0:c2:
ac:e7:a9:34:c1:c3:eb:69:77:dd:9a:f0:84:d4:58:53:73:c4:
e7:98:f2:8b:23:1a:48:63:eb:3c:e0:eb:29:67:b8:9b:04:56:
b0:60:76:56:71:12:9c:7d:59:eb:8e:8a:96:fe:a1:d2:d4:b9:
c8:28:19:6e:77:3d:e1:4f:01:26:74:7c:0b:bb:93:fa:04:1d:
6e:0e:71:b7:98:1d:ac:9e:4c:5b:e8:1c:64:f7:81:6d:a7:58:
45:a8:dc:42:34:68:db:15:d2:00:14:b9:33:d5:b9:74:ae:7c:
f7:58:5a:eb:86:7a:c8:a4:cc:ad:a0:30:56:d8:b5:39:6a:e9:
a9:d4:60:b2:3e:f9:80:27:a2:e2:68:ab:d3:94:b2:9b:23:0e:
83:a5:f1:67:9b:63:61:23:a5:39:bd:5c:22:89:c2:ef:09:7b:
95:f9:a0:92:e9:40:03:20:7f:fc:a7:e4:13:33:1c:9a:2a:9e:
c9:75:37:94
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYPCDtkVJkSAC0XJXFYRKKt/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMDQ2Y2RlODUxMjgwMmIxNDkzM2IzNGEyMmY3NzY1ZTI5
NWQyYWIwHhcNMjIxMDEwMTMyMTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWQzMDMzN2EyZjc0OTVmNjU0NGIyNzFkNThmYmU5ZmRiMWRlYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTk3FB7Web6eAoBq9sRtYXXbnR2U
veFpjM07/Nr2wzvS3Le9Z2l1WAOGSHpy+aHfQaqxziY3kxuk3QNsrzz01WxmMLm0
Cd0CLqE9D8pgiNI1SlZsAATXtiZDuGV62hinCDfiPb+S05Ux4Af+CYyr+/MWaJnB
XBS6GpBiG/dpt7wfLuDsx9qdUclyGC6NWxpDv0H7SPWzV3uuPYPVsXarArgfMScb
zcuDuEaBkBMEc3eu/WCfr/OWLOrak3telwe3oYdDbNrhaH2lx2BJwMCXc7sXs4Fz
A3rb4w74gWUJsHq/KEp/aYi0xI37i5cM9m+s9DAksphGKll9aIxcsrdNWQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKHTAzei90lfZUSycdWPvp/bHexhMB8GA1UdIwQY
MBaAFB8EbN6FEoArFJM7NKIvd2XildKrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHdSczNvVVNnQ3NVa3pzMG9pOTNaZUtWMHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS84MGU3NDAtMmM4Yy00NWE2LTkzOGMt
MjE5YjlmNmY5MDg3LzEvb2RNRE42TDNTVjlsUkxKeDFZLS1uOXNkN0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS84MGU3NDAtMmM4Yy00NWE2LTkzOGMtMjE5YjlmNmY5MDg3
LzEvSHdSczNvVVNnQ3NVa3pzMG9pOTNaZUtWMHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCBYUwMAwD
BAAFhT0DBAYFhQADBAOG/6ADBAKG/6wDBAK5C+AwDQYJKoZIhvcNAQELBQADggEB
AGFRc4WBo/3nXZ9BfeKeJPdWdfDgajV7MtAnkzsjuo/ZGJ5lqROQCv9udQl7qmSd
R1ZrP38JSD6WdG6/BW8pg/z337hWe7mwwqznqTTBw+tpd92a8ITUWFNzxOeY8osj
Gkhj6zzg6ylnuJsEVrBgdlZxEpx9WeuOipb+odLUucgoGW53PeFPASZ0fAu7k/oE
HW4OcbeYHayeTFvoHGT3gW2nWEWo3EI0aNsV0gAUuTPVuXSufPdYWuuGesikzK2g
MFbYtTlq6anUYLI++YAnouJoq9OUspsjDoOl8WebY2EjpTm9XCKJwu8Je5X5oJLp
QAMgf/yn5BMzHJoqnsl1N5Q=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:34 2023 by rpki-client on console-fra.rpki-client.org