Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/AJqLFR9K5tOx-b-rGDXXNKZWHD0.roa
File: AJqLFR9K5tOx-b-rGDXXNKZWHD0.roa (raw, json)
Hash identifier: p4u47eII1LR+occOe/pnOs5UAw7Pn6lSkE19U6+1EA8=
Subject key identifier: 00:9A:8B:15:1F:4A:E6:D3:B1:F9:BF:AB:18:35:D7:34:A6:56:1C:3D
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 01847D4D88326C87C8F86D2E0B803CE93571
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/AJqLFR9K5tOx-b-rGDXXNKZWHD0.roa
Signing time: Tue 15 Nov 2022 21:59:03 +0000
ROA not before: Tue 15 Nov 2022 21:59:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 5.249.180.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7d:4d:88:32:6c:87:c8:f8:6d:2e:0b:80:3c:e9:35:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Nov 15 21:59:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=009a8b151f4ae6d3b1f9bfab1835d734a6561c3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9d:61:7c:60:81:97:d1:33:06:d2:98:49:c3:
c3:49:52:23:d6:b1:69:3d:b0:aa:d9:22:63:88:e3:
c4:a9:57:0e:c3:e0:72:3f:9d:47:f3:06:af:de:4e:
58:a9:14:d7:b3:e1:dd:16:bf:fe:bd:ee:2c:40:d2:
4c:ab:51:14:7d:71:c7:a9:1a:d4:59:11:6f:79:53:
14:75:96:c2:88:67:7d:65:49:37:1f:95:12:df:5c:
0a:34:3e:2b:d2:7b:60:76:a5:80:d9:ad:17:c8:2d:
08:60:2a:d7:30:50:70:6c:d8:ca:80:6d:de:d8:5c:
f9:73:f1:6f:dc:e3:66:72:6e:b7:e4:12:b2:10:6b:
e4:79:24:78:f3:c9:29:0b:17:6a:34:7d:56:be:26:
7c:37:9e:ed:5e:be:37:65:6c:0a:1a:99:f5:20:04:
31:c6:5f:f6:fa:11:34:99:63:75:1c:c3:a8:95:b6:
61:7a:6d:66:a3:17:90:b4:95:ee:44:9a:cd:52:8e:
2e:46:47:34:bc:04:5c:83:74:11:dd:de:bf:51:43:
c6:54:bc:27:6f:58:c5:aa:ba:97:68:ac:e4:05:d7:
a0:30:ab:f2:8d:64:5e:01:58:e5:e5:74:e4:de:aa:
1a:bf:49:37:66:2d:fb:04:3c:36:ea:5a:de:4b:93:
4d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:9A:8B:15:1F:4A:E6:D3:B1:F9:BF:AB:18:35:D7:34:A6:56:1C:3D
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/AJqLFR9K5tOx-b-rGDXXNKZWHD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.180.0/22
Signature Algorithm: sha256WithRSAEncryption
ca:59:01:22:b4:f7:57:b1:26:92:6e:3c:0f:30:91:4b:99:5a:
4f:48:12:2a:c2:d1:73:67:82:0e:57:9a:ba:d0:cd:7d:12:3c:
6e:e8:5c:7c:25:57:e7:0f:08:d7:2b:5c:91:2d:a9:d5:7e:22:
13:4a:4e:47:53:41:b9:35:5d:67:9d:6e:d3:6b:40:41:bc:3c:
6f:68:99:25:cb:64:1e:c8:38:af:ae:02:25:45:9f:5d:03:cd:
ce:ae:2f:f5:f8:9c:4c:c7:cc:c8:f8:2a:14:32:19:0d:58:02:
9f:a2:ce:29:7d:96:2c:ed:33:8a:62:48:a3:ad:a3:8f:93:84:
50:c4:f0:55:ee:f7:cd:42:c2:af:72:34:1e:0b:d3:cd:e4:b6:
1a:99:23:3c:b8:40:94:81:50:6e:13:53:23:23:91:c4:ac:7c:
d6:cf:90:92:1e:17:57:f6:10:ef:5c:7a:17:16:9b:59:11:77:
2a:91:36:a3:53:f3:63:e5:04:0f:24:02:e0:c3:cc:e7:7f:cd:
0e:54:b9:5d:bb:c8:9e:62:48:82:16:e5:9a:3e:8a:f4:9b:01:
61:23:b4:1c:a2:40:ba:1b:e4:84:6d:ad:65:ea:63:7f:21:03:
b5:6a:ff:00:c5:03:b7:3c:b3:54:93:be:e2:c3:de:35:05:a7:
24:b4:c5:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR9TYgybIfI+G0uC4A86TVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjIxMTE1MjE1OTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDlhOGIxNTFmNGFlNmQzYjFmOWJmYWIxODM1ZDczNGE2NTYxYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj51hfGCBl9EzBtKYScPDSVIj1rFp
PbCq2SJjiOPEqVcOw+ByP51H8wav3k5YqRTXs+HdFr/+ve4sQNJMq1EUfXHHqRrU
WRFveVMUdZbCiGd9ZUk3H5US31wKND4r0ntgdqWA2a0XyC0IYCrXMFBwbNjKgG3e
2Fz5c/Fv3ONmcm635BKyEGvkeSR488kpCxdqNH1WviZ8N57tXr43ZWwKGpn1IAQx
xl/2+hE0mWN1HMOolbZhem1moxeQtJXuRJrNUo4uRkc0vARcg3QR3d6/UUPGVLwn
b1jFqrqXaKzkBdegMKvyjWReAVjl5XTk3qoav0k3Zi37BDw26lreS5NNXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACaixUfSubTsfm/qxg11zSmVhw9MB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvQUpxTEZSOUs1dE94LWItckdEWFhOS1pXSEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBfm0MA0G
CSqGSIb3DQEBCwUAA4IBAQDKWQEitPdXsSaSbjwPMJFLmVpPSBIqwtFzZ4IOV5q6
0M19Ejxu6Fx8JVfnDwjXK1yRLanVfiITSk5HU0G5NV1nnW7Ta0BBvDxvaJkly2Qe
yDivrgIlRZ9dA83Ori/1+JxMx8zI+CoUMhkNWAKfos4pfZYs7TOKYkijraOPk4RQ
xPBV7vfNQsKvcjQeC9PN5LYamSM8uECUgVBuE1MjI5HErHzWz5CSHhdX9hDvXHoX
FptZEXcqkTajU/Nj5QQPJALgw8znf80OVLldu8ieYkiCFuWaPor0mwFhI7QcokC6
G+SEba1l6mN/IQO1av8AxQO3PLNUk77iw941BacktMUW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:38 2023 by rpki-client on console-fra.rpki-client.org