Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/CmgllawBZUCoGgAAPWa8-hY8ns0.roa
File: CmgllawBZUCoGgAAPWa8-hY8ns0.roa (raw, json)
Hash identifier: 0RjOgRoeTJRG8MFtEQsu1TlZJ7FnPuxMen6tsMUErh8=
Subject key identifier: 0A:68:25:95:AC:01:65:40:A8:1A:00:00:3D:66:BC:FA:16:3C:9E:CD
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: BB763C
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/CmgllawBZUCoGgAAPWa8-hY8ns0.roa
Signing time: Wed 09 Mar 2022 22:01:08 +0000
ROA not before: Wed 09 Mar 2022 22:01:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 5.249.176.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12285500 (0xbb763c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Mar 9 22:01:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a682595ac016540a81a00003d66bcfa163c9ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:66:77:8e:aa:db:7a:f7:75:a9:08:28:91:a8:
78:af:15:58:5e:e3:85:b4:9a:94:3b:86:97:77:68:
f2:21:2f:80:45:3f:89:1a:f5:d5:5c:a9:1c:a0:16:
ac:b8:4c:ab:a3:61:9f:79:7d:a6:dc:f7:f7:e7:0b:
76:06:47:cf:01:53:2b:9a:20:7b:73:30:27:da:15:
5b:68:fb:59:ea:32:ab:3e:11:83:42:1b:85:ba:01:
cb:c1:4b:ee:6e:3b:86:71:0d:ae:1b:61:b6:09:c7:
4f:8f:85:13:75:11:91:d3:08:07:fb:9a:da:91:9f:
0b:7f:ec:9d:ae:31:00:05:0b:e5:57:06:d7:4a:a9:
7a:e5:3f:fb:7c:e8:bd:61:91:23:4b:d5:8d:6c:00:
0e:2b:7d:e6:f9:38:41:5c:cd:6c:ed:01:64:e0:c8:
c5:76:b3:09:b1:38:9b:4d:32:d3:dc:e0:6d:4f:53:
f8:42:a7:e5:02:f3:7c:02:33:af:11:5b:fc:de:0a:
7a:fb:b8:a4:4e:31:21:41:92:cb:c6:b2:51:b3:a1:
75:aa:0a:e5:c4:19:24:59:1a:12:ad:bc:4b:33:a7:
dc:4f:52:5a:96:37:1d:de:d3:62:10:4e:2d:c1:ae:
92:44:2c:99:ec:35:2a:26:73:33:b2:fc:11:31:86:
46:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:68:25:95:AC:01:65:40:A8:1A:00:00:3D:66:BC:FA:16:3C:9E:CD
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/CmgllawBZUCoGgAAPWa8-hY8ns0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.176.0/20
Signature Algorithm: sha256WithRSAEncryption
cd:ce:3d:d1:eb:0a:2e:70:70:61:b5:74:85:63:29:3d:e8:b5:
05:88:54:d4:cc:9f:8b:20:7b:d3:ca:38:93:4a:fe:9f:a4:3c:
32:c6:b3:c6:e1:54:7f:43:08:45:d4:46:a5:ce:92:d9:0d:9d:
34:8f:81:d7:41:80:88:69:a9:50:f9:a1:69:30:36:e7:78:9d:
6d:b4:f3:98:62:0a:28:b6:52:f9:06:2f:7b:f7:76:89:f3:2d:
86:e4:a0:7a:4a:8c:4a:ed:2d:44:82:8c:ce:cf:82:e1:90:54:
d6:28:1f:78:76:67:7a:cc:aa:2c:c2:68:2d:1b:c3:08:bb:01:
8a:60:8a:ee:89:53:b3:c8:07:69:35:a4:84:e6:d8:30:25:c8:
24:ea:2f:e6:e4:6a:79:63:1e:06:07:81:a0:1c:ae:ae:23:79:
f1:83:d5:eb:9a:49:29:d2:ae:fe:c8:8e:88:a0:ef:74:29:05:
07:35:6b:62:74:8e:f1:1e:fd:03:51:3e:90:90:95:8c:b5:73:
1c:b6:2e:2d:cc:f3:a3:59:98:45:e0:37:88:2d:03:e1:0f:08:
90:00:39:93:a3:6e:01:f6:21:69:2e:c2:fc:09:fa:f6:58:0d:
b7:1e:72:fe:f3:ca:a0:9e:76:56:36:79:06:70:61:d4:4d:76:
ad:f3:c7:bb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALt2PDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTgyOTYzZmYxYWE3MGFiMTBkMWQzM2U4NmIxZDZkNDk0ZDZjZTUxMB4XDTIyMDMw
OTIyMDEwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGE2ODI1OTVhYzAx
NjU0MGE4MWEwMDAwM2Q2NmJjZmExNjNjOWVjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPBmd46q23r3dakIKJGoeK8VWF7jhbSalDuGl3do8iEvgEU/
iRr11VypHKAWrLhMq6Nhn3l9ptz39+cLdgZHzwFTK5oge3MwJ9oVW2j7Weoyqz4R
g0IbhboBy8FL7m47hnENrhthtgnHT4+FE3URkdMIB/ua2pGfC3/sna4xAAUL5VcG
10qpeuU/+3zovWGRI0vVjWwADit95vk4QVzNbO0BZODIxXazCbE4m00y09zgbU9T
+EKn5QLzfAIzrxFb/N4Kevu4pE4xIUGSy8ayUbOhdaoK5cQZJFkaEq28SzOn3E9S
WpY3Hd7TYhBOLcGukkQsmew1KiZzM7L8ETGGRiUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQKaCWVrAFlQKgaAAA9Zrz6FjyezTAfBgNVHSMEGDAWgBQugpY/8apwqxDR
0z6GsdbUlNbOUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xvS1dQX0dxY0tzUTBkTS1ockhXMUpUV3psRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvOTU3YzY4LTZmMjctNDBlZC1hYmVkLWRmNjRmMGU4MjM2MC8x
L0NtZ2xsYXdCWlVDb0dnQUFQV2E4LWhZOG5zMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
OTU3YzY4LTZmMjctNDBlZC1hYmVkLWRmNjRmMGU4MjM2MC8xL0xvS1dQX0dxY0tz
UTBkTS1ockhXMUpUV3psRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBAX5sDANBgkqhkiG9w0BAQsFAAOC
AQEAzc490esKLnBwYbV0hWMpPei1BYhU1MyfiyB708o4k0r+n6Q8MsazxuFUf0MI
RdRGpc6S2Q2dNI+B10GAiGmpUPmhaTA253idbbTzmGIKKLZS+QYve/d2ifMthuSg
ekqMSu0tRIKMzs+C4ZBU1igfeHZnesyqLMJoLRvDCLsBimCK7olTs8gHaTWkhObY
MCXIJOov5uRqeWMeBgeBoByuriN58YPV65pJKdKu/siOiKDvdCkFBzVrYnSO8R79
A1E+kJCVjLVzHLYuLczzo1mYReA3iC0D4Q8IkAA5k6NuAfYhaS7C/An69lgNtx5y
/vPKoJ52VjZ5BnBh1E12rfPHuw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:30 2023 by rpki-client on console-ams.rpki-client.org