Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/0jox3ICgDkBnocrlY0C-G7Mnx5k.roa
File: 0jox3ICgDkBnocrlY0C-G7Mnx5k.roa (raw, json)
Hash identifier: E2thNdEpDxrwdZywaQAW9wJdiRTQzUljE6FOUBi63Nk=
Subject key identifier: D2:3A:31:DC:80:A0:0E:40:67:A1:CA:E5:63:40:BE:1B:B3:27:C7:99
Certificate issuer: /CN=e4a9ee74f2d984c88ab3b99ae71d0b7c7baf8150
Certificate serial: 1A77BD29
Authority key identifier: E4:A9:EE:74:F2:D9:84:C8:8A:B3:B9:9A:E7:1D:0B:7C:7B:AF:81:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KnudPLZhMiKs7ma5x0LfHuvgVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/0jox3ICgDkBnocrlY0C-G7Mnx5k.roa
Signing time: Sat 01 Jan 2022 08:02:42 +0000
ROA not before: Sat 01 Jan 2022 08:02:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58141
IP address blocks: 5.34.232.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 444054825 (0x1a77bd29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a9ee74f2d984c88ab3b99ae71d0b7c7baf8150
Validity
Not Before: Jan 1 08:02:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d23a31dc80a00e4067a1cae56340be1bb327c799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7f:12:d9:a7:83:95:f2:0c:a5:2a:5b:dc:62:
7a:52:e5:8d:61:46:82:fb:ef:43:7b:80:6a:42:70:
87:1a:b1:80:cc:f1:f3:d8:14:80:3a:3d:2a:1e:84:
bb:74:7f:9d:a4:83:f4:2d:73:3e:c3:8a:c2:52:f1:
34:a5:5c:82:91:64:9c:e1:6d:f4:52:5c:66:d8:00:
33:19:c6:dc:32:59:4f:99:3c:d1:3d:49:c0:b7:df:
ce:a1:0b:3c:fa:e5:0f:0a:c8:71:ac:8f:9f:7f:17:
03:5c:2c:fc:d4:19:d7:cb:ea:de:5d:dc:ea:d2:00:
9e:d3:62:3c:1d:a5:e2:d5:54:2c:98:56:31:0f:0a:
ed:88:67:94:1e:fd:33:ec:6a:22:14:f4:8d:e9:68:
98:54:c8:92:45:33:01:46:ad:14:a2:96:c8:ba:5b:
16:34:5a:84:7a:c6:73:03:3b:de:6b:b8:c6:b4:0d:
62:18:05:52:51:6d:88:25:08:e4:a7:38:42:36:95:
47:22:58:56:da:b0:09:f5:cd:5d:ee:a0:18:9b:75:
44:02:c2:88:95:87:cd:37:6c:ba:30:36:ce:cf:a8:
b2:2d:44:7b:04:74:9f:e7:83:f2:5d:54:6d:5b:89:
0b:41:3a:31:10:ef:58:72:c2:39:cd:49:50:c2:fa:
9c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:3A:31:DC:80:A0:0E:40:67:A1:CA:E5:63:40:BE:1B:B3:27:C7:99
X509v3 Authority Key Identifier:
keyid:E4:A9:EE:74:F2:D9:84:C8:8A:B3:B9:9A:E7:1D:0B:7C:7B:AF:81:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KnudPLZhMiKs7ma5x0LfHuvgVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/0jox3ICgDkBnocrlY0C-G7Mnx5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/5KnudPLZhMiKs7ma5x0LfHuvgVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.232.0/21
Signature Algorithm: sha256WithRSAEncryption
70:09:5b:e1:02:1c:0e:6e:8b:71:03:48:f3:c6:5f:18:ae:e1:
b5:78:f2:56:dc:70:df:45:63:0b:0b:f4:bd:fc:91:18:1c:b4:
78:4d:1c:7d:c9:05:e4:5b:19:ae:e8:19:b9:bc:ce:07:ca:89:
d6:34:b1:59:fd:04:64:fd:39:17:0d:c1:6a:82:cc:91:66:ac:
36:50:8b:01:38:bb:f3:4a:48:fc:15:8c:9e:9b:12:7f:dd:df:
e5:12:99:75:4e:06:17:ea:df:aa:28:65:14:4f:59:73:d8:10:
37:99:dc:76:1c:bc:5f:7e:77:64:86:a9:10:30:cd:67:0e:da:
92:1b:20:2a:ca:0d:94:e5:16:0c:d4:b8:91:ba:5f:30:a5:26:
b9:f1:98:35:56:99:5a:fd:ca:0b:47:24:ae:d6:f9:a4:93:e8:
40:38:42:91:1c:5f:5b:20:50:d0:ed:3a:d8:b6:37:32:02:33:
58:61:3f:06:dc:cb:86:59:3e:b3:9e:12:e6:8e:94:f1:d1:e6:
42:bf:a3:4f:5b:a8:21:54:4a:b9:5c:d4:21:71:cc:b1:26:3f:
ad:bb:2b:29:8d:02:f9:63:54:6d:e9:d6:50:2b:15:d6:7b:f8:
76:88:b9:41:c7:95:ae:73:30:db:96:b5:2d:d5:56:48:a1:c7:
4d:4e:cc:64
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGne9KTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NGE5ZWU3NGYyZDk4NGM4OGFiM2I5OWFlNzFkMGI3YzdiYWY4MTUwMB4XDTIyMDEw
MTA4MDI0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDIzYTMxZGM4MGEw
MGU0MDY3YTFjYWU1NjM0MGJlMWJiMzI3Yzc5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALd/Etmng5XyDKUqW9xielLljWFGgvvvQ3uAakJwhxqxgMzx
89gUgDo9Kh6Eu3R/naSD9C1zPsOKwlLxNKVcgpFknOFt9FJcZtgAMxnG3DJZT5k8
0T1JwLffzqELPPrlDwrIcayPn38XA1ws/NQZ18vq3l3c6tIAntNiPB2l4tVULJhW
MQ8K7YhnlB79M+xqIhT0jelomFTIkkUzAUatFKKWyLpbFjRahHrGcwM73mu4xrQN
YhgFUlFtiCUI5Kc4QjaVRyJYVtqwCfXNXe6gGJt1RALCiJWHzTdsujA2zs+osi1E
ewR0n+eD8l1UbVuJC0E6MRDvWHLCOc1JUML6nIMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTSOjHcgKAOQGehyuVjQL4bsyfHmTAfBgNVHSMEGDAWgBTkqe508tmEyIqz
uZrnHQt8e6+BUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVLbnVkUExaaE1pS3M3bWE1eDBMZkh1dmdWQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvZWFkYzk1LWRhYWYtNDc3Ni05YmU4LWQyYzBiZTQ0ODU2MS8x
LzBqb3gzSUNnRGtCbm9jcmxZMEMtRzdNbng1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
ZWFkYzk1LWRhYWYtNDc3Ni05YmU4LWQyYzBiZTQ0ODU2MS8xLzVLbnVkUExaaE1p
S3M3bWE1eDBMZkh1dmdWQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAwUi6DANBgkqhkiG9w0BAQsFAAOC
AQEAcAlb4QIcDm6LcQNI88ZfGK7htXjyVtxw30VjCwv0vfyRGBy0eE0cfckF5FsZ
rugZubzOB8qJ1jSxWf0EZP05Fw3BaoLMkWasNlCLATi780pI/BWMnpsSf93f5RKZ
dU4GF+rfqihlFE9Zc9gQN5ncdhy8X353ZIapEDDNZw7akhsgKsoNlOUWDNS4kbpf
MKUmufGYNVaZWv3KC0ckrtb5pJPoQDhCkRxfWyBQ0O062LY3MgIzWGE/BtzLhlk+
s54S5o6U8dHmQr+jT1uoIVRKuVzUIXHMsSY/rbsrKY0C+WNUbenWUCsV1nv4doi5
QceVrnMw25a1LdVWSKHHTU7MZA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:55 2023 by rpki-client on console-fra.rpki-client.org