Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/E5DaC8koz5T0vnu1G8jANjZNYB8.roa
File: E5DaC8koz5T0vnu1G8jANjZNYB8.roa (raw, json)
Hash identifier: fmGx3TVN5P8HY/TaDxeA+Sd/7xJZlIOqY5wEUdCiwAw=
Subject key identifier: 13:90:DA:0B:C9:28:CF:94:F4:BE:7B:B5:1B:C8:C0:36:36:4D:60:1F
Certificate issuer: /CN=c43c222fad2c27ca612c98c273d4f16506e1b2e5
Certificate serial: 401F2A
Authority key identifier: C4:3C:22:2F:AD:2C:27:CA:61:2C:98:C2:73:D4:F1:65:06:E1:B2:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDwiL60sJ8phLJjCc9TxZQbhsuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/E5DaC8koz5T0vnu1G8jANjZNYB8.roa
Signing time: Sat 01 Jan 2022 01:52:02 +0000
ROA not before: Sat 01 Jan 2022 01:52:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49718
IP address blocks: 176.100.112.0/22 maxlen: 22
176.100.108.0/22 maxlen: 22
176.100.116.0/22 maxlen: 22
176.100.124.0/22 maxlen: 22
176.100.120.0/22 maxlen: 22
213.108.168.0/21 maxlen: 21
213.108.169.0/24 maxlen: 24
213.108.168.0/24 maxlen: 24
213.108.171.0/24 maxlen: 24
213.108.170.0/24 maxlen: 24
176.100.64.0/22 maxlen: 22
213.108.172.0/24 maxlen: 24
213.108.175.0/24 maxlen: 24
176.100.64.0/18 maxlen: 18
176.100.68.0/22 maxlen: 22
213.108.174.0/24 maxlen: 24
213.108.173.0/24 maxlen: 24
176.100.72.0/22 maxlen: 22
176.100.76.0/22 maxlen: 22
176.100.84.0/22 maxlen: 22
176.100.80.0/22 maxlen: 22
176.100.88.0/22 maxlen: 22
176.100.96.0/22 maxlen: 22
176.100.92.0/22 maxlen: 22
176.100.100.0/22 maxlen: 22
176.100.104.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4202282 (0x401f2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c43c222fad2c27ca612c98c273d4f16506e1b2e5
Validity
Not Before: Jan 1 01:52:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1390da0bc928cf94f4be7bb51bc8c036364d601f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:1c:40:d3:58:d7:76:82:19:2b:c3:24:17:a0:
c0:29:4b:9f:f9:c9:a9:a0:ee:2b:b8:eb:57:8c:ee:
c7:d5:91:3b:cd:6a:27:9c:4b:bc:11:72:7a:26:83:
c5:57:35:b0:62:da:5a:d0:56:c5:8d:7b:bf:36:a9:
90:70:d4:b4:ac:10:2c:b5:9c:f3:6a:bf:00:ea:44:
fd:c9:d8:a0:bb:81:ac:df:67:16:d7:b5:c7:ce:b6:
c5:0e:3e:ab:ef:95:58:b6:99:49:db:a5:b4:08:bd:
55:95:fb:39:ff:76:42:2e:39:78:c6:cb:f2:b0:d7:
b2:7b:86:c4:ac:7b:7d:2f:e6:3d:a8:ea:bf:3e:d8:
e8:be:70:25:56:b2:6d:f6:6b:c3:c2:13:98:85:e1:
6e:1b:97:e8:21:91:58:c2:3e:78:42:cc:84:a6:30:
9f:28:e4:14:74:3e:d8:ee:6b:8c:ee:cc:24:4b:24:
4e:bb:13:68:fd:ce:7b:e9:fa:37:fe:c7:07:e9:f3:
21:10:f1:80:2b:22:4a:b6:f3:96:4c:01:cd:07:af:
c6:46:8e:cf:73:b1:1f:74:67:0c:b8:70:91:70:05:
c8:69:aa:74:94:5a:f6:89:96:82:e5:dc:9c:81:88:
01:27:2e:bd:8c:67:5e:6a:e6:e5:04:ac:d5:24:21:
a8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:90:DA:0B:C9:28:CF:94:F4:BE:7B:B5:1B:C8:C0:36:36:4D:60:1F
X509v3 Authority Key Identifier:
keyid:C4:3C:22:2F:AD:2C:27:CA:61:2C:98:C2:73:D4:F1:65:06:E1:B2:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDwiL60sJ8phLJjCc9TxZQbhsuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/E5DaC8koz5T0vnu1G8jANjZNYB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/xDwiL60sJ8phLJjCc9TxZQbhsuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.100.64.0/18
213.108.168.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:30:ca:49:52:a5:51:5e:1b:e1:ab:1f:51:5c:5c:b2:47:d7:
85:ba:3a:c9:20:e1:b4:ae:c8:56:76:ea:51:87:93:c2:4e:ad:
0d:be:5f:1a:e6:dc:bb:a7:7f:12:0a:8b:12:65:cc:94:30:7a:
e6:06:28:85:c0:db:74:68:6c:13:e5:7d:0d:c9:92:4e:b8:8e:
b1:42:13:75:4c:49:3d:45:81:22:c7:4c:b6:54:81:a4:d5:bb:
69:c8:37:84:05:10:9f:0e:aa:49:38:f6:19:39:74:f1:1d:6f:
f5:0e:d8:9f:5c:bf:d3:2b:25:cf:22:33:7e:95:0c:fc:20:ee:
36:ed:53:7e:61:ed:65:8c:bc:a5:05:a3:6b:21:68:0d:70:5e:
59:d4:15:4b:e2:23:b9:cc:cb:e8:8b:a5:ea:99:c1:43:d9:91:
54:58:2f:39:dc:57:67:25:27:e4:82:6e:16:34:c3:3a:92:bf:
9e:c6:dd:4f:e6:bb:06:cc:4d:37:a7:c2:c8:d1:67:7c:95:9a:
1f:94:e2:e4:7f:40:07:0c:4d:9c:a2:70:68:bd:c6:18:7e:2d:
a5:d6:59:fe:01:37:5c:73:86:be:c8:f6:d3:b8:bf:e3:e9:9a:
29:5c:f6:10:0e:3d:4e:9a:84:19:20:9b:82:c8:cf:d8:65:9b:
bb:a7:e7:32
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDQB8qMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM0
M2MyMjJmYWQyYzI3Y2E2MTJjOThjMjczZDRmMTY1MDZlMWIyZTUwHhcNMjIwMTAx
MDE1MjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxMzkwZGEwYmM5Mjhj
Zjk0ZjRiZTdiYjUxYmM4YzAzNjM2NGQ2MDFmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA7BxA01jXdoIZK8MkF6DAKUuf+cmpoO4ruOtXjO7H1ZE7zWon
nEu8EXJ6JoPFVzWwYtpa0FbFjXu/NqmQcNS0rBAstZzzar8A6kT9ydigu4Gs32cW
17XHzrbFDj6r75VYtplJ26W0CL1Vlfs5/3ZCLjl4xsvysNeye4bErHt9L+Y9qOq/
PtjovnAlVrJt9mvDwhOYheFuG5foIZFYwj54QsyEpjCfKOQUdD7Y7muM7swkSyRO
uxNo/c576fo3/scH6fMhEPGAKyJKtvOWTAHNB6/GRo7Pc7EfdGcMuHCRcAXIaap0
lFr2iZaC5dycgYgBJy69jGdeaublBKzVJCGo4QIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFBOQ2gvJKM+U9L57tRvIwDY2TWAfMB8GA1UdIwQYMBaAFMQ8Ii+tLCfKYSyY
wnPU8WUG4bLlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
eER3aUw2MHNKOHBoTEpqQ2M5VHhaUWJoc3VVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hZC82OGE3ZWEtZDUwYS00YTMwLTk1MTMtZTkwOWE3N2NkYTk4LzEv
RTVEYUM4a296NVQwdm51MUc4akFOalpOWUI4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82
OGE3ZWEtZDUwYS00YTMwLTk1MTMtZTkwOWE3N2NkYTk4LzEveER3aUw2MHNKOHBo
TEpqQ2M5VHhaUWJoc3VVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGsGRAAwQD1WyoMA0GCSqGSIb3DQEB
CwUAA4IBAQBOMMpJUqVRXhvhqx9RXFyyR9eFujrJIOG0rshWdupRh5PCTq0Nvl8a
5ty7p38SCosSZcyUMHrmBiiFwNt0aGwT5X0NyZJOuI6xQhN1TEk9RYEix0y2VIGk
1btpyDeEBRCfDqpJOPYZOXTxHW/1DtifXL/TKyXPIjN+lQz8IO427VN+Ye1ljLyl
BaNrIWgNcF5Z1BVL4iO5zMvoi6XqmcFD2ZFUWC853FdnJSfkgm4WNMM6kr+ext1P
5rsGzE03p8LI0Wd8lZoflOLkf0AHDE2conBovcYYfi2l1ln+ATdcc4a+yPbTuL/j
6ZopXPYQDj1OmoQZIJuCyM/YZZu7p+cy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:12 2024 by rpki-client on console-ams.rpki-client.org