Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/0-L7RN5jD23D8lTWsRCb4Qj1VaE.roa
File: 0-L7RN5jD23D8lTWsRCb4Qj1VaE.roa (raw, json)
Hash identifier: iqfT+cnjamMX9U4zIZVQNx1Tt50fLlNumm4p1IcttpU=
Subject key identifier: D3:E2:FB:44:DE:63:0F:6D:C3:F2:54:D6:B1:10:9B:E1:08:F5:55:A1
Certificate issuer: /CN=490b21f79b9ea2f3d042374714867d12401995db
Certificate serial: 1860C59A
Authority key identifier: 49:0B:21:F7:9B:9E:A2:F3:D0:42:37:47:14:86:7D:12:40:19:95:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SQsh95ueovPQQjdHFIZ9EkAZlds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/0-L7RN5jD23D8lTWsRCb4Qj1VaE.roa
Signing time: Sat 01 Jan 2022 06:05:55 +0000
ROA not before: Sat 01 Jan 2022 06:05:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51043
IP address blocks: 5.22.136.0/21 maxlen: 24
185.173.67.0/24 maxlen: 24
185.59.180.0/22 maxlen: 24
178.23.128.0/21 maxlen: 24
83.98.32.0/19 maxlen: 19
159.242.64.0/18 maxlen: 24
148.253.160.0/19 maxlen: 24
2a00:ed40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 408995226 (0x1860c59a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=490b21f79b9ea2f3d042374714867d12401995db
Validity
Not Before: Jan 1 06:05:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3e2fb44de630f6dc3f254d6b1109be108f555a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:cf:ce:84:f0:2f:ae:82:2a:70:f5:7c:93:94:
74:ed:91:f5:28:7a:72:65:d5:c6:d0:31:58:03:01:
e1:47:1b:bc:42:15:4e:d0:e5:7e:82:66:d5:7a:04:
15:c8:d1:d6:8b:dd:68:6d:e0:01:bb:b1:be:41:d2:
1d:3a:c9:ec:e4:07:67:f6:bf:e5:62:6a:79:18:eb:
df:aa:b7:27:5f:f8:df:c2:bc:a2:39:eb:7e:56:4d:
fb:a4:de:c1:a4:9c:43:c4:ff:63:9a:66:9c:b8:d5:
ef:23:70:72:07:d7:dd:fc:39:dd:af:54:98:cf:c1:
97:c0:8b:e1:f7:ea:9c:0f:49:a1:cb:a9:a7:b7:02:
bb:ec:f0:e8:f0:77:72:66:0a:ea:5c:e8:ef:d2:16:
79:62:f4:8d:44:49:33:42:43:5e:63:88:80:3d:a5:
fe:da:b3:62:ea:0c:95:59:80:bf:86:f6:d2:86:57:
76:d6:bb:6d:1e:64:f4:cd:3c:2d:29:70:9c:76:ed:
47:b5:8c:ea:7c:6d:99:cd:5f:0b:75:4e:1f:5b:de:
4b:4e:d3:ca:c3:4d:b0:93:97:6b:e1:1b:8e:22:bd:
12:5c:c5:eb:c2:fc:20:c8:71:fc:64:eb:e0:58:55:
09:6b:d4:d6:6f:f1:76:b9:f8:89:ed:43:eb:b9:e6:
9a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E2:FB:44:DE:63:0F:6D:C3:F2:54:D6:B1:10:9B:E1:08:F5:55:A1
X509v3 Authority Key Identifier:
keyid:49:0B:21:F7:9B:9E:A2:F3:D0:42:37:47:14:86:7D:12:40:19:95:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SQsh95ueovPQQjdHFIZ9EkAZlds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/0-L7RN5jD23D8lTWsRCb4Qj1VaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/SQsh95ueovPQQjdHFIZ9EkAZlds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.136.0/21
83.98.32.0/19
148.253.160.0/19
159.242.64.0/18
178.23.128.0/21
185.59.180.0/22
185.173.67.0/24
IPv6:
2a00:ed40::/32
Signature Algorithm: sha256WithRSAEncryption
1a:bd:3f:eb:37:ca:ae:b8:e9:8d:79:b5:18:be:cd:ff:6f:3e:
3e:9e:f5:a1:4b:88:f4:b3:26:8e:83:e2:c0:82:92:ed:df:a4:
9e:47:17:68:52:96:d8:49:6e:f6:bc:c9:bd:8f:bb:ad:85:f1:
97:52:c3:0c:39:54:fd:85:71:9c:58:c9:63:71:cb:43:b4:84:
22:a2:c8:42:25:63:c9:2a:d0:60:85:30:8c:58:3c:e8:0b:4a:
4a:07:1b:d1:82:e6:22:86:aa:f2:49:8b:56:bb:6f:53:38:6b:
b0:36:ff:3e:96:23:f6:11:93:9b:29:79:88:cb:65:09:86:1b:
eb:aa:14:ee:fb:bd:97:4c:21:64:50:aa:93:08:b9:5e:12:21:
b1:22:c7:8d:2c:bc:9f:a3:2a:80:6e:c6:ea:e5:4d:41:52:a3:
e8:87:a5:d7:5b:0b:29:08:60:d3:7b:bb:48:6d:b0:4c:26:17:
e9:04:b3:7e:fd:8d:bf:38:a2:15:55:8f:97:a3:5d:6b:e8:6b:
a3:9f:2a:29:1f:c0:51:df:41:15:bd:35:79:d7:50:57:18:6f:
2e:85:5c:38:51:1d:8a:06:de:c1:5a:a7:8e:1a:4a:53:04:60:
2d:ff:71:94:5c:97:fd:30:30:91:db:a5:6f:33:0a:8d:a1:d4:
22:d3:cc:ec
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEGGDFmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OTBiMjFmNzliOWVhMmYzZDA0MjM3NDcxNDg2N2QxMjQwMTk5NWRiMB4XDTIyMDEw
MTA2MDU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDNlMmZiNDRkZTYz
MGY2ZGMzZjI1NGQ2YjExMDliZTEwOGY1NTVhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTPzoTwL66CKnD1fJOUdO2R9Sh6cmXVxtAxWAMB4UcbvEIV
TtDlfoJm1XoEFcjR1ovdaG3gAbuxvkHSHTrJ7OQHZ/a/5WJqeRjr36q3J1/438K8
ojnrflZN+6TewaScQ8T/Y5pmnLjV7yNwcgfX3fw53a9UmM/Bl8CL4ffqnA9Jocup
p7cCu+zw6PB3cmYK6lzo79IWeWL0jURJM0JDXmOIgD2l/tqzYuoMlVmAv4b20oZX
dta7bR5k9M08LSlwnHbtR7WM6nxtmc1fC3VOH1veS07TysNNsJOXa+EbjiK9ElzF
68L8IMhx/GTr4FhVCWvU1m/xdrn4ie1D67nmmq0CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTT4vtE3mMPbcPyVNaxEJvhCPVVoTAfBgNVHSMEGDAWgBRJCyH3m56i89BC
N0cUhn0SQBmV2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NRc2g5NXVlb3ZQUVFqZEhGSVo5RWtBWmxkcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvZTEwMTY1LWI0Y2QtNDMyMS1iZjNjLTQ4MGMzMmY0MDBlMS8x
LzAtTDdSTjVqRDIzRDhsVFdzUkNiNFFqMVZhRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
ZTEwMTY1LWI0Y2QtNDMyMS1iZjNjLTQ4MGMzMmY0MDBlMS8xL1NRc2g5NXVlb3ZQ
UVFqZEhGSVo5RWtBWmxkcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAwUWiAMEBVNiIAMEBZT9oAMEBp/y
QAMEA7IXgAMEArk7tAMEALmtQzANBAIAAjAHAwUAKgDtQDANBgkqhkiG9w0BAQsF
AAOCAQEAGr0/6zfKrrjpjXm1GL7N/28+Pp71oUuI9LMmjoPiwIKS7d+knkcXaFKW
2Elu9rzJvY+7rYXxl1LDDDlU/YVxnFjJY3HLQ7SEIqLIQiVjySrQYIUwjFg86AtK
Sgcb0YLmIoaq8kmLVrtvUzhrsDb/PpYj9hGTmyl5iMtlCYYb66oU7vu9l0whZFCq
kwi5XhIhsSLHjSy8n6MqgG7G6uVNQVKj6Iel11sLKQhg03u7SG2wTCYX6QSzfv2N
vziiFVWPl6Nda+hro58qKR/AUd9BFb01eddQVxhvLoVcOFEdigbewVqnjhpKUwRg
Lf9xlFyX/TAwkdulbzMKjaHUItPM7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:25 2024 by rpki-client on console-ams.rpki-client.org