Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/M8tD6FtNx3xYaVsmyOPJ32fwxhg.roa
File: M8tD6FtNx3xYaVsmyOPJ32fwxhg.roa (raw, json)
Hash identifier: A/CXR7k5Yns16HlGRbYh9U5YBi7u2XKW7sz451nwLA4=
Subject key identifier: 33:CB:43:E8:5B:4D:C7:7C:58:69:5B:26:C8:E3:C9:DF:67:F0:C6:18
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0182AABF806D2F26FB83153ABD3990DC86EB
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/M8tD6FtNx3xYaVsmyOPJ32fwxhg.roa
Signing time: Wed 17 Aug 2022 07:40:52 +0000
ROA not before: Wed 17 Aug 2022 07:40:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210122
IP address blocks: 5.180.34.0/24 maxlen: 24
5.180.33.0/24 maxlen: 24
85.208.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:aa:bf:80:6d:2f:26:fb:83:15:3a:bd:39:90:dc:86:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Aug 17 07:40:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33cb43e85b4dc77c58695b26c8e3c9df67f0c618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a7:6b:c6:3c:d8:19:3b:b3:53:e6:88:b9:4d:
05:e3:99:f6:bf:03:28:7b:f8:e6:f0:3e:25:97:f9:
23:0d:2b:37:a2:a2:e8:88:c0:84:9a:8d:2d:9b:1e:
c4:7a:8d:13:e9:0e:8e:bb:a6:46:ba:d0:05:79:3f:
94:1d:c0:dd:de:3d:f5:a5:98:35:98:27:c5:fb:b0:
bb:e6:ab:f3:b4:68:85:45:3a:4e:da:67:d4:7f:85:
14:b5:e5:e9:c4:ff:c3:ee:4d:da:da:bd:d8:1c:e9:
cf:6d:95:d6:e0:f8:2f:95:fa:9a:38:15:8e:66:a2:
be:98:58:fa:e7:9f:c5:06:16:db:90:49:09:fb:5c:
c4:f6:cd:a7:6c:ae:ff:66:a7:65:95:0c:b7:e5:7c:
15:db:ad:37:49:78:61:03:98:cb:ff:87:cb:d7:7c:
dd:02:00:75:5e:2b:49:71:50:0f:fb:b2:92:ef:50:
4a:0a:66:c5:9e:51:c2:bb:a3:90:ce:e3:25:e4:d2:
d9:b7:0f:ff:38:2b:8d:93:19:e0:14:d9:cb:67:49:
e9:78:e2:d5:85:66:42:5b:f6:94:39:7a:52:d1:41:
0c:e8:a2:55:ff:b5:1a:a9:2f:8f:be:4a:50:6e:88:
f3:99:3d:a9:be:20:58:a8:e7:65:0a:26:7a:dd:2c:
3e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:CB:43:E8:5B:4D:C7:7C:58:69:5B:26:C8:E3:C9:DF:67:F0:C6:18
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/M8tD6FtNx3xYaVsmyOPJ32fwxhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.33.0-5.180.34.255
85.208.107.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:c5:e4:31:81:41:e9:08:68:ab:c1:78:47:79:82:96:d0:4f:
ab:ef:e8:59:ba:e0:53:20:78:90:49:ce:22:82:b3:74:cd:a0:
df:f8:d0:19:7c:72:ed:cc:cc:d5:34:22:4c:f1:98:04:a6:bd:
98:88:c5:52:da:89:c2:0b:40:f6:86:83:09:bd:aa:c0:13:2c:
eb:04:53:dc:7b:c8:1b:a5:f4:1f:dd:df:e5:c1:3c:61:61:0d:
c9:87:6e:0d:c9:cf:01:e5:ab:57:26:68:ec:c8:a1:d9:79:50:
cc:94:2f:47:81:00:90:c9:e5:78:6e:64:c2:18:7a:9c:58:3c:
a0:09:e6:99:97:ab:2a:b5:1c:d9:b2:32:a8:39:81:ad:09:79:
73:ff:bd:a0:f3:dd:7e:3e:ac:f0:8e:8a:81:13:b4:3d:2e:c6:
2c:0c:95:98:10:a3:28:9a:b3:04:65:c4:ad:d9:91:af:f6:cf:
82:48:59:e9:0a:93:82:99:df:3a:ae:92:91:21:82:dd:0e:b7:
ff:9b:f3:6d:99:49:38:37:d2:93:dd:0e:4e:8c:81:42:9a:0a:
d4:0a:e3:87:1e:87:b9:ac:5d:d7:d3:41:5a:12:89:c5:58:36:
fc:b6:36:77:15:ce:46:cd:01:d3:72:24:7c:88:fa:17:2b:77:
88:33:c4:21
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYKqv4BtLyb7gxU6vTmQ3IbrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjIwODE3MDc0MDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2NiNDNlODViNGRjNzdjNTg2OTViMjZjOGUzYzlkZjY3ZjBjNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6drxjzYGTuzU+aIuU0F45n2vwMo
e/jm8D4ll/kjDSs3oqLoiMCEmo0tmx7Eeo0T6Q6Ou6ZGutAFeT+UHcDd3j31pZg1
mCfF+7C75qvztGiFRTpO2mfUf4UUteXpxP/D7k3a2r3YHOnPbZXW4PgvlfqaOBWO
ZqK+mFj655/FBhbbkEkJ+1zE9s2nbK7/ZqdllQy35XwV2603SXhhA5jL/4fL13zd
AgB1XitJcVAP+7KS71BKCmbFnlHCu6OQzuMl5NLZtw//OCuNkxngFNnLZ0npeOLV
hWZCW/aUOXpS0UEM6KJV/7UaqS+PvkpQbojzmT2pviBYqOdlCiZ63Sw+JwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDPLQ+hbTcd8WGlbJsjjyd9n8MYYMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTTh0RDZGdE54M3hZYVZzbXlPUEozMmZ3eGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAFtCED
BAAFtCIDBABV0GswDQYJKoZIhvcNAQELBQADggEBAKrF5DGBQekIaKvBeEd5gpbQ
T6vv6Fm64FMgeJBJziKCs3TNoN/40Bl8cu3MzNU0IkzxmASmvZiIxVLaicILQPaG
gwm9qsATLOsEU9x7yBul9B/d3+XBPGFhDcmHbg3JzwHlq1cmaOzIodl5UMyUL0eB
AJDJ5XhuZMIYepxYPKAJ5pmXqyq1HNmyMqg5ga0JeXP/vaDz3X4+rPCOioETtD0u
xiwMlZgQoyiaswRlxK3Zka/2z4JIWekKk4KZ3zqukpEhgt0Ot/+b822ZSTg30pPd
Dk6MgUKaCtQK44ceh7msXdfTQVoSicVYNvy2NncVzkbNAdNyJHyI+hcrd4gzxCE=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:29 2023 by rpki-client on console-fra.rpki-client.org