Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/5VCnhOzFXPVW6aXSRrqgrw7L1rk.roa
File: 5VCnhOzFXPVW6aXSRrqgrw7L1rk.roa (raw, json)
Hash identifier: tWjju5NuYvsaytz5qL8MS3j+rtuiWujkUm3o8yHIxuk=
Subject key identifier: E5:50:A7:84:EC:C5:5C:F5:56:E9:A5:D2:46:BA:A0:AF:0E:CB:D6:B9
Certificate issuer: /CN=0908204d7cf5bc4aab38ffa39da3a681ed217bd4
Certificate serial: 17C1B1C0
Authority key identifier: 09:08:20:4D:7C:F5:BC:4A:AB:38:FF:A3:9D:A3:A6:81:ED:21:7B:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/5VCnhOzFXPVW6aXSRrqgrw7L1rk.roa
Signing time: Sat 01 Jan 2022 03:51:19 +0000
ROA not before: Sat 01 Jan 2022 03:51:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201643
IP address blocks: 185.68.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 398569920 (0x17c1b1c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0908204d7cf5bc4aab38ffa39da3a681ed217bd4
Validity
Not Before: Jan 1 03:51:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e550a784ecc55cf556e9a5d246baa0af0ecbd6b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b4:d5:9c:65:12:11:db:3a:e5:e6:5e:51:9b:
ac:56:85:22:7f:39:dd:0c:fc:a4:d4:c0:05:19:5e:
48:47:d5:ec:e6:48:72:cf:f8:5d:58:c1:7c:63:cb:
d0:4a:8f:b8:f7:ef:f2:8c:59:cd:ef:75:dc:da:ec:
40:ea:82:d5:1c:98:e3:4d:de:b4:08:4f:29:2a:bb:
56:dd:00:57:de:04:d0:07:6e:3b:7c:db:84:2f:3b:
9a:27:16:65:84:83:b7:2c:6d:83:1d:aa:ec:53:89:
7b:a4:c8:bd:e7:56:63:16:d7:e3:39:27:11:82:3c:
ed:27:63:ea:f9:c5:dd:54:65:75:4f:2d:02:7d:23:
2c:61:9e:30:44:11:88:8a:bd:7e:c5:5c:a0:c6:bb:
25:3c:27:b2:0d:40:57:cf:44:02:42:4b:4c:44:82:
e3:b5:55:42:89:98:5e:cf:f0:90:f9:d4:88:33:b0:
16:88:cf:36:dc:dc:94:13:75:7f:c5:da:94:8d:c9:
3a:e3:84:19:25:27:d9:e3:57:26:87:3b:9c:a7:44:
8d:c7:68:cd:2a:8d:ae:45:1d:c4:6a:a2:3d:8a:d5:
e0:5a:20:29:0d:58:28:03:25:f5:e7:39:65:fa:b7:
e1:7a:c0:19:41:4b:a4:8c:13:16:bc:cc:c9:7d:38:
f6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:50:A7:84:EC:C5:5C:F5:56:E9:A5:D2:46:BA:A0:AF:0E:CB:D6:B9
X509v3 Authority Key Identifier:
keyid:09:08:20:4D:7C:F5:BC:4A:AB:38:FF:A3:9D:A3:A6:81:ED:21:7B:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/5VCnhOzFXPVW6aXSRrqgrw7L1rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.100.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:c9:46:78:4b:4a:bf:a9:e7:2c:3a:74:8f:26:b3:e8:70:86:
f4:43:0a:42:ae:84:27:6e:21:28:d7:47:b0:0b:94:e4:de:52:
d1:d2:be:bb:20:ba:bb:ff:1c:e9:29:7d:c8:a9:46:46:5b:6d:
90:54:e4:46:9d:87:41:1e:4d:c4:c5:f5:53:20:be:3d:12:14:
c4:18:a3:8e:c5:c5:1f:18:a9:77:d4:4f:09:53:1a:fd:cc:87:
ec:91:d3:df:e5:99:44:c0:ca:a9:c6:86:18:84:2d:80:01:b0:
b2:2f:c9:1c:30:a7:e0:c5:dd:da:e0:03:c1:fe:72:28:9f:52:
ab:0e:92:22:8d:ef:60:d2:21:b2:9d:40:c7:74:47:e7:85:8f:
35:a6:86:25:63:df:93:b1:9a:d0:61:7c:51:4b:a8:b5:93:02:
fa:d8:b7:71:5f:00:1a:57:f2:57:9f:b9:32:d4:58:c0:74:90:
74:a2:32:22:e1:09:0a:8d:18:36:6b:3d:d0:07:e6:7f:d2:4f:
00:4f:7a:4a:52:77:a0:c7:da:5c:00:da:06:4d:e5:79:32:7f:
bc:a5:d0:68:9a:af:9a:a1:99:b3:45:2e:64:fa:c1:ea:b9:a4:
e6:71:8c:be:38:2a:35:b0:ab:fe:a3:46:0c:d4:f1:6d:a9:35:
e7:71:cd:63
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF8GxwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OTA4MjA0ZDdjZjViYzRhYWIzOGZmYTM5ZGEzYTY4MWVkMjE3YmQ0MB4XDTIyMDEw
MTAzNTExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTU1MGE3ODRlY2M1
NWNmNTU2ZTlhNWQyNDZiYWEwYWYwZWNiZDZiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKW01ZxlEhHbOuXmXlGbrFaFIn853Qz8pNTABRleSEfV7OZI
cs/4XVjBfGPL0EqPuPfv8oxZze913NrsQOqC1RyY403etAhPKSq7Vt0AV94E0Adu
O3zbhC87micWZYSDtyxtgx2q7FOJe6TIvedWYxbX4zknEYI87Sdj6vnF3VRldU8t
An0jLGGeMEQRiIq9fsVcoMa7JTwnsg1AV89EAkJLTESC47VVQomYXs/wkPnUiDOw
FojPNtzclBN1f8XalI3JOuOEGSUn2eNXJoc7nKdEjcdozSqNrkUdxGqiPYrV4Fog
KQ1YKAMl9ec5Zfq34XrAGUFLpIwTFrzMyX049scCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTlUKeE7MVc9VbppdJGuqCvDsvWuTAfBgNVHSMEGDAWgBQJCCBNfPW8Sqs4
/6Odo6aB7SF71DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NRZ2dUWHoxdkVxck9QLWpuYU9tZ2UwaGU5US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvZGI5ZTU4LWVlNDItNGExMC04MjIyLTg4MjNmMTExZGYwNy8x
LzVWQ25oT3pGWFBWVzZhWFNScnFncnc3TDFyay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
ZGI5ZTU4LWVlNDItNGExMC04MjIyLTg4MjNmMTExZGYwNy8xL0NRZ2dUWHoxdkVx
ck9QLWpuYU9tZ2UwaGU5US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlEZDANBgkqhkiG9w0BAQsFAAOC
AQEAHclGeEtKv6nnLDp0jyaz6HCG9EMKQq6EJ24hKNdHsAuU5N5S0dK+uyC6u/8c
6Sl9yKlGRlttkFTkRp2HQR5NxMX1UyC+PRIUxBijjsXFHxipd9RPCVMa/cyH7JHT
3+WZRMDKqcaGGIQtgAGwsi/JHDCn4MXd2uADwf5yKJ9Sqw6SIo3vYNIhsp1Ax3RH
54WPNaaGJWPfk7Ga0GF8UUuotZMC+ti3cV8AGlfyV5+5MtRYwHSQdKIyIuEJCo0Y
Nms90Afmf9JPAE96SlJ3oMfaXADaBk3leTJ/vKXQaJqvmqGZs0UuZPrB6rmk5nGM
vjgqNbCr/qNGDNTxbak153HNYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:52 2024 by rpki-client on console-fra.rpki-client.org