Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/n1789aeWUBist35vaCjIB9jB0Qk.roa
File: n1789aeWUBist35vaCjIB9jB0Qk.roa (raw, json)
Hash identifier: oRKPoRw665EDRH7L499cYBLdsUCL6yzPD4PFQYvwSJQ=
Subject key identifier: 9F:5E:FC:F5:A7:96:50:18:AC:B7:7E:6F:68:28:C8:07:D8:C1:D1:09
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 0184FAF831EF692A538216884FE407025927
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/n1789aeWUBist35vaCjIB9jB0Qk.roa
Signing time: Sat 10 Dec 2022 07:38:00 +0000
ROA not before: Sat 10 Dec 2022 07:38:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60423
IP address blocks: 5.145.119.0/24 maxlen: 24
185.24.253.0/24 maxlen: 24
185.24.252.0/24 maxlen: 24
5.145.117.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
2a04:2f00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:fa:f8:31:ef:69:2a:53:82:16:88:4f:e4:07:02:59:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: Dec 10 07:38:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f5efcf5a7965018acb77e6f6828c807d8c1d109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5f:33:14:25:af:f3:fd:a8:5d:1e:27:42:85:
c7:ec:15:f6:66:32:83:36:ee:2e:1a:9f:c7:41:8d:
d8:39:23:a4:91:19:58:bc:7c:1f:e6:96:87:ab:26:
2d:d3:dc:12:75:7b:fc:7b:3c:9a:b5:8b:62:3f:a1:
4b:a0:af:50:2b:f2:3e:bc:ad:46:ba:03:a5:bd:e5:
e4:80:41:0c:1b:af:6c:8a:e3:30:72:29:ef:c5:f6:
9c:61:03:79:fe:66:14:34:db:3a:f3:5a:92:60:38:
7d:c2:fc:dc:86:d5:4c:25:32:68:c2:2a:11:32:4d:
e3:f5:f8:4c:a1:ae:0b:36:5b:af:ea:6c:a2:3a:cf:
82:7c:4d:f3:a5:5d:46:41:0c:7f:8a:81:64:01:69:
20:d8:45:c3:4c:82:fe:e0:4b:b0:77:15:fc:20:ed:
b1:63:28:5d:f9:50:47:54:3a:a2:ff:83:b2:c6:2a:
e3:5c:f2:bd:cd:25:29:f2:28:0e:1e:76:77:ce:e2:
08:e9:89:e9:0c:28:59:9d:e0:88:20:6a:af:47:fb:
7a:a3:59:74:52:9a:56:63:da:6e:bc:70:ed:1c:76:
fa:dc:2f:95:12:6b:34:be:23:cc:e4:da:96:0e:5a:
38:40:59:df:22:d9:04:f8:11:08:5a:c0:55:8d:28:
e4:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:5E:FC:F5:A7:96:50:18:AC:B7:7E:6F:68:28:C8:07:D8:C1:D1:09
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/n1789aeWUBist35vaCjIB9jB0Qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.117.0-5.145.119.255
185.24.252.0/23
IPv6:
2a04:2f00::/48
Signature Algorithm: sha256WithRSAEncryption
68:3d:ed:77:f0:7e:26:03:be:09:e9:f4:9a:d2:e5:a7:be:1c:
e1:ee:a1:07:8b:32:9d:ef:fb:f5:13:e2:9a:9d:4c:51:65:60:
c3:6b:41:79:14:03:5d:bf:0e:5b:50:12:f4:d3:2f:3c:a7:55:
ee:bb:e7:1d:d9:6d:50:3f:00:bc:27:c1:5e:e1:e5:ca:31:8b:
7f:b2:55:6f:56:4c:2d:fb:bb:9b:fe:19:b1:5d:36:1f:13:4e:
d9:47:a0:90:61:42:2f:23:58:6c:89:33:f9:f6:69:60:49:94:
3b:29:5f:1f:fe:01:f4:6c:80:be:00:da:e6:07:fa:d2:ee:6a:
c1:f3:5a:83:ef:1f:0f:34:f5:46:fd:3e:e3:67:fa:f2:e1:ca:
5a:a4:ac:ca:17:b4:57:04:1a:f5:db:6e:0c:d3:f2:d4:83:d7:
d1:c9:fe:58:f5:b2:eb:2a:7f:b3:3d:07:71:bd:39:6c:32:b2:
17:3b:ef:1e:52:e9:44:d7:a7:32:0c:5b:b6:d8:33:f0:62:d6:
ce:e9:2f:1e:e3:80:ac:7d:3f:9d:7e:0f:7d:a9:e8:b7:95:f4:
05:be:4e:c3:8c:e1:77:26:1b:48:95:f6:bf:81:74:96:44:e1:
d7:e5:84:42:dc:83:82:13:00:20:3b:1f:a5:c6:65:da:e4:b3:
df:78:43:1c
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYT6+DHvaSpTghaIT+QHAlknMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjIxMjEwMDczODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjVlZmNmNWE3OTY1MDE4YWNiNzdlNmY2ODI4YzgwN2Q4YzFkMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml8zFCWv8/2oXR4nQoXH7BX2ZjKD
Nu4uGp/HQY3YOSOkkRlYvHwf5paHqyYt09wSdXv8ezyatYtiP6FLoK9QK/I+vK1G
ugOlveXkgEEMG69siuMwcinvxfacYQN5/mYUNNs681qSYDh9wvzchtVMJTJowioR
Mk3j9fhMoa4LNluv6myiOs+CfE3zpV1GQQx/ioFkAWkg2EXDTIL+4EuwdxX8IO2x
Yyhd+VBHVDqi/4OyxirjXPK9zSUp8igOHnZ3zuII6YnpDChZneCIIGqvR/t6o1l0
UppWY9puvHDtHHb63C+VEms0viPM5NqWDlo4QFnfItkE+BEIWsBVjSjkFwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJ9e/PWnllAYrLd+b2goyAfYwdEJMB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvbjE3ODlhZVdVQmlzdDM1dmFDaklCOWpCMFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAAFkXUD
BAMFkXADBAG5GPwwDwQCAAIwCQMHACoELwAAADANBgkqhkiG9w0BAQsFAAOCAQEA
aD3td/B+JgO+Cen0mtLlp74c4e6hB4syne/79RPimp1MUWVgw2tBeRQDXb8OW1AS
9NMvPKdV7rvnHdltUD8AvCfBXuHlyjGLf7JVb1ZMLfu7m/4ZsV02HxNO2UegkGFC
LyNYbIkz+fZpYEmUOylfH/4B9GyAvgDa5gf60u5qwfNag+8fDzT1Rv0+42f68uHK
WqSsyhe0VwQa9dtuDNPy1IPX0cn+WPWy6yp/sz0Hcb05bDKyFzvvHlLpRNenMgxb
ttgz8GLWzukvHuOArH0/nX4Pfanot5X0Bb5Ow4zhdyYbSJX2v4F0lkTh1+WEQtyD
ghMAIDsfpcZl2uSz33hDHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:29 2024 by rpki-client on console-fra.rpki-client.org