Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/35Sb1-Q5cHSmrZTVNhm4-vpzc10.roa
File: 35Sb1-Q5cHSmrZTVNhm4-vpzc10.roa (raw, json)
Hash identifier: KbBWUSUsJpWmyRjN/bx9vIAwAwogNx3BC4T11adKJZA=
Subject key identifier: DF:94:9B:D7:E4:39:70:74:A6:AD:94:D5:36:19:B8:FA:FA:73:73:5D
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01852A4DE497542402C8E0157747C86206D5
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/35Sb1-Q5cHSmrZTVNhm4-vpzc10.roa
Signing time: Mon 19 Dec 2022 12:13:45 +0000
ROA not before: Mon 19 Dec 2022 12:13:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49629
IP address blocks: 5.181.100.0/22 maxlen: 24
194.8.140.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:4d:e4:97:54:24:02:c8:e0:15:77:47:c8:62:06:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 19 12:13:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df949bd7e4397074a6ad94d53619b8fafa73735d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0b:f9:38:63:04:df:a8:95:13:7f:c1:77:74:
d2:85:e6:83:33:6c:96:d7:68:48:19:2d:ce:af:37:
4b:6f:ca:38:04:95:8d:34:2d:a9:02:85:4f:87:cc:
1f:34:50:c8:13:30:cd:1b:e8:39:0d:0c:6d:61:c2:
eb:1b:6e:9c:21:81:8a:c8:0f:a8:c3:61:09:94:a8:
c8:91:5e:d9:04:d1:94:80:cb:9f:d6:04:6d:4a:07:
9f:fe:b2:ef:5b:fe:79:7b:94:13:5b:e8:cd:d9:46:
7e:d6:cb:5e:dd:44:52:c2:7e:1a:a4:0d:a1:c9:df:
5e:5c:ee:e0:7f:a9:6c:0e:09:4e:5e:ef:24:3c:be:
19:ed:f4:4f:97:76:0b:22:d5:60:eb:92:61:48:02:
f8:15:d5:4c:b8:68:e8:65:16:8a:f5:b7:1c:a4:3c:
21:eb:a6:ca:d0:dc:b4:0b:51:5a:ee:99:c7:dd:ac:
68:1c:b6:ec:ca:77:b4:fe:6c:57:09:cb:6f:70:98:
69:91:1c:db:4b:df:36:50:53:a2:09:c3:5c:b7:a1:
bd:ce:98:8d:2f:be:2e:91:f4:61:fb:21:dd:22:36:
10:f0:8d:ec:c7:79:5a:02:0b:f3:8b:08:44:19:b3:
8e:a8:8a:4d:dd:01:65:dc:57:9a:02:aa:f5:e4:f8:
d9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:94:9B:D7:E4:39:70:74:A6:AD:94:D5:36:19:B8:FA:FA:73:73:5D
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/35Sb1-Q5cHSmrZTVNhm4-vpzc10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.100.0/22
194.8.140.0/22
Signature Algorithm: sha256WithRSAEncryption
76:a4:9d:b5:17:06:72:30:7c:d0:0e:58:b8:80:f0:ea:2b:1c:
7c:4d:a2:86:73:9d:2d:41:1c:63:40:fa:b5:d7:af:e6:27:be:
02:7e:e3:d5:d1:3e:c4:ce:27:57:41:5c:8c:d1:ad:4d:12:41:
e6:b2:85:10:fb:ab:5b:6a:f0:97:17:63:5f:56:5e:9d:54:b7:
06:3c:79:61:b7:12:95:f5:f6:ca:1f:fb:9c:f2:ff:a9:7f:2e:
28:fa:95:0f:2d:2c:fd:a6:67:9c:eb:62:b8:79:08:6b:61:ec:
f2:11:7f:72:9b:89:39:88:ba:8f:85:9c:4f:f1:4a:70:4d:7a:
74:8f:08:be:e6:4e:7c:ea:f6:b3:89:97:d1:d7:c4:19:55:b7:
71:ec:a2:f7:34:04:7a:05:45:c6:04:ff:30:2e:33:e2:5e:da:
8f:dd:90:c4:ee:4a:21:0e:94:36:27:dd:c8:67:4d:8c:33:e2:
4b:6a:6f:76:48:1f:34:ea:0b:d0:81:2f:e6:c4:61:7e:e7:56:
e3:e9:cc:61:b2:53:ee:ab:82:29:8d:db:d2:b2:e9:cf:15:53:
9b:63:b5:8a:d6:aa:25:9e:24:83:1f:66:64:a4:61:0e:e2:a7:
7f:ae:60:91:54:53:c4:e2:d3:69:61:f1:aa:4f:89:7d:8c:36:
d3:9f:f5:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUqTeSXVCQCyOAVd0fIYgbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjE5MTIxMzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjk0OWJkN2U0Mzk3MDc0YTZhZDk0ZDUzNjE5YjhmYWZhNzM3MzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQv5OGME36iVE3/Bd3TSheaDM2yW
12hIGS3OrzdLb8o4BJWNNC2pAoVPh8wfNFDIEzDNG+g5DQxtYcLrG26cIYGKyA+o
w2EJlKjIkV7ZBNGUgMuf1gRtSgef/rLvW/55e5QTW+jN2UZ+1ste3URSwn4apA2h
yd9eXO7gf6lsDglOXu8kPL4Z7fRPl3YLItVg65JhSAL4FdVMuGjoZRaK9bccpDwh
66bK0Ny0C1Fa7pnH3axoHLbsyne0/mxXCctvcJhpkRzbS982UFOiCcNct6G9zpiN
L74ukfRh+yHdIjYQ8I3sx3laAgvziwhEGbOOqIpN3QFl3FeaAqr15PjZXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN+Um9fkOXB0pq2U1TYZuPr6c3NdMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvMzVTYjEtUTVjSFNtclpUVk5obTQtdnB6YzEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBbVkAwQC
wgiMMA0GCSqGSIb3DQEBCwUAA4IBAQB2pJ21FwZyMHzQDli4gPDqKxx8TaKGc50t
QRxjQPq116/mJ74CfuPV0T7EzidXQVyM0a1NEkHmsoUQ+6tbavCXF2NfVl6dVLcG
PHlhtxKV9fbKH/uc8v+pfy4o+pUPLSz9pmec62K4eQhrYezyEX9ym4k5iLqPhZxP
8UpwTXp0jwi+5k586vaziZfR18QZVbdx7KL3NAR6BUXGBP8wLjPiXtqP3ZDE7koh
DpQ2J93IZ02MM+JLam92SB806gvQgS/mxGF+51bj6cxhslPuq4IpjdvSsunPFVOb
Y7WK1qolniSDH2ZkpGEO4qd/rmCRVFPE4tNpYfGqT4l9jDbTn/Wm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org