Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/ee0538-39c9-4450-9647-aba55e2424d2/1/5IMzdh1IU0aYD1RO39RbkkGmnJk.roa
File: 5IMzdh1IU0aYD1RO39RbkkGmnJk.roa (raw, json)
Hash identifier: 5ihFDe9zR8VqQb8WiYBEFGt+AzfLZ4amiRgwAcyyJzA=
Subject key identifier: E4:83:33:76:1D:48:53:46:98:0F:54:4E:DF:D4:5B:92:41:A6:9C:99
Certificate issuer: /CN=93d4c4ad731e45ed320a2f38ab70b7a7bff7ea79
Certificate serial: 6A43AC
Authority key identifier: 93:D4:C4:AD:73:1E:45:ED:32:0A:2F:38:AB:70:B7:A7:BF:F7:EA:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k9TErXMeRe0yCi84q3C3p7_36nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/ee0538-39c9-4450-9647-aba55e2424d2/1/5IMzdh1IU0aYD1RO39RbkkGmnJk.roa
Signing time: Sat 01 Jan 2022 02:58:50 +0000
ROA not before: Sat 01 Jan 2022 02:58:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42852
IP address blocks: 149.3.152.0/22 maxlen: 22
149.3.156.0/22 maxlen: 22
91.151.224.0/22 maxlen: 22
91.151.232.0/22 maxlen: 22
91.151.228.0/22 maxlen: 22
91.151.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6964140 (0x6a43ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93d4c4ad731e45ed320a2f38ab70b7a7bff7ea79
Validity
Not Before: Jan 1 02:58:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e48333761d485346980f544edfd45b9241a69c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e3:28:80:c3:e6:ec:95:be:60:da:ab:06:ab:
c2:8b:de:41:d1:41:45:5e:32:f5:d7:6f:70:02:ac:
71:dd:04:9b:f8:16:05:cc:67:69:f1:6f:e7:52:12:
ae:a7:dd:6e:9b:15:8b:6a:a5:4e:96:9f:14:d3:d7:
18:9a:b8:e5:74:66:b5:43:22:98:81:ed:a0:d2:ae:
ce:dd:d8:2c:4a:4f:3c:66:ea:a9:5c:c3:a8:e5:c5:
e0:f3:c0:7c:ac:47:d8:91:3e:08:a5:b7:6e:48:fd:
ee:ba:fd:18:5e:f1:dc:10:db:ec:c5:c3:72:92:51:
a4:97:e0:35:c1:65:d0:2f:b8:61:7b:d8:2e:d2:2f:
5a:94:7a:38:54:84:6f:77:6a:61:b7:9b:63:7d:ff:
bb:4a:3a:fc:ed:3f:c3:de:74:5b:59:c0:0c:71:d2:
67:04:4c:9d:ab:1c:e4:3e:ef:73:cc:d9:78:bf:9f:
d1:5b:55:a4:85:f3:2f:93:28:d7:62:5c:34:b7:b3:
0c:ad:0c:ce:fa:2d:19:cd:09:ad:cf:7a:57:e1:09:
99:f2:b0:40:d0:5d:94:91:39:4a:c5:d3:b9:31:a3:
8d:4c:cb:be:d7:6e:69:cf:ad:66:57:d0:42:45:82:
a0:43:9a:01:fd:d1:d0:24:e4:6d:da:f0:28:34:e5:
72:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:83:33:76:1D:48:53:46:98:0F:54:4E:DF:D4:5B:92:41:A6:9C:99
X509v3 Authority Key Identifier:
keyid:93:D4:C4:AD:73:1E:45:ED:32:0A:2F:38:AB:70:B7:A7:BF:F7:EA:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k9TErXMeRe0yCi84q3C3p7_36nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/ee0538-39c9-4450-9647-aba55e2424d2/1/5IMzdh1IU0aYD1RO39RbkkGmnJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/ee0538-39c9-4450-9647-aba55e2424d2/1/k9TErXMeRe0yCi84q3C3p7_36nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.224.0/20
149.3.152.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:25:44:5c:a2:c0:92:c7:1f:51:14:82:75:35:e9:76:6c:84:
fc:d7:6f:0a:05:cd:2e:27:61:85:dd:f5:58:88:d6:29:4d:cf:
fb:47:d2:60:0f:a8:16:f2:74:82:65:3e:30:9c:c4:7f:47:49:
b0:91:cd:9d:69:00:ee:dc:82:a3:65:d8:cb:a8:9d:bc:78:f4:
df:ec:1d:f0:b0:65:7e:e3:96:f7:ae:29:34:2d:19:48:ac:81:
cb:e5:dd:bf:6c:3d:90:b8:74:8b:f5:35:07:4a:82:3a:98:e9:
d7:01:3e:c6:cd:aa:c6:fb:91:89:3e:bc:c6:42:53:ce:bf:56:
da:d6:a5:cb:e9:bd:37:1a:14:6e:1f:18:13:de:f5:82:8e:15:
1c:08:a5:46:30:af:ed:40:b9:58:2a:0c:e0:14:ad:a6:09:01:
36:db:50:7d:31:10:ec:04:b3:4e:ff:f7:4c:66:05:d1:67:a6:
91:7a:0d:a8:14:02:bf:53:8c:8f:f5:9b:66:bd:a8:83:79:e0:
0c:d3:b9:a3:e8:a6:d2:3c:8f:40:6b:b6:e1:84:00:5e:0b:74:
17:5b:73:ab:87:50:4d:c3:68:96:63:c2:52:45:00:cc:fd:a6:
de:be:5c:52:fa:05:c0:17:c0:75:c2:d6:7a:ff:24:74:58:50:
14:8b:a8:f7
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDakOsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkz
ZDRjNGFkNzMxZTQ1ZWQzMjBhMmYzOGFiNzBiN2E3YmZmN2VhNzkwHhcNMjIwMTAx
MDI1ODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlNDgzMzM3NjFkNDg1
MzQ2OTgwZjU0NGVkZmQ0NWI5MjQxYTY5Yzk5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqeMogMPm7JW+YNqrBqvCi95B0UFFXjL1129wAqxx3QSb+BYF
zGdp8W/nUhKup91umxWLaqVOlp8U09cYmrjldGa1QyKYge2g0q7O3dgsSk88Zuqp
XMOo5cXg88B8rEfYkT4IpbduSP3uuv0YXvHcENvsxcNyklGkl+A1wWXQL7hhe9gu
0i9alHo4VIRvd2pht5tjff+7Sjr87T/D3nRbWcAMcdJnBEydqxzkPu9zzNl4v5/R
W1WkhfMvkyjXYlw0t7MMrQzO+i0ZzQmtz3pX4QmZ8rBA0F2UkTlKxdO5MaONTMu+
125pz61mV9BCRYKgQ5oB/dHQJORt2vAoNOVyQQIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFOSDM3YdSFNGmA9UTt/UW5JBppyZMB8GA1UdIwQYMBaAFJPUxK1zHkXtMgov
OKtwt6e/9+p5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
azlURXJYTWVSZTB5Q2k4NHEzQzNwN18zNm5rLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jOS9lZTA1MzgtMzljOS00NDUwLTk2NDctYWJhNTVlMjQyNGQyLzEv
NUlNemRoMUlVMGFZRDFSTzM5UmJra0dtbkprLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9l
ZTA1MzgtMzljOS00NDUwLTk2NDctYWJhNTVlMjQyNGQyLzEvazlURXJYTWVSZTB5
Q2k4NHEzQzNwN18zNm5rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEW5fgAwQDlQOYMA0GCSqGSIb3DQEB
CwUAA4IBAQBrJURcosCSxx9RFIJ1Nel2bIT8128KBc0uJ2GF3fVYiNYpTc/7R9Jg
D6gW8nSCZT4wnMR/R0mwkc2daQDu3IKjZdjLqJ28ePTf7B3wsGV+45b3rik0LRlI
rIHL5d2/bD2QuHSL9TUHSoI6mOnXAT7GzarG+5GJPrzGQlPOv1ba1qXL6b03GhRu
HxgT3vWCjhUcCKVGMK/tQLlYKgzgFK2mCQE221B9MRDsBLNO//dMZgXRZ6aReg2o
FAK/U4yP9ZtmvaiDeeAM07mj6KbSPI9Aa7bhhABeC3QXW3Orh1BNw2iWY8JSRQDM
/abevlxS+gXAF8B1wtZ6/yR0WFAUi6j3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:08 2024 by rpki-client on console-ams.rpki-client.org