Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/135032-ea24-4a47-8f5c-e0bac4161953/1/cqE3NC06l4h-cpy58tuH5UmUTSM.roa
File: cqE3NC06l4h-cpy58tuH5UmUTSM.roa (raw, json)
Hash identifier: SkRi5MINZNmkIEtn1OGNWv3csvEuv6RKg4a/fI2lQf0=
Subject key identifier: 72:A1:37:34:2D:3A:97:88:7E:72:9C:B9:F2:DB:87:E5:49:94:4D:23
Certificate issuer: /CN=256be176b313e1a8a050f670af576771b655d611
Certificate serial: 0887C7D2
Authority key identifier: 25:6B:E1:76:B3:13:E1:A8:A0:50:F6:70:AF:57:67:71:B6:55:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JWvhdrMT4aigUPZwr1dncbZV1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/135032-ea24-4a47-8f5c-e0bac4161953/1/cqE3NC06l4h-cpy58tuH5UmUTSM.roa
Signing time: Sat 01 Jan 2022 06:04:12 +0000
ROA not before: Sat 01 Jan 2022 06:04:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15600
IP address blocks: 5.145.64.0/19 maxlen: 24
185.74.144.0/22 maxlen: 24
5.145.96.0/21 maxlen: 24
2a00:d2a0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143116242 (0x887c7d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=256be176b313e1a8a050f670af576771b655d611
Validity
Not Before: Jan 1 06:04:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72a137342d3a97887e729cb9f2db87e549944d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:db:fa:9e:25:5c:85:95:5b:63:3f:bc:fc:9a:
20:90:86:a3:4a:0a:bc:5b:65:ab:90:83:a6:65:9f:
8a:d9:73:ef:68:47:8f:3c:8a:17:34:72:10:32:79:
c4:96:13:07:61:3d:11:1f:73:29:c6:24:19:0d:06:
44:5c:a6:d8:d3:88:f2:0b:df:bc:96:20:ad:93:33:
60:0c:7a:02:1f:de:2d:d2:e4:19:b6:16:a0:93:40:
a3:ec:99:53:13:f2:44:fc:da:fd:8d:2f:57:6f:6c:
87:0a:5b:98:3f:15:28:10:58:b8:3b:8f:12:20:d0:
33:7c:4d:9b:85:26:6a:45:51:ca:91:f5:fc:cb:d3:
37:40:24:18:b7:38:df:20:b4:cf:88:b2:77:61:01:
54:e6:2b:04:18:14:1e:f1:01:d8:b9:c9:0d:fb:71:
f1:07:b7:03:c7:66:56:d0:2f:9a:75:b0:03:ba:e2:
d9:53:f1:4d:1c:3a:0c:40:c0:75:21:e4:03:7c:dc:
ea:ad:13:15:d6:14:72:b4:dc:cc:77:a0:1c:77:aa:
4e:16:0e:25:6e:e2:a2:b6:7d:4f:1d:b3:b1:1a:f7:
4e:87:a0:38:6d:66:05:2e:1d:24:2d:1e:a8:a1:cd:
82:a9:66:34:2a:f7:a4:df:2b:02:53:77:54:d2:2f:
86:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A1:37:34:2D:3A:97:88:7E:72:9C:B9:F2:DB:87:E5:49:94:4D:23
X509v3 Authority Key Identifier:
keyid:25:6B:E1:76:B3:13:E1:A8:A0:50:F6:70:AF:57:67:71:B6:55:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JWvhdrMT4aigUPZwr1dncbZV1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/135032-ea24-4a47-8f5c-e0bac4161953/1/cqE3NC06l4h-cpy58tuH5UmUTSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/135032-ea24-4a47-8f5c-e0bac4161953/1/JWvhdrMT4aigUPZwr1dncbZV1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.64.0-5.145.103.255
185.74.144.0/22
IPv6:
2a00:d2a0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:02:cd:6e:a0:1a:bf:4b:f5:8f:a2:c0:90:6d:6b:51:d2:48:
db:50:42:3a:67:54:60:a8:ee:cb:a8:28:d8:e6:3d:4e:e4:7e:
1e:d8:1b:5a:be:0e:ed:7a:b2:a9:f6:32:75:b4:b1:f8:02:8c:
17:a1:1d:31:e9:45:a0:66:c9:3c:6e:28:37:d3:4c:4d:c2:2b:
89:cd:28:d3:38:60:e3:d5:88:0c:6b:88:83:c4:41:1b:c0:11:
ba:7c:f7:88:65:d7:ac:14:78:64:31:19:60:81:0b:5a:0e:ad:
9b:72:5c:e6:cb:83:1e:c7:4b:03:cd:b8:bb:4d:12:a1:fe:81:
ef:a2:fe:08:92:13:fa:b1:0c:ac:8b:54:99:c5:d4:2b:1b:d2:
c5:20:a2:ce:d0:d0:99:f3:7c:79:c5:09:15:c3:3b:4a:1c:28:
39:42:34:e2:67:0e:1f:54:d7:4c:0b:46:bc:fe:f8:87:ec:99:
ec:d2:12:2c:72:04:74:16:41:18:01:87:74:a5:f0:f0:03:b8:
52:8d:61:d7:87:b5:b2:72:99:5f:62:eb:bb:43:f4:9f:7f:7e:
b8:77:6c:46:db:10:46:64:3b:60:e8:87:9b:04:b5:f9:4a:4c:
2f:0a:a0:b0:e7:ff:36:08:d8:fc:df:96:6f:e0:a7:a4:24:9b:
31:4d:c5:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECIfH0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NTZiZTE3NmIzMTNlMWE4YTA1MGY2NzBhZjU3Njc3MWI2NTVkNjExMB4XDTIyMDEw
MTA2MDQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJhMTM3MzQyZDNh
OTc4ODdlNzI5Y2I5ZjJkYjg3ZTU0OTk0NGQyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvb+p4lXIWVW2M/vPyaIJCGo0oKvFtlq5CDpmWfitlz72hH
jzyKFzRyEDJ5xJYTB2E9ER9zKcYkGQ0GRFym2NOI8gvfvJYgrZMzYAx6Ah/eLdLk
GbYWoJNAo+yZUxPyRPza/Y0vV29shwpbmD8VKBBYuDuPEiDQM3xNm4UmakVRypH1
/MvTN0AkGLc43yC0z4iyd2EBVOYrBBgUHvEB2LnJDftx8Qe3A8dmVtAvmnWwA7ri
2VPxTRw6DEDAdSHkA3zc6q0TFdYUcrTczHegHHeqThYOJW7iorZ9Tx2zsRr3Toeg
OG1mBS4dJC0eqKHNgqlmNCr3pN8rAlN3VNIvhkMCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBRyoTc0LTqXiH5ynLny24flSZRNIzAfBgNVHSMEGDAWgBQla+F2sxPhqKBQ
9nCvV2dxtlXWETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pXdmhkck1UNGFpZ1VQWndyMWRuY2JaVjFoRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvMTM1MDMyLWVhMjQtNGE0Ny04ZjVjLWUwYmFjNDE2MTk1My8x
L2NxRTNOQzA2bDRoLWNweTU4dHVINVVtVVRTTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
MTM1MDMyLWVhMjQtNGE0Ny04ZjVjLWUwYmFjNDE2MTk1My8xL0pXdmhkck1UNGFp
Z1VQWndyMWRuY2JaVjFoRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFDAMAwQGBZFAAwQDBZFgAwQCuUqQMA0E
AgACMAcDBQMqANKgMA0GCSqGSIb3DQEBCwUAA4IBAQBtAs1uoBq/S/WPosCQbWtR
0kjbUEI6Z1RgqO7LqCjY5j1O5H4e2Btavg7terKp9jJ1tLH4AowXoR0x6UWgZsk8
big300xNwiuJzSjTOGDj1YgMa4iDxEEbwBG6fPeIZdesFHhkMRlggQtaDq2bclzm
y4Mex0sDzbi7TRKh/oHvov4IkhP6sQysi1SZxdQrG9LFIKLO0NCZ83x5xQkVwztK
HCg5QjTiZw4fVNdMC0a8/viH7Jns0hIscgR0FkEYAYd0pfDwA7hSjWHXh7Wycplf
Yuu7Q/Sff364d2xG2xBGZDtg6IebBLX5SkwvCqCw5/82CNj835Zv4KekJJsxTcV/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:04 2024 by rpki-client on console-ams.rpki-client.org