Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/4PBM_TJvAEdkiYNmjUZ-fw4yA6M.roa
File: 4PBM_TJvAEdkiYNmjUZ-fw4yA6M.roa (raw, json)
Hash identifier: GFNeEWoq88PbGgxmGW7cuBu12xheJ/NdYl2t0deUVtw=
Subject key identifier: E0:F0:4C:FD:32:6F:00:47:64:89:83:66:8D:46:7E:7F:0E:32:03:A3
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 178B84FD
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/4PBM_TJvAEdkiYNmjUZ-fw4yA6M.roa
Signing time: Sat 01 Jan 2022 13:03:16 +0000
ROA not before: Sat 01 Jan 2022 13:03:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24679
IP address blocks: 5.1.69.0/24 maxlen: 24
5.1.68.0/24 maxlen: 24
5.1.83.0/24 maxlen: 24
5.1.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 395019517 (0x178b84fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 13:03:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0f04cfd326f0047648983668d467e7f0e3203a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4d:4a:9c:e9:3a:ce:73:e0:5d:98:1f:be:df:
85:78:d8:b8:93:52:f1:90:a2:67:f8:a6:04:c4:4e:
7f:20:ba:8a:90:15:9f:0b:23:18:7b:4a:74:d3:77:
b0:b3:11:fc:f2:54:a0:f3:ae:ee:7b:58:f5:c0:ea:
25:9e:87:bf:01:3f:b0:3d:fd:95:f0:a0:b8:b4:97:
4c:cb:93:3b:22:89:dd:ae:e2:45:7b:3b:2c:7d:a2:
c9:9e:a5:c1:82:d1:0c:54:da:b9:e2:40:75:63:e5:
16:28:9c:b7:ef:6e:b4:1e:fb:c7:e8:3e:8b:1c:4d:
10:fc:f6:78:78:3a:8f:85:64:28:d9:06:14:80:c4:
88:d2:49:6d:14:b0:2f:5f:66:04:65:ae:8d:fc:ee:
aa:c7:17:aa:7e:4c:4c:fe:55:4e:86:f0:00:80:15:
c8:5f:10:c9:e8:6f:2f:f0:db:fe:80:11:54:f0:8e:
a6:17:49:f2:cb:6b:31:2e:b4:c4:6e:72:68:d6:cf:
d3:3c:55:c0:50:a0:20:c2:37:36:b0:3a:86:5f:1e:
75:b5:97:0a:d0:01:d9:f2:88:42:db:2d:cc:08:6e:
6e:d2:3b:4c:bd:2e:b0:d0:37:cd:67:81:6e:3d:ad:
a7:98:90:dd:1c:34:71:5e:ef:ce:c5:bb:0a:34:8f:
12:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F0:4C:FD:32:6F:00:47:64:89:83:66:8D:46:7E:7F:0E:32:03:A3
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/4PBM_TJvAEdkiYNmjUZ-fw4yA6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.68.0/23
5.1.83.0/24
5.1.88.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:23:cd:15:ca:82:a8:8b:91:b1:22:20:29:1f:0d:3b:4f:ff:
21:b5:98:8e:a2:74:bc:75:6c:f9:4f:91:67:6a:45:dc:6e:dc:
99:21:2f:f5:f2:c8:60:c8:d8:55:ea:f4:a6:26:94:83:7a:1d:
b3:4a:91:58:4f:ed:dc:0e:a9:a5:b4:b4:6a:ba:81:a5:37:df:
ae:c6:f0:73:6f:63:94:1d:77:2a:4e:a3:e7:68:c6:e6:2d:60:
0d:87:c2:f2:08:ca:da:4d:6d:2f:98:9d:15:c5:55:16:e1:bd:
3a:66:db:b3:00:d8:f5:98:7b:2f:2a:1a:9a:60:98:2b:2f:ab:
d3:52:fe:26:5b:56:29:9e:53:a3:cd:08:98:53:4f:95:6f:07:
91:13:94:a0:c0:7b:41:88:ec:c5:98:bd:e5:17:46:54:17:6d:
f7:11:0a:6e:55:d8:5b:10:14:1b:13:bf:cc:97:ef:37:28:ce:
d3:de:4b:3d:c9:46:ba:ae:94:60:af:3e:97:a2:e0:7b:ab:b6:
45:79:f5:1c:61:0b:a2:68:03:bb:25:35:8d:8e:12:2d:ee:bf:
f2:57:74:2d:3a:d4:ff:99:6a:61:7e:19:ac:1a:83:cb:11:07:
cd:18:88:9c:60:2d:26:2f:a7:52:3b:38:f9:e4:74:ba:83:e7:
1b:04:2b:f5
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEF4uE/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDEw
MTEzMDMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBmMDRjZmQzMjZm
MDA0NzY0ODk4MzY2OGQ0NjdlN2YwZTMyMDNhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZNSpzpOs5z4F2YH77fhXjYuJNS8ZCiZ/imBMROfyC6ipAV
nwsjGHtKdNN3sLMR/PJUoPOu7ntY9cDqJZ6HvwE/sD39lfCguLSXTMuTOyKJ3a7i
RXs7LH2iyZ6lwYLRDFTaueJAdWPlFiict+9utB77x+g+ixxNEPz2eHg6j4VkKNkG
FIDEiNJJbRSwL19mBGWujfzuqscXqn5MTP5VTobwAIAVyF8QyehvL/Db/oARVPCO
phdJ8strMS60xG5yaNbP0zxVwFCgIMI3NrA6hl8edbWXCtAB2fKIQtstzAhubtI7
TL0usNA3zWeBbj2tp5iQ3Rw0cV7vzsW7CjSPEtcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTg8Ez9Mm8AR2SJg2aNRn5/DjIDozAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
LzRQQk1fVEp2QUVka2lZTm1qVVotZnc0eUE2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAQUBRAMEAAUBUwMEAAUBWDANBgkq
hkiG9w0BAQsFAAOCAQEAjSPNFcqCqIuRsSIgKR8NO0//IbWYjqJ0vHVs+U+RZ2pF
3G7cmSEv9fLIYMjYVer0piaUg3ods0qRWE/t3A6ppbS0arqBpTffrsbwc29jlB13
Kk6j52jG5i1gDYfC8gjK2k1tL5idFcVVFuG9OmbbswDY9Zh7LyoammCYKy+r01L+
JltWKZ5To80ImFNPlW8HkROUoMB7QYjsxZi95RdGVBdt9xEKblXYWxAUGxO/zJfv
NyjO095LPclGuq6UYK8+l6Lge6u2RXn1HGELomgDuyU1jY4SLe6/8ld0LTrU/5lq
YX4ZrBqDyxEHzRiInGAtJi+nUjs4+eR0uoPnGwQr9Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-ams.rpki-client.org