Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Idw71eXT4V_LADN3FSYOL3_REO4.roa
File: Idw71eXT4V_LADN3FSYOL3_REO4.roa (raw, json)
Hash identifier: RMlwkopNtMotndO/RiixdukTV+RnwL6aQ6ZEg4zwxGU=
Subject key identifier: 21:DC:3B:D5:E5:D3:E1:5F:CB:00:33:77:15:26:0E:2F:7F:D1:10:EE
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 19318CDD
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Idw71eXT4V_LADN3FSYOL3_REO4.roa
Signing time: Wed 15 Jun 2022 14:02:44 +0000
ROA not before: Wed 15 Jun 2022 14:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205948
IP address blocks: 5.1.77.0/24 maxlen: 32
5.1.78.0/24 maxlen: 32
5.1.73.0/24 maxlen: 32
5.1.82.0/24 maxlen: 24
5.1.80.0/24 maxlen: 24
5.1.89.0/24 maxlen: 24
5.1.86.0/24 maxlen: 24
2a07:6fc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 422677725 (0x19318cdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jun 15 14:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21dc3bd5e5d3e15fcb00337715260e2f7fd110ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f7:12:af:09:19:87:3b:30:59:40:7d:26:4a:
2d:99:5b:26:4d:ca:09:40:f9:79:85:ca:20:de:bb:
ff:31:a0:e3:16:8d:c6:ca:f6:73:1f:0e:6a:36:59:
6d:d1:ba:91:f6:97:da:92:dd:b8:ce:42:5c:31:7b:
b4:c1:d2:b0:27:32:89:2a:e5:a9:da:ee:ac:ff:13:
45:70:20:78:87:e7:5a:7c:18:9f:33:60:3d:56:40:
2c:13:7c:f2:a0:bd:00:56:d3:bc:6b:67:12:f2:84:
a5:9c:10:d4:d0:59:75:85:e6:70:bc:0d:a4:38:cd:
19:dd:ca:71:bc:df:71:71:4c:a8:51:95:5f:e3:33:
54:6c:89:93:83:5c:de:f3:5c:a1:7e:42:9d:d9:62:
07:06:03:7f:74:5a:35:01:c6:d6:d2:ca:21:3b:97:
aa:96:18:ba:e8:3f:20:07:e4:86:bc:5e:30:f6:7a:
b7:d2:ba:0b:1e:20:1d:89:df:93:e8:71:02:13:36:
aa:51:6a:93:47:15:f5:98:96:33:aa:78:88:1e:77:
ca:71:7c:20:f4:b0:3e:f6:b8:e7:01:cd:5c:1f:03:
34:f7:1a:a6:05:c5:6d:7e:3c:81:56:e1:68:b3:22:
d4:de:11:f7:d6:da:94:85:af:2d:e2:ff:64:6e:45:
f7:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DC:3B:D5:E5:D3:E1:5F:CB:00:33:77:15:26:0E:2F:7F:D1:10:EE
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Idw71eXT4V_LADN3FSYOL3_REO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.73.0/24
5.1.77.0-5.1.78.255
5.1.80.0/24
5.1.82.0/24
5.1.86.0/24
5.1.89.0/24
IPv6:
2a07:6fc0::/48
Signature Algorithm: sha256WithRSAEncryption
a2:d5:64:72:4d:00:76:78:f7:ce:2d:70:ce:cf:8c:37:b5:ae:
6a:15:3a:29:b8:c7:d7:30:0f:02:be:b8:3e:5a:4e:62:cb:34:
b8:38:bf:d1:06:e5:ad:64:fa:3b:43:81:3f:79:af:94:c9:24:
1d:bb:c2:a3:8e:70:b2:70:8e:38:49:ea:f7:ab:6b:cb:94:02:
d7:56:35:4b:6b:35:cc:aa:ee:19:13:7e:33:8c:91:b3:09:73:
0a:e4:a0:ea:47:c4:52:31:96:bb:65:24:90:5a:b4:fe:31:76:
ac:82:24:27:19:4d:e0:94:91:93:83:89:e3:97:c2:2b:77:71:
ae:b5:46:af:e3:95:93:ad:55:f1:42:c6:9e:b3:88:43:a7:0b:
ac:f6:1b:36:ea:67:b6:f6:6d:26:02:81:07:e3:00:6e:e5:f8:
16:4b:51:2b:c5:fb:8b:11:2f:97:8c:02:d3:0f:3d:7a:64:26:
cc:02:1f:e7:88:b1:1c:3a:8e:a1:45:5e:7b:d0:62:61:96:88:
1f:71:45:f9:15:4a:79:84:81:2e:88:ac:bf:22:c9:16:93:38:
28:4b:25:66:cd:61:55:96:33:a2:cf:93:3b:08:b0:cc:0d:af:
cd:0e:7c:e1:f5:97:e6:13:39:c6:cd:71:a7:d4:78:c4:d4:c6:
9a:c6:ac:a3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIEGTGM3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDYx
NTE0MDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFkYzNiZDVlNWQz
ZTE1ZmNiMDAzMzc3MTUyNjBlMmY3ZmQxMTBlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL33Eq8JGYc7MFlAfSZKLZlbJk3KCUD5eYXKIN67/zGg4xaN
xsr2cx8OajZZbdG6kfaX2pLduM5CXDF7tMHSsCcyiSrlqdrurP8TRXAgeIfnWnwY
nzNgPVZALBN88qC9AFbTvGtnEvKEpZwQ1NBZdYXmcLwNpDjNGd3KcbzfcXFMqFGV
X+MzVGyJk4Nc3vNcoX5CndliBwYDf3RaNQHG1tLKITuXqpYYuug/IAfkhrxeMPZ6
t9K6Cx4gHYnfk+hxAhM2qlFqk0cV9ZiWM6p4iB53ynF8IPSwPva45wHNXB8DNPca
pgXFbX48gVbhaLMi1N4R99balIWvLeL/ZG5F90MCAwEAAaOCAkAwggI8MB0GA1Ud
DgQWBBQh3DvV5dPhX8sAM3cVJg4vf9EQ7jAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L0lkdzcxZVhUNFZfTEFETjNGU1lPTDNfUkVPNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBW
BggrBgEFBQcBBwEB/wRHMEUwMgQCAAEwLAMEAAUBSTAMAwQABQFNAwQABQFOAwQA
BQFQAwQABQFSAwQABQFWAwQABQFZMA8EAgACMAkDBwAqB2/AAAAwDQYJKoZIhvcN
AQELBQADggEBAKLVZHJNAHZ4984tcM7PjDe1rmoVOim4x9cwDwK+uD5aTmLLNLg4
v9EG5a1k+jtDgT95r5TJJB27wqOOcLJwjjhJ6vera8uUAtdWNUtrNcyq7hkTfjOM
kbMJcwrkoOpHxFIxlrtlJJBatP4xdqyCJCcZTeCUkZODieOXwit3ca61Rq/jlZOt
VfFCxp6ziEOnC6z2GzbqZ7b2bSYCgQfjAG7l+BZLUSvF+4sRL5eMAtMPPXpkJswC
H+eIsRw6jqFFXnvQYmGWiB9xRfkVSnmEgS6IrL8iyRaTOChLJWbNYVWWM6LPkzsI
sMwNr80OfOH1l+YTOcbNcafUeMTUxprGrKM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org