Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/cK5CjkX8QAlbG1-tio9F8-1WHVY.roa
File: cK5CjkX8QAlbG1-tio9F8-1WHVY.roa (raw, json)
Hash identifier: 1Frlg+vz/JnfhgL8Em0Yc+Kwdgfi8OrX+8WzcUPJep8=
Subject key identifier: 70:AE:42:8E:45:FC:40:09:5B:1B:5F:AD:8A:8F:45:F3:ED:56:1D:56
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 19F1A19E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/cK5CjkX8QAlbG1-tio9F8-1WHVY.roa
Signing time: Sat 30 Apr 2022 22:14:41 +0000
ROA not before: Sat 30 Apr 2022 22:14:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46261
IP address blocks: 5.183.204.0/23 maxlen: 32
193.187.153.0/24 maxlen: 32
45.12.232.0/24 maxlen: 32
45.14.46.0/24 maxlen: 32
45.138.210.0/23 maxlen: 24
193.160.212.0/24 maxlen: 32
213.232.104.0/24 maxlen: 32
5.181.148.0/23 maxlen: 32
185.226.75.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 435265950 (0x19f1a19e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 30 22:14:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70ae428e45fc40095b1b5fad8a8f45f3ed561d56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8f:80:85:33:1c:04:92:1f:80:60:80:1e:33:
92:6d:e4:88:3a:94:40:7c:33:4a:5e:19:38:53:26:
a9:98:5a:e8:e9:b3:2c:4a:50:ee:19:88:ee:45:3e:
78:ad:79:8a:05:18:4a:4d:4a:f7:65:b0:31:66:1c:
93:85:5a:61:ca:9f:65:3d:38:ad:45:a4:d2:92:6a:
27:12:11:f7:d4:e9:5f:dc:fe:80:7a:a4:2d:0f:17:
44:06:8d:e8:36:69:6d:57:de:0a:b1:c8:f0:76:76:
bf:79:ab:b5:94:55:3e:a1:ee:99:76:eb:9c:29:88:
41:5c:06:8a:25:13:7e:d9:b2:16:f5:1e:ff:e5:f0:
eb:f4:48:c7:5f:0f:be:7e:73:b9:6f:01:7d:c6:33:
b9:b0:d4:f4:c7:df:c0:fe:cb:6e:bb:52:5d:e0:64:
45:08:32:17:57:ff:56:5f:b6:b7:21:1b:51:20:df:
3a:1d:99:3c:88:a0:89:9b:0e:39:fa:69:b8:d7:5f:
b4:42:82:00:2b:71:d9:d1:a4:38:77:1d:3c:a7:42:
1b:80:d0:2b:f4:c1:4e:e2:91:d5:cc:4c:97:0d:90:
af:59:a8:43:54:82:e4:12:51:ab:ea:1d:e1:af:3b:
d6:02:cc:30:ed:db:ba:02:f5:4c:0f:bc:9a:13:f5:
aa:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:AE:42:8E:45:FC:40:09:5B:1B:5F:AD:8A:8F:45:F3:ED:56:1D:56
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/cK5CjkX8QAlbG1-tio9F8-1WHVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.148.0/23
5.183.204.0/23
45.12.232.0/24
45.14.46.0/24
45.138.210.0/23
185.226.75.0/24
193.160.212.0/24
193.187.153.0/24
213.232.104.0/24
Signature Algorithm: sha256WithRSAEncryption
54:6a:63:67:92:de:f5:27:97:63:e9:3f:d4:2f:a6:5e:92:c5:
0f:03:c1:dc:48:ae:84:59:f1:46:dd:f0:09:f0:2c:1a:8c:83:
71:a7:a6:7c:ad:19:61:6c:d2:20:9c:ff:dc:63:04:35:b9:bf:
c5:c9:eb:57:ec:7d:60:e0:76:c8:47:e8:be:2f:b4:8f:87:5b:
14:db:29:64:36:a4:32:a8:d6:c0:80:d9:74:c2:58:6c:75:09:
01:a6:1c:07:72:15:45:76:4e:db:10:d4:13:06:14:a8:05:aa:
9d:a0:6d:4b:a8:2b:60:04:a3:5b:65:4e:ea:4d:bc:cf:fb:94:
46:77:6f:1b:ee:6b:33:6c:90:2f:49:7f:25:14:8b:d3:95:aa:
fd:13:46:1c:a7:cd:58:34:a9:2a:39:10:a0:e1:11:6e:96:cc:
ff:27:02:20:06:90:18:89:7e:f3:b6:0a:7b:f5:cb:2f:c7:48:
03:df:4c:18:80:d9:10:1e:57:e8:63:1a:46:6f:ac:41:29:35:
34:c9:de:fa:c8:fb:4f:33:b6:bd:10:65:49:6f:c8:8e:e3:e0:
d1:5a:a6:f4:fe:b5:eb:0a:20:52:8f:2c:5d:84:a5:93:4f:86:
1b:7c:8f:94:91:ff:ea:e0:c9:07:28:00:c5:e4:3a:87:c5:bf:
22:26:a6:b9
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEGfGhnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQz
MDIyMTQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBhZTQyOGU0NWZj
NDAwOTViMWI1ZmFkOGE4ZjQ1ZjNlZDU2MWQ1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKePgIUzHASSH4BggB4zkm3kiDqUQHwzSl4ZOFMmqZha6Omz
LEpQ7hmI7kU+eK15igUYSk1K92WwMWYck4VaYcqfZT04rUWk0pJqJxIR99TpX9z+
gHqkLQ8XRAaN6DZpbVfeCrHI8HZ2v3mrtZRVPqHumXbrnCmIQVwGiiUTftmyFvUe
/+Xw6/RIx18Pvn5zuW8BfcYzubDU9MffwP7LbrtSXeBkRQgyF1f/Vl+2tyEbUSDf
Oh2ZPIigiZsOOfppuNdftEKCACtx2dGkOHcdPKdCG4DQK/TBTuKR1cxMlw2Qr1mo
Q1SC5BJRq+od4a871gLMMO3bugL1TA+8mhP1qgMCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBRwrkKORfxACVsbX62Kj0Xz7VYdVjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L2NLNUNqa1g4UUFsYkcxLXRpbzlGOC0xV0hWWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAQW1lAMEAQW3zAMEAC0M6AMEAC0O
LgMEAS2K0gMEALniSwMEAMGg1AMEAMG7mQMEANXoaDANBgkqhkiG9w0BAQsFAAOC
AQEAVGpjZ5Le9SeXY+k/1C+mXpLFDwPB3EiuhFnxRt3wCfAsGoyDcaemfK0ZYWzS
IJz/3GMENbm/xcnrV+x9YOB2yEfovi+0j4dbFNspZDakMqjWwIDZdMJYbHUJAaYc
B3IVRXZO2xDUEwYUqAWqnaBtS6grYASjW2VO6k28z/uURndvG+5rM2yQL0l/JRSL
05Wq/RNGHKfNWDSpKjkQoOERbpbM/ycCIAaQGIl+87YKe/XLL8dIA99MGIDZEB5X
6GMaRm+sQSk1NMne+sj7TzO2vRBlSW/IjuPg0Vqm9P616wogUo8sXYSlk0+GG3yP
lJH/6uDJBygAxeQ6h8W/IiamuQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org