Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/5jYpeggstHlIWmkivcQIONmMcxA.roa
File: 5jYpeggstHlIWmkivcQIONmMcxA.roa (raw, json)
Hash identifier: wwQxgPkR5py4Cy2r0UoVn5tcpMLZSt3FDszChs6Q2lM=
Subject key identifier: E6:36:29:7A:08:2C:B4:79:48:5A:69:22:BD:C4:08:38:D9:8C:73:10
Certificate issuer: /CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Certificate serial: 01855EF6545165FCCC3F8DFBD616CE4DFFC3
Authority key identifier: 72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/5jYpeggstHlIWmkivcQIONmMcxA.roa
Signing time: Thu 29 Dec 2022 17:37:59 +0000
ROA not before: Thu 29 Dec 2022 17:37:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197579
IP address blocks: 185.92.232.0/22 maxlen: 22
91.223.113.0/24 maxlen: 24
2a13:6b40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5e:f6:54:51:65:fc:cc:3f:8d:fb:d6:16:ce:4d:ff:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Validity
Not Before: Dec 29 17:37:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e636297a082cb479485a6922bdc40838d98c7310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cd:92:8b:70:ba:e7:1c:e0:42:ef:91:93:c0:
07:e8:a7:70:82:c4:51:84:7c:34:f5:a7:f5:9b:95:
89:40:b5:79:c6:e6:11:88:aa:7b:50:1a:de:27:04:
13:61:c7:5a:35:21:82:2c:1c:a2:f2:e4:eb:c6:b9:
2d:cd:15:0e:38:a9:a4:17:c0:1d:3a:4f:7d:9c:18:
e8:c5:f1:0d:86:e0:7d:7a:66:0d:35:30:40:6e:9d:
eb:45:a2:3a:74:37:cb:d7:f6:07:fb:e0:84:80:49:
47:6b:58:6f:f1:fd:ff:51:fd:26:ec:6e:7d:52:de:
c9:83:f8:75:45:48:12:72:04:9c:10:99:49:23:ca:
83:07:b3:e9:f5:de:f5:b9:fc:ae:69:18:b0:33:cb:
7c:2a:b8:71:f9:2a:4f:01:ab:e3:98:e1:06:2a:82:
fd:4d:2a:db:7a:49:1f:d4:b5:c5:66:a8:10:e2:7d:
80:75:e1:c1:87:df:d1:35:2e:e8:04:27:d7:2f:2a:
92:02:7b:2e:47:9a:4b:c0:4c:fe:5c:03:48:c4:25:
d9:a8:96:46:0c:b6:6a:26:ee:fb:d3:fe:35:3a:ef:
7b:fe:48:5f:c8:bc:e6:26:78:8f:21:b0:95:ed:e8:
72:f2:8a:e6:76:3d:24:f1:46:1f:70:e3:d0:0b:18:
77:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:36:29:7A:08:2C:B4:79:48:5A:69:22:BD:C4:08:38:D9:8C:73:10
X509v3 Authority Key Identifier:
keyid:72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/5jYpeggstHlIWmkivcQIONmMcxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.113.0/24
185.92.232.0/22
IPv6:
2a13:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
1b:68:7e:db:ae:c5:63:90:ed:dd:a4:a1:b8:1d:69:39:d2:aa:
0f:74:f7:ab:9c:18:05:35:7a:d5:78:fe:29:71:19:72:dd:ec:
3e:0e:f2:a0:be:52:29:02:17:f6:35:64:3f:f1:ec:ce:33:66:
a8:19:4b:c4:d5:55:3e:f7:f9:a1:77:51:53:a5:eb:b6:3e:7e:
93:c4:7e:ca:2b:9f:9d:7d:98:9b:fd:f5:a3:e8:4f:7c:3e:3e:
90:02:6f:f7:54:75:3c:19:3e:c0:69:bd:33:a7:5d:f9:65:b8:
db:cd:55:4b:1d:50:00:bb:45:49:0b:b4:46:df:8e:62:57:dd:
04:66:1b:ea:e3:f8:75:f7:5f:f0:dd:97:7f:ed:1d:77:21:e7:
07:d7:eb:e3:3f:49:2f:1a:56:27:a2:2c:ac:d9:5b:9e:32:40:
a2:df:10:e3:f3:8a:ad:27:ab:82:15:36:7d:57:78:48:ca:10:
0f:07:82:b4:6a:71:ed:da:3f:e6:8f:c0:ed:c1:d8:12:f1:4f:
3b:7b:22:9a:72:ee:d8:21:03:46:ac:b7:ca:8f:2a:cf:47:51:
85:13:70:78:a6:e9:4f:3d:6f:9a:84:a6:cc:0a:85:bd:5e:85:
03:2d:85:9c:5c:49:a9:8b:2b:57:96:3e:c7:bb:b6:8a:6d:5f:
76:79:b2:c3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVe9lRRZfzMP4371hbOTf/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOTljZTY0YTBmMTYyNGQ3YmIyZDI5NjllNWMxMWFkYmFh
NTQ4NWMwHhcNMjIxMjI5MTczNzU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjM2Mjk3YTA4MmNiNDc5NDg1YTY5MjJiZGM0MDgzOGQ5OGM3MzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc2Si3C65xzgQu+Rk8AH6KdwgsRR
hHw09af1m5WJQLV5xuYRiKp7UBreJwQTYcdaNSGCLByi8uTrxrktzRUOOKmkF8Ad
Ok99nBjoxfENhuB9emYNNTBAbp3rRaI6dDfL1/YH++CEgElHa1hv8f3/Uf0m7G59
Ut7Jg/h1RUgScgScEJlJI8qDB7Pp9d71ufyuaRiwM8t8Krhx+SpPAavjmOEGKoL9
TSrbekkf1LXFZqgQ4n2AdeHBh9/RNS7oBCfXLyqSAnsuR5pLwEz+XANIxCXZqJZG
DLZqJu770/41Ou97/khfyLzmJniPIbCV7ehy8ormdj0k8UYfcOPQCxh3RwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOY2KXoILLR5SFppIr3ECDjZjHMQMB8GA1UdIwQY
MBaAFHKZzmSg8WJNe7LSlp5cEa26pUhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAt
YzdlYjM0ZTJkY2E2LzEvNWpZcGVnZ3N0SGxJV21raXZjUUlPTm1NY3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAtYzdlYjM0ZTJkY2E2
LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW99xAwQC
uVzoMA0EAgACMAcDBQMqE2tAMA0GCSqGSIb3DQEBCwUAA4IBAQAbaH7brsVjkO3d
pKG4HWk50qoPdPernBgFNXrVeP4pcRly3ew+DvKgvlIpAhf2NWQ/8ezOM2aoGUvE
1VU+9/mhd1FTpeu2Pn6TxH7KK5+dfZib/fWj6E98Pj6QAm/3VHU8GT7Aab0zp135
ZbjbzVVLHVAAu0VJC7RG345iV90EZhvq4/h191/w3Zd/7R13IecH1+vjP0kvGlYn
oiys2VueMkCi3xDj84qtJ6uCFTZ9V3hIyhAPB4K0anHt2j/mj8DtwdgS8U87eyKa
cu7YIQNGrLfKjyrPR1GFE3B4pulPPW+ahKbMCoW9XoUDLYWcXEmpiytXlj7Hu7aK
bV92ebLD
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:31 2023 by rpki-client on console-ams.rpki-client.org