Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5pFcjwLhF_7F5HDDY1nCdnf8-As.roa
File: 5pFcjwLhF_7F5HDDY1nCdnf8-As.roa (raw, json)
Hash identifier: WWtzNpH2t1RDPCo2aiDS1yFyTvPt4cxvcDTUN4KfpvQ=
Subject key identifier: E6:91:5C:8F:02:E1:17:FE:C5:E4:70:C3:63:59:C2:76:77:FC:F8:0B
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018437F281AF8E702D24B7E9FF3C0C0180E0
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5pFcjwLhF_7F5HDDY1nCdnf8-As.roa
Signing time: Wed 02 Nov 2022 10:45:50 +0000
ROA not before: Wed 02 Nov 2022 10:45:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3399
IP address blocks: 194.71.217.0/24 maxlen: 24
194.71.216.0/23 maxlen: 23
194.71.216.0/24 maxlen: 24
192.165.178.0/23 maxlen: 23
194.132.9.0/24 maxlen: 24
194.68.220.0/23 maxlen: 23
193.180.23.0/24 maxlen: 24
192.36.22.0/24 maxlen: 24
193.183.116.0/24 maxlen: 24
193.180.164.0/23 maxlen: 23
194.68.170.0/23 maxlen: 23
194.68.170.0/24 maxlen: 24
194.68.171.0/24 maxlen: 24
193.182.111.0/24 maxlen: 24
192.36.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:f2:81:af:8e:70:2d:24:b7:e9:ff:3c:0c:01:80:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Nov 2 10:45:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6915c8f02e117fec5e470c36359c27677fcf80b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7e:c5:29:c6:54:b3:17:3a:d3:7b:ba:d6:44:
0a:2e:e1:2d:a9:41:b5:79:4c:c0:94:e3:37:87:03:
65:58:9b:79:cf:50:9d:2d:42:09:f7:31:93:eb:1d:
35:a0:2c:af:89:80:ed:68:5b:bf:52:08:3f:ed:79:
02:2b:0c:7f:08:ff:07:fc:4c:e0:a9:4c:f6:f0:26:
f0:09:f4:60:f1:00:36:b0:18:ca:86:44:18:a3:b1:
c3:8e:51:17:44:6b:d1:60:b3:d9:05:95:2a:e4:10:
cf:3b:79:3f:a3:6a:e3:f2:f7:5e:6c:8c:f0:8d:fd:
d6:d6:fd:20:70:65:78:a3:7a:23:5a:02:e1:40:b0:
3b:da:b5:e9:a0:71:b0:6f:46:0f:97:41:4f:76:e5:
ab:c7:d4:32:d8:8a:01:50:1d:3c:81:cc:0a:f9:97:
0b:81:ff:1e:df:f4:11:39:91:26:7c:31:df:6b:03:
99:31:5b:c1:64:17:bc:24:5c:a6:ee:b4:6d:de:40:
44:f2:d4:62:40:3b:a3:d4:b2:ca:e4:88:c7:a9:7c:
c3:b5:96:48:bf:b8:8f:ed:93:d5:6a:5b:89:1c:42:
6b:f9:8a:17:97:4e:a2:51:85:e8:83:a5:20:e1:3f:
f9:f4:3a:f8:7b:dd:8b:b0:82:b1:59:96:40:40:58:
49:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:91:5C:8F:02:E1:17:FE:C5:E4:70:C3:63:59:C2:76:77:FC:F8:0B
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5pFcjwLhF_7F5HDDY1nCdnf8-As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.22.0/24
192.36.208.0/24
192.165.178.0/23
193.180.23.0/24
193.180.164.0/23
193.182.111.0/24
193.183.116.0/24
194.68.170.0/23
194.68.220.0/23
194.71.216.0/23
194.132.9.0/24
Signature Algorithm: sha256WithRSAEncryption
88:f5:ac:79:15:a5:19:8c:c7:ba:e7:73:80:7c:d3:8f:80:d5:
eb:2d:3b:e2:8e:3d:d7:a4:4f:25:c0:b0:b8:5d:c8:66:4f:12:
e3:9b:50:af:82:e2:9d:1f:27:d2:e5:c2:59:37:2c:78:8f:16:
2d:38:2c:46:90:ff:2d:aa:59:68:e4:66:70:c8:da:63:a9:4e:
1a:eb:fd:19:7d:e9:f2:c0:de:f9:7c:b8:b2:83:12:67:d7:31:
5d:cb:0f:dc:81:47:bf:f4:54:19:63:44:18:05:71:17:c9:f5:
1e:31:78:d0:fd:ef:57:2c:bf:0e:0c:7c:99:6e:d7:34:d7:b4:
41:60:2d:38:f3:7c:a2:6b:25:aa:57:98:7c:39:88:87:db:48:
20:53:22:54:6d:d5:4b:88:d8:86:d6:04:04:91:52:a3:ea:b8:
3c:93:e8:5a:2e:93:b4:da:03:c7:fc:97:83:65:3b:7e:df:64:
96:34:4a:f6:60:4d:41:17:18:a0:83:d8:b6:23:0f:62:79:c4:
28:89:80:04:d5:51:09:81:d7:dc:88:bb:2b:27:f5:f7:0f:01:
9b:b3:38:e4:b4:24:c0:8c:cf:5a:be:0c:dc:ac:10:3d:e0:57:
ae:34:dd:6f:60:6a:82:b3:91:6d:d7:f2:eb:63:0b:cc:dd:9b:
2f:d2:14:52
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYQ38oGvjnAtJLfp/zwMAYDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIxMTAyMTA0NTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjkxNWM4ZjAyZTExN2ZlYzVlNDcwYzM2MzU5YzI3Njc3ZmNmODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi37FKcZUsxc603u61kQKLuEtqUG1
eUzAlOM3hwNlWJt5z1CdLUIJ9zGT6x01oCyviYDtaFu/Ugg/7XkCKwx/CP8H/Ezg
qUz28CbwCfRg8QA2sBjKhkQYo7HDjlEXRGvRYLPZBZUq5BDPO3k/o2rj8vdebIzw
jf3W1v0gcGV4o3ojWgLhQLA72rXpoHGwb0YPl0FPduWrx9Qy2IoBUB08gcwK+ZcL
gf8e3/QROZEmfDHfawOZMVvBZBe8JFym7rRt3kBE8tRiQDuj1LLK5IjHqXzDtZZI
v7iP7ZPValuJHEJr+YoXl06iUYXog6Ug4T/59Dr4e92LsIKxWZZAQFhJTQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFOaRXI8C4Rf+xeRww2NZwnZ3/PgLMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNXBGY2p3TGhGXzdGNUhERFkxbkNkbmY4LUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwCQWAwQA
wCTQAwQBwKWyAwQAwbQXAwQBwbSkAwQAwbZvAwQAwbd0AwQBwkSqAwQBwkTcAwQB
wkfYAwQAwoQJMA0GCSqGSIb3DQEBCwUAA4IBAQCI9ax5FaUZjMe653OAfNOPgNXr
LTvijj3XpE8lwLC4XchmTxLjm1CvguKdHyfS5cJZNyx4jxYtOCxGkP8tqllo5GZw
yNpjqU4a6/0ZfenywN75fLiygxJn1zFdyw/cgUe/9FQZY0QYBXEXyfUeMXjQ/e9X
LL8ODHyZbtc017RBYC0483yiayWqV5h8OYiH20ggUyJUbdVLiNiG1gQEkVKj6rg8
k+haLpO02gPH/JeDZTt+32SWNEr2YE1BFxigg9i2Iw9iecQoiYAE1VEJgdfciLsr
J/X3DwGbszjktCTAjM9avgzcrBA94FeuNN1vYGqCs5Ft1/LrYwvM3Zsv0hRS
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org