Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/5Xh_4ODHZBOSPc0dh0AKbUfpZf8.roa
File: 5Xh_4ODHZBOSPc0dh0AKbUfpZf8.roa (raw, json)
Hash identifier: 7dojoyKahCO2ObErNNgnRvSV4y1KiC4C5bmxATNFhS0=
Subject key identifier: E5:78:7F:E0:E0:C7:64:13:92:3D:CD:1D:87:40:0A:6D:47:E9:65:FF
Certificate issuer: /CN=093509e7ec68fe2d943407d5dd126a0f596f2ab5
Certificate serial: 022E5C6B
Authority key identifier: 09:35:09:E7:EC:68:FE:2D:94:34:07:D5:DD:12:6A:0F:59:6F:2A:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/5Xh_4ODHZBOSPc0dh0AKbUfpZf8.roa
Signing time: Sat 01 Jan 2022 05:52:29 +0000
ROA not before: Sat 01 Jan 2022 05:52:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47959
IP address blocks: 176.57.64.0/24 maxlen: 24
176.57.64.0/22 maxlen: 22
176.57.66.0/24 maxlen: 24
176.57.65.0/24 maxlen: 24
176.57.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36592747 (0x22e5c6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093509e7ec68fe2d943407d5dd126a0f596f2ab5
Validity
Not Before: Jan 1 05:52:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5787fe0e0c76413923dcd1d87400a6d47e965ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:40:1b:98:38:cc:f2:9f:be:43:79:8e:d2:74:
65:e7:72:b6:b8:18:0c:29:42:b8:13:51:92:f2:79:
92:ba:af:46:c8:72:2c:61:82:37:39:7e:fd:cd:a9:
14:94:18:ac:cb:7e:85:eb:2d:b2:54:09:7f:8e:c2:
41:21:99:17:3e:88:83:d3:9f:e8:3a:6b:8b:f3:f0:
30:85:27:dd:35:b4:5e:61:a7:a8:29:a5:06:93:37:
41:ec:72:15:8c:d5:47:d0:5d:3e:62:8e:6b:07:f0:
e3:88:4a:d1:ec:a8:ef:b1:ab:31:8f:cf:47:a8:53:
c6:1c:44:71:16:91:82:01:fd:32:64:fd:ae:aa:8e:
98:94:58:ca:85:ad:0b:77:ce:d7:1f:03:7d:95:4b:
22:d3:a3:33:d6:fc:bb:54:71:98:cf:0c:a2:d1:dc:
e6:7c:c3:b9:f5:eb:46:2f:5e:89:22:c1:90:7d:63:
42:0b:c4:c4:78:ec:9d:5e:d8:74:6c:25:86:ff:24:
ea:24:06:fc:17:4f:9b:9d:17:d5:d2:d3:f2:c7:b7:
72:4c:79:45:72:b6:21:bd:f0:54:50:b5:72:3b:6a:
c9:fe:fc:b9:d0:14:40:b8:c0:fb:5c:22:2f:6b:66:
40:ea:8c:1c:c6:38:0c:cc:47:2a:0b:38:71:42:a9:
26:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:78:7F:E0:E0:C7:64:13:92:3D:CD:1D:87:40:0A:6D:47:E9:65:FF
X509v3 Authority Key Identifier:
keyid:09:35:09:E7:EC:68:FE:2D:94:34:07:D5:DD:12:6A:0F:59:6F:2A:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/5Xh_4ODHZBOSPc0dh0AKbUfpZf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.57.64.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:a5:25:d1:d2:a2:59:ca:98:00:29:31:2f:fd:9f:15:f3:88:
34:06:77:c0:c6:97:20:aa:a1:fa:03:a8:82:d4:6b:d3:92:f1:
9d:c9:f2:35:da:30:ad:a1:72:04:71:78:de:23:fc:fc:76:f5:
04:b0:cb:42:7e:39:e3:2a:9b:2e:96:81:56:d9:50:75:ff:46:
55:cd:4a:92:b2:51:a1:ff:e5:80:81:cd:c7:1d:4d:c7:70:65:
8e:4a:07:69:e7:76:c2:9b:37:32:00:8a:6d:ef:5a:ae:75:49:
72:59:8e:3e:3c:7c:dd:73:5b:93:2b:25:51:bf:b5:a9:f3:f1:
08:d1:90:1f:e9:73:fc:f5:08:15:e1:2d:c8:6f:3f:02:48:fb:
a5:fa:b2:01:54:22:e6:35:a8:d3:5c:82:a9:67:8c:5b:10:ba:
29:89:43:98:88:23:10:51:f9:25:88:e7:02:6d:c8:7e:aa:03:
7c:5b:3b:a3:57:81:aa:23:4e:60:46:5c:43:01:88:41:68:01:
44:46:85:ce:c5:30:e8:13:7f:33:07:58:68:eb:36:a3:bb:32:
fe:e5:ba:43:92:04:8a:60:05:cf:96:92:43:45:46:7b:60:cb:
c5:a0:91:fa:f2:50:79:91:66:6a:6b:5c:56:b8:9c:cb:90:6a:
c2:d1:88:33
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAi5cazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OTM1MDllN2VjNjhmZTJkOTQzNDA3ZDVkZDEyNmEwZjU5NmYyYWI1MB4XDTIyMDEw
MTA1NTIyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTU3ODdmZTBlMGM3
NjQxMzkyM2RjZDFkODc0MDBhNmQ0N2U5NjVmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRAG5g4zPKfvkN5jtJ0ZedytrgYDClCuBNRkvJ5krqvRshy
LGGCNzl+/c2pFJQYrMt+hestslQJf47CQSGZFz6Ig9Of6Dpri/PwMIUn3TW0XmGn
qCmlBpM3QexyFYzVR9BdPmKOawfw44hK0eyo77GrMY/PR6hTxhxEcRaRggH9MmT9
rqqOmJRYyoWtC3fO1x8DfZVLItOjM9b8u1RxmM8MotHc5nzDufXrRi9eiSLBkH1j
QgvExHjsnV7YdGwlhv8k6iQG/BdPm50X1dLT8se3ckx5RXK2Ib3wVFC1cjtqyf78
udAUQLjA+1wiL2tmQOqMHMY4DMxHKgs4cUKpJtECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTleH/g4MdkE5I9zR2HQAptR+ll/zAfBgNVHSMEGDAWgBQJNQnn7Gj+LZQ0
B9XdEmoPWW8qtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NUVUo1LXhvX2kyVU5BZlYzUkpxRDFsdktyVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvZGZiOTRjLWZkZjQtNDk3Mi05YWQ4LTdkNjk3MzM3MTM3Yi8x
LzVYaF80T0RIWkJPU1BjMGRoMEFLYlVmcFpmOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
ZGZiOTRjLWZkZjQtNDk3Mi05YWQ4LTdkNjk3MzM3MTM3Yi8xL0NUVUo1LXhvX2ky
VU5BZlYzUkpxRDFsdktyVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArA5QDANBgkqhkiG9w0BAQsFAAOC
AQEAoKUl0dKiWcqYACkxL/2fFfOINAZ3wMaXIKqh+gOogtRr05LxncnyNdowraFy
BHF43iP8/Hb1BLDLQn454yqbLpaBVtlQdf9GVc1KkrJRof/lgIHNxx1Nx3BljkoH
aed2wps3MgCKbe9arnVJclmOPjx83XNbkyslUb+1qfPxCNGQH+lz/PUIFeEtyG8/
Akj7pfqyAVQi5jWo01yCqWeMWxC6KYlDmIgjEFH5JYjnAm3IfqoDfFs7o1eBqiNO
YEZcQwGIQWgBREaFzsUw6BN/MwdYaOs2o7sy/uW6Q5IEimAFz5aSQ0VGe2DLxaCR
+vJQeZFmamtcVricy5BqwtGIMw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:52 2023 by rpki-client on console-fra.rpki-client.org