Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/5bBiCNfmkYuR5r_0zP3vym7PANY.roa
File: 5bBiCNfmkYuR5r_0zP3vym7PANY.roa (raw, json)
Hash identifier: YTKkSJSXtxjCBUAhj8I3qRSjQobqit8U4tQPBstdsXI=
Subject key identifier: E5:B0:62:08:D7:E6:91:8B:91:E6:BF:F4:CC:FD:EF:CA:6E:CF:00:D6
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 26FD91D7
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/5bBiCNfmkYuR5r_0zP3vym7PANY.roa
Signing time: Sat 01 Jan 2022 15:00:39 +0000
ROA not before: Sat 01 Jan 2022 15:00:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39593
IP address blocks: 136.169.210.0/24 maxlen: 24
136.169.210.0/23 maxlen: 23
136.169.208.0/24 maxlen: 24
136.169.208.0/23 maxlen: 23
136.169.211.0/24 maxlen: 24
136.169.208.0/22 maxlen: 22
136.169.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 654152151 (0x26fd91d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Jan 1 15:00:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5b06208d7e6918b91e6bff4ccfdefca6ecf00d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:cd:b3:65:8e:71:7f:10:a2:4b:b4:ce:28:2c:
82:8d:0a:7d:49:c8:88:10:af:72:53:2c:65:99:c9:
93:58:75:cc:f9:f6:57:dc:0d:22:b9:bb:1e:30:0b:
b1:e5:95:a0:0d:8c:6f:d6:22:6a:6d:a5:cb:6a:2b:
b3:a3:82:3a:3b:73:9e:36:4a:5d:85:9a:f9:6c:36:
6e:64:aa:f7:2a:66:e4:11:20:16:9b:42:06:7b:8e:
d7:1d:7e:f5:c0:20:c0:13:77:3f:da:db:99:19:d1:
0a:2b:ab:00:66:af:a1:c2:02:05:e8:f6:d2:93:6f:
ad:36:c0:8d:ea:7d:cc:0b:4c:14:12:06:cd:b8:89:
e8:48:5c:62:3e:37:09:14:12:6e:fa:54:58:0e:9f:
74:29:45:16:16:88:a4:78:ce:19:fb:7a:ea:08:75:
d1:ba:a3:c4:c1:f9:fa:35:6d:0b:9d:c0:5d:41:44:
3b:72:7e:44:b9:56:43:b4:38:d0:24:7a:f2:09:42:
f2:02:47:09:ba:3a:cc:63:f9:c5:91:58:71:1b:3b:
e1:87:0a:5a:bb:a9:a4:73:fc:76:1d:d8:20:e9:61:
39:99:44:14:8d:61:56:43:1b:62:68:73:3b:31:55:
23:5e:68:8c:1d:e9:a9:d7:fa:32:a6:b4:34:8d:80:
87:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B0:62:08:D7:E6:91:8B:91:E6:BF:F4:CC:FD:EF:CA:6E:CF:00:D6
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/5bBiCNfmkYuR5r_0zP3vym7PANY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.169.208.0/22
Signature Algorithm: sha256WithRSAEncryption
84:a3:ac:1b:35:33:8b:8a:1e:7a:c6:98:26:d2:1e:1a:05:2f:
94:56:0c:e4:8c:85:c6:5c:74:41:0c:8d:c6:43:52:82:9f:01:
58:dd:d9:e1:22:9f:08:1b:11:f2:a3:37:d0:03:5b:c3:36:84:
f3:b8:e8:7e:6c:14:c6:2e:8b:a2:43:f9:7f:28:31:db:cc:55:
58:c0:c0:2b:02:df:49:f5:a4:c4:91:44:5b:2d:b3:34:1a:fb:
44:65:2b:ce:fb:16:96:9a:1c:d6:d8:3e:b4:cd:f7:8e:fa:c3:
11:2f:a3:25:ac:b5:56:fb:c4:3e:43:bc:5a:9d:a0:97:9b:90:
04:ae:f4:f9:07:e3:1f:44:bb:d1:b9:d0:6c:bc:01:8d:42:f3:
7b:2c:81:91:ce:75:ce:a8:ca:eb:4c:cc:fa:2f:45:10:e8:5a:
a4:28:2f:ec:88:7c:d0:0f:4a:ba:56:4d:d4:b3:a1:54:02:eb:
23:c5:73:bc:f1:f3:c9:04:37:50:e2:9b:be:b1:de:0a:7b:d5:
92:59:8c:31:55:5d:e9:6c:8d:de:bd:03:e6:1c:b0:88:89:c4:
6e:51:22:a0:cf:3f:85:b1:1c:1a:a5:78:4f:51:84:8c:de:7a:
8a:4b:55:0d:a3:c6:04:db:bf:bf:8f:57:33:9e:59:57:ef:5d:
e2:b1:3a:2c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJv2R1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzZkMGFlNWUyZmJmZmNjZTA4NzcwZWJjMjBjMjE2YjlmYmY5NDg1MB4XDTIyMDEw
MTE1MDAzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTViMDYyMDhkN2U2
OTE4YjkxZTZiZmY0Y2NmZGVmY2E2ZWNmMDBkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOXNs2WOcX8Qoku0zigsgo0KfUnIiBCvclMsZZnJk1h1zPn2
V9wNIrm7HjALseWVoA2Mb9Yiam2ly2ors6OCOjtznjZKXYWa+Ww2bmSq9ypm5BEg
FptCBnuO1x1+9cAgwBN3P9rbmRnRCiurAGavocICBej20pNvrTbAjep9zAtMFBIG
zbiJ6EhcYj43CRQSbvpUWA6fdClFFhaIpHjOGft66gh10bqjxMH5+jVtC53AXUFE
O3J+RLlWQ7Q40CR68glC8gJHCbo6zGP5xZFYcRs74YcKWruppHP8dh3YIOlhOZlE
FI1hVkMbYmhzOzFVI15ojB3pqdf6Mqa0NI2Ah4UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTlsGII1+aRi5Hmv/TM/e/Kbs8A1jAfBgNVHSMEGDAWgBSjbQrl4vv/zOCH
cOvCDCFrn7+UhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L28yMEs1ZUw3Xzh6Z2gzRHJ3Z3doYTUtX2xJVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvOGNhYzBjLTM0MjYtNGYwNy1hZjIwLWNiYjk1MTgzYjI3YS8x
LzViQmlDTmZta1l1UjVyXzB6UDN2eW03UEFOWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
OGNhYzBjLTM0MjYtNGYwNy1hZjIwLWNiYjk1MTgzYjI3YS8xL28yMEs1ZUw3Xzh6
Z2gzRHJ3Z3doYTUtX2xJVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAoip0DANBgkqhkiG9w0BAQsFAAOC
AQEAhKOsGzUzi4oeesaYJtIeGgUvlFYM5IyFxlx0QQyNxkNSgp8BWN3Z4SKfCBsR
8qM30ANbwzaE87jofmwUxi6LokP5fygx28xVWMDAKwLfSfWkxJFEWy2zNBr7RGUr
zvsWlpoc1tg+tM33jvrDES+jJay1VvvEPkO8Wp2gl5uQBK70+QfjH0S70bnQbLwB
jULzeyyBkc51zqjK60zM+i9FEOhapCgv7Ih80A9KulZN1LOhVALrI8VzvPHzyQQ3
UOKbvrHeCnvVklmMMVVd6WyN3r0D5hywiInEblEioM8/hbEcGqV4T1GEjN56iktV
DaPGBNu/v49XM55ZV+9d4rE6LA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:41 2024 by rpki-client on console-ams.rpki-client.org