Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/kwEWJ5biyxRy2c-gWUf6KeqTWIE.roa
File: kwEWJ5biyxRy2c-gWUf6KeqTWIE.roa (raw, json)
Hash identifier: lkXzzdrTl2JxrBHNfGwFG6aiDpgb2gKBpPfO9uF5w0s=
Subject key identifier: 93:01:16:27:96:E2:CB:14:72:D9:CF:A0:59:47:FA:29:EA:93:58:81
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 0183F015EC65158E01823675005EF9A1EB25
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/kwEWJ5biyxRy2c-gWUf6KeqTWIE.roa
Signing time: Wed 19 Oct 2022 11:51:52 +0000
ROA not before: Wed 19 Oct 2022 11:51:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 36007
IP address blocks: 45.91.171.0/24 maxlen: 24
185.47.172.0/24 maxlen: 24
91.223.169.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f0:15:ec:65:15:8e:01:82:36:75:00:5e:f9:a1:eb:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Oct 19 11:51:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9301162796e2cb1472d9cfa05947fa29ea935881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:22:02:a2:d7:2e:53:73:e7:3d:64:f0:5e:31:
05:ba:a2:18:5e:a3:52:4f:10:e1:af:81:3f:cc:fe:
5f:27:55:77:71:66:8d:23:ba:1b:ff:16:05:25:ad:
17:d5:d2:d4:4c:b2:78:7d:7b:85:b9:a2:e4:82:c3:
67:e9:1b:22:1e:5b:af:9b:53:49:ec:4f:a8:16:e0:
d1:1b:a4:13:22:11:9f:d5:bc:2c:88:53:e1:06:e7:
a5:79:74:4b:c1:0b:4e:ed:ac:cf:2c:01:28:88:7b:
08:2e:02:0b:18:d5:b1:1c:29:fe:6f:6a:4e:6e:e2:
12:5e:3d:b3:bc:15:80:6f:06:69:09:2a:be:2a:29:
d5:94:bc:fb:8c:a4:a9:4f:98:32:ae:7b:8f:9a:a1:
db:52:0f:12:38:4a:49:3a:57:c4:77:e7:7c:9b:93:
3a:b6:5c:6b:34:da:b6:9c:a1:82:12:5f:d3:c8:b2:
65:cc:6b:6b:7e:7b:4e:6c:46:bc:4a:22:9b:dd:df:
f1:13:c0:b3:d8:42:5d:a6:22:28:bf:47:e3:d0:66:
76:03:b2:06:0c:dc:77:ec:fa:80:1b:6f:3f:d9:2e:
8e:be:99:94:90:38:1b:4e:37:20:26:78:01:59:f8:
82:aa:5e:c9:25:4f:33:17:f4:87:65:3e:0e:f8:c6:
ea:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:01:16:27:96:E2:CB:14:72:D9:CF:A0:59:47:FA:29:EA:93:58:81
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/kwEWJ5biyxRy2c-gWUf6KeqTWIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.171.0/24
91.202.170.0/24
91.223.169.0/24
185.47.172.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:13:fe:a2:68:7f:ba:a8:a6:69:d6:c4:95:97:a0:18:60:e3:
ed:f8:ea:ae:6b:36:ef:21:b5:dd:26:b5:f4:24:47:84:a5:e1:
59:ac:f8:e1:be:a6:85:1d:63:f8:46:60:1c:68:8a:fc:44:f7:
50:20:42:37:5e:5e:a7:69:c4:1a:a7:35:b0:c0:d5:7c:9e:ed:
89:92:f5:76:c6:a7:d2:29:4a:17:48:71:92:05:39:59:08:c2:
1e:d1:ba:3b:41:8e:24:5f:c9:55:98:67:a7:3c:48:49:f7:5d:
5b:94:81:69:1a:b3:3d:c4:23:f0:2c:2b:9a:61:c2:df:26:16:
76:08:9e:ee:0b:fc:d4:90:3b:c3:c8:eb:70:a1:92:82:f7:cd:
f5:9e:d6:69:5b:41:90:2c:44:3a:8f:38:e2:88:96:fb:76:5b:
b9:7b:8f:a1:88:38:c7:58:63:12:f1:35:ec:ed:0f:c2:b8:db:
70:be:91:49:97:02:65:bd:b3:09:1c:2e:6e:3d:d8:cb:a0:c9:
0d:16:63:42:a6:cb:7a:45:4b:b0:c0:30:c1:fa:51:44:d0:45:
03:19:c6:c9:13:55:42:cc:97:84:b8:bf:70:84:45:d4:87:0a:
c1:d8:83:3b:68:81:b6:00:16:73:fb:46:a0:1a:0e:7b:2e:2e:
d9:9a:aa:ab
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPwFexlFY4BgjZ1AF75oeslMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjIxMDE5MTE1MTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzAxMTYyNzk2ZTJjYjE0NzJkOWNmYTA1OTQ3ZmEyOWVhOTM1ODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSICotcuU3PnPWTwXjEFuqIYXqNS
TxDhr4E/zP5fJ1V3cWaNI7ob/xYFJa0X1dLUTLJ4fXuFuaLkgsNn6RsiHluvm1NJ
7E+oFuDRG6QTIhGf1bwsiFPhBueleXRLwQtO7azPLAEoiHsILgILGNWxHCn+b2pO
buISXj2zvBWAbwZpCSq+KinVlLz7jKSpT5gyrnuPmqHbUg8SOEpJOlfEd+d8m5M6
tlxrNNq2nKGCEl/TyLJlzGtrfntObEa8SiKb3d/xE8Cz2EJdpiIov0fj0GZ2A7IG
DNx37PqAG28/2S6OvpmUkDgbTjcgJngBWfiCql7JJU8zF/SHZT4O+MbqywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJMBFieW4ssUctnPoFlH+inqk1iBMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEva3dFV0o1Yml5eFJ5MmMtZ1dVZjZLZXFUV0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVurAwQA
W8qqAwQAW9+pAwQAuS+sMA0GCSqGSIb3DQEBCwUAA4IBAQA7E/6iaH+6qKZp1sSV
l6AYYOPt+OquazbvIbXdJrX0JEeEpeFZrPjhvqaFHWP4RmAcaIr8RPdQIEI3Xl6n
acQapzWwwNV8nu2JkvV2xqfSKUoXSHGSBTlZCMIe0bo7QY4kX8lVmGenPEhJ911b
lIFpGrM9xCPwLCuaYcLfJhZ2CJ7uC/zUkDvDyOtwoZKC9831ntZpW0GQLEQ6jzji
iJb7dlu5e4+hiDjHWGMS8TXs7Q/CuNtwvpFJlwJlvbMJHC5uPdjLoMkNFmNCpst6
RUuwwDDB+lFE0EUDGcbJE1VCzJeEuL9whEXUhwrB2IM7aIG2ABZz+0agGg57Li7Z
mqqr
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:25 2023 by rpki-client on console-ams.rpki-client.org