Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/Y4as9CqzwW8I1aTk7OD633bIKqA.roa
File: Y4as9CqzwW8I1aTk7OD633bIKqA.roa (raw, json)
Hash identifier: zZexeMcH9bW/0S1NDVlgV+TUjdQy2eJBMC9eNFQtSbs=
Subject key identifier: 63:86:AC:F4:2A:B3:C1:6F:08:D5:A4:E4:EC:E0:FA:DF:76:C8:2A:A0
Certificate issuer: /CN=5e8cb6da358a8d2d270c305f8b61f3c990d5766e
Certificate serial: 307A13EC
Authority key identifier: 5E:8C:B6:DA:35:8A:8D:2D:27:0C:30:5F:8B:61:F3:C9:90:D5:76:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xoy22jWKjS0nDDBfi2HzyZDVdm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/Y4as9CqzwW8I1aTk7OD633bIKqA.roa
Signing time: Tue 11 Jan 2022 13:32:51 +0000
ROA not before: Tue 11 Jan 2022 13:32:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28876
IP address blocks: 81.89.160.0/20 maxlen: 20
37.61.128.0/20 maxlen: 20
5.100.0.0/24 maxlen: 24
5.100.0.0/19 maxlen: 19
5.100.0.0/18 maxlen: 18
217.24.56.0/21 maxlen: 21
5.100.32.0/19 maxlen: 19
5.100.32.0/20 maxlen: 20
185.53.216.0/22 maxlen: 22
176.52.192.0/21 maxlen: 21
176.52.192.0/22 maxlen: 22
217.24.48.0/20 maxlen: 20
217.24.48.0/21 maxlen: 21
2a00:9d80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 813306860 (0x307a13ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8cb6da358a8d2d270c305f8b61f3c990d5766e
Validity
Not Before: Jan 11 13:32:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6386acf42ab3c16f08d5a4e4ece0fadf76c82aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:11:92:04:83:c3:03:3e:d5:6a:6d:50:a1:88:
bf:20:95:7c:20:1c:bd:76:09:75:73:23:43:40:39:
23:15:30:fe:6a:4a:5e:a8:4d:f5:28:4a:c1:3a:23:
cc:58:f4:a9:f9:03:59:8d:9a:e3:d9:db:6b:ec:5f:
6a:f5:61:23:85:94:9f:4f:10:5b:7d:68:ed:63:d4:
3e:8f:25:ee:f0:f8:15:8a:98:f7:07:ae:ce:06:82:
a8:e9:70:aa:e7:07:1b:7e:7c:bb:1a:73:4b:6e:d6:
aa:02:4f:26:ad:4f:f5:a0:7c:12:bb:90:5b:ea:8a:
f0:ba:09:92:af:98:db:78:b4:02:45:2b:38:ea:da:
1d:7e:4a:a1:7e:3d:12:bc:3d:c2:fa:7d:6d:f5:1d:
18:27:c4:c3:75:0a:f7:23:e7:bc:b7:03:4b:88:aa:
3f:69:e6:25:0d:15:f8:11:ce:d1:36:f4:d5:a2:78:
7a:2e:f9:70:0e:f4:eb:91:8b:cf:55:67:65:5c:54:
75:61:04:dd:42:5c:49:aa:4a:88:4c:76:bd:54:d0:
b6:17:da:66:58:18:3a:e9:28:b7:c8:9d:c7:41:01:
fe:d2:46:39:06:a2:3d:7e:85:ea:1e:e8:1a:7a:7a:
9e:20:b7:97:19:cf:60:23:74:17:88:da:9a:ba:46:
db:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:86:AC:F4:2A:B3:C1:6F:08:D5:A4:E4:EC:E0:FA:DF:76:C8:2A:A0
X509v3 Authority Key Identifier:
keyid:5E:8C:B6:DA:35:8A:8D:2D:27:0C:30:5F:8B:61:F3:C9:90:D5:76:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xoy22jWKjS0nDDBfi2HzyZDVdm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/Y4as9CqzwW8I1aTk7OD633bIKqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/Xoy22jWKjS0nDDBfi2HzyZDVdm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.0.0/18
37.61.128.0/20
81.89.160.0/20
176.52.192.0/21
185.53.216.0/22
217.24.48.0/20
IPv6:
2a00:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
29:52:68:33:e2:40:8e:e1:20:80:3f:4d:4c:5c:3f:e8:30:d3:
06:7b:9f:ce:69:ed:1d:ff:68:e5:b0:7d:51:f0:9f:86:42:75:
8c:05:f8:22:f0:a4:3d:d1:c3:d3:3d:e3:d5:c8:b8:32:47:ae:
b5:28:af:3b:ac:fc:77:42:77:fc:aa:8d:98:ff:98:27:8d:b8:
2f:a5:51:ca:5c:45:08:13:58:26:8a:b8:02:8e:86:f4:0c:96:
ee:c7:10:4e:be:0a:1a:a1:92:25:a0:fa:65:0e:40:57:78:07:
31:04:e3:01:25:9f:3c:f4:22:37:e9:41:fa:af:ce:a0:4f:fe:
04:c8:02:fa:a7:8c:ae:ff:d2:09:61:0a:f1:0b:94:38:60:2d:
8f:4d:97:16:88:ec:97:45:40:b6:d1:c8:b6:28:fa:42:5d:cb:
6f:54:fc:b3:b7:74:38:11:7e:98:53:a3:52:e4:e8:96:b3:48:
41:90:e4:82:ed:6a:7d:d9:d8:28:60:19:b0:1a:75:28:88:86:
34:c9:7f:1a:35:bd:f4:3b:2f:3b:f8:37:1e:c1:1a:ea:72:fc:
3d:b1:2a:07:73:96:15:7f:a8:06:57:17:00:67:e0:77:c7:88:
e6:60:68:a2:53:ce:f9:f0:2d:3e:43:bf:fb:74:33:8d:1f:37:
25:2b:fe:b7
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEMHoT7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZThjYjZkYTM1OGE4ZDJkMjcwYzMwNWY4YjYxZjNjOTkwZDU3NjZlMB4XDTIyMDEx
MTEzMzI1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM4NmFjZjQyYWIz
YzE2ZjA4ZDVhNGU0ZWNlMGZhZGY3NmM4MmFhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMoRkgSDwwM+1WptUKGIvyCVfCAcvXYJdXMjQ0A5IxUw/mpK
XqhN9ShKwTojzFj0qfkDWY2a49nba+xfavVhI4WUn08QW31o7WPUPo8l7vD4FYqY
9weuzgaCqOlwqucHG358uxpzS27WqgJPJq1P9aB8EruQW+qK8LoJkq+Y23i0AkUr
OOraHX5KoX49Erw9wvp9bfUdGCfEw3UK9yPnvLcDS4iqP2nmJQ0V+BHO0Tb01aJ4
ei75cA7065GLz1VnZVxUdWEE3UJcSapKiEx2vVTQthfaZlgYOukot8idx0EB/tJG
OQaiPX6F6h7oGnp6niC3lxnPYCN0F4jamrpG25kCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRjhqz0KrPBbwjVpOTs4PrfdsgqoDAfBgNVHSMEGDAWgBRejLbaNYqNLScM
MF+LYfPJkNV2bjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hveTIyaldLalMwbkREQmZpMkh6eVpEVmRtNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvZjAyNjYxLWI1OTEtNGY1ZS1iMzY5LWY3NGE1ZjJiY2I0Ny8x
L1k0YXM5Q3F6d1c4STFhVGs3T0Q2MzNiSUtxQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
ZjAyNjYxLWI1OTEtNGY1ZS1iMzY5LWY3NGE1ZjJiY2I0Ny8xL1hveTIyaldLalMw
bkREQmZpMkh6eVpEVmRtNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBgVkAAMEBCU9gAMEBFFZoAMEA7A0
wAMEArk12AMEBNkYMDANBAIAAjAHAwUAKgCdgDANBgkqhkiG9w0BAQsFAAOCAQEA
KVJoM+JAjuEggD9NTFw/6DDTBnufzmntHf9o5bB9UfCfhkJ1jAX4IvCkPdHD0z3j
1ci4MkeutSivO6z8d0J3/KqNmP+YJ424L6VRylxFCBNYJoq4Ao6G9AyW7scQTr4K
GqGSJaD6ZQ5AV3gHMQTjASWfPPQiN+lB+q/OoE/+BMgC+qeMrv/SCWEK8QuUOGAt
j02XFojsl0VAttHItij6Ql3Lb1T8s7d0OBF+mFOjUuTolrNIQZDkgu1qfdnYKGAZ
sBp1KIiGNMl/GjW99DsvO/g3HsEa6nL8PbEqB3OWFX+oBlcXAGfgd8eI5mBoolPO
+fAtPkO/+3QzjR83JSv+tw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:56 2024 by rpki-client on console-ams.rpki-client.org