Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/5_hGbd4AhFthMgGuH4A_PNeOVKI.roa
File: 5_hGbd4AhFthMgGuH4A_PNeOVKI.roa (raw, json)
Hash identifier: kRvM2whp2FFqwlvKEs8hhEWTho1Veqm36Y9D/ODYaRQ=
Subject key identifier: E7:F8:46:6D:DE:00:84:5B:61:32:01:AE:1F:80:3F:3C:D7:8E:54:A2
Certificate issuer: /CN=c4402c55758faee473938f8067a889ad5e271261
Certificate serial: 05D899F9
Authority key identifier: C4:40:2C:55:75:8F:AE:E4:73:93:8F:80:67:A8:89:AD:5E:27:12:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xEAsVXWPruRzk4-AZ6iJrV4nEmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/5_hGbd4AhFthMgGuH4A_PNeOVKI.roa
Signing time: Sat 01 Jan 2022 02:01:19 +0000
ROA not before: Sat 01 Jan 2022 02:01:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207995
IP address blocks: 194.24.162.0/23 maxlen: 24
194.24.176.0/23 maxlen: 24
212.221.128.0/17 maxlen: 24
2a10:340::/30 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98081273 (0x5d899f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4402c55758faee473938f8067a889ad5e271261
Validity
Not Before: Jan 1 02:01:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7f8466dde00845b613201ae1f803f3cd78e54a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9e:61:57:92:78:01:94:b0:af:b7:82:05:ea:
14:d8:38:eb:fe:c6:e5:47:92:ce:16:64:cc:93:1a:
93:66:c1:85:ea:c1:c4:ca:e2:46:b2:a8:ce:29:08:
e9:7e:2f:33:19:91:68:f6:63:ff:7b:3d:fd:36:20:
18:98:97:a1:4b:82:7f:13:e0:ed:56:0a:73:d9:30:
aa:7b:c1:c9:83:f4:24:48:0f:39:e5:4e:30:0c:e7:
86:19:d9:a3:4f:13:1e:cc:32:7b:a6:14:84:fe:5b:
13:8c:78:1f:2a:43:a3:4d:98:51:8e:eb:7d:1d:55:
60:27:bc:c6:aa:d6:bc:67:90:58:df:7e:cf:9f:cb:
27:ff:4b:ab:82:c9:9e:23:21:1b:66:ef:40:4f:26:
d4:89:30:41:57:52:4e:49:7c:f1:a6:e1:06:98:e9:
4b:34:50:c2:01:36:f3:bf:62:9b:ba:b1:a1:fd:42:
63:64:2a:1d:f5:58:16:55:9e:fb:05:c6:b6:0b:18:
6b:e7:49:82:8a:c4:15:db:43:fc:05:7a:29:8a:94:
e8:4a:15:c0:c0:6e:f0:7d:64:ce:61:82:86:39:84:
47:17:3c:39:d0:c3:6b:2d:b3:ec:a0:42:aa:1d:d7:
03:b9:fc:e8:27:05:07:1a:41:a9:11:5b:8a:ca:88:
cb:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:F8:46:6D:DE:00:84:5B:61:32:01:AE:1F:80:3F:3C:D7:8E:54:A2
X509v3 Authority Key Identifier:
keyid:C4:40:2C:55:75:8F:AE:E4:73:93:8F:80:67:A8:89:AD:5E:27:12:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xEAsVXWPruRzk4-AZ6iJrV4nEmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/5_hGbd4AhFthMgGuH4A_PNeOVKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/xEAsVXWPruRzk4-AZ6iJrV4nEmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.162.0/23
194.24.176.0/23
212.221.128.0/17
IPv6:
2a10:340::/30
Signature Algorithm: sha256WithRSAEncryption
4d:90:39:c9:d0:b3:e5:02:fe:b0:9a:c7:64:63:f6:a2:a2:3d:
9c:54:f1:b4:4c:3c:30:fd:f6:35:6e:2f:41:e2:7e:dc:cb:04:
52:f5:a4:17:0d:f6:cc:bb:81:df:ec:e5:6b:26:6c:d1:c8:5d:
f7:e0:1e:c9:58:d8:8f:1a:b4:3f:b2:9f:ba:f7:fb:68:ba:17:
87:17:17:35:9f:46:b8:e9:e7:93:aa:40:b9:d2:1c:05:cf:74:
55:84:cf:a3:33:e8:5d:2e:bd:79:85:11:1d:cd:08:91:da:ba:
60:f2:1c:ca:0e:e0:7d:4e:24:26:77:bb:25:17:71:55:a2:d5:
f0:ca:31:b7:c0:bd:0e:cf:44:1a:b9:e8:99:0f:94:76:a9:1b:
0d:89:33:9c:36:68:6a:dd:1a:e6:0a:ea:4f:9c:5d:1e:da:4e:
0c:1f:f2:f7:7a:2d:3e:a4:b2:20:ea:8d:e5:f9:7e:24:52:d7:
e2:72:7b:a2:42:2e:26:02:c2:51:98:0f:e1:7d:fd:c1:04:0c:
7c:80:9c:4f:1d:03:cc:9b:64:6b:a2:a8:b0:8e:3f:22:22:08:
9e:1b:26:d3:29:2c:dc:92:cf:6e:a0:0d:1c:e2:70:dd:69:51:
16:c4:79:0f:fa:a5:07:7e:c1:fe:cd:be:fa:d1:aa:69:28:03:
41:3f:f2:8f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBdiZ+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDQwMmM1NTc1OGZhZWU0NzM5MzhmODA2N2E4ODlhZDVlMjcxMjYxMB4XDTIyMDEw
MTAyMDExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTdmODQ2NmRkZTAw
ODQ1YjYxMzIwMWFlMWY4MDNmM2NkNzhlNTRhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIieYVeSeAGUsK+3ggXqFNg46/7G5UeSzhZkzJMak2bBherB
xMriRrKozikI6X4vMxmRaPZj/3s9/TYgGJiXoUuCfxPg7VYKc9kwqnvByYP0JEgP
OeVOMAznhhnZo08THswye6YUhP5bE4x4HypDo02YUY7rfR1VYCe8xqrWvGeQWN9+
z5/LJ/9Lq4LJniMhG2bvQE8m1IkwQVdSTkl88abhBpjpSzRQwgE2879im7qxof1C
Y2QqHfVYFlWe+wXGtgsYa+dJgorEFdtD/AV6KYqU6EoVwMBu8H1kzmGChjmERxc8
OdDDay2z7KBCqh3XA7n86CcFBxpBqRFbisqIy9kCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTn+EZt3gCEW2EyAa4fgD88145UojAfBgNVHSMEGDAWgBTEQCxVdY+u5HOT
j4BnqImtXicSYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hFQXNWWFdQcnVSems0LUFaNmlKclY0bkVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvOTY0YzNjLWI1NzAtNDExMy1iNGFhLWNmZGYwMzExYWQ4Yy8x
LzVfaEdiZDRBaEZ0aE1nR3VINEFfUE5lT1ZLSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
OTY0YzNjLWI1NzAtNDExMy1iNGFhLWNmZGYwMzExYWQ4Yy8xL3hFQXNWWFdQcnVS
ems0LUFaNmlKclY0bkVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAcIYogMEAcIYsAMEB9TdgDANBAIA
AjAHAwUCKhADQDANBgkqhkiG9w0BAQsFAAOCAQEATZA5ydCz5QL+sJrHZGP2oqI9
nFTxtEw8MP32NW4vQeJ+3MsEUvWkFw32zLuB3+zlayZs0chd9+AeyVjYjxq0P7Kf
uvf7aLoXhxcXNZ9GuOnnk6pAudIcBc90VYTPozPoXS69eYURHc0Ikdq6YPIcyg7g
fU4kJne7JRdxVaLV8Moxt8C9Ds9EGrnomQ+UdqkbDYkznDZoat0a5grqT5xdHtpO
DB/y93otPqSyIOqN5fl+JFLX4nJ7okIuJgLCUZgP4X39wQQMfICcTx0DzJtka6Ko
sI4/IiIInhsm0yks3JLPbqANHOJw3WlRFsR5D/qlB37B/s2++tGqaSgDQT/yjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:03 2024 by rpki-client on console-ams.rpki-client.org