Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/aFaK4WB3Rl8iyssBOveNuS2HhjQ.roa
File: aFaK4WB3Rl8iyssBOveNuS2HhjQ.roa (raw, json)
Hash identifier: jhkJ/K4fqQKaQ4jQev+PtxHCj0cA0I2yu9ZvdjtdaYU=
Subject key identifier: 68:56:8A:E1:60:77:46:5F:22:CA:CB:01:3A:F7:8D:B9:2D:87:86:34
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 369D38CC
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/aFaK4WB3Rl8iyssBOveNuS2HhjQ.roa
Signing time: Sat 01 Jan 2022 07:03:39 +0000
ROA not before: Sat 01 Jan 2022 07:03:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30781
IP address blocks: 185.85.76.0/22 maxlen: 22
91.190.168.0/21 maxlen: 21
5.63.24.0/21 maxlen: 21
2a02:798::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 916273356 (0x369d38cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Jan 1 07:03:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68568ae16077465f22cacb013af78db92d878634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e4:32:6f:ae:9c:e0:69:f3:d8:f7:f1:e9:36:
54:06:3d:ce:22:1c:b2:f5:de:9b:9b:1c:1e:8a:f4:
c8:2c:bc:f6:c0:23:66:16:a4:39:b6:01:a0:e4:7e:
f1:07:f2:58:93:6d:8c:a3:d4:a0:74:42:14:10:db:
cf:44:b9:6b:81:3a:f9:5d:5c:76:ed:03:43:f9:25:
0e:a9:92:c8:26:2f:8b:fa:14:99:d4:79:92:cb:40:
11:af:c4:7d:ed:c1:33:9c:d7:71:85:b7:98:d0:39:
c9:87:85:6b:0a:39:6c:d5:de:6e:97:ce:05:5d:4e:
4a:e1:88:5c:94:ec:f4:00:2a:1f:75:47:29:f2:91:
00:23:6d:8a:1e:cc:f6:97:10:15:77:2e:6e:b5:85:
e2:b7:a3:1a:ef:f7:1c:69:21:d1:d9:07:e1:d4:74:
0f:ea:c7:8a:c9:62:35:b2:d9:38:ed:da:fe:67:e8:
31:f2:62:dc:08:f3:e0:4e:77:d9:68:3c:85:d0:7f:
2a:34:44:f8:6d:5e:35:63:d5:0a:35:45:7a:fc:ec:
0b:0d:55:e6:28:0e:02:1e:f8:86:1b:b5:35:5c:8d:
6b:c9:65:3b:48:71:dd:6a:65:c1:9a:c7:e8:fd:0a:
04:dc:c2:a9:8f:36:6e:1d:0c:0c:c1:d4:63:ba:06:
80:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:56:8A:E1:60:77:46:5F:22:CA:CB:01:3A:F7:8D:B9:2D:87:86:34
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/aFaK4WB3Rl8iyssBOveNuS2HhjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0/21
91.190.168.0/21
185.85.76.0/22
IPv6:
2a02:798::/32
Signature Algorithm: sha256WithRSAEncryption
28:35:b8:3c:c2:a7:ed:07:8d:f5:ce:c6:d9:c9:2b:17:7b:7a:
63:73:2b:b9:61:a6:5c:62:74:9e:82:21:5e:29:51:96:c9:43:
b8:45:b6:60:93:e8:61:9b:32:3d:7e:fa:4e:92:a8:5a:2e:a2:
6f:79:e8:50:9b:87:2e:76:9d:be:64:bd:be:45:15:c9:29:39:
b4:1b:7e:21:88:ed:85:08:29:3d:38:c4:ef:1a:ca:1c:72:3c:
44:2d:ad:a7:aa:7c:e5:ce:64:3f:ae:db:83:cb:01:93:63:31:
10:0f:f3:33:70:47:ca:dd:2b:53:06:71:c8:46:1c:ad:2c:f0:
b3:89:28:4d:6d:7d:56:c6:75:22:f4:80:d5:e1:86:ba:37:63:
f5:c6:47:84:8c:d1:96:b2:ad:91:60:c7:a1:89:38:ff:24:c3:
6a:79:50:46:e5:10:de:bb:80:09:9d:0f:57:80:c0:0d:ce:2a:
66:c1:98:be:13:eb:49:4b:d1:26:67:c7:d0:85:5b:8b:7f:17:
e3:b6:a3:01:25:9e:c6:9d:7d:e0:85:fb:24:84:70:d8:53:14:
fb:0c:b2:5d:51:42:51:ea:90:1c:de:dc:35:11:02:81:c3:ca:
47:95:8f:11:14:48:6c:27:ef:8c:e1:d4:35:91:96:81:2d:f6:
f9:74:e3:22
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIENp04zDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTE0MWM1MDkwODI0ZDBhMTdjMjllYzQwNTBlMjEwMDcxMTNmYmRhMB4XDTIyMDEw
MTA3MDMzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjg1NjhhZTE2MDc3
NDY1ZjIyY2FjYjAxM2FmNzhkYjkyZDg3ODYzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJHkMm+unOBp89j38ek2VAY9ziIcsvXem5scHor0yCy89sAj
ZhakObYBoOR+8QfyWJNtjKPUoHRCFBDbz0S5a4E6+V1cdu0DQ/klDqmSyCYvi/oU
mdR5kstAEa/Efe3BM5zXcYW3mNA5yYeFawo5bNXebpfOBV1OSuGIXJTs9AAqH3VH
KfKRACNtih7M9pcQFXcubrWF4rejGu/3HGkh0dkH4dR0D+rHisliNbLZOO3a/mfo
MfJi3Ajz4E532Wg8hdB/KjRE+G1eNWPVCjVFevzsCw1V5igOAh74hhu1NVyNa8ll
O0hx3WplwZrH6P0KBNzCqY82bh0MDMHUY7oGgFcCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRoVorhYHdGXyLKywE69425LYeGNDAfBgNVHSMEGDAWgBRaFBxQkIJNChfC
nsQFDiEAcRP72jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1doUWNVSkNDVFFvWHdwN0VCUTRoQUhFVC05by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvYjIwZTkwLWJmNmUtNGUyNS04N2Q1LWVjZWVmZjhlODRlMC8x
L2FGYUs0V0IzUmw4aXlzc0JPdmVOdVMySGhqUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
YjIwZTkwLWJmNmUtNGUyNS04N2Q1LWVjZWVmZjhlODRlMC8xL1doUWNVSkNDVFFv
WHdwN0VCUTRoQUhFVC05by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAwU/GAMEA1u+qAMEArlVTDANBAIA
AjAHAwUAKgIHmDANBgkqhkiG9w0BAQsFAAOCAQEAKDW4PMKn7QeN9c7G2ckrF3t6
Y3MruWGmXGJ0noIhXilRlslDuEW2YJPoYZsyPX76TpKoWi6ib3noUJuHLnadvmS9
vkUVySk5tBt+IYjthQgpPTjE7xrKHHI8RC2tp6p85c5kP67bg8sBk2MxEA/zM3BH
yt0rUwZxyEYcrSzws4koTW19VsZ1IvSA1eGGujdj9cZHhIzRlrKtkWDHoYk4/yTD
anlQRuUQ3ruACZ0PV4DADc4qZsGYvhPrSUvRJmfH0IVbi38X47ajASWexp194IX7
JIRw2FMU+wyyXVFCUeqQHN7cNRECgcPKR5WPERRIbCfvjOHUNZGWgS32+XTjIg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:58 2023 by rpki-client on console-ams.rpki-client.org