Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/aQ1_jcBHBCYH5Xl5oYUM96reLQg.roa
File: aQ1_jcBHBCYH5Xl5oYUM96reLQg.roa (raw, json)
Hash identifier: 5x0j6Sc5VKNjCckOLHVkzbIT4y1MhCQX/1pyIJblxp4=
Subject key identifier: 69:0D:7F:8D:C0:47:04:26:07:E5:79:79:A1:85:0C:F7:AA:DE:2D:08
Certificate issuer: /CN=4d302a2dd517a61a3b952746f2ee9fbe436d6349
Certificate serial: 3559EDD4
Authority key identifier: 4D:30:2A:2D:D5:17:A6:1A:3B:95:27:46:F2:EE:9F:BE:43:6D:63:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TTAqLdUXpho7lSdG8u6fvkNtY0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/aQ1_jcBHBCYH5Xl5oYUM96reLQg.roa
Signing time: Sat 01 Jan 2022 05:54:40 +0000
ROA not before: Sat 01 Jan 2022 05:54:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47935
IP address blocks: 5.252.159.0/24 maxlen: 24
5.252.158.0/24 maxlen: 24
5.252.156.0/22 maxlen: 22
5.252.156.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 895086036 (0x3559edd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d302a2dd517a61a3b952746f2ee9fbe436d6349
Validity
Not Before: Jan 1 05:54:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=690d7f8dc047042607e57979a1850cf7aade2d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9e:42:38:e1:ee:27:16:86:f0:b9:38:fd:14:
fc:92:ba:3f:9f:e9:b0:fd:1c:c6:ef:23:7f:0e:fc:
32:9d:4e:e4:db:94:be:58:7d:74:49:5d:e9:2f:40:
83:43:30:53:5d:29:94:b6:62:27:75:20:a1:1f:ae:
49:34:f4:f7:e1:aa:8c:36:5d:9f:b4:06:76:13:2c:
7c:04:ce:67:aa:be:05:65:28:09:6f:33:ee:52:74:
61:ec:4a:5e:8b:16:08:a4:a2:f3:78:a4:07:1a:40:
df:d9:5d:a2:69:b3:f1:6a:ad:31:d0:64:4d:76:24:
d6:8d:dc:14:01:e4:12:6b:dc:ce:8b:ae:db:57:3c:
d5:4f:46:29:2d:17:90:0d:8b:38:43:60:c6:b4:f2:
a9:f5:bf:b1:75:61:cf:62:91:c5:5a:c9:d9:26:99:
2a:7d:7e:fc:dd:b1:77:c1:c1:d3:60:79:0a:79:02:
21:2f:c7:a9:02:cc:64:99:2f:93:f7:af:67:19:a8:
11:81:ba:34:11:fb:2a:99:08:a4:91:35:db:a4:73:
64:bd:9a:ae:3d:ee:7a:54:40:bc:61:6e:25:72:a9:
17:97:60:97:10:46:5e:86:b2:42:d6:fa:f8:84:fb:
60:1f:d6:a0:96:93:85:c5:12:8e:f6:3a:ea:2a:10:
69:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:0D:7F:8D:C0:47:04:26:07:E5:79:79:A1:85:0C:F7:AA:DE:2D:08
X509v3 Authority Key Identifier:
keyid:4D:30:2A:2D:D5:17:A6:1A:3B:95:27:46:F2:EE:9F:BE:43:6D:63:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TTAqLdUXpho7lSdG8u6fvkNtY0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/aQ1_jcBHBCYH5Xl5oYUM96reLQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/TTAqLdUXpho7lSdG8u6fvkNtY0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.156.0/22
Signature Algorithm: sha256WithRSAEncryption
92:22:86:14:f7:8c:0c:1a:79:02:4a:c1:13:c6:f6:cd:0b:6a:
82:e1:f3:28:27:c8:f2:9b:a3:af:52:68:74:2b:c5:0b:3a:25:
bc:e4:6e:53:e1:ea:ea:c7:97:b5:08:6d:ca:7d:bf:98:59:13:
fd:5a:7e:74:b6:c2:cf:e0:04:d0:d3:d0:61:0a:48:8b:b6:2d:
47:43:db:90:21:a5:99:0c:a7:77:4f:af:8b:d4:5d:0e:1a:91:
14:9e:6d:82:22:97:5d:0e:88:72:01:ee:54:57:00:c5:09:86:
71:dc:e7:0a:9d:c7:0f:bc:3f:95:37:52:82:02:d2:1e:42:3b:
86:ee:41:96:95:57:ed:12:82:b3:e6:09:fa:34:7f:59:59:ba:
c9:fd:c8:6e:4f:9a:c0:82:7d:1d:18:ae:31:df:1d:2b:6c:49:
94:3d:de:65:2a:46:99:9f:7d:c0:3b:1b:80:c9:05:08:08:35:
1e:14:cd:99:c7:b9:8f:2f:71:18:73:da:50:a5:4b:27:ec:8a:
54:d7:3a:43:ed:4d:de:da:84:35:e3:62:ef:78:41:ff:c0:f1:
01:7c:13:8e:be:28:0b:58:80:27:4f:39:49:db:c6:90:95:7e:
b2:97:f2:5f:3e:01:bb:39:c8:9f:6d:76:78:8d:4c:6b:65:07:
c1:ce:9f:d4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENVnt1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDMwMmEyZGQ1MTdhNjFhM2I5NTI3NDZmMmVlOWZiZTQzNmQ2MzQ5MB4XDTIyMDEw
MTA1NTQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjkwZDdmOGRjMDQ3
MDQyNjA3ZTU3OTc5YTE4NTBjZjdhYWRlMmQwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKieQjjh7icWhvC5OP0U/JK6P5/psP0cxu8jfw78Mp1O5NuU
vlh9dEld6S9Ag0MwU10plLZiJ3UgoR+uSTT09+GqjDZdn7QGdhMsfATOZ6q+BWUo
CW8z7lJ0YexKXosWCKSi83ikBxpA39ldommz8WqtMdBkTXYk1o3cFAHkEmvczouu
21c81U9GKS0XkA2LOENgxrTyqfW/sXVhz2KRxVrJ2SaZKn1+/N2xd8HB02B5CnkC
IS/HqQLMZJkvk/evZxmoEYG6NBH7KpkIpJE126RzZL2arj3uelRAvGFuJXKpF5dg
lxBGXoayQtb6+IT7YB/WoJaThcUSjvY66ioQaWsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRpDX+NwEcEJgfleXmhhQz3qt4tCDAfBgNVHSMEGDAWgBRNMCot1RemGjuV
J0by7p++Q21jSTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RUQXFMZFVYcGhvN2xTZEc4dTZmdmtOdFkway5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvZjBkZDVmLWI5NzItNDEwYi05OTA3LTE2NmZiOWRiNmRiMy8x
L2FRMV9qY0JIQkNZSDVYbDVvWVVNOTZyZUxRZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
ZjBkZDVmLWI5NzItNDEwYi05OTA3LTE2NmZiOWRiNmRiMy8xL1RUQXFMZFVYcGhv
N2xTZEc4dTZmdmtOdFkway5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgX8nDANBgkqhkiG9w0BAQsFAAOC
AQEAkiKGFPeMDBp5AkrBE8b2zQtqguHzKCfI8pujr1JodCvFCzolvORuU+Hq6seX
tQhtyn2/mFkT/Vp+dLbCz+AE0NPQYQpIi7YtR0PbkCGlmQynd0+vi9RdDhqRFJ5t
giKXXQ6IcgHuVFcAxQmGcdznCp3HD7w/lTdSggLSHkI7hu5BlpVX7RKCs+YJ+jR/
WVm6yf3Ibk+awIJ9HRiuMd8dK2xJlD3eZSpGmZ99wDsbgMkFCAg1HhTNmce5jy9x
GHPaUKVLJ+yKVNc6Q+1N3tqENeNi73hB/8DxAXwTjr4oC1iAJ085SdvGkJV+spfy
Xz4BuznIn212eI1Ma2UHwc6f1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:41 2024 by rpki-client on console-fra.rpki-client.org