Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/f5kKHBpMDfJbLlFCPTLNI5vi1sM.roa
File: f5kKHBpMDfJbLlFCPTLNI5vi1sM.roa (raw, json)
Hash identifier: dkZxakwLSlwiNcDYPvypOvTUsPR4kkSObnIr6jf+Vrs=
Subject key identifier: 7F:99:0A:1C:1A:4C:0D:F2:5B:2E:51:42:3D:32:CD:23:9B:E2:D6:C3
Certificate issuer: /CN=14e282cf616284b58f85ec43e54c90bf9594e49c
Certificate serial: 057C99A4
Authority key identifier: 14:E2:82:CF:61:62:84:B5:8F:85:EC:43:E5:4C:90:BF:95:94:E4:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FOKCz2FihLWPhexD5UyQv5WU5Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/f5kKHBpMDfJbLlFCPTLNI5vi1sM.roa
Signing time: Sat 01 Jan 2022 00:50:28 +0000
ROA not before: Sat 01 Jan 2022 00:50:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21396
IP address blocks: 141.0.208.0/20 maxlen: 24
80.249.96.0/20 maxlen: 24
5.182.220.0/22 maxlen: 24
2a02:68::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92051876 (0x57c99a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14e282cf616284b58f85ec43e54c90bf9594e49c
Validity
Not Before: Jan 1 00:50:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f990a1c1a4c0df25b2e51423d32cd239be2d6c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:03:21:3c:1c:8c:ac:78:75:3d:b4:71:16:dc:
f4:b0:9a:fc:81:fc:17:59:8e:a9:82:04:2c:a0:b0:
f0:c2:88:b8:42:89:d9:49:2a:61:88:21:d5:aa:44:
be:66:ec:e1:52:82:ec:80:68:39:e6:4e:48:93:9d:
6c:0a:b0:1b:07:46:50:b4:cc:73:7f:db:b4:75:a0:
40:08:60:c8:8f:08:86:e4:b2:32:96:9f:b7:3f:f8:
8b:48:d7:a6:39:cf:c2:cf:c4:8f:cb:91:d0:59:bb:
59:b4:9f:35:59:0d:22:30:c7:4f:05:73:4d:3f:cc:
a3:50:9b:33:5a:a2:22:b3:b2:48:d0:96:30:aa:45:
10:50:e6:a3:ad:56:1b:bf:74:b3:c2:a0:ea:c2:bd:
96:c7:4a:ef:d0:b8:9c:06:69:61:6a:92:17:62:58:
da:3d:a3:99:ab:6c:94:93:8b:bd:4d:02:41:10:fe:
0a:a7:dd:3d:ac:cc:85:ff:b5:ab:45:51:9d:1a:7a:
94:bc:89:c7:15:a3:fe:0c:44:d6:e6:84:be:c6:5b:
08:3f:90:41:05:45:96:1b:e0:f9:67:52:f6:16:36:
f9:e6:63:76:1b:c3:42:ee:44:f7:3c:d8:72:78:2a:
0b:22:be:ce:00:eb:5b:f3:42:ca:80:50:62:99:28:
83:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:99:0A:1C:1A:4C:0D:F2:5B:2E:51:42:3D:32:CD:23:9B:E2:D6:C3
X509v3 Authority Key Identifier:
keyid:14:E2:82:CF:61:62:84:B5:8F:85:EC:43:E5:4C:90:BF:95:94:E4:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FOKCz2FihLWPhexD5UyQv5WU5Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/f5kKHBpMDfJbLlFCPTLNI5vi1sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/FOKCz2FihLWPhexD5UyQv5WU5Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.220.0/22
80.249.96.0/20
141.0.208.0/20
IPv6:
2a02:68::/29
Signature Algorithm: sha256WithRSAEncryption
06:18:d5:c4:87:40:f4:af:ff:6a:c9:99:56:4f:d4:91:d7:a4:
92:46:64:6b:ff:ec:87:5a:ce:93:5f:8a:7e:95:c1:5d:0b:cc:
33:6a:2a:9e:a4:bc:22:de:e3:30:63:72:90:e8:31:d1:05:99:
2d:fa:e2:99:27:a6:72:30:2f:56:12:d4:1c:35:f8:00:b6:60:
3d:f9:df:fc:c2:20:44:67:c9:b0:02:a3:ea:84:ac:65:b4:ee:
c7:b6:c4:d4:1a:37:8c:39:76:f0:5f:a9:63:ab:ce:a7:a4:e2:
27:a7:22:0a:d1:b0:c2:7d:a8:eb:7a:d5:78:32:27:b4:16:ea:
c8:16:67:17:d6:b4:ac:ea:05:37:17:80:10:be:48:5c:2d:fc:
35:4f:cf:97:e5:9c:6d:34:f5:fb:39:c0:13:51:ea:a0:ea:99:
a4:db:bc:e7:6a:4b:d0:bc:42:dc:79:aa:72:77:2c:0c:56:94:
b1:04:ff:7c:36:b9:1a:55:ef:9c:74:e5:0e:f2:83:19:e7:ff:
7e:7f:de:5b:58:1e:4d:cf:fd:dd:3a:5f:9f:7e:1d:de:f3:2b:
1e:76:cb:75:43:ea:c8:b6:26:08:3f:be:05:8b:e6:38:57:88:
93:22:4f:0e:93:19:40:ff:d5:b4:e3:15:8e:64:43:a7:f7:d6:
a6:ba:1b:17
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBXyZpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NGUyODJjZjYxNjI4NGI1OGY4NWVjNDNlNTRjOTBiZjk1OTRlNDljMB4XDTIyMDEw
MTAwNTAyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Y5OTBhMWMxYTRj
MGRmMjViMmU1MTQyM2QzMmNkMjM5YmUyZDZjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQDITwcjKx4dT20cRbc9LCa/IH8F1mOqYIELKCw8MKIuEKJ
2UkqYYgh1apEvmbs4VKC7IBoOeZOSJOdbAqwGwdGULTMc3/btHWgQAhgyI8IhuSy
Mpaftz/4i0jXpjnPws/Ej8uR0Fm7WbSfNVkNIjDHTwVzTT/Mo1CbM1qiIrOySNCW
MKpFEFDmo61WG790s8Kg6sK9lsdK79C4nAZpYWqSF2JY2j2jmatslJOLvU0CQRD+
CqfdPazMhf+1q0VRnRp6lLyJxxWj/gxE1uaEvsZbCD+QQQVFlhvg+WdS9hY2+eZj
dhvDQu5E9zzYcngqCyK+zgDrW/NCyoBQYpkog6cCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBR/mQocGkwN8lsuUUI9Ms0jm+LWwzAfBgNVHSMEGDAWgBQU4oLPYWKEtY+F
7EPlTJC/lZTknDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZPS0N6MkZpaExXUGhleEQ1VXlRdjVXVTVKdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvYzhkOGFkLWNkNzItNDE5Yi05NzNmLTU2MDk0ZmQ2Y2M2Yy8x
L2Y1a0tIQnBNRGZKYkxsRkNQVExOSTV2aTFzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
YzhkOGFkLWNkNzItNDE5Yi05NzNmLTU2MDk0ZmQ2Y2M2Yy8xL0ZPS0N6MkZpaExX
UGhleEQ1VXlRdjVXVTVKdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAgW23AMEBFD5YAMEBI0A0DANBAIA
AjAHAwUDKgIAaDANBgkqhkiG9w0BAQsFAAOCAQEABhjVxIdA9K//asmZVk/Ukdek
kkZka//sh1rOk1+KfpXBXQvMM2oqnqS8It7jMGNykOgx0QWZLfrimSemcjAvVhLU
HDX4ALZgPfnf/MIgRGfJsAKj6oSsZbTux7bE1Bo3jDl28F+pY6vOp6TiJ6ciCtGw
wn2o63rVeDIntBbqyBZnF9a0rOoFNxeAEL5IXC38NU/Pl+WcbTT1+znAE1HqoOqZ
pNu852pL0LxC3HmqcncsDFaUsQT/fDa5GlXvnHTlDvKDGef/fn/eW1geTc/93Tpf
n34d3vMrHnbLdUPqyLYmCD++BYvmOFeIkyJPDpMZQP/VtOMVjmRDp/fWprobFw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:49 2023 by rpki-client on console-ams.rpki-client.org