Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/aJe6uGhBcNl-uK8DT1El7p8nBnw.roa
File: aJe6uGhBcNl-uK8DT1El7p8nBnw.roa (raw, json)
Hash identifier: FYhGRZX6wgRaRUKXtVC9qD6K+uzf+NuodAPLKIENX+c=
Subject key identifier: 68:97:BA:B8:68:41:70:D9:7E:B8:AF:03:4F:51:25:EE:9F:27:06:7C
Certificate issuer: /CN=5af4de6e73c8e053cb640b74d2b912abd90b0580
Certificate serial: 0181F26452DC5EA3FE98182C13509157CDEC
Authority key identifier: 5A:F4:DE:6E:73:C8:E0:53:CB:64:0B:74:D2:B9:12:AB:D9:0B:05:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WvTebnPI4FPLZAt00rkSq9kLBYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/aJe6uGhBcNl-uK8DT1El7p8nBnw.roa
Signing time: Tue 12 Jul 2022 12:31:09 +0000
ROA not before: Tue 12 Jul 2022 12:31:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44795
IP address blocks: 62.128.160.0/19 maxlen: 19
82.214.240.0/21 maxlen: 21
82.214.244.0/22 maxlen: 22
195.238.32.0/19 maxlen: 19
62.128.168.0/21 maxlen: 21
62.128.168.0/22 maxlen: 22
62.128.172.0/22 maxlen: 22
128.65.64.0/19 maxlen: 24
82.214.192.0/18 maxlen: 18
82.214.210.0/24 maxlen: 24
185.117.52.0/22 maxlen: 22
82.214.240.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f2:64:52:dc:5e:a3:fe:98:18:2c:13:50:91:57:cd:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5af4de6e73c8e053cb640b74d2b912abd90b0580
Validity
Not Before: Jul 12 12:31:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6897bab8684170d97eb8af034f5125ee9f27067c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4f:51:25:56:ca:dd:6c:25:54:26:9b:15:f1:
14:36:e1:af:96:ad:56:39:26:38:b6:13:f7:eb:58:
56:85:b1:1f:6a:1d:1c:04:db:9a:b5:3a:fa:af:e1:
92:3c:8f:87:46:c2:63:a9:8b:07:ec:ea:c5:a0:52:
0a:e5:0b:f9:c6:11:8f:19:6e:53:c9:df:2b:0c:ef:
62:91:12:8f:32:93:bb:58:6d:ad:4c:60:df:03:c7:
70:e6:e9:fc:af:5b:a5:b8:b1:b9:b6:29:e0:b4:c2:
24:d3:eb:8f:94:48:ef:a0:76:29:fd:2a:e1:a2:7f:
15:04:93:66:43:1b:43:01:07:e4:3e:8f:c4:f1:90:
06:d3:b6:c0:85:61:d3:c1:53:fe:f0:7a:c8:2f:06:
07:4d:92:ab:3b:0b:a9:e3:f6:60:8e:56:d6:09:c8:
e2:0f:37:cf:3b:20:c0:19:08:47:17:ce:c4:f4:62:
1e:ab:25:d5:02:dc:60:ba:80:f1:ef:ea:b6:1c:88:
06:88:98:d9:f6:e2:dd:af:ed:45:a1:29:25:1c:63:
26:1b:10:61:b6:64:15:fe:24:6b:ef:75:40:ff:e3:
e4:62:49:fc:5b:43:8f:05:31:99:d4:a0:b1:a2:3e:
6a:6d:c3:21:fc:8e:3f:1c:b1:c3:67:86:84:d6:48:
c5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:97:BA:B8:68:41:70:D9:7E:B8:AF:03:4F:51:25:EE:9F:27:06:7C
X509v3 Authority Key Identifier:
keyid:5A:F4:DE:6E:73:C8:E0:53:CB:64:0B:74:D2:B9:12:AB:D9:0B:05:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WvTebnPI4FPLZAt00rkSq9kLBYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/aJe6uGhBcNl-uK8DT1El7p8nBnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/WvTebnPI4FPLZAt00rkSq9kLBYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.128.160.0/19
82.214.192.0/18
128.65.64.0/19
185.117.52.0/22
195.238.32.0/19
Signature Algorithm: sha256WithRSAEncryption
79:0b:26:f1:c5:02:da:43:60:f0:14:3b:be:6e:52:18:52:42:
b1:ae:48:a7:33:6d:52:19:79:e8:60:cd:64:84:02:59:c2:2e:
0d:05:1b:8b:87:6b:11:a5:2a:ef:ac:19:c1:5f:3c:65:4c:87:
f4:6e:9e:b7:0f:93:cf:aa:c7:e1:7a:5e:7a:be:dc:0e:36:65:
30:81:31:d2:f4:87:40:62:9b:67:4b:b4:56:74:da:25:b9:6f:
a4:d4:62:df:02:5a:f3:53:31:97:6f:8c:cd:19:20:8f:fb:74:
f5:8e:17:ab:34:a7:b0:7e:f4:f1:64:2d:b2:33:ce:cb:4d:b5:
ea:36:7d:24:b5:90:0f:00:73:5c:70:58:49:ff:4b:88:47:61:
ed:e9:7a:e5:ea:72:5e:35:88:be:32:bd:64:06:9f:00:b4:d9:
89:a2:33:39:9a:09:0b:ec:2a:1b:22:3a:4a:84:20:5c:18:78:
63:7d:e5:ad:b7:fd:12:e3:87:89:0f:32:e2:58:f5:15:b1:f7:
ca:b6:5b:37:c2:a1:a8:0b:a2:8a:6a:58:74:4b:40:d2:81:57:
a3:bc:5c:3b:ac:db:8a:bd:e3:3c:c0:ac:1b:60:ff:84:91:57:
ff:5d:40:34:7c:90:8f:03:b9:84:ef:71:77:7b:c2:e1:05:4f:
2b:35:3f:db
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYHyZFLcXqP+mBgsE1CRV83sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZjRkZTZlNzNjOGUwNTNjYjY0MGI3NGQyYjkxMmFiZDkw
YjA1ODAwHhcNMjIwNzEyMTIzMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODk3YmFiODY4NDE3MGQ5N2ViOGFmMDM0ZjUxMjVlZTlmMjcwNjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj09RJVbK3WwlVCabFfEUNuGvlq1W
OSY4thP361hWhbEfah0cBNuatTr6r+GSPI+HRsJjqYsH7OrFoFIK5Qv5xhGPGW5T
yd8rDO9ikRKPMpO7WG2tTGDfA8dw5un8r1uluLG5tingtMIk0+uPlEjvoHYp/Srh
on8VBJNmQxtDAQfkPo/E8ZAG07bAhWHTwVP+8HrILwYHTZKrOwup4/ZgjlbWCcji
DzfPOyDAGQhHF87E9GIeqyXVAtxguoDx7+q2HIgGiJjZ9uLdr+1FoSklHGMmGxBh
tmQV/iRr73VA/+PkYkn8W0OPBTGZ1KCxoj5qbcMh/I4/HLHDZ4aE1kjFswIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGiXurhoQXDZfrivA09RJe6fJwZ8MB8GA1UdIwQY
MBaAFFr03m5zyOBTy2QLdNK5EqvZCwWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3ZUZWJuUEk0RlBMWkF0MDBya1NxOWtMQllBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9hZDM2OTYtZjM2Zi00ZGYwLWIyZGUt
YzFlOTM2MmIxYTUxLzEvYUplNnVHaEJjTmwtdUs4RFQxRWw3cDhuQm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9hZDM2OTYtZjM2Zi00ZGYwLWIyZGUtYzFlOTM2MmIxYTUx
LzEvV3ZUZWJuUEk0RlBMWkF0MDBya1NxOWtMQllBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFPoCgAwQG
UtbAAwQFgEFAAwQCuXU0AwQFw+4gMA0GCSqGSIb3DQEBCwUAA4IBAQB5CybxxQLa
Q2DwFDu+blIYUkKxrkinM21SGXnoYM1khAJZwi4NBRuLh2sRpSrvrBnBXzxlTIf0
bp63D5PPqsfhel56vtwONmUwgTHS9IdAYptnS7RWdNoluW+k1GLfAlrzUzGXb4zN
GSCP+3T1jherNKewfvTxZC2yM87LTbXqNn0ktZAPAHNccFhJ/0uIR2Ht6Xrl6nJe
NYi+Mr1kBp8AtNmJojM5mgkL7CobIjpKhCBcGHhjfeWtt/0S44eJDzLiWPUVsffK
tls3wqGoC6KKalh0S0DSgVejvFw7rNuKveM8wKwbYP+EkVf/XUA0fJCPA7mE73F3
e8LhBU8rNT/b
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:54 2024 by rpki-client on console-ams.rpki-client.org