Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/T6IIhkj44-kB6tbasvoTdxmojww.roa
File: T6IIhkj44-kB6tbasvoTdxmojww.roa (raw, json)
Hash identifier: NLYFFmcfM0r2fPG6VsSrJiFLnGy0b0j1WqfaPBxwaIc=
Subject key identifier: 4F:A2:08:86:48:F8:E3:E9:01:EA:D6:DA:B2:FA:13:77:19:A8:8F:0C
Certificate issuer: /CN=6ab7b9cee004300eafe09bf12fcb6da1dd30a4d7
Certificate serial: 1547D170
Authority key identifier: 6A:B7:B9:CE:E0:04:30:0E:AF:E0:9B:F1:2F:CB:6D:A1:DD:30:A4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/are5zuAEMA6v4JvxL8ttod0wpNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/T6IIhkj44-kB6tbasvoTdxmojww.roa
Signing time: Sat 01 Jan 2022 09:58:01 +0000
ROA not before: Sat 01 Jan 2022 09:58:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203489
IP address blocks: 213.137.32.0/19 maxlen: 21
82.145.160.0/19 maxlen: 19
178.20.72.0/21 maxlen: 21
31.24.136.0/21 maxlen: 21
69.172.96.0/19 maxlen: 19
185.3.36.0/22 maxlen: 22
2a00:fa80::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 357028208 (0x1547d170)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ab7b9cee004300eafe09bf12fcb6da1dd30a4d7
Validity
Not Before: Jan 1 09:58:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fa2088648f8e3e901ead6dab2fa137719a88f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:19:a8:dc:15:34:50:13:cf:45:1c:91:b7:b0:
e6:7a:a8:f1:a5:92:08:d4:cc:c4:63:0d:c8:43:d7:
e0:29:96:cb:7d:9f:68:b6:71:0c:96:b4:b9:5b:bb:
5b:6d:da:5e:16:3a:95:f4:d5:58:2a:59:68:80:4b:
02:eb:38:a3:a1:17:36:dd:9c:be:6c:14:2a:0e:cf:
81:70:bb:cf:08:79:78:4e:e1:b2:bd:88:6c:ee:22:
e4:0b:e8:bc:b9:b5:c0:ca:68:66:17:c2:b3:5e:07:
0d:3a:45:d8:a2:7a:22:c9:71:20:75:ba:7f:08:d6:
46:22:3d:e0:3b:9e:cb:cf:a0:6b:48:a8:40:9e:1a:
b4:46:5d:77:6d:d7:58:2b:59:43:ef:58:53:3a:13:
f8:7e:4b:1b:ec:a0:d2:74:2e:66:c9:37:99:a9:0c:
22:ad:59:bc:bc:68:ad:b1:86:2f:23:5e:08:f1:b5:
ce:7d:a4:9a:69:2c:a1:3b:9b:18:a3:e1:00:ee:69:
77:83:8b:70:b4:46:37:0a:37:41:b7:84:fe:c9:6e:
91:24:2f:99:f6:07:3e:50:22:e1:7d:da:bd:7b:5f:
1e:05:38:a2:55:87:8f:dc:35:f9:7a:b5:ac:3b:e2:
56:8e:77:6b:ac:09:72:bf:b6:67:bc:b2:f9:39:6e:
a5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A2:08:86:48:F8:E3:E9:01:EA:D6:DA:B2:FA:13:77:19:A8:8F:0C
X509v3 Authority Key Identifier:
keyid:6A:B7:B9:CE:E0:04:30:0E:AF:E0:9B:F1:2F:CB:6D:A1:DD:30:A4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/are5zuAEMA6v4JvxL8ttod0wpNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/T6IIhkj44-kB6tbasvoTdxmojww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/are5zuAEMA6v4JvxL8ttod0wpNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.136.0/21
69.172.96.0/19
82.145.160.0/19
178.20.72.0/21
185.3.36.0/22
213.137.32.0/19
IPv6:
2a00:fa80::/29
Signature Algorithm: sha256WithRSAEncryption
12:bc:14:66:d2:30:25:ef:31:30:e6:75:aa:30:c9:0d:7d:1d:
5f:e3:5d:e9:a4:0e:cd:99:85:6d:ec:c4:25:24:e3:e9:25:0d:
0a:7e:24:d2:e7:e8:f2:1b:0a:80:86:8e:9b:5e:6b:cb:ea:23:
bb:8b:8c:b6:a9:35:e7:c4:dc:95:66:e7:0a:35:de:f5:02:73:
f9:7a:27:ba:1d:14:a3:2d:e1:d4:f5:5a:7f:6a:02:ba:0a:e0:
7b:63:79:76:59:68:c9:88:66:f4:48:77:37:f1:69:1e:3d:2e:
de:5f:33:46:f4:5d:b3:8d:51:f9:c2:ee:d7:e4:3f:02:78:12:
a5:05:45:c4:6f:76:38:63:1f:25:6c:d5:37:83:b0:74:6e:3e:
48:67:c6:b6:81:c2:09:98:e9:f1:93:2e:e8:59:23:43:7a:69:
02:9c:b7:ad:81:f9:1e:91:8a:59:7d:80:12:0b:5f:09:1b:58:
11:02:80:7f:5d:a3:f5:ac:ab:d1:a1:54:68:61:9a:d9:a1:05:
95:42:f6:e6:4c:27:16:4b:d2:f3:d6:ad:54:49:5d:bf:ad:f4:
5e:81:7e:fe:e2:5f:b1:e1:1e:0d:d5:28:80:9b:23:3d:e3:5c:
25:e2:6d:40:04:98:6b:d7:07:cd:66:69:f4:81:49:bb:96:d3:
fc:22:9a:b7
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEFUfRcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YWI3YjljZWUwMDQzMDBlYWZlMDliZjEyZmNiNmRhMWRkMzBhNGQ3MB4XDTIyMDEw
MTA5NTgwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGZhMjA4ODY0OGY4
ZTNlOTAxZWFkNmRhYjJmYTEzNzcxOWE4OGYwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOEZqNwVNFATz0Uckbew5nqo8aWSCNTMxGMNyEPX4CmWy32f
aLZxDJa0uVu7W23aXhY6lfTVWCpZaIBLAus4o6EXNt2cvmwUKg7PgXC7zwh5eE7h
sr2IbO4i5AvovLm1wMpoZhfCs14HDTpF2KJ6IslxIHW6fwjWRiI94Duey8+ga0io
QJ4atEZdd23XWCtZQ+9YUzoT+H5LG+yg0nQuZsk3makMIq1ZvLxorbGGLyNeCPG1
zn2kmmksoTubGKPhAO5pd4OLcLRGNwo3QbeE/slukSQvmfYHPlAi4X3avXtfHgU4
olWHj9w1+Xq1rDviVo53a6wJcr+2Z7yy+TlupacCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRPogiGSPjj6QHq1tqy+hN3GaiPDDAfBgNVHSMEGDAWgBRqt7nO4AQwDq/g
m/Evy22h3TCk1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FyZTV6dUFFTUE2djRKdnhMOHR0b2Qwd3BOYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvN2QxMWUyLTUyNzQtNDQ3ZS05ZmU2LTg4YWE2ZmQwYWE4ZS8x
L1Q2SUloa2o0NC1rQjZ0YmFzdm9UZHhtb2p3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
N2QxMWUyLTUyNzQtNDQ3ZS05ZmU2LTg4YWE2ZmQwYWE4ZS8xL2FyZTV6dUFFTUE2
djRKdnhMOHR0b2Qwd3BOYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAx8YiAMEBUWsYAMEBVKRoAMEA7IU
SAMEArkDJAMEBdWJIDANBAIAAjAHAwUDKgD6gDANBgkqhkiG9w0BAQsFAAOCAQEA
ErwUZtIwJe8xMOZ1qjDJDX0dX+Nd6aQOzZmFbezEJSTj6SUNCn4k0ufo8hsKgIaO
m15ry+oju4uMtqk158TclWbnCjXe9QJz+Xonuh0Uoy3h1PVaf2oCugrge2N5dllo
yYhm9Eh3N/FpHj0u3l8zRvRds41R+cLu1+Q/AngSpQVFxG92OGMfJWzVN4OwdG4+
SGfGtoHCCZjp8ZMu6FkjQ3ppApy3rYH5HpGKWX2AEgtfCRtYEQKAf12j9ayr0aFU
aGGa2aEFlUL25kwnFkvS89atVEldv630XoF+/uJfseEeDdUogJsjPeNcJeJtQASY
a9cHzWZp9IFJu5bT/CKatw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:18 2024 by rpki-client on console-fra.rpki-client.org