Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/AIRcx0XFj26MGFYppuqeqM8r7ik.roa
File: AIRcx0XFj26MGFYppuqeqM8r7ik.roa (raw, json)
Hash identifier: ucSeYEMogLrO05zmDMh+teo0Jdc7dv/UpVqOdISBlC4=
Subject key identifier: 00:84:5C:C7:45:C5:8F:6E:8C:18:56:29:A6:EA:9E:A8:CF:2B:EE:29
Certificate issuer: /CN=ae0a5a1b38617cc161f60613d98e179b5360c054
Certificate serial: 2857BC32
Authority key identifier: AE:0A:5A:1B:38:61:7C:C1:61:F6:06:13:D9:8E:17:9B:53:60:C0:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rgpaGzhhfMFh9gYT2Y4Xm1NgwFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/AIRcx0XFj26MGFYppuqeqM8r7ik.roa
Signing time: Sat 01 Jan 2022 03:56:15 +0000
ROA not before: Sat 01 Jan 2022 03:56:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20825
IP address blocks: 192.109.211.0/24 maxlen: 24
192.109.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 676838450 (0x2857bc32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae0a5a1b38617cc161f60613d98e179b5360c054
Validity
Not Before: Jan 1 03:56:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00845cc745c58f6e8c185629a6ea9ea8cf2bee29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:84:13:27:b0:2a:9b:eb:b6:ff:be:31:c6:e7:
aa:20:20:ad:b7:26:7c:d1:fe:9b:0e:16:cc:79:12:
62:ca:30:c4:15:c6:67:6e:04:3a:aa:1b:07:82:50:
8b:56:9a:d7:f5:33:4e:71:a1:70:f6:54:b2:bb:54:
30:91:4a:cc:43:93:6e:af:94:28:d3:d9:36:cc:cf:
3f:f8:aa:59:36:a9:65:53:11:be:94:f5:a2:02:42:
d7:0c:c0:0e:79:cd:ac:7b:c8:8b:8c:15:34:7f:01:
02:c0:16:f0:0a:e6:b4:72:60:f7:19:7e:23:29:e6:
4d:7f:24:42:88:7c:87:e0:34:da:2a:93:53:59:27:
e6:ab:90:59:26:66:4a:67:87:1f:c1:34:a8:30:88:
de:55:0b:1b:69:89:65:ee:96:66:16:1e:21:be:52:
37:41:87:6e:40:8f:9a:a1:45:47:9c:d7:ac:2e:49:
21:af:57:f2:a1:b6:a5:e3:99:bd:36:1f:d3:c4:63:
fa:a1:93:6c:9b:1a:fd:02:fb:e7:50:c3:49:7f:5b:
b6:56:22:11:6a:b1:06:48:ec:4a:e8:f2:eb:64:99:
12:a6:1e:72:e2:4a:83:a2:79:28:b5:32:34:d5:b5:
4f:02:7c:56:32:70:4b:d5:cd:59:dc:95:d3:61:9c:
0f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:84:5C:C7:45:C5:8F:6E:8C:18:56:29:A6:EA:9E:A8:CF:2B:EE:29
X509v3 Authority Key Identifier:
keyid:AE:0A:5A:1B:38:61:7C:C1:61:F6:06:13:D9:8E:17:9B:53:60:C0:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rgpaGzhhfMFh9gYT2Y4Xm1NgwFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/AIRcx0XFj26MGFYppuqeqM8r7ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/rgpaGzhhfMFh9gYT2Y4Xm1NgwFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.211.0-192.109.212.255
Signature Algorithm: sha256WithRSAEncryption
2d:18:d2:cf:52:7e:11:1f:e2:53:91:aa:1e:0c:bc:2b:07:46:
0f:84:a3:d6:62:33:83:bf:20:02:f0:64:e2:3f:dd:91:85:3f:
2e:d6:71:34:d9:8d:95:0d:83:1e:34:68:07:3d:ba:b0:e9:05:
17:98:fd:13:00:7e:6c:19:9a:35:c9:bd:a9:cc:46:47:bf:ca:
14:34:66:7c:09:8e:71:5a:a9:41:73:a1:31:ed:6b:4e:bc:33:
1f:b3:8e:db:a1:51:c6:a5:43:04:57:b0:65:1d:cb:a8:91:1f:
29:e1:8c:c6:72:3a:34:19:0e:44:e6:0c:27:68:cf:82:f8:dc:
d3:11:44:61:03:b9:e6:16:20:49:27:f0:6e:97:5c:e2:ef:00:
15:d0:cf:ce:ec:29:0a:bc:99:3b:d8:bb:31:36:42:75:e2:cf:
61:6a:77:cd:c4:43:fd:78:6f:49:91:78:06:5c:63:12:52:4a:
9e:5f:ab:d1:fe:3d:df:fa:e6:47:77:6e:c3:24:cd:bd:b7:a9:
ea:bc:ed:32:cd:ea:78:b9:02:03:d2:f6:3d:fc:ce:18:e8:45:
f7:b5:a6:1c:70:e5:f4:0c:a5:40:6e:7f:d0:ea:d9:e3:8b:da:
68:a7:3b:8d:1c:86:81:9f:51:8f:99:1d:7e:cf:e5:d0:af:71:
3d:7b:6c:7a
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEKFe8MjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTBhNWExYjM4NjE3Y2MxNjFmNjA2MTNkOThlMTc5YjUzNjBjMDU0MB4XDTIyMDEw
MTAzNTYxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA4NDVjYzc0NWM1
OGY2ZThjMTg1NjI5YTZlYTllYThjZjJiZWUyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOaEEyewKpvrtv++McbnqiAgrbcmfNH+mw4WzHkSYsowxBXG
Z24EOqobB4JQi1aa1/UzTnGhcPZUsrtUMJFKzEOTbq+UKNPZNszPP/iqWTapZVMR
vpT1ogJC1wzADnnNrHvIi4wVNH8BAsAW8ArmtHJg9xl+IynmTX8kQoh8h+A02iqT
U1kn5quQWSZmSmeHH8E0qDCI3lULG2mJZe6WZhYeIb5SN0GHbkCPmqFFR5zXrC5J
Ia9X8qG2peOZvTYf08Rj+qGTbJsa/QL751DDSX9btlYiEWqxBkjsSujy62SZEqYe
cuJKg6J5KLUyNNW1TwJ8VjJwS9XNWdyV02GcD6UCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQAhFzHRcWPbowYVimm6p6ozyvuKTAfBgNVHSMEGDAWgBSuClobOGF8wWH2
BhPZjhebU2DAVDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JncGFHemhoZk1GaDlnWVQyWTRYbTFOZ3dGUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvMzE5OTFhLWJkYjgtNGI1Yi1hZTVkLWIyOTgxMmMzZTQ2NS8x
L0FJUmN4MFhGajI2TUdGWXBwdXFlcU04cjdpay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
MzE5OTFhLWJkYjgtNGI1Yi1hZTVkLWIyOTgxMmMzZTQ2NS8xL3JncGFHemhoZk1G
aDlnWVQyWTRYbTFOZ3dGUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAwG3TAwQAwG3UMA0GCSqGSIb3
DQEBCwUAA4IBAQAtGNLPUn4RH+JTkaoeDLwrB0YPhKPWYjODvyAC8GTiP92RhT8u
1nE02Y2VDYMeNGgHPbqw6QUXmP0TAH5sGZo1yb2pzEZHv8oUNGZ8CY5xWqlBc6Ex
7WtOvDMfs47boVHGpUMEV7BlHcuokR8p4YzGcjo0GQ5E5gwnaM+C+NzTEURhA7nm
FiBJJ/Bul1zi7wAV0M/O7CkKvJk72LsxNkJ14s9hanfNxEP9eG9JkXgGXGMSUkqe
X6vR/j3f+uZHd27DJM29t6nqvO0yzep4uQID0vY9/M4Y6EX3taYccOX0DKVAbn/Q
6tnji9popzuNHIaBn1GPmR1+z+XQr3E9e2x6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:36 2024 by rpki-client on console-fra.rpki-client.org