Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/9D0SAQxBhi7WNm7HIYE_dLMa1vI.roa
File: 9D0SAQxBhi7WNm7HIYE_dLMa1vI.roa (raw, json)
Hash identifier: lDm41pJtuWrkNfEVhtOalCKMwgTwWDRt1tColbDOh+E=
Subject key identifier: F4:3D:12:01:0C:41:86:2E:D6:36:6E:C7:21:81:3F:74:B3:1A:D6:F2
Certificate issuer: /CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Certificate serial: 03A67580
Authority key identifier: 69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/9D0SAQxBhi7WNm7HIYE_dLMa1vI.roa
Signing time: Sat 01 Jan 2022 01:58:45 +0000
ROA not before: Sat 01 Jan 2022 01:58:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3262
IP address blocks: 212.81.128.0/17 maxlen: 17
192.148.167.0/24 maxlen: 24
195.16.128.0/19 maxlen: 19
194.30.0.0/17 maxlen: 17
2a03:c600::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61240704 (0x3a67580)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Validity
Not Before: Jan 1 01:58:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f43d12010c41862ed6366ec721813f74b31ad6f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:19:6d:53:12:df:1d:b2:88:4c:b2:f8:6e:cf:
d3:22:67:83:cf:8a:c5:c1:02:24:c0:a3:eb:2d:ca:
3e:2f:95:74:0b:7c:19:f4:fd:4f:76:e3:53:d8:2b:
97:12:03:3e:5e:25:be:1d:ce:ca:a7:a8:08:a5:c7:
44:43:3f:67:2e:d5:bf:09:fd:8b:f1:1f:9d:05:65:
d1:86:eb:e6:99:d2:71:f9:9d:16:a2:a4:2a:1d:84:
e7:0a:a9:a1:26:96:6d:84:2a:b2:93:4d:16:6f:f8:
cd:ee:b3:62:cc:26:54:c7:2c:eb:33:b6:d5:df:b8:
76:f8:17:52:85:d2:e0:58:85:41:c8:48:04:a7:74:
13:ae:98:cb:f9:50:82:3e:74:e0:4e:64:4d:92:70:
45:91:bd:6e:bb:3d:f2:06:ca:fb:dc:d2:1d:c4:de:
14:ad:81:6b:93:90:50:ac:0b:18:ca:78:d6:b8:70:
04:bf:ca:2b:9e:5a:c0:8b:18:07:6f:09:0f:f4:18:
fc:b8:78:d1:db:71:7a:6a:b2:2b:19:79:26:c5:83:
cb:bf:db:dc:b9:62:66:05:0a:cb:27:0b:93:32:22:
08:0c:f2:7e:bc:0d:d6:e2:3d:ed:37:2c:e3:e5:9d:
9b:4a:c2:bc:f0:69:5e:94:6b:2b:f9:5f:b7:e3:07:
7f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:3D:12:01:0C:41:86:2E:D6:36:6E:C7:21:81:3F:74:B3:1A:D6:F2
X509v3 Authority Key Identifier:
keyid:69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/9D0SAQxBhi7WNm7HIYE_dLMa1vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.148.167.0/24
194.30.0.0/17
195.16.128.0/19
212.81.128.0/17
IPv6:
2a03:c600::/32
Signature Algorithm: sha256WithRSAEncryption
13:98:42:70:f6:b8:4a:32:23:7e:02:83:9a:bf:b6:05:56:d5:
60:3f:29:46:12:b0:83:c6:81:ca:30:9f:6f:6b:52:6d:5f:0e:
3a:6b:27:0a:f4:b6:ed:0c:49:f6:d2:3c:77:6c:6f:73:91:6c:
e8:1f:7c:04:3d:94:08:27:d8:62:f9:9f:22:df:b5:9f:ab:dc:
00:cd:8f:8e:de:d2:e5:24:dd:1f:5d:39:61:5f:88:fa:ac:06:
33:eb:c4:92:8d:75:50:5c:48:8d:74:29:1b:26:dd:17:a0:f0:
63:fd:e6:c0:99:a7:68:54:5b:c3:2a:64:0d:f3:6f:37:6a:df:
61:e2:44:e3:7a:37:bb:1a:28:98:d9:e8:fd:d0:49:61:cb:01:
67:7c:93:29:7e:c8:0a:e4:cd:ba:db:b8:f5:80:5b:6e:44:17:
60:1c:cc:0a:9b:b8:88:61:26:7b:4b:33:40:a4:fc:31:0f:73:
b4:64:31:69:e0:41:53:c3:c4:c4:71:b6:0f:14:a3:82:1a:33:
08:78:66:64:00:cc:12:ba:3d:5a:29:0a:2f:1f:39:65:8c:7a:
bf:db:8f:d1:4f:7a:ac:7e:66:78:8c:66:2e:c1:14:79:61:b6:
73:9c:4f:d4:5c:e7:f9:60:12:f3:49:ef:8c:2b:68:94:6c:30:
37:65:4f:a1
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEA6Z1gDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OWFkYjgyNWY5ZmRiY2EwY2Q3Yzc5MDFkZWI3YTIyYWUxNzk3YzA2MB4XDTIyMDEw
MTAxNTg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQzZDEyMDEwYzQx
ODYyZWQ2MzY2ZWM3MjE4MTNmNzRiMzFhZDZmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkZbVMS3x2yiEyy+G7P0yJng8+KxcECJMCj6y3KPi+VdAt8
GfT9T3bjU9grlxIDPl4lvh3OyqeoCKXHREM/Zy7Vvwn9i/EfnQVl0Ybr5pnScfmd
FqKkKh2E5wqpoSaWbYQqspNNFm/4ze6zYswmVMcs6zO21d+4dvgXUoXS4FiFQchI
BKd0E66Yy/lQgj504E5kTZJwRZG9brs98gbK+9zSHcTeFK2Ba5OQUKwLGMp41rhw
BL/KK55awIsYB28JD/QY/Lh40dtxemqyKxl5JsWDy7/b3LliZgUKyycLkzIiCAzy
frwN1uI97Tcs4+Wdm0rCvPBpXpRrK/lft+MHf28CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBT0PRIBDEGGLtY2bschgT90sxrW8jAfBgNVHSMEGDAWgBRprbgl+f28oM18
eQHet6Iq4Xl8BjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FhMjRKZm45dktETmZIa0IzcmVpS3VGNWZBWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvYWY2YjdhLTlhNzAtNDk0ZS04YTkwLTMyMzYyNjdjODc5OS8x
LzlEMFNBUXhCaGk3V05tN0hJWUVfZExNYTF2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
YWY2YjdhLTlhNzAtNDk0ZS04YTkwLTMyMzYyNjdjODc5OS8xL2FhMjRKZm45dktE
TmZIa0IzcmVpS3VGNWZBWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAMCUpwMEB8IeAAMEBcMQgAMEB9RR
gDANBAIAAjAHAwUAKgPGADANBgkqhkiG9w0BAQsFAAOCAQEAE5hCcPa4SjIjfgKD
mr+2BVbVYD8pRhKwg8aByjCfb2tSbV8OOmsnCvS27QxJ9tI8d2xvc5Fs6B98BD2U
CCfYYvmfIt+1n6vcAM2Pjt7S5STdH105YV+I+qwGM+vEko11UFxIjXQpGybdF6Dw
Y/3mwJmnaFRbwypkDfNvN2rfYeJE43o3uxoomNno/dBJYcsBZ3yTKX7ICuTNutu4
9YBbbkQXYBzMCpu4iGEme0szQKT8MQ9ztGQxaeBBU8PExHG2DxSjghozCHhmZADM
Ero9WikKLx85ZYx6v9uP0U96rH5meIxmLsEUeWG2c5xP1Fzn+WAS80nvjCtolGww
N2VPoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:09 2024 by rpki-client on console-ams.rpki-client.org