Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/tCYwr6SyavIXMKU4rKrul3OuZrs.roa
File: tCYwr6SyavIXMKU4rKrul3OuZrs.roa (raw, json)
Hash identifier: ELw7Rc106ED9ngDanlJRfEG2L/ANER06sIMmbqUJrX8=
Subject key identifier: B4:26:30:AF:A4:B2:6A:F2:17:30:A5:38:AC:AA:EE:97:73:AE:66:BB
Certificate issuer: /CN=1817a5ec18c4f2c44784adc5038356be5ae89429
Certificate serial: 061ED948
Authority key identifier: 18:17:A5:EC:18:C4:F2:C4:47:84:AD:C5:03:83:56:BE:5A:E8:94:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/tCYwr6SyavIXMKU4rKrul3OuZrs.roa
Signing time: Sat 01 Jan 2022 05:05:16 +0000
ROA not before: Sat 01 Jan 2022 05:05:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60154
IP address blocks: 193.0.184.0/24 maxlen: 24
193.0.212.0/24 maxlen: 24
193.0.129.0/24 maxlen: 24
192.251.230.0/24 maxlen: 24
2a0f:7ac0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102685000 (0x61ed948)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1817a5ec18c4f2c44784adc5038356be5ae89429
Validity
Not Before: Jan 1 05:05:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b42630afa4b26af21730a538acaaee9773ae66bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:aa:d6:24:01:ba:d7:fb:39:1c:59:01:63:ae:
5f:e9:d5:31:72:01:ba:ce:51:43:5f:fa:ad:62:25:
28:ed:f6:ae:aa:19:48:4a:ec:8c:ae:9a:a4:71:3a:
a4:a9:4e:e2:38:fa:52:06:80:e1:f3:a0:d1:b1:b6:
ae:dd:7d:01:42:ad:a3:4a:33:64:3f:a8:fb:59:f6:
5b:65:8f:e0:b0:af:b0:a3:c3:54:37:15:2b:78:65:
73:90:c8:b5:49:1b:3d:ce:cd:ba:87:e1:6c:16:a3:
3d:ee:ce:e9:b2:30:2b:3d:00:56:bb:45:aa:f5:f5:
30:79:99:ad:66:73:01:3a:98:d3:1a:45:25:ee:6d:
af:bc:c8:71:92:d0:47:63:29:51:db:58:ed:4c:3d:
55:dc:85:04:d3:25:07:d4:4e:9e:af:86:e9:ed:ed:
e2:a1:bd:4e:0b:cd:9e:0c:b4:45:33:0e:bb:4b:c3:
8e:46:07:d7:9e:82:cf:4a:e7:39:42:39:56:0d:d7:
fc:48:1c:eb:ff:53:6c:d7:8b:69:55:b3:55:fb:8c:
35:9f:b7:f0:98:b4:0f:75:1f:25:c8:ef:26:ad:99:
38:b6:6c:99:c8:9b:1f:30:48:2a:ac:c1:38:16:49:
10:46:38:91:21:18:2a:a3:41:86:e2:cf:d8:25:5d:
f8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:26:30:AF:A4:B2:6A:F2:17:30:A5:38:AC:AA:EE:97:73:AE:66:BB
X509v3 Authority Key Identifier:
keyid:18:17:A5:EC:18:C4:F2:C4:47:84:AD:C5:03:83:56:BE:5A:E8:94:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/tCYwr6SyavIXMKU4rKrul3OuZrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/GBel7BjE8sRHhK3FA4NWvlrolCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.251.230.0/24
193.0.129.0/24
193.0.184.0/24
193.0.212.0/24
IPv6:
2a0f:7ac0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:1c:c5:35:63:79:cb:4e:07:57:89:1d:ee:2a:19:d4:a6:4a:
b1:94:c1:7b:e3:1b:6e:13:9e:2e:15:9c:e4:c8:9a:80:bf:a9:
53:83:ae:0e:54:bf:c6:e0:ee:6b:40:fc:76:ed:09:99:32:42:
b0:5b:5c:69:e5:96:dc:4b:fe:e7:1f:f3:ca:49:bd:46:10:45:
07:8d:dc:f6:4d:20:04:a2:1a:82:ed:fc:0c:2e:8e:02:4f:28:
fd:a8:d5:37:d2:8c:3f:68:37:4d:18:72:0d:b1:f7:d1:83:01:
6f:e2:ba:25:f3:7b:e5:1d:6f:bc:c4:c8:fc:42:3b:53:2c:5b:
87:ed:f3:05:ce:c2:42:91:6b:03:8f:27:28:15:c7:6d:5a:c3:
b9:b3:89:60:6f:f5:93:cf:ea:45:a3:5f:76:66:f4:1e:fe:9a:
75:57:f2:85:3f:bd:05:aa:98:b2:07:c2:96:ec:5b:98:db:cb:
7e:4a:e5:86:79:59:b3:59:69:00:26:73:9d:95:4b:7f:b2:01:
d5:08:e9:bb:d5:f9:0a:bb:66:e2:7a:5f:b0:ab:44:98:52:d4:
98:c1:c8:df:07:55:05:5c:c7:f6:0c:b3:7a:03:a5:04:ef:73:
71:37:91:08:28:95:da:24:1d:01:cc:d1:ce:59:eb:c9:93:74:
ad:5a:4d:91
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBh7ZSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODE3YTVlYzE4YzRmMmM0NDc4NGFkYzUwMzgzNTZiZTVhZTg5NDI5MB4XDTIyMDEw
MTA1MDUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQyNjMwYWZhNGIy
NmFmMjE3MzBhNTM4YWNhYWVlOTc3M2FlNjZiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2q1iQButf7ORxZAWOuX+nVMXIBus5RQ1/6rWIlKO32rqoZ
SErsjK6apHE6pKlO4jj6UgaA4fOg0bG2rt19AUKto0ozZD+o+1n2W2WP4LCvsKPD
VDcVK3hlc5DItUkbPc7NuofhbBajPe7O6bIwKz0AVrtFqvX1MHmZrWZzATqY0xpF
Je5tr7zIcZLQR2MpUdtY7Uw9VdyFBNMlB9ROnq+G6e3t4qG9TgvNngy0RTMOu0vD
jkYH156Cz0rnOUI5Vg3X/Egc6/9TbNeLaVWzVfuMNZ+38Ji0D3UfJcjvJq2ZOLZs
mcibHzBIKqzBOBZJEEY4kSEYKqNBhuLP2CVd+DkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBS0JjCvpLJq8hcwpTisqu6Xc65muzAfBgNVHSMEGDAWgBQYF6XsGMTyxEeE
rcUDg1a+WuiUKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dCZWw3QmpFOHNSSGhLM0ZBNE5Xdmxyb2xDay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvNzczNjc4LWUyMDAtNDZhZi04NmMxLTZiZDgwMjJkMmVhZS8x
L3RDWXdyNlN5YXZJWE1LVTRyS3J1bDNPdVpycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
NzczNjc4LWUyMDAtNDZhZi04NmMxLTZiZDgwMjJkMmVhZS8xL0dCZWw3QmpFOHNS
SGhLM0ZBNE5Xdmxyb2xDay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAMD75gMEAMEAgQMEAMEAuAMEAMEA
1DANBAIAAjAHAwUDKg96wDANBgkqhkiG9w0BAQsFAAOCAQEAohzFNWN5y04HV4kd
7ioZ1KZKsZTBe+MbbhOeLhWc5MiagL+pU4OuDlS/xuDua0D8du0JmTJCsFtcaeWW
3Ev+5x/zykm9RhBFB43c9k0gBKIagu38DC6OAk8o/ajVN9KMP2g3TRhyDbH30YMB
b+K6JfN75R1vvMTI/EI7Uyxbh+3zBc7CQpFrA48nKBXHbVrDubOJYG/1k8/qRaNf
dmb0Hv6adVfyhT+9BaqYsgfCluxbmNvLfkrlhnlZs1lpACZznZVLf7IB1Qjpu9X5
Crtm4npfsKtEmFLUmMHI3wdVBVzH9gyzegOlBO9zcTeRCCiV2iQdAczRzlnryZN0
rVpNkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:08 2024 by rpki-client on console-fra.rpki-client.org