Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/b266bb-1a3d-4e49-857c-ef38914a8ab0/1/ahwCrwu-1b-qMw4eWvxlRexxIE0.roa
File: ahwCrwu-1b-qMw4eWvxlRexxIE0.roa (raw, json)
Hash identifier: YAMVqLIOrcEXFukVFRfSCd5DTTV/hL6W3yZ7ZGIUtE4=
Subject key identifier: 6A:1C:02:AF:0B:BE:D5:BF:AA:33:0E:1E:5A:FC:65:45:EC:71:20:4D
Certificate issuer: /CN=5a0532e8fda4b27a5615aebb8d7fd0fcafa9f610
Certificate serial: 1BB3D596
Authority key identifier: 5A:05:32:E8:FD:A4:B2:7A:56:15:AE:BB:8D:7F:D0:FC:AF:A9:F6:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WgUy6P2ksnpWFa67jX_Q_K-p9hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/b266bb-1a3d-4e49-857c-ef38914a8ab0/1/ahwCrwu-1b-qMw4eWvxlRexxIE0.roa
Signing time: Sat 01 Jan 2022 10:57:38 +0000
ROA not before: Sat 01 Jan 2022 10:57:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12315
IP address blocks: 185.215.40.0/22 maxlen: 22
213.34.32.0/19 maxlen: 19
193.254.214.0/23 maxlen: 23
2a04:c580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 464770454 (0x1bb3d596)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a0532e8fda4b27a5615aebb8d7fd0fcafa9f610
Validity
Not Before: Jan 1 10:57:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a1c02af0bbed5bfaa330e1e5afc6545ec71204d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:71:aa:1d:ae:bf:f7:6d:3a:1f:fc:a2:4a:29:
b0:d1:17:ee:1b:31:0d:8b:2c:6c:b6:e7:c7:e8:ed:
38:39:8a:8c:44:7a:ee:83:0c:80:73:0f:f5:89:7a:
3a:6a:40:a2:0d:3f:b3:fd:8d:94:3d:71:c3:82:11:
4a:19:73:e9:a9:b2:a0:51:ef:3b:46:46:fb:46:59:
b3:bc:76:fe:67:f7:42:6e:32:1f:22:64:f1:ac:ae:
22:d0:c8:95:ac:e5:18:e6:2d:12:fb:48:36:95:e1:
33:64:e6:7c:b6:a7:56:e7:c0:93:61:b8:f1:0b:79:
64:45:be:b5:77:5c:cc:dc:f8:b5:c6:a6:8d:3d:4b:
c5:e5:90:6d:83:c2:bf:c4:9f:7a:06:a6:16:46:c3:
be:ee:88:a1:2e:c5:24:06:92:52:29:39:36:31:09:
55:2f:ed:45:77:b0:b7:a1:3e:b1:b8:df:09:03:d3:
d2:27:6f:9d:3f:1f:b0:d0:0a:9b:c6:2f:71:04:1f:
20:8d:41:0d:69:10:72:7e:ff:0c:21:be:bf:87:dd:
52:5a:2f:37:e8:48:1a:77:f0:3a:da:1c:63:84:79:
f9:77:93:cc:09:fe:dc:81:37:94:b5:f4:43:12:08:
75:1e:0c:22:71:52:32:67:9b:38:cf:bb:cf:a9:0a:
a9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:1C:02:AF:0B:BE:D5:BF:AA:33:0E:1E:5A:FC:65:45:EC:71:20:4D
X509v3 Authority Key Identifier:
keyid:5A:05:32:E8:FD:A4:B2:7A:56:15:AE:BB:8D:7F:D0:FC:AF:A9:F6:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WgUy6P2ksnpWFa67jX_Q_K-p9hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b266bb-1a3d-4e49-857c-ef38914a8ab0/1/ahwCrwu-1b-qMw4eWvxlRexxIE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b266bb-1a3d-4e49-857c-ef38914a8ab0/1/WgUy6P2ksnpWFa67jX_Q_K-p9hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.40.0/22
193.254.214.0/23
213.34.32.0/19
IPv6:
2a04:c580::/29
Signature Algorithm: sha256WithRSAEncryption
79:d7:6a:99:30:32:c0:08:09:92:2f:5c:47:64:eb:f6:9c:d6:
4c:ca:72:10:d9:ad:e1:4f:c5:a2:93:0a:e0:d6:a0:c5:78:a0:
51:04:ed:86:7c:13:ef:28:12:85:82:94:d2:c0:2b:ad:f2:81:
63:93:2a:b1:07:64:5c:1a:e7:3e:e6:ec:3f:c2:d6:c7:a3:5f:
d4:a1:0e:61:67:2d:ae:59:a4:88:d6:bb:5c:99:7b:b9:01:2a:
7b:48:6d:8a:ff:7c:d2:b9:ca:c9:08:72:d1:f8:27:fe:08:3b:
30:03:4c:d8:eb:95:3b:b4:a9:b9:93:b3:cd:ed:8b:b0:b1:3e:
7c:f9:01:8f:20:f5:8e:b8:e7:59:09:c4:ac:c5:5e:ad:85:e2:
ad:b8:02:b8:8e:eb:b0:cc:60:4d:9b:54:6f:6e:c7:cc:93:1a:
49:a9:ca:63:e7:1f:fb:b5:93:a0:13:43:ce:b9:5d:5e:ea:a5:
60:d5:63:17:0f:22:bd:b3:03:34:27:46:a1:e7:cf:58:8a:75:
fd:3a:8a:a2:9b:89:a7:2f:c2:11:88:1c:4f:10:09:f2:67:cf:
75:35:ec:26:c8:95:7c:18:1d:ee:e6:2a:bb:48:8b:cf:0c:a6:
39:ea:d5:fc:52:71:12:69:6c:2f:78:e3:43:86:cb:71:35:d9:
0b:4d:ad:2b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEG7PVljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTA1MzJlOGZkYTRiMjdhNTYxNWFlYmI4ZDdmZDBmY2FmYTlmNjEwMB4XDTIyMDEw
MTEwNTczOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmExYzAyYWYwYmJl
ZDViZmFhMzMwZTFlNWFmYzY1NDVlYzcxMjA0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZxqh2uv/dtOh/8okopsNEX7hsxDYssbLbnx+jtODmKjER6
7oMMgHMP9Yl6OmpAog0/s/2NlD1xw4IRShlz6amyoFHvO0ZG+0ZZs7x2/mf3Qm4y
HyJk8ayuItDIlazlGOYtEvtINpXhM2TmfLanVufAk2G48Qt5ZEW+tXdczNz4tcam
jT1LxeWQbYPCv8SfegamFkbDvu6IoS7FJAaSUik5NjEJVS/tRXewt6E+sbjfCQPT
0idvnT8fsNAKm8YvcQQfII1BDWkQcn7/DCG+v4fdUlovN+hIGnfwOtocY4R5+XeT
zAn+3IE3lLX0QxIIdR4MInFSMmebOM+7z6kKqbsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRqHAKvC77Vv6ozDh5a/GVF7HEgTTAfBgNVHSMEGDAWgBRaBTLo/aSyelYV
rruNf9D8r6n2EDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dnVXk2UDJrc25wV0ZhNjdqWF9RX0stcDloQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvYjI2NmJiLTFhM2QtNGU0OS04NTdjLWVmMzg5MTRhOGFiMC8x
L2Fod0Nyd3UtMWItcU13NGVXdnhsUmV4eElFMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
YjI2NmJiLTFhM2QtNGU0OS04NTdjLWVmMzg5MTRhOGFiMC8xL1dnVXk2UDJrc25w
V0ZhNjdqWF9RX0stcDloQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArnXKAMEAcH+1gMEBdUiIDANBAIA
AjAHAwUDKgTFgDANBgkqhkiG9w0BAQsFAAOCAQEAeddqmTAywAgJki9cR2Tr9pzW
TMpyENmt4U/FopMK4NagxXigUQTthnwT7ygShYKU0sArrfKBY5MqsQdkXBrnPubs
P8LWx6Nf1KEOYWctrlmkiNa7XJl7uQEqe0htiv980rnKyQhy0fgn/gg7MANM2OuV
O7SpuZOzze2LsLE+fPkBjyD1jrjnWQnErMVerYXirbgCuI7rsMxgTZtUb27HzJMa
SanKY+cf+7WToBNDzrldXuqlYNVjFw8ivbMDNCdGoefPWIp1/TqKopuJpy/CEYgc
TxAJ8mfPdTXsJsiVfBgd7uYqu0iLzwymOerV/FJxEmlsL3jjQ4bLcTXZC02tKw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:38 2024 by rpki-client on console-fra.rpki-client.org