Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/cLoVZ6hEbOjIohKsvNOQOQA-7Zw.roa
File: cLoVZ6hEbOjIohKsvNOQOQA-7Zw.roa (raw, json)
Hash identifier: rKWQmplTEPqItXFOJU/NMSQdH0QVozLZiSlYFKJ15BM=
Subject key identifier: 70:BA:15:67:A8:44:6C:E8:C8:A2:12:AC:BC:D3:90:39:00:3E:ED:9C
Certificate issuer: /CN=5d59f490d3b69b22e1e27c326baf72311056ddb8
Certificate serial: 01849EAC818B5126CB5408B5B83DEE2B66BE
Authority key identifier: 5D:59:F4:90:D3:B6:9B:22:E1:E2:7C:32:6B:AF:72:31:10:56:DD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XVn0kNO2myLh4nwya69yMRBW3bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/cLoVZ6hEbOjIohKsvNOQOQA-7Zw.roa
Signing time: Tue 22 Nov 2022 09:30:16 +0000
ROA not before: Tue 22 Nov 2022 09:30:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39242
IP address blocks: 109.70.160.0/21 maxlen: 21
81.19.112.0/20 maxlen: 20
2a02:ef0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:ac:81:8b:51:26:cb:54:08:b5:b8:3d:ee:2b:66:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d59f490d3b69b22e1e27c326baf72311056ddb8
Validity
Not Before: Nov 22 09:30:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70ba1567a8446ce8c8a212acbcd39039003eed9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0f:38:4a:91:7b:dc:07:b8:28:48:0d:fd:4e:
f2:95:32:c9:f8:7d:b5:a2:d3:76:ae:a0:bd:4a:a3:
8c:b7:3f:46:ce:b7:44:d2:ba:20:34:49:a5:33:f1:
cb:78:2f:5e:18:d5:7c:75:b2:f2:c2:5d:10:f7:c1:
d4:f6:05:00:b8:5f:4d:b3:16:c0:72:66:51:8d:d5:
90:f2:40:bc:1d:3c:97:1b:49:fb:05:c8:80:10:c0:
d9:23:46:5e:07:b5:1e:45:42:50:8f:e3:38:e8:59:
a6:56:a8:04:f9:e7:56:8f:2e:e9:91:a1:e9:4a:f7:
a6:a5:90:4d:e5:b4:ed:15:f0:39:9e:a3:d7:da:4e:
ea:4f:37:85:92:a8:60:d9:d5:a5:58:e3:a9:5f:7e:
91:c4:d7:d0:3e:f5:ab:72:df:b4:7b:d4:11:6c:df:
27:0a:52:e6:ed:a7:9d:2b:f0:e2:0b:fe:ad:16:8b:
1f:20:e4:96:a8:ba:30:5c:0a:57:b3:27:7a:fb:ac:
d1:aa:e4:21:e1:53:19:35:a8:1b:2e:c3:bd:3f:ab:
8a:0e:d7:54:a2:59:15:6a:5d:3e:a1:8d:2f:9c:eb:
cb:88:3e:4d:d4:ff:ee:d9:53:3b:78:1c:46:ff:a0:
6f:de:68:5a:d6:4d:a1:f0:ab:1b:f2:e6:21:e9:fe:
3c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:BA:15:67:A8:44:6C:E8:C8:A2:12:AC:BC:D3:90:39:00:3E:ED:9C
X509v3 Authority Key Identifier:
keyid:5D:59:F4:90:D3:B6:9B:22:E1:E2:7C:32:6B:AF:72:31:10:56:DD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XVn0kNO2myLh4nwya69yMRBW3bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/cLoVZ6hEbOjIohKsvNOQOQA-7Zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.112.0/20
109.70.160.0/21
IPv6:
2a02:ef0::/32
Signature Algorithm: sha256WithRSAEncryption
b2:a7:09:3c:51:02:b7:bd:f4:cf:9a:49:63:fb:44:0c:bd:35:
48:5f:e7:1f:aa:49:cf:f3:68:83:89:21:08:67:16:19:6f:d0:
f7:23:59:33:7c:4e:82:f2:14:55:45:66:0d:a0:af:11:bb:7b:
7f:b3:eb:5d:ba:02:a2:7f:e6:5e:07:54:8f:d4:2e:4d:4a:01:
30:bb:50:d9:b5:30:59:c2:f8:ff:82:ba:26:25:77:d9:4f:d9:
d1:f2:5b:31:84:f0:89:61:19:a0:52:a3:33:d6:dc:bf:91:1d:
43:df:19:93:7c:cc:4f:0d:35:25:22:14:a2:8e:5b:4f:5a:cb:
3a:eb:84:64:ef:8c:2e:6f:fd:5b:1a:56:8d:e0:ff:24:8f:73:
bf:cb:c3:05:10:7d:d1:2a:c1:24:5d:ac:09:71:51:17:67:46:
29:72:7c:94:82:76:62:b2:a4:00:1b:e1:2f:ab:15:f4:fa:0b:
0d:da:0f:2d:c4:b1:f9:c9:f0:8d:00:e9:20:b4:cc:c8:3e:be:
0d:24:81:b0:5a:08:ca:e5:6f:43:d6:f2:30:4d:60:48:78:30:
bf:e8:b5:91:75:25:44:2d:e5:44:3e:84:30:5b:17:06:fb:93:
9f:3c:da:6a:73:b0:16:c6:46:3e:6c:88:f8:b6:8a:65:46:ca:
35:a8:27:a1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYSerIGLUSbLVAi1uD3uK2a+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNTlmNDkwZDNiNjliMjJlMWUyN2MzMjZiYWY3MjMxMTA1
NmRkYjgwHhcNMjIxMTIyMDkzMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGJhMTU2N2E4NDQ2Y2U4YzhhMjEyYWNiY2QzOTAzOTAwM2VlZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgA84SpF73Ae4KEgN/U7ylTLJ+H21
otN2rqC9SqOMtz9GzrdE0rogNEmlM/HLeC9eGNV8dbLywl0Q98HU9gUAuF9NsxbA
cmZRjdWQ8kC8HTyXG0n7BciAEMDZI0ZeB7UeRUJQj+M46FmmVqgE+edWjy7pkaHp
SvempZBN5bTtFfA5nqPX2k7qTzeFkqhg2dWlWOOpX36RxNfQPvWrct+0e9QRbN8n
ClLm7aedK/DiC/6tFosfIOSWqLowXApXsyd6+6zRquQh4VMZNagbLsO9P6uKDtdU
olkVal0+oY0vnOvLiD5N1P/u2VM7eBxG/6Bv3mha1k2h8Ksb8uYh6f489QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHC6FWeoRGzoyKISrLzTkDkAPu2cMB8GA1UdIwQY
MBaAFF1Z9JDTtpsi4eJ8MmuvcjEQVt24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFZuMGtOTzJteUxoNG53eWE2OXlNUkJXM2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yYWViNzktMzU4Mi00ZWJmLWIxOWEt
NzkzNDhlODM2NmJjLzEvY0xvVlo2aEViT2pJb2hLc3ZOT1FPUUEtN1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yYWViNzktMzU4Mi00ZWJmLWIxOWEtNzkzNDhlODM2NmJj
LzEvWFZuMGtOTzJteUxoNG53eWE2OXlNUkJXM2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEURNwAwQD
bUagMA0EAgACMAcDBQAqAg7wMA0GCSqGSIb3DQEBCwUAA4IBAQCypwk8UQK3vfTP
mklj+0QMvTVIX+cfqknP82iDiSEIZxYZb9D3I1kzfE6C8hRVRWYNoK8Ru3t/s+td
ugKif+ZeB1SP1C5NSgEwu1DZtTBZwvj/gromJXfZT9nR8lsxhPCJYRmgUqMz1ty/
kR1D3xmTfMxPDTUlIhSijltPWss664Rk74wub/1bGlaN4P8kj3O/y8MFEH3RKsEk
XawJcVEXZ0YpcnyUgnZisqQAG+EvqxX0+gsN2g8txLH5yfCNAOkgtMzIPr4NJIGw
WgjK5W9D1vIwTWBIeDC/6LWRdSVELeVEPoQwWxcG+5OfPNpqc7AWxkY+bIj4topl
Rso1qCeh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:09 2024 by rpki-client on console-ams.rpki-client.org