Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/Dq6lSbUk8mLAtjJg9xWYrhJ9a7c.roa
File: Dq6lSbUk8mLAtjJg9xWYrhJ9a7c.roa (raw, json)
Hash identifier: Hft0YQ6rNgfB6W4oZ8aw7aKiyDwVXeaod9k3+SWhMc4=
Subject key identifier: 0E:AE:A5:49:B5:24:F2:62:C0:B6:32:60:F7:15:98:AE:12:7D:6B:B7
Certificate issuer: /CN=15fedc1705576d97fe4ad20291de198473d8156f
Certificate serial: 06E19AC1
Authority key identifier: 15:FE:DC:17:05:57:6D:97:FE:4A:D2:02:91:DE:19:84:73:D8:15:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff7cFwVXbZf-StICkd4ZhHPYFW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/Dq6lSbUk8mLAtjJg9xWYrhJ9a7c.roa
Signing time: Sat 01 Jan 2022 09:59:51 +0000
ROA not before: Sat 01 Jan 2022 09:59:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207992
IP address blocks: 194.9.172.0/23 maxlen: 23
194.9.172.0/24 maxlen: 24
194.9.173.0/24 maxlen: 24
194.11.21.0/24 maxlen: 24
194.11.20.0/24 maxlen: 24
194.11.20.0/23 maxlen: 23
2a04:ecc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115448513 (0x6e19ac1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fedc1705576d97fe4ad20291de198473d8156f
Validity
Not Before: Jan 1 09:59:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0eaea549b524f262c0b63260f71598ae127d6bb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d9:6f:ef:31:5a:99:58:9b:c8:7f:3d:3b:db:
80:d0:33:e7:60:5a:04:be:30:33:52:dd:4e:5c:39:
40:05:f3:35:72:74:7c:4d:22:fe:f8:0a:e1:58:63:
c6:cf:ca:68:0d:54:b7:95:15:ec:8a:16:b6:e6:75:
32:2e:99:99:28:f8:0f:f7:22:21:70:24:6f:a6:3e:
c0:b0:e9:77:0f:cb:f5:66:ca:79:d6:10:79:4c:d7:
3e:95:9e:79:47:88:40:b5:50:a9:7e:17:7b:81:dd:
fe:4d:ad:6d:94:41:5b:45:66:31:bd:b1:80:48:5e:
c8:7f:dd:f3:26:21:8d:88:e5:a9:b7:21:e4:fa:10:
23:32:e6:ba:7a:26:f9:7d:90:a2:6b:18:bc:2e:e1:
6a:a5:29:dc:51:6b:5a:3f:f3:01:45:6f:1c:3c:58:
9c:ed:94:b9:32:c4:0a:be:25:a1:05:33:0b:27:2d:
39:75:50:c9:67:a5:2c:76:c1:94:2e:9f:cb:2e:81:
d2:55:a9:82:43:5a:b4:aa:84:a7:ce:e2:84:ef:e3:
d5:12:39:6d:c7:78:55:bf:f9:dc:5a:a0:7b:b9:2d:
41:8f:dc:a4:f3:af:a2:da:4e:f2:87:1a:35:b6:66:
64:f5:3e:51:15:36:61:18:04:92:99:66:9d:56:3e:
3d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:AE:A5:49:B5:24:F2:62:C0:B6:32:60:F7:15:98:AE:12:7D:6B:B7
X509v3 Authority Key Identifier:
keyid:15:FE:DC:17:05:57:6D:97:FE:4A:D2:02:91:DE:19:84:73:D8:15:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff7cFwVXbZf-StICkd4ZhHPYFW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/Dq6lSbUk8mLAtjJg9xWYrhJ9a7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/Ff7cFwVXbZf-StICkd4ZhHPYFW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.172.0/23
194.11.20.0/23
IPv6:
2a04:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:68:96:bc:1d:52:2c:28:9f:79:05:34:ac:ce:ec:f1:a5:ae:
a3:18:3b:61:36:24:7a:6a:2c:71:57:88:e6:93:1a:5b:df:20:
b6:1d:2a:5c:8f:b1:04:52:c4:23:1f:73:87:18:7a:14:4e:f0:
cb:17:b4:e3:f1:63:84:63:3b:22:0b:e0:57:39:84:35:37:86:
2a:0e:19:ac:0f:74:1f:d1:19:39:23:6b:f2:39:25:af:b7:21:
8e:f2:05:b7:6f:67:aa:52:9d:0c:cd:7d:d4:4e:5a:63:5b:9f:
76:bc:b8:4f:b7:e5:8e:ea:58:f3:80:70:3f:14:0a:90:04:c6:
18:88:46:9d:82:69:41:d2:f2:03:f4:ab:67:55:22:41:bc:ea:
bc:86:74:b2:cb:47:d3:2a:ee:cb:75:77:9c:7a:44:60:b5:c4:
2e:34:35:eb:a1:88:7a:40:4d:35:1d:ca:bf:19:86:37:f8:06:
73:6b:5f:68:84:ae:ea:d7:fe:5f:97:77:d4:85:c1:01:7d:0b:
7a:6a:d4:79:28:d8:60:b0:85:18:ad:29:59:f5:b1:f1:ad:be:
d5:81:f0:31:c9:28:80:7a:48:3b:25:50:cd:85:5f:df:88:ed:
ac:e0:06:c3:4c:fc:01:8c:40:92:2e:51:02:fa:df:82:27:75:
df:1c:82:5a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBuGawTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NWZlZGMxNzA1NTc2ZDk3ZmU0YWQyMDI5MWRlMTk4NDczZDgxNTZmMB4XDTIyMDEw
MTA5NTk1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGVhZWE1NDliNTI0
ZjI2MmMwYjYzMjYwZjcxNTk4YWUxMjdkNmJiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzZb+8xWplYm8h/PTvbgNAz52BaBL4wM1LdTlw5QAXzNXJ0
fE0i/vgK4Vhjxs/KaA1Ut5UV7IoWtuZ1Mi6ZmSj4D/ciIXAkb6Y+wLDpdw/L9WbK
edYQeUzXPpWeeUeIQLVQqX4Xe4Hd/k2tbZRBW0VmMb2xgEheyH/d8yYhjYjlqbch
5PoQIzLmunom+X2QomsYvC7haqUp3FFrWj/zAUVvHDxYnO2UuTLECr4loQUzCyct
OXVQyWelLHbBlC6fyy6B0lWpgkNatKqEp87ihO/j1RI5bcd4Vb/53Fqge7ktQY/c
pPOvotpO8ocaNbZmZPU+URU2YRgEkplmnVY+PRcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQOrqVJtSTyYsC2MmD3FZiuEn1rtzAfBgNVHSMEGDAWgBQV/twXBVdtl/5K
0gKR3hmEc9gVbzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZmN2NGd1ZYYlpmLVN0SUNrZDRaaEhQWUZXOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvZTI3ZWI4LWFmNjQtNDQ2ZS04OGVjLWQ0NzJlNDlmNTkxZS8x
L0RxNmxTYlVrOG1MQXRqSmc5eFdZcmhKOWE3Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
ZTI3ZWI4LWFmNjQtNDQ2ZS04OGVjLWQ0NzJlNDlmNTkxZS8xL0ZmN2NGd1ZYYlpm
LVN0SUNrZDRaaEhQWUZXOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAcIJrAMEAcILFDANBAIAAjAHAwUD
KgTswDANBgkqhkiG9w0BAQsFAAOCAQEALmiWvB1SLCifeQU0rM7s8aWuoxg7YTYk
emoscVeI5pMaW98gth0qXI+xBFLEIx9zhxh6FE7wyxe04/FjhGM7IgvgVzmENTeG
Kg4ZrA90H9EZOSNr8jklr7chjvIFt29nqlKdDM191E5aY1ufdry4T7fljupY84Bw
PxQKkATGGIhGnYJpQdLyA/SrZ1UiQbzqvIZ0sstH0yruy3V3nHpEYLXELjQ166GI
ekBNNR3KvxmGN/gGc2tfaISu6tf+X5d31IXBAX0LemrUeSjYYLCFGK0pWfWx8a2+
1YHwMckogHpIOyVQzYVf34jtrOAGw0z8AYxAki5RAvrfgid13xyCWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:38 2024 by rpki-client on console-ams.rpki-client.org