Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/l6ZD5U-HeNH1K5v3RyqHFGjW5ZQ.roa
File: l6ZD5U-HeNH1K5v3RyqHFGjW5ZQ.roa (raw, json)
Hash identifier: qgrM149NzJMI6f1Zpjb4heCmJXSZlQYs6PTyLnX0qCQ=
Subject key identifier: 97:A6:43:E5:4F:87:78:D1:F5:2B:9B:F7:47:2A:87:14:68:D6:E5:94
Certificate issuer: /CN=8fd26ad6f91ba4472814bae484a8df1f634c3341
Certificate serial: 0C947809
Authority key identifier: 8F:D2:6A:D6:F9:1B:A4:47:28:14:BA:E4:84:A8:DF:1F:63:4C:33:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j9Jq1vkbpEcoFLrkhKjfH2NMM0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/l6ZD5U-HeNH1K5v3RyqHFGjW5ZQ.roa
Signing time: Sat 01 Jan 2022 05:54:10 +0000
ROA not before: Sat 01 Jan 2022 05:54:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 176.123.0.0/21 maxlen: 21
176.123.1.0/24 maxlen: 24
176.123.2.0/24 maxlen: 24
176.123.3.0/24 maxlen: 24
176.123.4.0/24 maxlen: 24
176.123.0.0/24 maxlen: 24
176.123.8.0/24 maxlen: 24
176.123.8.0/22 maxlen: 22
176.123.9.0/24 maxlen: 24
176.123.10.0/24 maxlen: 24
176.123.11.0/24 maxlen: 24
176.123.5.0/24 maxlen: 24
176.123.6.0/24 maxlen: 24
176.123.7.0/24 maxlen: 24
2001:678:6d4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 211056649 (0xc947809)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fd26ad6f91ba4472814bae484a8df1f634c3341
Validity
Not Before: Jan 1 05:54:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97a643e54f8778d1f52b9bf7472a871468d6e594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a2:df:62:e8:03:e7:fc:75:06:6a:10:07:0c:
0d:cb:fe:b2:bd:52:2b:b6:68:78:61:af:bc:44:b6:
ab:d3:08:80:1c:cc:c1:ae:98:37:6a:2e:6c:0c:94:
b3:63:3d:c2:a9:e5:e8:6a:c6:ed:06:4a:d4:fb:d7:
22:d2:28:09:bd:b2:5b:18:60:0c:c7:2c:bd:da:74:
42:da:79:84:40:77:e3:8a:e0:f7:2d:f3:f1:ef:77:
14:e5:1f:a4:dc:bd:2a:0d:cc:1e:b6:0a:66:52:42:
da:54:6f:d9:b8:33:7c:e0:02:fc:ae:af:65:57:29:
71:ee:cc:5f:3c:94:f6:ad:51:35:bd:64:f0:40:20:
c5:26:7b:78:b1:b1:70:20:bb:43:21:36:9b:ac:da:
e3:c8:94:60:b1:3c:42:6b:38:b4:35:37:c8:20:81:
2e:8b:f5:20:bf:6e:3b:eb:26:74:9e:05:de:fd:55:
6f:12:2a:ad:96:c1:c1:2e:eb:10:4d:0d:ea:49:50:
4c:71:a8:02:cf:00:70:1c:0b:4c:20:ff:ad:a9:53:
a3:cb:bc:8d:78:57:26:be:e1:98:ef:85:ed:48:c2:
78:e4:eb:49:c2:95:a1:aa:fb:a3:3e:63:dc:e6:99:
0f:48:ac:15:db:c0:e1:64:bc:fa:56:79:5c:99:92:
9b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A6:43:E5:4F:87:78:D1:F5:2B:9B:F7:47:2A:87:14:68:D6:E5:94
X509v3 Authority Key Identifier:
keyid:8F:D2:6A:D6:F9:1B:A4:47:28:14:BA:E4:84:A8:DF:1F:63:4C:33:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j9Jq1vkbpEcoFLrkhKjfH2NMM0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/l6ZD5U-HeNH1K5v3RyqHFGjW5ZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/j9Jq1vkbpEcoFLrkhKjfH2NMM0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.123.0.0-176.123.11.255
IPv6:
2001:678:6d4::/48
Signature Algorithm: sha256WithRSAEncryption
30:a0:61:3c:e4:8c:dd:94:6a:cf:a6:a1:e2:81:f1:91:45:e5:
48:c8:3a:a2:cc:cf:fb:27:6d:12:4c:64:f7:3c:72:a5:27:2c:
fb:05:5e:4e:77:12:7a:55:03:9e:f5:39:10:58:08:db:f4:7e:
43:0b:5b:3d:3b:76:b1:86:e6:30:75:28:d7:15:0a:a4:09:8c:
50:54:8a:0e:58:62:64:03:0c:2d:53:e8:00:29:65:bd:17:46:
0f:30:f0:f3:6c:df:22:49:91:24:54:4c:ce:c4:e7:f5:c0:b8:
e0:79:0e:7a:73:b3:c5:a2:17:89:ed:ac:eb:4e:69:d8:49:27:
64:88:ed:f7:4e:af:02:6a:21:9e:10:14:e9:3c:13:82:1d:2e:
39:f8:e8:71:14:4d:48:62:31:5b:7b:1f:20:63:c3:aa:25:cd:
37:4c:06:b4:02:21:30:b5:80:ca:a8:a9:53:ae:4f:c7:81:37:
36:89:3b:f9:15:da:bd:72:07:7b:29:a5:ea:bf:eb:c8:9f:61:
c9:6d:47:d9:c8:c5:f1:37:90:b4:78:81:69:3b:c7:88:ce:6e:
af:00:d3:e6:b6:9f:6a:3e:ef:ef:1f:d7:d5:97:83:b1:9f:f2:
3c:8d:15:7f:f1:b9:56:34:a1:ce:a3:e6:97:4f:6c:01:2f:8a:
48:be:aa:78
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEDJR4CTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZmQyNmFkNmY5MWJhNDQ3MjgxNGJhZTQ4NGE4ZGYxZjYzNGMzMzQxMB4XDTIyMDEw
MTA1NTQxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTdhNjQzZTU0Zjg3
NzhkMWY1MmI5YmY3NDcyYTg3MTQ2OGQ2ZTU5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMqi32LoA+f8dQZqEAcMDcv+sr1SK7ZoeGGvvES2q9MIgBzM
wa6YN2oubAyUs2M9wqnl6GrG7QZK1PvXItIoCb2yWxhgDMcsvdp0Qtp5hEB344rg
9y3z8e93FOUfpNy9Kg3MHrYKZlJC2lRv2bgzfOAC/K6vZVcpce7MXzyU9q1RNb1k
8EAgxSZ7eLGxcCC7QyE2m6za48iUYLE8Qms4tDU3yCCBLov1IL9uO+smdJ4F3v1V
bxIqrZbBwS7rEE0N6klQTHGoAs8AcBwLTCD/ralTo8u8jXhXJr7hmO+F7UjCeOTr
ScKVoar7oz5j3OaZD0isFdvA4WS8+lZ5XJmSm98CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSXpkPlT4d40fUrm/dHKocUaNbllDAfBgNVHSMEGDAWgBSP0mrW+RukRygU
uuSEqN8fY0wzQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2o5SnExdmticEVjb0ZMcmtoS2pmSDJOTU0wRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvY2RhZDhmLWI5MTktNDVkMS1hZjE4LTYzNzQyZDE5YTAxMi8x
L2w2WkQ1VS1IZU5IMUs1djNSeXFIRkdqVzVaUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
Y2RhZDhmLWI5MTktNDVkMS1hZjE4LTYzNzQyZDE5YTAxMi8xL2o5SnExdmticEVj
b0ZMcmtoS2pmSDJOTU0wRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwEwQCAAEwDTALAwMAsHsDBAKwewgwDwQCAAIwCQMH
ACABBngG1DANBgkqhkiG9w0BAQsFAAOCAQEAMKBhPOSM3ZRqz6ah4oHxkUXlSMg6
oszP+ydtEkxk9zxypScs+wVeTncSelUDnvU5EFgI2/R+QwtbPTt2sYbmMHUo1xUK
pAmMUFSKDlhiZAMMLVPoACllvRdGDzDw82zfIkmRJFRMzsTn9cC44HkOenOzxaIX
ie2s605p2EknZIjt906vAmohnhAU6TwTgh0uOfjocRRNSGIxW3sfIGPDqiXNN0wG
tAIhMLWAyqipU65Px4E3Nok7+RXavXIHeyml6r/ryJ9hyW1H2cjF8TeQtHiBaTvH
iM5urwDT5rafaj7v7x/X1ZeDsZ/yPI0Vf/G5VjShzqPml09sAS+KSL6qeA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:37 2024 by rpki-client on console-ams.rpki-client.org