Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/ajgdgRMAjeqovnhEy7WEqQmwVIU.roa
File: ajgdgRMAjeqovnhEy7WEqQmwVIU.roa (raw, json)
Hash identifier: SnQ5r0n8Q5W3KHcqCfGE2MAB4EP+z3jXfFNe9qybIqQ=
Subject key identifier: 6A:38:1D:81:13:00:8D:EA:A8:BE:78:44:CB:B5:84:A9:09:B0:54:85
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 01843339157A7DB4C592969F6BAECE14FECE
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/ajgdgRMAjeqovnhEy7WEqQmwVIU.roa
Signing time: Tue 01 Nov 2022 12:44:49 +0000
ROA not before: Tue 01 Nov 2022 12:44:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21700
IP address blocks: 151.106.80.0/20 maxlen: 24
194.195.48.0/20 maxlen: 20
194.233.240.0/20 maxlen: 24
194.195.16.0/20 maxlen: 24
62.138.68.0/22 maxlen: 22
62.138.76.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:39:15:7a:7d:b4:c5:92:96:9f:6b:ae:ce:14:fe:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Nov 1 12:44:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a381d8113008deaa8be7844cbb584a909b05485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7a:21:b2:d5:0f:65:ce:c9:50:85:17:fb:7d:
cf:3c:fe:90:76:54:7a:69:c2:b9:95:e1:68:5d:66:
66:a6:14:8f:3f:bb:e6:47:c0:4f:29:af:b9:08:a3:
6e:f1:c8:68:63:12:19:77:41:cc:dd:81:11:df:90:
d3:db:14:34:88:18:07:49:91:59:96:1b:48:66:76:
0a:87:93:20:27:f4:ae:64:ce:e6:eb:5f:47:d0:70:
06:1a:88:c0:17:a5:55:f9:c0:bd:fe:17:b3:1b:a5:
ca:fd:d8:c6:6e:ac:f9:06:b1:47:4f:7f:01:94:23:
ac:04:cd:9e:ab:98:1f:51:b4:fd:a3:f3:df:a3:3a:
83:f0:c5:77:40:59:27:66:eb:bc:eb:19:b1:81:d4:
88:1a:34:57:e1:c3:b0:a7:69:57:c5:3d:3c:92:ce:
2b:82:25:4c:30:2a:c9:e5:ca:d1:7b:34:38:30:1c:
d0:c0:54:69:85:c9:76:e5:cc:b6:3c:4a:f3:50:68:
85:0d:00:4c:ca:55:f8:00:d6:bb:2f:89:22:0b:dd:
2a:25:23:da:4d:89:ad:c9:06:c3:6e:b1:a0:fe:b5:
72:57:e5:a4:d2:c2:bb:bd:e7:28:f1:fe:02:aa:b9:
e9:66:d6:b5:ce:4b:28:20:53:89:8f:ef:62:0d:04:
37:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:38:1D:81:13:00:8D:EA:A8:BE:78:44:CB:B5:84:A9:09:B0:54:85
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/ajgdgRMAjeqovnhEy7WEqQmwVIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.138.68.0/22
62.138.76.0/22
151.106.80.0/20
194.195.16.0/20
194.195.48.0/20
194.233.240.0/20
Signature Algorithm: sha256WithRSAEncryption
0f:00:48:1d:c4:3b:ea:6a:6d:89:67:45:87:b0:7e:bc:25:28:
32:f6:27:34:31:ce:b1:f9:51:2c:4d:0f:26:9f:b3:71:e3:32:
bf:63:a3:5e:a0:d3:ad:68:4f:3f:93:84:b7:8d:a7:a0:3b:df:
78:f7:40:4a:5f:a1:30:27:42:e2:64:49:58:62:e0:51:ca:da:
35:b6:7c:3c:76:48:cb:03:57:4c:c0:5d:28:5f:01:7f:ca:c9:
9e:7d:d0:d0:a3:fb:c1:a9:7b:51:cc:97:6e:63:66:46:11:60:
77:fa:3b:df:b7:0a:14:47:ed:a8:ee:d0:9c:ac:f9:61:86:82:
af:b8:f4:a4:9e:ae:0e:db:77:bf:cc:11:96:8e:64:ac:f6:2f:
6f:cc:31:8c:6c:94:f4:83:20:08:e9:db:b3:e0:a8:77:50:c1:
3a:0e:24:7d:b1:de:fd:0d:74:25:63:fb:02:f7:22:ba:93:28:
d5:5b:ff:69:7d:f4:c0:f3:2c:80:4a:c5:0d:55:33:c0:1a:b5:
ba:e1:7e:9b:11:39:6a:f4:1a:a0:3c:1b:22:17:e9:e8:75:f6:
d0:2b:bf:99:02:3b:ac:36:61:eb:e9:8b:ae:27:dc:f5:cd:27:
b2:c5:28:df:12:dc:8b:97:b8:3d:21:37:26:bc:90:c9:a3:0f:
c8:46:53:96
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYQzORV6fbTFkpafa67OFP7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjIxMTAxMTI0NDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTM4MWQ4MTEzMDA4ZGVhYThiZTc4NDRjYmI1ODRhOTA5YjA1NDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXohstUPZc7JUIUX+33PPP6QdlR6
acK5leFoXWZmphSPP7vmR8BPKa+5CKNu8choYxIZd0HM3YER35DT2xQ0iBgHSZFZ
lhtIZnYKh5MgJ/SuZM7m619H0HAGGojAF6VV+cC9/hezG6XK/djGbqz5BrFHT38B
lCOsBM2eq5gfUbT9o/PfozqD8MV3QFknZuu86xmxgdSIGjRX4cOwp2lXxT08ks4r
giVMMCrJ5crRezQ4MBzQwFRphcl25cy2PErzUGiFDQBMylX4ANa7L4kiC90qJSPa
TYmtyQbDbrGg/rVyV+Wk0sK7veco8f4CqrnpZta1zksoIFOJj+9iDQQ39wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGo4HYETAI3qqL54RMu1hKkJsFSFMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvYWpnZGdSTUFqZXFvdm5oRXk3V0VxUW13VklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCPopEAwQC
PopMAwQEl2pQAwQEwsMQAwQEwsMwAwQEwunwMA0GCSqGSIb3DQEBCwUAA4IBAQAP
AEgdxDvqam2JZ0WHsH68JSgy9ic0Mc6x+VEsTQ8mn7Nx4zK/Y6NeoNOtaE8/k4S3
jaegO99490BKX6EwJ0LiZElYYuBRyto1tnw8dkjLA1dMwF0oXwF/ysmefdDQo/vB
qXtRzJduY2ZGEWB3+jvftwoUR+2o7tCcrPlhhoKvuPSknq4O23e/zBGWjmSs9i9v
zDGMbJT0gyAI6duz4Kh3UME6DiR9sd79DXQlY/sC9yK6kyjVW/9pffTA8yyASsUN
VTPAGrW64X6bETlq9BqgPBsiF+nodfbQK7+ZAjusNmHr6YuuJ9z1zSeyxSjfEtyL
l7g9ITcmvJDJow/IRlOW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:29 2023 by rpki-client on console-ams.rpki-client.org