Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/dUcN2cUzu-iW-MvaAqSlpP7epME.roa
File: dUcN2cUzu-iW-MvaAqSlpP7epME.roa (raw, json)
Hash identifier: FNnVUqE/S+g0eQ8O/qcCdRE5sh+Dyl2dyZHwSA6MxQ4=
Subject key identifier: 75:47:0D:D9:C5:33:BB:E8:96:F8:CB:DA:02:A4:A5:A4:FE:DE:A4:C1
Certificate issuer: /CN=6e60883aae491e5fb773a9264019ff4f888d5ca5
Certificate serial: 0184A34320428861D34B7D2C51CEE261EABA
Authority key identifier: 6E:60:88:3A:AE:49:1E:5F:B7:73:A9:26:40:19:FF:4F:88:8D:5C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/dUcN2cUzu-iW-MvaAqSlpP7epME.roa
Signing time: Wed 23 Nov 2022 06:53:16 +0000
ROA not before: Wed 23 Nov 2022 06:53:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44143
IP address blocks: 95.86.48.0/21 maxlen: 21
188.120.113.0/24 maxlen: 24
2a00:61c1::/32 maxlen: 32
2a00:61c0::/29 maxlen: 29
2a00:61c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:43:20:42:88:61:d3:4b:7d:2c:51:ce:e2:61:ea:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e60883aae491e5fb773a9264019ff4f888d5ca5
Validity
Not Before: Nov 23 06:53:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75470dd9c533bbe896f8cbda02a4a5a4fedea4c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a2:13:49:2c:87:d6:e7:05:67:7a:9c:33:8c:
c6:e2:dd:39:cb:4c:f2:23:67:66:29:f8:11:67:1a:
db:68:27:5d:1c:0b:f6:aa:d6:06:9c:62:ba:1a:6c:
b0:35:88:56:86:92:16:e0:03:21:bb:40:5e:5c:e9:
e4:0c:ed:f8:68:fc:d8:2d:25:de:d5:c8:ef:ea:ee:
25:b2:4c:8d:5a:05:0b:aa:e7:47:f8:09:50:bc:00:
db:ab:5e:8c:90:07:db:2a:08:aa:e3:2d:3e:8f:0c:
46:9f:eb:64:1c:ae:88:2e:c8:e1:6b:62:e6:13:fa:
28:a1:16:25:5e:0f:85:cb:a5:96:2b:49:71:a7:7d:
f1:ee:ff:f6:54:bc:b2:e6:c7:28:a6:76:2a:e5:f9:
a6:ca:ca:21:53:e4:90:54:8a:db:96:ab:f7:7c:dd:
5a:b0:e5:22:0a:7c:e8:bd:7b:fb:4d:c3:a9:34:21:
ec:b5:74:f4:92:b0:43:34:8a:4f:3b:1e:4f:82:0d:
2f:ab:6b:20:d5:7e:f6:e6:bd:77:fc:c8:d3:d0:8b:
e2:7e:3a:cf:e4:55:07:9d:2c:ef:ec:69:fa:a2:f2:
e5:f4:71:4a:ee:d2:46:57:52:54:db:d1:91:1e:74:
d1:aa:32:47:78:86:01:71:6a:a8:81:ba:92:56:dd:
01:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:47:0D:D9:C5:33:BB:E8:96:F8:CB:DA:02:A4:A5:A4:FE:DE:A4:C1
X509v3 Authority Key Identifier:
keyid:6E:60:88:3A:AE:49:1E:5F:B7:73:A9:26:40:19:FF:4F:88:8D:5C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/dUcN2cUzu-iW-MvaAqSlpP7epME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/bmCIOq5JHl-3c6kmQBn_T4iNXKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.86.48.0/21
188.120.113.0/24
IPv6:
2a00:61c0::/29
Signature Algorithm: sha256WithRSAEncryption
f1:5b:05:36:81:2f:ea:8c:77:43:da:64:2a:57:07:9a:51:73:
2b:43:40:cf:70:b8:75:ed:3a:d1:29:7f:f0:0a:be:de:99:2d:
12:57:7c:09:4b:51:d6:44:6e:15:ae:ba:74:4d:57:34:e7:5b:
31:69:0f:8d:8d:2c:ee:9c:ed:aa:d1:f5:58:1f:fb:bd:15:26:
d3:12:63:78:c1:4a:f5:77:2b:31:d1:5a:10:06:6e:06:a1:6a:
51:7b:ca:e6:c2:63:2c:b3:8c:15:22:23:70:59:bf:c5:ee:c7:
c6:44:1d:66:ff:29:1c:d8:39:61:7e:c9:1b:76:6e:29:8f:79:
f2:2a:df:a4:3f:31:90:13:fa:85:d5:c6:65:a3:ef:58:b9:28:
70:b7:ba:7b:bf:76:9a:bc:8e:26:d5:6d:1e:64:fc:3c:4f:6e:
1c:f6:ee:6f:89:1d:fd:3a:2b:a9:24:bf:43:32:56:0a:5b:f3:
9f:cb:4e:d5:f9:3d:6e:e6:fb:41:c1:9b:8e:db:4f:95:f6:5d:
1a:9a:54:30:2c:a3:2b:1b:13:7d:8a:3b:c5:b4:4c:47:92:ad:
8d:32:dd:e6:29:8b:07:92:6a:32:54:bb:fa:62:10:34:a5:22:
17:c1:8c:6e:09:55:fe:1e:f6:63:fd:91:89:85:a0:55:44:08:
8f:36:1f:0a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYSjQyBCiGHTS30sUc7iYeq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNjA4ODNhYWU0OTFlNWZiNzczYTkyNjQwMTlmZjRmODg4
ZDVjYTUwHhcNMjIxMTIzMDY1MzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTQ3MGRkOWM1MzNiYmU4OTZmOGNiZGEwMmE0YTVhNGZlZGVhNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6ITSSyH1ucFZ3qcM4zG4t05y0zy
I2dmKfgRZxrbaCddHAv2qtYGnGK6GmywNYhWhpIW4AMhu0BeXOnkDO34aPzYLSXe
1cjv6u4lskyNWgULqudH+AlQvADbq16MkAfbKgiq4y0+jwxGn+tkHK6ILsjha2Lm
E/oooRYlXg+Fy6WWK0lxp33x7v/2VLyy5scopnYq5fmmysohU+SQVIrblqv3fN1a
sOUiCnzovXv7TcOpNCHstXT0krBDNIpPOx5Pgg0vq2sg1X725r13/MjT0IvifjrP
5FUHnSzv7Gn6ovLl9HFK7tJGV1JU29GRHnTRqjJHeIYBcWqogbqSVt0BBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHVHDdnFM7volvjL2gKkpaT+3qTBMB8GA1UdIwQY
MBaAFG5giDquSR5ft3OpJkAZ/0+IjVylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm1DSU9xNUpIbC0zYzZrbVFCbl9UNGlOWEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kOGUwOTYtNDMxMC00MmI5LWJkMjAt
YjU2MDJkM2RhOGE2LzEvZFVjTjJjVXp1LWlXLU12YUFxU2xwUDdlcE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kOGUwOTYtNDMxMC00MmI5LWJkMjAtYjU2MDJkM2RhOGE2
LzEvYm1DSU9xNUpIbC0zYzZrbVFCbl9UNGlOWEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDX1YwAwQA
vHhxMA0EAgACMAcDBQMqAGHAMA0GCSqGSIb3DQEBCwUAA4IBAQDxWwU2gS/qjHdD
2mQqVweaUXMrQ0DPcLh17TrRKX/wCr7emS0SV3wJS1HWRG4Vrrp0TVc051sxaQ+N
jSzunO2q0fVYH/u9FSbTEmN4wUr1dysx0VoQBm4GoWpRe8rmwmMss4wVIiNwWb/F
7sfGRB1m/ykc2Dlhfskbdm4pj3nyKt+kPzGQE/qF1cZlo+9YuShwt7p7v3aavI4m
1W0eZPw8T24c9u5viR39OiupJL9DMlYKW/Ofy07V+T1u5vtBwZuO20+V9l0amlQw
LKMrGxN9ijvFtExHkq2NMt3mKYsHkmoyVLv6YhA0pSIXwYxuCVX+HvZj/ZGJhaBV
RAiPNh8K
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:52 2024 by rpki-client on console-ams.rpki-client.org