Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ceff1a-ec66-4d45-ba9f-488a22299ca1/1/aUSNpmQchMStZi-bEwg4YR4Bu6c.roa
File: aUSNpmQchMStZi-bEwg4YR4Bu6c.roa (raw, json)
Hash identifier: znRIUXqBiFBryI/3jWAKLdysj0RcSjqMvUbQO7oYIFI=
Subject key identifier: 69:44:8D:A6:64:1C:84:C4:AD:66:2F:9B:13:08:38:61:1E:01:BB:A7
Certificate issuer: /CN=65ab51e8e58cc14ed9cb35731af1d011dbe2e12e
Certificate serial: 050D8F91
Authority key identifier: 65:AB:51:E8:E5:8C:C1:4E:D9:CB:35:73:1A:F1:D0:11:DB:E2:E1:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZatR6OWMwU7ZyzVzGvHQEdvi4S4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ceff1a-ec66-4d45-ba9f-488a22299ca1/1/aUSNpmQchMStZi-bEwg4YR4Bu6c.roa
Signing time: Sat 01 Jan 2022 09:59:46 +0000
ROA not before: Sat 01 Jan 2022 09:59:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207822
IP address blocks: 94.142.128.0/24 maxlen: 24
2001:678:b98::/48 maxlen: 48
2a0a:f00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84774801 (0x50d8f91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65ab51e8e58cc14ed9cb35731af1d011dbe2e12e
Validity
Not Before: Jan 1 09:59:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69448da6641c84c4ad662f9b130838611e01bba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:19:5d:a4:66:be:51:34:a9:52:a9:43:fe:b3:
53:d0:d1:64:b9:ac:08:71:05:07:7c:2d:f1:cc:d5:
a4:24:05:54:1b:34:79:be:c5:5d:8c:7b:43:9b:7f:
1b:6c:9e:06:dd:2c:4e:2b:9f:f6:24:3a:9b:c2:0f:
4a:e4:28:cf:d7:37:32:41:c3:39:4a:c3:b0:18:41:
22:f9:00:8d:6f:7e:71:f4:d5:38:05:01:0c:d7:26:
9f:5c:32:08:40:f4:3e:cd:bf:da:cc:f0:ef:5e:cf:
8a:c3:c2:c5:43:3c:41:a6:f1:74:b4:06:d3:98:18:
13:6d:87:77:38:eb:08:71:75:13:0f:82:a1:4f:81:
91:84:7a:67:f1:54:82:f7:81:5d:78:c8:8a:43:af:
12:85:8d:59:07:d1:76:e2:65:07:95:dd:e9:a1:f6:
4a:3a:3e:54:87:24:42:c8:0c:4b:02:18:02:2a:a8:
e3:0f:88:9e:1d:e6:e2:fd:d8:65:a6:76:7b:53:56:
c4:d3:a3:59:f1:16:06:f4:bd:6a:5b:bf:23:63:4f:
ec:9d:f3:67:67:61:4b:d7:66:5e:90:e3:87:9f:82:
e6:ca:ce:63:d0:29:b5:47:17:db:de:c0:89:d3:69:
93:56:83:6b:43:a4:e4:64:e7:80:6a:4b:20:94:89:
a9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:44:8D:A6:64:1C:84:C4:AD:66:2F:9B:13:08:38:61:1E:01:BB:A7
X509v3 Authority Key Identifier:
keyid:65:AB:51:E8:E5:8C:C1:4E:D9:CB:35:73:1A:F1:D0:11:DB:E2:E1:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZatR6OWMwU7ZyzVzGvHQEdvi4S4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ceff1a-ec66-4d45-ba9f-488a22299ca1/1/aUSNpmQchMStZi-bEwg4YR4Bu6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ceff1a-ec66-4d45-ba9f-488a22299ca1/1/ZatR6OWMwU7ZyzVzGvHQEdvi4S4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.128.0/24
IPv6:
2001:678:b98::/48
2a0a:f00::/29
Signature Algorithm: sha256WithRSAEncryption
79:9b:6a:8c:2b:65:a0:c5:1e:f2:6b:85:48:0c:32:8b:2a:ce:
b9:d1:26:97:3a:bd:7a:a7:36:9a:07:71:ef:4b:98:6c:f0:ed:
99:73:21:8c:95:d1:da:7e:0b:66:de:f8:6d:f3:8d:9c:7d:19:
55:b1:0c:ad:39:ea:fc:b2:5d:6b:8c:45:91:d6:0b:b6:19:6b:
2a:7a:e7:ee:a4:45:7e:86:08:86:1c:81:d0:ce:0e:51:09:2e:
2d:53:8f:59:2b:db:bd:a1:01:b6:64:56:b2:a9:8a:ce:4c:c1:
9c:0b:2b:75:d2:53:3a:a9:0e:81:a7:c7:a4:dd:35:9c:74:a7:
5c:ce:ab:ba:39:1b:d9:e1:3f:b5:fa:54:e6:95:67:6b:8e:67:
45:73:ca:c3:18:03:4d:b6:02:f6:90:21:bb:32:e9:16:3e:d6:
c5:92:37:78:d0:42:88:e6:5d:d7:2f:e7:ea:05:39:7b:13:72:
7a:ef:67:8d:89:d8:b5:60:a7:f4:3c:9e:7b:83:fa:e6:ea:b5:
62:b3:c3:24:59:44:79:fe:01:7c:be:7b:bd:af:71:f4:be:54:
64:af:fb:a9:fa:2e:28:a0:a1:06:54:54:fa:28:98:a4:03:90:
de:5e:e5:10:c7:69:4c:6a:19:88:24:ab:d6:67:64:70:1d:5a:
9b:ec:57:7e
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBQ2PkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NWFiNTFlOGU1OGNjMTRlZDljYjM1NzMxYWYxZDAxMWRiZTJlMTJlMB4XDTIyMDEw
MTA5NTk0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjk0NDhkYTY2NDFj
ODRjNGFkNjYyZjliMTMwODM4NjExZTAxYmJhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4ZXaRmvlE0qVKpQ/6zU9DRZLmsCHEFB3wt8czVpCQFVBs0
eb7FXYx7Q5t/G2yeBt0sTiuf9iQ6m8IPSuQoz9c3MkHDOUrDsBhBIvkAjW9+cfTV
OAUBDNcmn1wyCED0Ps2/2szw717PisPCxUM8QabxdLQG05gYE22HdzjrCHF1Ew+C
oU+BkYR6Z/FUgveBXXjIikOvEoWNWQfRduJlB5Xd6aH2Sjo+VIckQsgMSwIYAiqo
4w+Inh3m4v3YZaZ2e1NWxNOjWfEWBvS9alu/I2NP7J3zZ2dhS9dmXpDjh5+C5srO
Y9AptUcX297AidNpk1aDa0Ok5GTngGpLIJSJqQkCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRpRI2mZByExK1mL5sTCDhhHgG7pzAfBgNVHSMEGDAWgBRlq1Ho5YzBTtnL
NXMa8dAR2+LhLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1phdFI2T1dNd1U3Wnl6VnpHdkhRRWR2aTRTNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvY2VmZjFhLWVjNjYtNGQ0NS1iYTlmLTQ4OGEyMjI5OWNhMS8x
L2FVU05wbVFjaE1TdFppLWJFd2c0WVI0QnU2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
Y2VmZjFhLWVjNjYtNGQ0NS1iYTlmLTQ4OGEyMjI5OWNhMS8xL1phdFI2T1dNd1U3
Wnl6VnpHdkhRRWR2aTRTNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwDAQCAAEwBgMEAF6OgDAWBAIAAjAQAwcAIAEGeAuY
AwUDKgoPADANBgkqhkiG9w0BAQsFAAOCAQEAeZtqjCtloMUe8muFSAwyiyrOudEm
lzq9eqc2mgdx70uYbPDtmXMhjJXR2n4LZt74bfONnH0ZVbEMrTnq/LJda4xFkdYL
thlrKnrn7qRFfoYIhhyB0M4OUQkuLVOPWSvbvaEBtmRWsqmKzkzBnAsrddJTOqkO
gafHpN01nHSnXM6rujkb2eE/tfpU5pVna45nRXPKwxgDTbYC9pAhuzLpFj7WxZI3
eNBCiOZd1y/n6gU5exNyeu9njYnYtWCn9Dyee4P65uq1YrPDJFlEef4BfL57va9x
9L5UZK/7qfouKKChBlRU+iiYpAOQ3l7lEMdpTGoZiCSr1mdkcB1am+xXfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:04 2024 by rpki-client on console-ams.rpki-client.org