Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/baC4j_ioxgBSRr22_QHwBec5kY4.roa
File: baC4j_ioxgBSRr22_QHwBec5kY4.roa (raw, json)
Hash identifier: pKxDPm2c6Xl5swvtAi7pooT2xvHUBzdwMYAGCFw0H9A=
Subject key identifier: 6D:A0:B8:8F:F8:A8:C6:00:52:46:BD:B6:FD:01:F0:05:E7:39:91:8E
Certificate issuer: /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial: 0A373917
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/baC4j_ioxgBSRr22_QHwBec5kY4.roa
Signing time: Sat 01 Jan 2022 07:02:36 +0000
ROA not before: Sat 01 Jan 2022 07:02:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48918
IP address blocks: 80.66.96.0/20 maxlen: 20
185.198.200.0/22 maxlen: 24
2a02:340::/32 maxlen: 32
2a0a:8ec0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171391255 (0xa373917)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Validity
Not Before: Jan 1 07:02:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6da0b88ff8a8c6005246bdb6fd01f005e739918e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:12:90:20:bf:97:90:0c:c9:63:cc:2d:04:ae:
38:82:ff:dd:92:7d:88:98:eb:59:9c:a4:a3:39:2f:
51:46:06:8f:45:9f:88:8e:40:b4:90:26:fb:05:58:
c1:6f:cb:c7:3e:6b:7d:18:48:50:4a:c5:d1:99:3b:
45:5c:6b:48:31:5e:dc:10:1e:0e:32:c7:12:ff:06:
bd:f4:6a:54:ed:72:3d:f7:2d:0d:2b:cd:a7:88:7a:
da:f3:7f:a7:fd:2f:ee:95:25:cb:1f:eb:57:ab:f8:
48:30:80:22:cf:17:ba:e0:87:9c:28:36:d2:cd:7b:
e9:3f:15:00:2a:a8:59:2e:6a:4f:33:48:05:71:4b:
7c:ab:6b:ce:fe:1f:e0:6f:de:16:b2:3d:77:42:aa:
10:d4:8b:f9:6a:45:6f:9a:12:41:2d:50:9b:ee:30:
2e:c1:b7:d3:96:e7:92:51:01:52:ce:e7:03:b1:ea:
84:62:ef:ce:4c:cf:c6:bd:9b:f1:99:6c:db:68:af:
c7:67:42:ed:51:f1:4c:80:5b:26:32:9e:ff:dd:b4:
70:10:de:74:b2:1e:d4:66:7d:7a:c1:64:ee:25:bd:
de:dc:0b:f3:60:c4:b1:9c:0d:38:0e:0a:34:63:7b:
7b:e6:76:fe:10:e4:0a:33:27:1a:28:92:bd:2e:9e:
4c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A0:B8:8F:F8:A8:C6:00:52:46:BD:B6:FD:01:F0:05:E7:39:91:8E
X509v3 Authority Key Identifier:
keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/baC4j_ioxgBSRr22_QHwBec5kY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.96.0/20
185.198.200.0/22
IPv6:
2a02:340::/32
2a0a:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
ac:cd:15:d7:a2:76:39:68:c1:98:78:a6:fd:50:1b:3a:17:4b:
1c:c1:2f:72:20:f4:25:b8:11:37:4d:7b:31:29:41:ed:45:61:
d7:41:b1:53:a9:8b:f6:e4:e6:e2:b6:44:50:93:dc:80:cf:51:
fc:64:06:46:bf:25:8d:10:3b:f7:c8:fa:81:9f:1a:89:3b:b5:
92:16:43:a7:56:f0:23:8b:b4:c4:a5:16:dc:12:95:58:aa:00:
3e:19:39:f1:59:3c:9f:9f:d7:87:25:24:eb:7c:b1:e7:b0:9c:
7e:b2:74:24:18:c2:1a:fb:c7:fa:bd:7d:7b:c3:ba:b1:50:2e:
c8:0d:80:42:a1:03:f5:93:e9:1a:7e:28:12:00:cc:6b:3e:a4:
a5:6c:0d:0b:b5:2c:c0:7d:17:63:6d:9d:a8:44:dc:cd:f2:2c:
ba:11:7d:d5:47:fe:27:20:f5:4c:12:b2:b3:09:ec:1f:5d:cd:
a8:6e:91:39:e7:9b:4f:38:1f:76:34:93:87:49:0e:79:d9:7d:
9b:c4:75:28:f5:5a:24:42:f4:4c:3a:26:fd:db:3e:96:bf:1b:
30:18:bf:b3:41:0a:3a:e4:7a:a1:ec:df:c1:84:8c:5a:d3:13:
43:f9:15:1d:b0:3b:25:c1:f7:c7:4a:9b:89:e3:b0:b0:37:c2:
a2:97:7a:a1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECjc5FzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGMzYjEyYzhkNjM1MTkwZWM5Mjg0MzdiYmQ2Y2IwZThjMzhmOWE5MB4XDTIyMDEw
MTA3MDIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRhMGI4OGZmOGE4
YzYwMDUyNDZiZGI2ZmQwMWYwMDVlNzM5OTE4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUSkCC/l5AMyWPMLQSuOIL/3ZJ9iJjrWZykozkvUUYGj0Wf
iI5AtJAm+wVYwW/Lxz5rfRhIUErF0Zk7RVxrSDFe3BAeDjLHEv8GvfRqVO1yPfct
DSvNp4h62vN/p/0v7pUlyx/rV6v4SDCAIs8XuuCHnCg20s176T8VACqoWS5qTzNI
BXFLfKtrzv4f4G/eFrI9d0KqENSL+WpFb5oSQS1Qm+4wLsG305bnklEBUs7nA7Hq
hGLvzkzPxr2b8Zls22ivx2dC7VHxTIBbJjKe/920cBDedLIe1GZ9esFk7iW93twL
82DEsZwNOA4KNGN7e+Z2/hDkCjMnGiiSvS6eTC8CAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBRtoLiP+KjGAFJGvbb9AfAF5zmRjjAfBgNVHSMEGDAWgBTUw7EsjWNRkOyS
hDe71ssOjDj5qTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFNT3hMSTFqVVpEc2tvUTN1OWJMRG93NC1hay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvMmZiNTkzLTQzZjUtNGRiNy05ODE5LTBmOWQ1N2E1ZDRmYS8x
L2JhQzRqX2lveGdCU1JyMjJfUUh3QmVjNWtZNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
MmZiNTkzLTQzZjUtNGRiNy05ODE5LTBmOWQ1N2E1ZDRmYS8xLzFNT3hMSTFqVVpE
c2tvUTN1OWJMRG93NC1hay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEBFBCYAMEArnGyDAUBAIAAjAOAwUA
KgIDQAMFAyoKjsAwDQYJKoZIhvcNAQELBQADggEBAKzNFdeidjlowZh4pv1QGzoX
SxzBL3Ig9CW4ETdNezEpQe1FYddBsVOpi/bk5uK2RFCT3IDPUfxkBka/JY0QO/fI
+oGfGok7tZIWQ6dW8COLtMSlFtwSlViqAD4ZOfFZPJ+f14clJOt8seewnH6ydCQY
whr7x/q9fXvDurFQLsgNgEKhA/WT6Rp+KBIAzGs+pKVsDQu1LMB9F2NtnahE3M3y
LLoRfdVH/icg9UwSsrMJ7B9dzahukTnnm084H3Y0k4dJDnnZfZvEdSj1WiRC9Ew6
Jv3bPpa/GzAYv7NBCjrkeqHs38GEjFrTE0P5FR2wOyXB98dKm4njsLA3wqKXeqE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:03 2023 by rpki-client on console-ams.rpki-client.org