Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/u5TYP9TrRnsuxAD1T2mB2WqJSYY.roa
File: u5TYP9TrRnsuxAD1T2mB2WqJSYY.roa (raw, json)
Hash identifier: Wi/xIAzCu1XtQmCF790qvfzLnk4Qv8nJhFFv2VKx324=
Subject key identifier: BB:94:D8:3F:D4:EB:46:7B:2E:C4:00:F5:4F:69:81:D9:6A:89:49:86
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 1A012D81
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/u5TYP9TrRnsuxAD1T2mB2WqJSYY.roa
Signing time: Tue 15 Mar 2022 11:13:05 +0000
ROA not before: Tue 15 Mar 2022 11:13:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16839
IP address blocks: 138.12.128.0/17 maxlen: 24
37.98.232.0/21 maxlen: 24
148.139.104.0/24 maxlen: 24
163.120.128.0/17 maxlen: 24
2a04:37c0::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 436284801 (0x1a012d81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Mar 15 11:13:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb94d83fd4eb467b2ec400f54f6981d96a894986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:65:f8:4c:ba:12:75:1c:f0:7a:58:23:c4:d6:
8e:d8:39:e3:a7:56:9a:0d:94:9f:d4:5d:52:18:e9:
62:cd:c3:fd:28:5a:06:53:1c:23:a2:a0:0e:d3:d2:
bb:a4:e3:e3:c6:ab:29:ff:f3:37:51:53:0a:41:79:
d0:07:1b:f1:f8:90:8a:ea:62:ac:41:30:c8:70:89:
9e:b2:50:03:89:5c:ee:58:5d:0f:77:88:4d:f6:1d:
e1:f9:1b:36:0a:44:35:ee:30:b5:19:0c:e9:9e:ab:
77:93:d7:e3:63:ac:b4:63:6d:f5:2b:6e:35:f9:04:
41:4f:6b:c0:f8:9a:2b:50:e0:9e:59:7a:fe:b3:87:
99:04:75:e8:c7:2d:bb:56:c5:14:0e:56:af:a2:3d:
b5:be:28:5b:f5:66:2c:e3:bc:4f:08:54:86:43:1f:
48:39:db:e8:b5:fe:75:68:7a:01:91:43:8d:a0:88:
47:fc:7b:b6:a5:4b:94:42:88:43:ce:98:4d:a4:94:
96:ff:b5:bd:76:cb:98:68:2e:2b:b3:c6:76:ee:62:
47:bd:7f:dc:e6:86:81:55:f4:16:75:7e:38:1f:9b:
6d:2c:97:08:54:e5:5e:da:6a:48:2c:32:0c:f0:fe:
1a:ad:2b:f9:71:26:d6:3b:b8:e9:9f:b8:af:c4:8d:
35:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:94:D8:3F:D4:EB:46:7B:2E:C4:00:F5:4F:69:81:D9:6A:89:49:86
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/u5TYP9TrRnsuxAD1T2mB2WqJSYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
138.12.128.0/17
148.139.104.0/24
163.120.128.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
16:07:1d:43:da:82:e4:14:6b:4b:b0:66:58:cd:85:35:3f:dd:
d9:be:8b:1f:7b:cb:59:04:af:a1:41:33:5d:c9:06:f3:1d:0d:
ec:08:5a:4c:f1:b2:88:2b:90:a1:08:14:4b:5a:32:62:9a:14:
35:4c:91:61:73:ef:d2:e1:bc:7d:2f:c8:bb:f9:20:9c:f9:d5:
8d:c2:9e:95:c9:20:57:f4:05:b6:8b:cd:32:39:0a:d6:84:85:
36:f4:f0:b8:de:69:5e:b9:e6:66:87:c6:b9:4e:29:b6:1f:41:
dd:9f:18:71:15:9c:03:24:f5:a3:b8:8c:e8:b4:d5:84:aa:1e:
7d:47:dc:98:af:4b:2e:28:f7:f7:e9:54:ab:ab:ce:05:ef:18:
59:8f:f9:db:27:de:86:ac:78:a0:32:1c:dd:a0:8d:a2:3c:79:
d6:03:6c:7d:a5:8a:a7:e3:fd:69:3d:32:94:b4:97:7a:10:a2:
df:5c:87:6f:5a:d2:51:eb:2e:04:eb:6b:20:60:2a:3f:4c:2a:
9d:02:2b:f6:fb:17:a7:40:3f:f1:d5:dc:fc:dd:ce:26:38:e9:
76:66:99:01:4e:9e:6a:6b:97:0b:98:01:97:eb:40:72:30:9c:
c1:1b:2e:52:29:9c:c2:b7:70:b7:6d:ef:d3:d1:89:19:17:40:
cb:2e:b7:78
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEGgEtgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWMzOGEwNmEzOWIyMGI4ZGE0MDAwOTIzN2Q3NmFjZGQyOGU3MWE1MB4XDTIyMDMx
NTExMTMwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI5NGQ4M2ZkNGVi
NDY3YjJlYzQwMGY1NGY2OTgxZDk2YTg5NDk4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpl+Ey6EnUc8HpYI8TWjtg546dWmg2Un9RdUhjpYs3D/Sha
BlMcI6KgDtPSu6Tj48arKf/zN1FTCkF50Acb8fiQiupirEEwyHCJnrJQA4lc7lhd
D3eITfYd4fkbNgpENe4wtRkM6Z6rd5PX42OstGNt9StuNfkEQU9rwPiaK1Dgnll6
/rOHmQR16Mctu1bFFA5Wr6I9tb4oW/VmLOO8TwhUhkMfSDnb6LX+dWh6AZFDjaCI
R/x7tqVLlEKIQ86YTaSUlv+1vXbLmGguK7PGdu5iR71/3OaGgVX0FnV+OB+bbSyX
CFTlXtpqSCwyDPD+Gq0r+XEm1ju46Z+4r8SNNVMCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBS7lNg/1OtGey7EAPVPaYHZaolJhjAfBgNVHSMEGDAWgBQBw4oGo5sguNpA
AJI312rN0o5xpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FjT0tCcU9iSUxqYVFBQ1NOOWRxemRLT2NhVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNmE4ZTVlLTM5YjYtNDdlMy1iYmIwLWIyOWYxMGNjMDMyOC8x
L3U1VFlQOVRyUm5zdXhBRDFUMm1CMldxSlNZWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NmE4ZTVlLTM5YjYtNDdlMy1iYmIwLWIyOWYxMGNjMDMyOC8xL0FjT0tCcU9iSUxq
YVFBQ1NOOWRxemRLT2NhVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAyVi6AMEB4oMgAMEAJSLaAMEB6N4
gDANBAIAAjAHAwUDKgQ3wDANBgkqhkiG9w0BAQsFAAOCAQEAFgcdQ9qC5BRrS7Bm
WM2FNT/d2b6LH3vLWQSvoUEzXckG8x0N7AhaTPGyiCuQoQgUS1oyYpoUNUyRYXPv
0uG8fS/Iu/kgnPnVjcKelckgV/QFtovNMjkK1oSFNvTwuN5pXrnmZofGuU4pth9B
3Z8YcRWcAyT1o7iM6LTVhKoefUfcmK9LLij39+lUq6vOBe8YWY/52yfehqx4oDIc
3aCNojx51gNsfaWKp+P9aT0ylLSXehCi31yHb1rSUesuBOtrIGAqP0wqnQIr9vsX
p0A/8dXc/N3OJjjpdmaZAU6eamuXC5gBl+tAcjCcwRsuUimcwrdwt23v09GJGRdA
yy63eA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:12 2023 by rpki-client on console-ams.rpki-client.org