Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/todXRbJcTzhhKDwv9NQGnPeR0XI.roa
File: todXRbJcTzhhKDwv9NQGnPeR0XI.roa (raw, json)
Hash identifier: zQYz+9cFiRGer5Lj8cW0F4LlX/X/wByRt9bMWEPVWZk=
Subject key identifier: B6:87:57:45:B2:5C:4F:38:61:28:3C:2F:F4:D4:06:9C:F7:91:D1:72
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01843CEB15379A17E5840749896719005027
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/todXRbJcTzhhKDwv9NQGnPeR0XI.roa
Signing time: Thu 03 Nov 2022 09:55:50 +0000
ROA not before: Thu 03 Nov 2022 09:55:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 64.43.112.0/22 maxlen: 22
64.43.124.0/22 maxlen: 22
193.36.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:eb:15:37:9a:17:e5:84:07:49:89:67:19:00:50:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Nov 3 09:55:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6875745b25c4f3861283c2ff4d4069cf791d172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:47:c2:6b:0a:1e:e8:70:53:28:fc:14:3b:73:
0b:42:f0:42:d3:9d:f3:fb:d3:8e:bb:81:aa:c7:dc:
b7:bf:79:4c:75:d2:b7:39:67:dc:be:5e:dc:44:34:
42:3e:80:8c:55:e5:41:20:e9:9d:8e:8a:7d:ca:cc:
0c:3f:fb:b1:72:9f:01:81:ab:9e:66:5c:1d:f1:8e:
05:96:93:f0:c6:1b:6d:02:06:a5:50:18:ae:53:55:
82:a0:3e:83:ee:aa:7c:9f:a7:e4:4f:5c:a5:50:34:
eb:02:24:c9:9b:49:eb:ee:67:25:80:e0:db:4d:36:
77:3a:74:7f:ca:ed:2d:fa:fc:87:69:e2:0e:8c:06:
1a:a0:df:9c:9a:f5:95:ab:0d:a8:dc:51:e6:d3:b7:
66:a2:0a:e9:b6:39:03:b2:65:1d:29:cb:b9:19:40:
76:d1:ff:87:ad:58:ef:77:cc:e9:62:ea:91:23:2c:
88:02:ae:61:e7:e9:78:69:bd:4c:f3:32:25:38:f0:
48:ff:fe:a4:f0:a0:3a:6d:c6:ef:ee:74:93:58:47:
37:41:32:96:d7:b8:cd:dc:7e:f0:5c:95:1f:c4:55:
d7:92:24:e3:e9:62:0f:d8:be:a5:e9:4d:c9:92:e4:
8b:d9:e2:54:a1:1f:8a:3c:cc:51:b8:65:cd:aa:05:
fb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:87:57:45:B2:5C:4F:38:61:28:3C:2F:F4:D4:06:9C:F7:91:D1:72
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/todXRbJcTzhhKDwv9NQGnPeR0XI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.112.0/22
64.43.124.0/22
193.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:54:8d:2e:37:fa:ef:f9:02:3e:ca:20:84:e4:60:59:09:a7:
ba:de:10:73:5e:5e:3d:df:22:52:4e:98:4e:aa:6f:ed:72:cc:
11:d3:87:c8:d5:92:6f:f5:2c:29:7d:f8:4e:e7:37:b1:a2:24:
86:20:09:d4:71:47:81:b6:1e:e4:0d:fe:4c:46:05:ca:34:6a:
d4:25:4c:8b:86:18:b9:c2:fb:08:5c:9d:31:0a:a4:06:49:c9:
f2:56:ad:a3:48:ae:5f:b9:32:2f:f5:20:25:3e:4a:6f:cc:c8:
9c:4c:17:56:99:9a:d0:67:ac:ab:2b:cf:38:f0:8b:86:46:f4:
19:98:2c:a6:1e:8a:26:90:a8:10:be:66:1b:a5:2b:55:02:ac:
32:6e:e2:3c:78:a6:8e:8d:71:b6:1b:ab:7f:3f:4b:78:1d:65:
72:f3:ee:d5:59:4d:86:37:6a:18:d6:19:83:5e:17:2d:a0:12:
df:6b:44:e2:40:85:17:b2:ea:91:19:7f:4b:8f:16:85:7d:f2:
de:50:e0:aa:1c:7e:33:b7:9d:b7:61:7c:9a:ae:3d:86:af:d5:
e1:19:59:36:81:66:27:ce:90:fc:2f:16:fa:5e:75:56:cf:97:
c5:4d:e9:32:f2:08:35:35:b3:ff:2f:17:82:2a:f2:6f:24:db:
58:5b:31:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQ86xU3mhflhAdJiWcZAFAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIxMTAzMDk1NTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjg3NTc0NWIyNWM0ZjM4NjEyODNjMmZmNGQ0MDY5Y2Y3OTFkMTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEfCawoe6HBTKPwUO3MLQvBC053z
+9OOu4Gqx9y3v3lMddK3OWfcvl7cRDRCPoCMVeVBIOmdjop9yswMP/uxcp8Bgaue
Zlwd8Y4FlpPwxhttAgalUBiuU1WCoD6D7qp8n6fkT1ylUDTrAiTJm0nr7mclgODb
TTZ3OnR/yu0t+vyHaeIOjAYaoN+cmvWVqw2o3FHm07dmogrptjkDsmUdKcu5GUB2
0f+HrVjvd8zpYuqRIyyIAq5h5+l4ab1M8zIlOPBI//6k8KA6bcbv7nSTWEc3QTKW
17jN3H7wXJUfxFXXkiTj6WIP2L6l6U3JkuSL2eJUoR+KPMxRuGXNqgX7pQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLaHV0WyXE84YSg8L/TUBpz3kdFyMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvdG9kWFJiSmNUemhoS0R3djlOUUduUGVSMFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCQCtwAwQC
QCt8AwQCwSTMMA0GCSqGSIb3DQEBCwUAA4IBAQCPVI0uN/rv+QI+yiCE5GBZCae6
3hBzXl493yJSTphOqm/tcswR04fI1ZJv9SwpffhO5zexoiSGIAnUcUeBth7kDf5M
RgXKNGrUJUyLhhi5wvsIXJ0xCqQGScnyVq2jSK5fuTIv9SAlPkpvzMicTBdWmZrQ
Z6yrK8848IuGRvQZmCymHoomkKgQvmYbpStVAqwybuI8eKaOjXG2G6t/P0t4HWVy
8+7VWU2GN2oY1hmDXhctoBLfa0TiQIUXsuqRGX9LjxaFffLeUOCqHH4zt523YXya
rj2Gr9XhGVk2gWYnzpD8Lxb6XnVWz5fFTeky8gg1NbP/LxeCKvJvJNtYWzEV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org