Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/s1ONqbQxLiCG_aRc60Jwppj5iOc.roa
File: s1ONqbQxLiCG_aRc60Jwppj5iOc.roa (raw, json)
Hash identifier: mitYz3e1Mn2bqfYWNts3nBvI6XqS+6p0N0fCJjZA1lM=
Subject key identifier: B3:53:8D:A9:B4:31:2E:20:86:FD:A4:5C:EB:42:70:A6:98:F9:88:E7
Certificate issuer: /CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Certificate serial: 30DC5634
Authority key identifier: FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/s1ONqbQxLiCG_aRc60Jwppj5iOc.roa
Signing time: Sat 01 Jan 2022 10:59:31 +0000
ROA not before: Sat 01 Jan 2022 10:59:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5420
IP address blocks: 192.40.72.0/21 maxlen: 24
2001:67c:21a4::/48 maxlen: 48
2a06:f040::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 819746356 (0x30dc5634)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Validity
Not Before: Jan 1 10:59:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3538da9b4312e2086fda45ceb4270a698f988e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:70:6a:f4:e1:c9:25:1e:ee:53:1e:83:fe:b6:
27:46:82:fb:ff:98:13:ec:2d:84:ce:38:5e:be:d0:
b9:3c:9a:20:1c:65:14:5f:a3:60:d7:52:f1:70:b2:
41:4c:e1:d3:66:ff:32:60:67:e3:0d:4d:34:88:ee:
a2:c6:2b:37:da:f4:af:bf:8b:7d:da:15:a2:be:e1:
12:ad:f5:81:64:7e:ed:10:56:cb:04:6d:6e:d5:d6:
1b:b7:e2:11:93:49:3c:0b:5d:55:e5:a7:a8:d0:ed:
d6:51:6e:a8:2c:b4:f2:7a:db:32:50:74:0c:6c:61:
e2:b1:a4:2b:51:30:bd:2a:e4:ed:10:cb:34:39:49:
e0:04:8b:02:44:b5:62:9f:3e:96:03:0e:c6:89:c3:
b4:6f:89:14:90:e2:ed:1f:ca:cc:1c:bf:be:22:dc:
96:0c:19:10:d4:73:dd:49:b1:e2:3c:fc:8b:7d:fe:
06:6a:ac:92:42:2a:1c:cb:f1:6b:5f:23:ed:63:9d:
92:e2:91:99:47:e8:12:80:32:e4:fe:1b:25:fb:fd:
72:d6:df:b2:15:1b:2b:81:62:79:05:a4:f7:8b:d3:
cf:d5:58:bc:8a:2f:94:31:85:b8:97:c5:36:c0:7e:
32:de:eb:82:2e:3e:87:b5:66:70:96:25:e7:5c:ab:
69:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:53:8D:A9:B4:31:2E:20:86:FD:A4:5C:EB:42:70:A6:98:F9:88:E7
X509v3 Authority Key Identifier:
keyid:FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/s1ONqbQxLiCG_aRc60Jwppj5iOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.40.72.0/21
IPv6:
2001:67c:21a4::/48
2a06:f040::/32
Signature Algorithm: sha256WithRSAEncryption
4b:91:74:5a:a7:bf:7a:c5:ef:97:8d:e1:b0:13:a1:6e:91:c0:
3c:4e:2a:c7:e7:55:03:46:f8:9c:28:fb:89:ee:bf:b2:1b:df:
ab:6b:be:0a:fb:dc:79:39:16:7a:cf:0f:fd:18:47:bd:c2:bf:
31:76:1a:d2:8d:20:ce:68:a5:7a:2a:69:b5:9b:53:4f:69:63:
7e:fc:69:c7:e0:92:d0:ad:20:f9:ea:bb:3d:bf:97:65:10:8b:
1d:dc:88:4f:0f:e4:db:40:66:eb:d6:e7:20:ae:16:c7:78:f2:
51:3f:2a:37:8a:62:3a:13:ae:1a:4d:46:8a:4e:e0:4a:d8:db:
34:b2:b9:be:41:6a:a0:74:4a:b8:67:28:be:60:51:4c:d5:eb:
df:85:6e:7c:7a:d5:c9:eb:33:6a:4d:a8:64:5a:7a:38:10:3a:
18:0f:38:67:9a:e4:76:51:36:a2:16:f0:c4:48:5c:e5:a6:a1:
8e:cf:b3:8c:c3:4a:1d:6b:1c:54:44:04:8f:64:4d:11:af:6e:
23:fa:0e:36:c9:c5:f3:a2:30:19:aa:f2:d5:e9:c2:35:0e:be:
ad:c7:b3:58:1b:22:6f:15:7e:44:76:7d:43:b3:13:7d:17:cc:
67:0e:5a:9e:3e:b2:fa:c6:83:5b:63:42:4f:84:e8:b1:dc:14:
d5:2b:04:2b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEMNxWNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjFhODEwZTNhYjE5NjRiNDRlY2IzNzc4MzQwYjI2NmRiZGExMTI2MB4XDTIyMDEw
MTEwNTkzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjM1MzhkYTliNDMx
MmUyMDg2ZmRhNDVjZWI0MjcwYTY5OGY5ODhlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVwavThySUe7lMeg/62J0aC+/+YE+wthM44Xr7QuTyaIBxl
FF+jYNdS8XCyQUzh02b/MmBn4w1NNIjuosYrN9r0r7+LfdoVor7hEq31gWR+7RBW
ywRtbtXWG7fiEZNJPAtdVeWnqNDt1lFuqCy08nrbMlB0DGxh4rGkK1EwvSrk7RDL
NDlJ4ASLAkS1Yp8+lgMOxonDtG+JFJDi7R/KzBy/viLclgwZENRz3Umx4jz8i33+
BmqskkIqHMvxa18j7WOdkuKRmUfoEoAy5P4bJfv9ctbfshUbK4FieQWk94vTz9VY
vIovlDGFuJfFNsB+Mt7rgi4+h7VmcJYl51yraRMCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSzU42ptDEuIIb9pFzrQnCmmPmI5zAfBgNVHSMEGDAWgBT7GoEOOrGWS0Ts
s3eDQLJm29oRJjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEteHFCRGpxeGxrdEU3TE4zZzBDeVp0dmFFU1kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzMwLzlkNjA2ZS0wOGE2LTRmNGEtYjk4MC1iNWFiZjQ0MGU4OTMv
MS9zMU9OcWJReExpQ0dfYVJjNjBKd3BwajVpT2Mucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMw
LzlkNjA2ZS0wOGE2LTRmNGEtYjk4MC1iNWFiZjQ0MGU4OTMvMS8xLXhxQkRqcXhs
a3RFN0xOM2cwQ3ladHZhRVNZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQDwChIMBYEAgACMBADBwAgAQZ8
IaQDBQAqBvBAMA0GCSqGSIb3DQEBCwUAA4IBAQBLkXRap796xe+XjeGwE6FukcA8
TirH51UDRvicKPuJ7r+yG9+ra74K+9x5ORZ6zw/9GEe9wr8xdhrSjSDOaKV6Kmm1
m1NPaWN+/GnH4JLQrSD56rs9v5dlEIsd3IhPD+TbQGbr1ucgrhbHePJRPyo3imI6
E64aTUaKTuBK2Ns0srm+QWqgdEq4Zyi+YFFM1evfhW58etXJ6zNqTahkWno4EDoY
DzhnmuR2UTaiFvDESFzlpqGOz7OMw0odaxxURASPZE0Rr24j+g42ycXzojAZqvLV
6cI1Dr6tx7NYGyJvFX5Edn1DsxN9F8xnDlqePrL6xoNbY0JPhOix3BTVKwQr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:28 2024 by rpki-client on console-fra.rpki-client.org