Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/0KTzqFMnmtLsIHOjJqpTcmzDAEs.roa
File: 0KTzqFMnmtLsIHOjJqpTcmzDAEs.roa (raw, json)
Hash identifier: cbW6YfoL3ti9ZQWdbfHECIbIUd5IK41KYt9D6qiqM74=
Subject key identifier: D0:A4:F3:A8:53:27:9A:D2:EC:20:73:A3:26:AA:53:72:6C:C3:00:4B
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 058286A5
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/0KTzqFMnmtLsIHOjJqpTcmzDAEs.roa
Signing time: Sat 01 Jan 2022 14:07:29 +0000
ROA not before: Sat 01 Jan 2022 14:07:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6720
IP address blocks: 217.149.224.0/20 maxlen: 20
141.203.0.0/16 maxlen: 16
2a00:1ba0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92440229 (0x58286a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: Jan 1 14:07:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0a4f3a853279ad2ec2073a326aa53726cc3004b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:66:ca:8e:1a:77:1d:a2:f1:51:a6:98:6c:5d:
de:09:e1:9e:64:2d:63:3a:3d:b8:60:70:5c:79:0a:
eb:65:23:36:c3:91:95:f5:12:63:17:82:06:fe:ec:
a2:6d:c7:fd:2f:33:8a:8c:72:ae:1a:4b:7a:cd:f2:
5f:45:d2:da:18:e2:6a:b2:ec:23:c6:3c:78:9e:41:
58:1e:95:9e:e7:9b:ec:73:8b:c2:7f:57:4e:8c:c6:
1d:10:19:9f:fa:65:9b:f7:5b:99:64:96:73:cd:98:
e6:d8:14:c5:b6:de:dc:d3:60:f7:5d:86:2f:9a:0e:
bb:c8:f8:80:ab:23:51:06:fe:b7:d1:a3:bd:4d:b6:
ba:da:ec:ab:23:3b:15:6f:d8:97:ac:4e:e4:3f:40:
16:40:26:99:a7:30:52:2a:06:d8:ed:10:ab:a2:7b:
5c:3a:a5:89:c2:40:4a:d8:39:f5:42:dd:f2:ea:fe:
ac:1a:e1:a2:82:c4:c1:a6:9e:f0:da:d9:62:49:a1:
eb:0a:82:cc:3f:71:fe:01:33:f0:14:ab:bb:83:58:
59:7b:4f:98:1a:35:21:af:93:57:a7:47:4c:3b:dc:
1e:2c:5d:8d:11:a3:b5:a2:4d:3e:92:3f:a5:0e:ee:
a7:5d:1a:da:90:28:e3:4a:31:8e:45:a8:d5:e8:40:
ec:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A4:F3:A8:53:27:9A:D2:EC:20:73:A3:26:AA:53:72:6C:C3:00:4B
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/0KTzqFMnmtLsIHOjJqpTcmzDAEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.203.0.0/16
217.149.224.0/20
IPv6:
2a00:1ba0:2::/48
Signature Algorithm: sha256WithRSAEncryption
1b:23:53:45:c3:87:7f:36:0d:df:a7:5a:b2:4e:21:6a:ac:93:
1f:f1:64:0c:ca:4b:4f:28:dd:8b:a1:b4:79:2a:73:89:11:9a:
ac:83:53:45:a3:ec:9a:d2:c7:01:32:1d:a8:d8:ed:f5:ac:5c:
d3:07:ee:0b:eb:2c:62:32:92:81:85:05:d1:96:24:ea:49:45:
f2:62:84:04:cc:7f:7c:9f:79:3c:05:c5:75:f3:bb:6d:a7:35:
6e:81:3d:1b:f3:62:92:51:01:10:0b:c1:61:45:25:0e:47:a2:
95:ae:13:ce:c2:e7:f6:3f:17:48:4e:0f:96:94:54:f8:a5:24:
a2:85:6a:89:72:8c:1f:06:a3:d6:dd:20:26:2c:48:23:92:5d:
64:32:65:86:3e:f3:83:27:87:81:c8:26:1e:cc:f5:e2:91:e1:
55:67:13:b1:97:06:c2:8f:2d:e9:9c:0e:62:35:1a:2d:a1:5e:
77:45:2e:3a:d9:47:68:70:8b:d1:00:fc:13:98:3f:cf:1e:ba:
c2:c5:68:7a:aa:f2:1d:e0:f5:3c:9d:af:9f:01:84:8a:8a:1e:
f6:4d:7e:ca:cf:18:9e:dd:07:7c:c9:26:52:31:2c:9e:e1:01:
eb:af:fa:91:d8:c6:1f:14:1e:67:7e:51:50:f8:dd:bd:6c:71:
1a:55:68:94
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEBYKGpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDUzZjYzZjEzYTBjOTUyYTA3OWY0NTc4YTEwZWRiZjZlM2FhNThiMB4XDTIyMDEw
MTE0MDcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDBhNGYzYTg1MzI3
OWFkMmVjMjA3M2EzMjZhYTUzNzI2Y2MzMDA0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxmyo4adx2i8VGmmGxd3gnhnmQtYzo9uGBwXHkK62UjNsOR
lfUSYxeCBv7som3H/S8zioxyrhpLes3yX0XS2hjiarLsI8Y8eJ5BWB6Vnueb7HOL
wn9XTozGHRAZn/plm/dbmWSWc82Y5tgUxbbe3NNg912GL5oOu8j4gKsjUQb+t9Gj
vU22utrsqyM7FW/Yl6xO5D9AFkAmmacwUioG2O0Qq6J7XDqlicJAStg59ULd8ur+
rBrhooLEwaae8NrZYkmh6wqCzD9x/gEz8BSru4NYWXtPmBo1Ia+TV6dHTDvcHixd
jRGjtaJNPpI/pQ7up10a2pAo40oxjkWo1ehA7I8CAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBTQpPOoUyea0uwgc6MmqlNybMMASzAfBgNVHSMEGDAWgBTdU/Y/E6DJUqB5
9FeKEO2/bjqlizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNWUDJQeE9neVZLZ2VmUlhpaER0djI0NnBZcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvMWM0NDRkLTA1OGQtNDc1Yy1hYmZmLTVjZGZhMTE3YWVjNi8x
LzBLVHpxRk1ubXRMc0lIT2pKcXBUY216REFFcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
MWM0NDRkLTA1OGQtNDc1Yy1hYmZmLTVjZGZhMTE3YWVjNi8xLzNWUDJQeE9neVZL
Z2VmUlhpaER0djI0NnBZcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwEQQCAAEwCwMDAI3LAwQE2ZXgMA8EAgACMAkDBwAq
ABugAAIwDQYJKoZIhvcNAQELBQADggEBABsjU0XDh382Dd+nWrJOIWqskx/xZAzK
S08o3YuhtHkqc4kRmqyDU0Wj7JrSxwEyHajY7fWsXNMH7gvrLGIykoGFBdGWJOpJ
RfJihATMf3yfeTwFxXXzu22nNW6BPRvzYpJRARALwWFFJQ5HopWuE87C5/Y/F0hO
D5aUVPilJKKFaolyjB8Go9bdICYsSCOSXWQyZYY+84Mnh4HIJh7M9eKR4VVnE7GX
BsKPLemcDmI1Gi2hXndFLjrZR2hwi9EA/BOYP88eusLFaHqq8h3g9Tydr58BhIqK
HvZNfsrPGJ7dB3zJJlIxLJ7hAeuv+pHYxh8UHmd+UVD43b1scRpVaJQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:01 2023 by rpki-client on console-ams.rpki-client.org