Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/RKJYpWFms6uSIQIgeTnJHb4tldg.roa
File: RKJYpWFms6uSIQIgeTnJHb4tldg.roa (raw, json)
Hash identifier: vJoN6Z2iPr9TebZ9KpYUGk1X1A/R9uKI8B1Daw1mukE=
Subject key identifier: 44:A2:58:A5:61:66:B3:AB:92:21:02:20:79:39:C9:1D:BE:2D:95:D8
Certificate issuer: /CN=bccd52a6a7f957171b15f7be5e20916428369401
Certificate serial: 0181EDBE264B6CF998B42A837D87BCB60035
Authority key identifier: BC:CD:52:A6:A7:F9:57:17:1B:15:F7:BE:5E:20:91:64:28:36:94:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vM1Spqf5VxcbFfe-XiCRZCg2lAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/RKJYpWFms6uSIQIgeTnJHb4tldg.roa
Signing time: Mon 11 Jul 2022 14:51:10 +0000
ROA not before: Mon 11 Jul 2022 14:51:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6735
IP address blocks: 62.68.0.0/19 maxlen: 19
5.252.124.0/22 maxlen: 22
45.87.16.0/22 maxlen: 22
195.245.0.0/18 maxlen: 18
2a09:48c0::/29 maxlen: 29
2a0e:ed80::/29 maxlen: 29
2a0f:8040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ed:be:26:4b:6c:f9:98:b4:2a:83:7d:87:bc:b6:00:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bccd52a6a7f957171b15f7be5e20916428369401
Validity
Not Before: Jul 11 14:51:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44a258a56166b3ab922102207939c91dbe2d95d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d4:c7:72:98:8c:80:b1:3d:f4:78:1d:42:4e:
bb:00:b4:b3:e8:aa:9b:f2:90:1f:6d:c5:14:41:63:
a1:c9:85:62:b2:3e:74:8a:3a:2b:03:4f:ae:9b:c7:
f8:58:16:04:d5:08:79:35:49:0e:29:04:83:45:7a:
ea:13:83:f6:da:fa:cf:86:d3:7a:a5:d3:d2:93:18:
5b:ce:31:29:4f:fa:69:66:e5:d3:cc:00:35:b6:bb:
83:01:d3:d6:13:c7:05:98:da:f8:d7:d0:06:f6:2e:
50:32:f1:0d:a8:80:68:f5:b1:a5:70:33:5f:9c:32:
0b:f1:73:9c:12:94:5d:6c:4a:23:7d:31:e0:a6:6c:
00:58:78:aa:e8:67:f9:79:b5:0a:89:e2:aa:0d:04:
8b:a2:7f:e0:02:30:e4:7a:e3:ba:8a:cd:61:d9:65:
d1:4e:85:58:29:b4:99:40:9c:49:b6:b3:e3:61:d2:
fb:c9:d3:80:9c:3b:f9:a5:e4:98:38:92:78:33:07:
f8:53:19:de:8c:59:b4:f6:c2:af:55:4e:1e:a7:b5:
b8:01:c7:b5:a1:c5:e0:60:94:8d:02:dd:1c:6c:f5:
8f:6b:bd:fe:20:f4:c9:77:fb:bf:d1:24:91:d3:aa:
bf:d3:20:8b:7e:3e:44:8d:3f:24:98:b7:18:13:33:
7e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A2:58:A5:61:66:B3:AB:92:21:02:20:79:39:C9:1D:BE:2D:95:D8
X509v3 Authority Key Identifier:
keyid:BC:CD:52:A6:A7:F9:57:17:1B:15:F7:BE:5E:20:91:64:28:36:94:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vM1Spqf5VxcbFfe-XiCRZCg2lAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/RKJYpWFms6uSIQIgeTnJHb4tldg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/vM1Spqf5VxcbFfe-XiCRZCg2lAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.124.0/22
45.87.16.0/22
62.68.0.0/19
195.245.0.0/18
IPv6:
2a09:48c0::/29
2a0e:ed80::/29
2a0f:8040::/29
Signature Algorithm: sha256WithRSAEncryption
19:5a:15:a1:e0:40:08:fd:1a:48:bf:f2:18:f9:7c:f8:18:3b:
88:15:55:ec:46:a4:f8:89:f7:68:11:99:1a:34:aa:7f:d9:c7:
35:e4:43:7e:ec:f1:b6:b5:f9:cd:36:67:e1:29:11:7f:f8:ac:
c9:d8:d4:5d:e5:0f:33:d3:d6:4b:e6:a3:f3:49:bc:91:5b:1c:
b2:ec:af:ad:02:5d:ab:92:ee:b4:7c:63:2e:8f:7a:15:71:6f:
6c:f5:4f:32:5d:64:48:07:99:52:12:9b:86:2a:20:51:bf:2b:
f3:d0:00:51:0b:6e:6f:e3:93:15:b8:12:10:86:91:a6:2b:0d:
c0:2b:00:9b:1b:7c:af:e4:69:c4:1b:35:8a:55:5d:04:8c:64:
7a:3f:e8:ad:b3:99:a1:35:78:2c:a0:7d:67:a4:4c:34:b6:8d:
c1:c3:02:a4:06:3a:40:cc:4c:9c:f3:54:63:1a:0c:e5:39:f9:
f5:a8:d7:6d:c1:a9:1a:05:02:4a:13:4d:6c:a1:42:60:88:82:
22:7b:51:0c:cd:12:be:67:52:f0:e1:fe:b0:bf:36:68:20:77:
a2:45:bf:b5:4c:e3:a4:a2:04:cf:3d:11:ea:c3:d3:a6:3d:d6:
49:d9:b8:dc:9e:78:36:f3:eb:8f:fd:ff:4c:b7:bb:ce:27:71:
94:c5:72:a9
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYHtviZLbPmYtCqDfYe8tgA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2Q1MmE2YTdmOTU3MTcxYjE1ZjdiZTVlMjA5MTY0Mjgz
Njk0MDEwHhcNMjIwNzExMTQ1MTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGEyNThhNTYxNjZiM2FiOTIyMTAyMjA3OTM5YzkxZGJlMmQ5NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdTHcpiMgLE99HgdQk67ALSz6Kqb
8pAfbcUUQWOhyYVisj50ijorA0+um8f4WBYE1Qh5NUkOKQSDRXrqE4P22vrPhtN6
pdPSkxhbzjEpT/ppZuXTzAA1truDAdPWE8cFmNr419AG9i5QMvENqIBo9bGlcDNf
nDIL8XOcEpRdbEojfTHgpmwAWHiq6Gf5ebUKieKqDQSLon/gAjDkeuO6is1h2WXR
ToVYKbSZQJxJtrPjYdL7ydOAnDv5peSYOJJ4Mwf4UxnejFm09sKvVU4ep7W4Ace1
ocXgYJSNAt0cbPWPa73+IPTJd/u/0SSR06q/0yCLfj5EjT8kmLcYEzN+QQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFESiWKVhZrOrkiECIHk5yR2+LZXYMB8GA1UdIwQY
MBaAFLzNUqan+VcXGxX3vl4gkWQoNpQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk0xU3BxZjVWeGNiRmZlLVhpQ1JaQ2cybEFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9lZWFiOWEtZDIwNy00YjJlLWE1MjUt
ZTgyM2UxN2JiNWNjLzEvUktKWXBXRm1zNnVTSVFJZ2VUbkpIYjR0bGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9lZWFiOWEtZDIwNy00YjJlLWE1MjUtZTgyM2UxN2JiNWNj
LzEvdk0xU3BxZjVWeGNiRmZlLVhpQ1JaQ2cybEFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCBfx8AwQC
LVcQAwQFPkQAAwQGw/UAMBsEAgACMBUDBQMqCUjAAwUDKg7tgAMFAyoPgEAwDQYJ
KoZIhvcNAQELBQADggEBABlaFaHgQAj9Gki/8hj5fPgYO4gVVexGpPiJ92gRmRo0
qn/ZxzXkQ37s8ba1+c02Z+EpEX/4rMnY1F3lDzPT1kvmo/NJvJFbHLLsr60CXauS
7rR8Yy6PehVxb2z1TzJdZEgHmVISm4YqIFG/K/PQAFELbm/jkxW4EhCGkaYrDcAr
AJsbfK/kacQbNYpVXQSMZHo/6K2zmaE1eCygfWekTDS2jcHDAqQGOkDMTJzzVGMa
DOU5+fWo123BqRoFAkoTTWyhQmCIgiJ7UQzNEr5nUvDh/rC/Nmggd6JFv7VM46Si
BM89EerD06Y91knZuNyeeDbz64/9/0y3u84ncZTFcqk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:59 2024 by rpki-client on console-ams.rpki-client.org