Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/Jrvfis7zaox-yWBwcwpm5mx_kuA.roa
File: Jrvfis7zaox-yWBwcwpm5mx_kuA.roa (raw, json)
Hash identifier: mCFjT6/97MqN2aJuCLmCN47ke/pogkhXEf3IICf0EL8=
Subject key identifier: 26:BB:DF:8A:CE:F3:6A:8C:7E:C9:60:70:73:0A:66:E6:6C:7F:92:E0
Certificate issuer: /CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
Certificate serial: 0182A1F4DBB3C2030B857D4B3549DF35590E
Authority key identifier: F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/Jrvfis7zaox-yWBwcwpm5mx_kuA.roa
Signing time: Mon 15 Aug 2022 14:42:35 +0000
ROA not before: Mon 15 Aug 2022 14:42:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209768
IP address blocks: 176.105.246.0/24 maxlen: 24
2a12:5844:1212::/48 maxlen: 48
2a12:5840:1f2::/48 maxlen: 48
2a12:5844:100::/48 maxlen: 48
2a12:5840:1f0::/48 maxlen: 48
2a12:5840:2111::/48 maxlen: 48
2a12:5840:1f1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a1:f4:db:b3:c2:03:0b:85:7d:4b:35:49:df:35:59:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
Validity
Not Before: Aug 15 14:42:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26bbdf8acef36a8c7ec96070730a66e66c7f92e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:73:30:15:3b:36:9b:aa:0a:b6:0b:e5:86:fa:
9c:54:46:1b:cf:39:81:30:32:7c:c1:da:2c:68:5b:
29:26:b5:cb:04:e9:20:8f:e9:ee:48:86:e6:1c:1e:
52:3c:19:0b:5b:25:4d:aa:f4:2d:e8:39:52:b2:e9:
c4:a2:a7:89:ab:52:58:e5:8f:6d:fe:2c:ad:e8:12:
73:da:e7:25:0d:2f:2e:a2:b5:09:99:64:65:14:77:
4d:f9:0d:c3:dc:93:28:44:6e:74:f1:95:ec:84:82:
53:9c:8b:0a:2c:de:51:67:9b:82:27:05:60:0b:4d:
fc:ab:c4:65:c6:b4:ef:c1:94:52:e6:15:53:e8:c8:
44:7f:c1:bc:a5:ea:f3:e6:ad:3d:02:c6:76:f8:9f:
33:aa:63:ff:b6:6e:af:af:24:71:6a:78:84:f3:7a:
0a:6e:b5:63:0a:dc:c8:fd:be:91:80:24:af:7f:21:
fd:dd:2a:7f:aa:eb:94:3a:17:6d:ef:13:40:9b:56:
15:6c:49:d7:c5:74:e3:70:0f:a4:b4:19:86:14:43:
7a:2a:8a:b4:8c:77:a8:85:b6:51:79:8c:98:88:62:
ef:e8:73:21:da:cb:44:f3:05:51:bd:73:74:51:94:
0d:a4:02:e5:73:e0:71:7f:f8:71:fc:26:3c:f1:10:
bb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:BB:DF:8A:CE:F3:6A:8C:7E:C9:60:70:73:0A:66:E6:6C:7F:92:E0
X509v3 Authority Key Identifier:
keyid:F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/Jrvfis7zaox-yWBwcwpm5mx_kuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.105.246.0/24
IPv6:
2a12:5840:1f0::-2a12:5840:1f2:ffff:ffff:ffff:ffff:ffff
2a12:5840:2111::/48
2a12:5844:100::/48
2a12:5844:1212::/48
Signature Algorithm: sha256WithRSAEncryption
0f:19:8f:85:cc:56:a6:fa:bd:31:f8:cd:29:fa:b0:03:86:c4:
1a:ac:27:1a:78:38:50:a8:19:32:b3:53:40:f1:f0:75:6d:d7:
d9:56:d6:ba:c8:79:59:92:4e:c1:6b:ea:43:42:d7:a4:33:88:
1e:42:7e:15:bc:6b:53:82:7e:cd:d3:4a:ee:0a:fd:8c:a8:fa:
16:b0:9d:80:fc:f9:61:67:72:8a:47:24:30:ad:44:6a:df:9f:
30:07:bf:40:79:fa:95:a7:28:7f:43:08:9d:42:b1:b9:a2:a6:
83:83:bd:3b:ec:93:73:1d:56:58:fb:68:8e:27:f1:31:65:2b:
7a:5c:22:5a:e5:51:86:5a:af:3b:60:24:a9:16:85:f4:96:f7:
d1:43:4e:6f:79:4a:ab:6e:50:c4:9a:56:49:86:24:e6:b7:ba:
5a:c6:d8:c9:52:72:70:64:0a:23:4d:77:9f:b4:fe:b5:28:2e:
94:8a:4b:14:0b:a8:57:01:a1:37:ce:69:65:3d:49:5b:db:72:
5e:15:96:cc:66:23:24:7c:6e:4c:94:97:90:b3:6b:7f:91:42:
e4:9b:c6:20:57:9d:19:f7:c0:bc:6f:95:46:3f:d5:47:7f:44:
a3:2e:4a:ed:04:61:43:74:c4:0f:0a:b8:58:ed:f9:27:33:1b:
2a:94:99:ab
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYKh9NuzwgMLhX1LNUnfNVkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YzNlMDI3ZDJkMWMyZDM2ZDdjOTU0ODY3MjI2YzgzYjY1
ZWI1NmYwHhcNMjIwODE1MTQ0MjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmJiZGY4YWNlZjM2YThjN2VjOTYwNzA3MzBhNjZlNjZjN2Y5MmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHMwFTs2m6oKtgvlhvqcVEYbzzmB
MDJ8wdosaFspJrXLBOkgj+nuSIbmHB5SPBkLWyVNqvQt6DlSsunEoqeJq1JY5Y9t
/iyt6BJz2uclDS8uorUJmWRlFHdN+Q3D3JMoRG508ZXshIJTnIsKLN5RZ5uCJwVg
C038q8RlxrTvwZRS5hVT6MhEf8G8perz5q09AsZ2+J8zqmP/tm6vryRxaniE83oK
brVjCtzI/b6RgCSvfyH93Sp/quuUOhdt7xNAm1YVbEnXxXTjcA+ktBmGFEN6Koq0
jHeohbZReYyYiGLv6HMh2stE8wVRvXN0UZQNpALlc+Bxf/hx/CY88RC7fQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFCa734rO82qMfslgcHMKZuZsf5LgMB8GA1UdIwQY
MBaAFPbD4CfS0cLTbXyVSGcibIO2XrVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXNQZ0o5TFJ3dE50ZkpWSVp5SnNnN1pldFc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yYjI4NzgtNWI3OS00MGY3LWI0YjUt
MzU2YzRkN2JiNDUyLzEvSnJ2ZmlzN3phb3gteVdCd2N3cG01bXhfa3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yYjI4NzgtNWI3OS00MGY3LWI0YjUtMzU2YzRkN2JiNDUy
LzEvOXNQZ0o5TFJ3dE50ZkpWSVp5SnNnN1pldFc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAMBAIAATAGAwQAsGn2MDUE
AgACMC8wEgMHBCoSWEAB8AMHACoSWEAB8gMHACoSWEAhEQMHACoSWEQBAAMHACoS
WEQSEjANBgkqhkiG9w0BAQsFAAOCAQEADxmPhcxWpvq9MfjNKfqwA4bEGqwnGng4
UKgZMrNTQPHwdW3X2VbWush5WZJOwWvqQ0LXpDOIHkJ+FbxrU4J+zdNK7gr9jKj6
FrCdgPz5YWdyikckMK1Eat+fMAe/QHn6lacof0MInUKxuaKmg4O9O+yTcx1WWPto
jifxMWUrelwiWuVRhlqvO2AkqRaF9Jb30UNOb3lKq25QxJpWSYYk5re6WsbYyVJy
cGQKI013n7T+tSgulIpLFAuoVwGhN85pZT1JW9tyXhWWzGYjJHxuTJSXkLNrf5FC
5JvGIFedGffAvG+VRj/VR39Eoy5K7QRhQ3TEDwq4WO35JzMbKpSZqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:36 2024 by rpki-client on console-ams.rpki-client.org