Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/0Kxc3vSKYjOXxbiq0yZE4htZ9kg.roa
File: 0Kxc3vSKYjOXxbiq0yZE4htZ9kg.roa (raw, json)
Hash identifier: mMJ2/3JJdKivkkzWfVyJd1MCE85vkWpweqsUem3oUwc=
Subject key identifier: D0:AC:5C:DE:F4:8A:62:33:97:C5:B8:AA:D3:26:44:E2:1B:59:F6:48
Certificate issuer: /CN=cbf74cd846493138f522c57c0065b5c60512dd09
Certificate serial: 066A3C30
Authority key identifier: CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/0Kxc3vSKYjOXxbiq0yZE4htZ9kg.roa
Signing time: Sun 15 May 2022 07:02:40 +0000
ROA not before: Sun 15 May 2022 07:02:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206614
IP address blocks: 141.226.125.0/24 maxlen: 24
141.226.129.0/24 maxlen: 24
141.226.128.0/24 maxlen: 24
141.226.130.0/24 maxlen: 24
141.226.131.0/24 maxlen: 24
141.226.127.0/24 maxlen: 24
141.226.126.0/24 maxlen: 24
2a06:3b80:26::/48 maxlen: 48
2a06:3b80:21::/48 maxlen: 48
2a06:3b80:154::/48 maxlen: 48
2a06:3b80:25::/48 maxlen: 48
2a06:3b80:23::/48 maxlen: 48
2a06:3b80:22::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107625520 (0x66a3c30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbf74cd846493138f522c57c0065b5c60512dd09
Validity
Not Before: May 15 07:02:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0ac5cdef48a623397c5b8aad32644e21b59f648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0f:23:a5:7a:65:13:15:0c:9b:77:05:1b:b1:
51:14:33:b8:2c:05:44:d1:94:5b:19:42:77:2a:51:
b1:4b:7f:5e:43:57:6a:66:c2:5a:15:d6:af:45:9d:
19:e0:85:bc:b7:20:1b:38:d0:2e:f2:34:e6:1a:2f:
fa:81:e1:13:ef:5c:7d:59:2b:fa:6d:70:be:65:92:
76:aa:3e:fc:2e:51:a1:dd:6a:45:71:a4:7e:03:80:
35:db:49:e2:24:88:71:9f:25:bd:df:34:20:56:bc:
ea:63:dc:61:3a:f7:ef:bc:84:9d:e3:16:3f:26:68:
b9:f9:bc:c5:dc:d4:b2:a3:82:66:52:0e:73:a0:03:
76:6e:24:d5:92:3c:b1:11:0c:17:7b:1c:20:36:c7:
0b:1d:e3:2d:14:f2:a4:e4:d4:13:cc:26:a8:e5:a1:
ba:72:5c:69:f6:5c:5e:ec:97:ed:b7:43:c1:87:5e:
61:49:50:f1:9b:db:79:0f:d6:4e:9f:fe:82:ab:34:
61:98:3d:4d:88:00:fe:7d:23:83:76:e0:ea:ba:a5:
75:bd:fd:5a:be:d1:3f:4e:bb:24:b9:91:a4:26:92:
3f:3d:03:d0:eb:47:bd:95:91:ae:fa:39:d6:c5:61:
24:f5:52:1b:63:8b:b0:75:6e:2e:9e:cc:a4:e9:36:
20:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:AC:5C:DE:F4:8A:62:33:97:C5:B8:AA:D3:26:44:E2:1B:59:F6:48
X509v3 Authority Key Identifier:
keyid:CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/0Kxc3vSKYjOXxbiq0yZE4htZ9kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.125.0-141.226.131.255
IPv6:
2a06:3b80:21::-2a06:3b80:23:ffff:ffff:ffff:ffff:ffff
2a06:3b80:25::-2a06:3b80:26:ffff:ffff:ffff:ffff:ffff
2a06:3b80:154::/48
Signature Algorithm: sha256WithRSAEncryption
3f:66:97:ae:e1:bb:59:1b:19:9c:e3:a6:18:ad:e3:d9:df:42:
71:4a:91:87:5b:f9:f8:76:2e:12:92:ef:cc:26:28:a0:d4:26:
b4:a0:5c:9e:e4:03:47:e9:04:43:00:13:96:05:e4:1a:63:3d:
54:d3:5f:4d:ea:5e:4c:95:75:81:f1:f0:10:7a:0a:1f:b6:c5:
b6:2b:b1:ef:d3:90:f3:98:5c:75:0b:88:f0:bc:9f:81:21:a2:
97:00:66:8b:cc:5c:c2:32:6b:fe:9e:04:f6:de:a7:81:77:f0:
11:cc:36:fd:c3:76:b2:c9:33:b2:91:98:dd:4c:f5:d4:85:16:
5f:e7:94:50:f2:c4:ed:95:53:ee:38:f2:a7:be:64:63:fd:b1:
15:39:10:e4:3d:54:0b:c6:64:b2:8c:13:b7:08:3d:88:99:3c:
a5:f5:ea:62:1f:a6:5b:29:ac:8a:df:7f:fc:17:29:82:57:77:
5a:03:af:b6:d9:58:22:26:81:9d:95:48:d7:26:0e:e6:72:a4:
68:fa:b3:a9:26:7a:33:d3:f2:1f:7d:f0:86:00:c3:18:9b:d4:
5a:32:b9:c5:1b:95:ad:a8:c6:ef:43:84:92:d1:a3:f8:4c:1a:
a0:fd:8e:08:ac:d6:9a:66:fe:9d:b0:f3:94:be:ac:61:10:c5:
c6:64:fc:7e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIEBmo8MDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YmY3NGNkODQ2NDkzMTM4ZjUyMmM1N2MwMDY1YjVjNjA1MTJkZDA5MB4XDTIyMDUx
NTA3MDI0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDBhYzVjZGVmNDhh
NjIzMzk3YzViOGFhZDMyNjQ0ZTIxYjU5ZjY0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsPI6V6ZRMVDJt3BRuxURQzuCwFRNGUWxlCdypRsUt/XkNX
ambCWhXWr0WdGeCFvLcgGzjQLvI05hov+oHhE+9cfVkr+m1wvmWSdqo+/C5Rod1q
RXGkfgOANdtJ4iSIcZ8lvd80IFa86mPcYTr377yEneMWPyZoufm8xdzUsqOCZlIO
c6ADdm4k1ZI8sREMF3scIDbHCx3jLRTypOTUE8wmqOWhunJcafZcXuyX7bdDwYde
YUlQ8ZvbeQ/WTp/+gqs0YZg9TYgA/n0jg3bg6rqldb39Wr7RP067JLmRpCaSPz0D
0OtHvZWRrvo51sVhJPVSG2OLsHVuLp7MpOk2IGUCAwEAAaOCAkowggJGMB0GA1Ud
DgQWBBTQrFze9IpiM5fFuKrTJkTiG1n2SDAfBgNVHSMEGDAWgBTL90zYRkkxOPUi
xXwAZbXGBRLdCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lfZE0yRVpKTVRqMUlzVjhBR1cxeGdVUzNRay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzQ4Nzg5LTMyMDgtNDg0Ny05YzNmLTk4MmQxZjIxYTMyYi8x
LzBLeGMzdlNLWWpPWHhiaXEweVpFNGh0WjlrZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzQ4Nzg5LTMyMDgtNDg0Ny05YzNmLTk4MmQxZjIxYTMyYi8xL3lfZE0yRVpKTVRq
MUlzVjhBR1cxeGdVUzNRay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBg
BggrBgEFBQcBBwEB/wRRME8wFAQCAAEwDjAMAwQAjeJ9AwQCjeKAMDcEAgACMDEw
EgMHACoGO4AAIQMHAioGO4AAIDASAwcAKgY7gAAlAwcAKgY7gAAmAwcAKgY7gAFU
MA0GCSqGSIb3DQEBCwUAA4IBAQA/Zpeu4btZGxmc46YYrePZ30JxSpGHW/n4di4S
ku/MJiig1Ca0oFye5ANH6QRDABOWBeQaYz1U019N6l5MlXWB8fAQegoftsW2K7Hv
05DzmFx1C4jwvJ+BIaKXAGaLzFzCMmv+ngT23qeBd/ARzDb9w3ayyTOykZjdTPXU
hRZf55RQ8sTtlVPuOPKnvmRj/bEVORDkPVQLxmSyjBO3CD2ImTyl9epiH6ZbKayK
33/8FymCV3daA6+22VgiJoGdlUjXJg7mcqRo+rOpJnoz0/IfffCGAMMYm9RaMrnF
G5WtqMbvQ4SS0aP4TBqg/Y4IrNaaZv6dsPOUvqxhEMXGZPx+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:52 2024 by rpki-client on console-ams.rpki-client.org