Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/6E1wtlSFwXmGI6sZ07Vf25i7Psk.roa
File: 6E1wtlSFwXmGI6sZ07Vf25i7Psk.roa (raw, json)
Hash identifier: NDFY0RwREQuoPe0/Swd6/IBxLIY+BojYk7IkblQox1Q=
Subject key identifier: E8:4D:70:B6:54:85:C1:79:86:23:AB:19:D3:B5:5F:DB:98:BB:3E:C9
Certificate issuer: /CN=cbf74cd846493138f522c57c0065b5c60512dd09
Certificate serial: 053A3A20
Authority key identifier: CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/6E1wtlSFwXmGI6sZ07Vf25i7Psk.roa
Signing time: Sat 01 Jan 2022 04:00:51 +0000
ROA not before: Sat 01 Jan 2022 04:00:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206614
IP address blocks: 141.226.125.0/24 maxlen: 24
141.226.129.0/24 maxlen: 24
141.226.128.0/24 maxlen: 24
141.226.130.0/24 maxlen: 24
141.226.131.0/24 maxlen: 24
141.226.127.0/24 maxlen: 24
141.226.126.0/24 maxlen: 24
2a06:3b80:26::/48 maxlen: 48
2a06:3b80:21::/48 maxlen: 48
2a06:3b80:154::/48 maxlen: 48
2a06:3b80:22::/48 maxlen: 48
2a06:3b80:25::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87702048 (0x53a3a20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbf74cd846493138f522c57c0065b5c60512dd09
Validity
Not Before: Jan 1 04:00:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e84d70b65485c1798623ab19d3b55fdb98bb3ec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0f:dd:5d:ba:98:37:b6:25:58:3f:36:59:4c:
ea:c0:fd:6d:f5:c4:e6:74:8d:5e:be:40:3a:df:8b:
5b:1c:55:89:ee:6d:d4:24:6a:6a:d5:72:57:67:14:
eb:eb:65:c3:74:d4:d9:b6:ac:c1:cc:ae:89:bd:c4:
6e:a9:7f:5b:ea:9d:d9:e5:6e:1c:17:03:45:47:16:
e8:2e:b6:5b:16:4b:a8:d7:8b:b4:c8:8a:74:47:8b:
93:b6:eb:5d:69:70:81:76:95:ee:47:b3:1e:39:f0:
5c:92:59:1f:55:40:76:0e:11:7e:db:eb:cf:44:40:
2a:ef:70:b4:50:ab:94:7f:7d:fb:c2:20:f2:f4:ed:
06:d2:a2:3d:39:86:91:39:8e:4a:1f:85:d4:ca:d9:
d3:0b:a4:73:e2:8a:19:11:e3:87:3c:a7:b0:6e:33:
77:c6:7a:44:fa:93:95:3c:71:b8:c5:43:b8:1b:2f:
f3:42:0b:e9:e7:eb:cb:60:28:51:a4:1c:39:11:8d:
e2:3d:df:b8:12:13:be:6d:94:08:20:56:dd:45:c9:
be:b0:82:9e:fd:55:5d:fe:9d:f5:9c:15:a2:5c:ce:
da:e7:78:27:5a:db:a0:9e:11:21:a7:a4:03:ae:27:
8d:b9:b9:3d:14:9b:d4:59:79:bd:4a:cc:b9:b9:64:
a8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:4D:70:B6:54:85:C1:79:86:23:AB:19:D3:B5:5F:DB:98:BB:3E:C9
X509v3 Authority Key Identifier:
keyid:CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/6E1wtlSFwXmGI6sZ07Vf25i7Psk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.125.0-141.226.131.255
IPv6:
2a06:3b80:21::-2a06:3b80:22:ffff:ffff:ffff:ffff:ffff
2a06:3b80:25::-2a06:3b80:26:ffff:ffff:ffff:ffff:ffff
2a06:3b80:154::/48
Signature Algorithm: sha256WithRSAEncryption
9e:7e:0d:b3:ed:b0:ec:49:08:dd:93:e1:d9:b6:76:6c:36:f4:
d3:3e:42:90:70:1c:e7:5f:9e:65:83:f8:c6:af:94:19:74:53:
24:e0:64:a6:c9:6d:fc:d9:76:9a:68:90:1f:c6:cc:6c:10:6d:
eb:b0:81:9e:e1:49:2b:2b:32:41:bf:e4:44:8b:8e:7a:6b:74:
9d:8b:88:af:5c:51:86:6e:47:0e:22:15:86:7d:4d:04:69:3c:
bf:96:ac:90:d7:be:29:99:90:97:9a:9e:4b:93:7e:6a:9e:cf:
5b:38:40:cc:0d:81:74:cb:f3:52:91:0a:58:04:50:0c:fa:9e:
c4:31:be:7c:92:48:b9:9c:e3:d4:2c:6b:98:fd:6b:3e:00:ac:
84:9f:d8:7d:46:ea:9b:03:91:c8:41:e8:1c:fb:bb:67:2c:a5:
16:9a:51:b4:50:6b:b1:76:99:43:42:8a:0a:88:37:1f:5a:6a:
d1:6a:c5:0e:08:cf:39:c5:70:4d:32:73:8f:92:c0:ee:72:f9:
95:0d:54:b3:0a:ac:cc:03:60:38:57:0e:bf:7b:37:54:02:16:
cc:59:8c:3b:c7:f0:d8:53:06:a4:61:99:c3:db:18:82:b7:ad:
21:2e:e0:ee:ed:82:d9:d7:e6:c3:31:2c:8e:60:9a:f7:a5:86:
dc:88:cb:e3
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIEBTo6IDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YmY3NGNkODQ2NDkzMTM4ZjUyMmM1N2MwMDY1YjVjNjA1MTJkZDA5MB4XDTIyMDEw
MTA0MDA1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTg0ZDcwYjY1NDg1
YzE3OTg2MjNhYjE5ZDNiNTVmZGI5OGJiM2VjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIYP3V26mDe2JVg/NllM6sD9bfXE5nSNXr5AOt+LWxxVie5t
1CRqatVyV2cU6+tlw3TU2baswcyuib3Ebql/W+qd2eVuHBcDRUcW6C62WxZLqNeL
tMiKdEeLk7brXWlwgXaV7kezHjnwXJJZH1VAdg4Rftvrz0RAKu9wtFCrlH99+8Ig
8vTtBtKiPTmGkTmOSh+F1MrZ0wukc+KKGRHjhzynsG4zd8Z6RPqTlTxxuMVDuBsv
80IL6efry2AoUaQcORGN4j3fuBITvm2UCCBW3UXJvrCCnv1VXf6d9ZwVolzO2ud4
J1rboJ4RIaekA64njbm5PRSb1Fl5vUrMublkqPUCAwEAAaOCAkowggJGMB0GA1Ud
DgQWBBToTXC2VIXBeYYjqxnTtV/bmLs+yTAfBgNVHSMEGDAWgBTL90zYRkkxOPUi
xXwAZbXGBRLdCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lfZE0yRVpKTVRqMUlzVjhBR1cxeGdVUzNRay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzQ4Nzg5LTMyMDgtNDg0Ny05YzNmLTk4MmQxZjIxYTMyYi8x
LzZFMXd0bFNGd1htR0k2c1owN1ZmMjVpN1Bzay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzQ4Nzg5LTMyMDgtNDg0Ny05YzNmLTk4MmQxZjIxYTMyYi8xL3lfZE0yRVpKTVRq
MUlzVjhBR1cxeGdVUzNRay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBg
BggrBgEFBQcBBwEB/wRRME8wFAQCAAEwDjAMAwQAjeJ9AwQCjeKAMDcEAgACMDEw
EgMHACoGO4AAIQMHACoGO4AAIjASAwcAKgY7gAAlAwcAKgY7gAAmAwcAKgY7gAFU
MA0GCSqGSIb3DQEBCwUAA4IBAQCefg2z7bDsSQjdk+HZtnZsNvTTPkKQcBznX55l
g/jGr5QZdFMk4GSmyW382XaaaJAfxsxsEG3rsIGe4UkrKzJBv+REi456a3Sdi4iv
XFGGbkcOIhWGfU0EaTy/lqyQ174pmZCXmp5Lk35qns9bOEDMDYF0y/NSkQpYBFAM
+p7EMb58kki5nOPULGuY/Ws+AKyEn9h9RuqbA5HIQegc+7tnLKUWmlG0UGuxdplD
QooKiDcfWmrRasUOCM85xXBNMnOPksDucvmVDVSzCqzMA2A4Vw6/ezdUAhbMWYw7
x/DYUwakYZnD2xiCt60hLuDu7YLZ1+bDMSyOYJr3pYbciMvj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:52 2024 by rpki-client on console-ams.rpki-client.org