Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/1BzQ9zGt01g79MlI0VokTcT3NCQ.roa
File: 1BzQ9zGt01g79MlI0VokTcT3NCQ.roa (raw, json)
Hash identifier: 0MNIvQXcRxnqyW3AT2Cgb0s342vwYUNujEOylWn/tAI=
Subject key identifier: D4:1C:D0:F7:31:AD:D3:58:3B:F4:C9:48:D1:5A:24:4D:C4:F7:34:24
Certificate issuer: /CN=f7742725862b90bda4510a02e804fef3ad1142dc
Certificate serial: 0183A209B3F0CDC46AABA8EE53DB857F147E
Authority key identifier: F7:74:27:25:86:2B:90:BD:A4:51:0A:02:E8:04:FE:F3:AD:11:42:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93QnJYYrkL2kUQoC6AT-860RQtw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/1BzQ9zGt01g79MlI0VokTcT3NCQ.roa
Signing time: Tue 04 Oct 2022 08:08:08 +0000
ROA not before: Tue 04 Oct 2022 08:08:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15836
IP address blocks: 5.32.168.0/21 maxlen: 24
185.46.60.0/22 maxlen: 24
212.28.64.0/19 maxlen: 24
87.255.64.0/19 maxlen: 24
217.26.160.0/20 maxlen: 24
2a03:a80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a2:09:b3:f0:cd:c4:6a:ab:a8:ee:53:db:85:7f:14:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7742725862b90bda4510a02e804fef3ad1142dc
Validity
Not Before: Oct 4 08:08:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d41cd0f731add3583bf4c948d15a244dc4f73424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3a:fc:36:24:e9:49:77:27:4d:3b:f8:1f:2e:
57:52:1c:7e:40:36:3d:72:fd:19:cd:06:c7:74:1c:
c0:5c:30:32:62:b4:e8:15:7a:8a:8c:8d:2f:71:46:
41:8c:dc:31:36:6e:5c:67:ad:87:54:cf:1e:2b:8d:
65:fd:31:a4:2a:c9:83:25:4f:b2:31:51:b9:54:bc:
cd:72:5f:16:22:65:b0:06:6e:4c:2d:93:1d:d1:07:
5c:ec:74:d1:95:35:4a:35:83:7a:f9:53:e1:36:0d:
42:b1:30:e7:8a:49:35:87:38:76:48:71:03:e7:1a:
cd:7a:ac:c7:67:7c:30:af:38:99:32:0a:7f:b9:a1:
ea:38:30:2c:2c:44:88:e7:d3:da:c0:44:19:e4:5c:
cf:61:27:c6:82:ea:1f:b6:6d:67:8b:56:9a:6e:47:
ac:7f:56:14:f8:50:6a:e4:df:a4:91:8d:0f:4c:13:
cb:72:14:e1:9b:8d:a8:0b:8b:54:ee:00:dd:7b:ae:
81:f2:e7:9b:b4:67:6b:47:ab:d8:4f:ae:58:c8:14:
8f:a7:b3:44:86:64:09:2e:4e:0f:16:55:38:cb:73:
d5:e0:a8:e6:6a:36:00:88:46:75:bc:cc:72:70:62:
31:ee:07:68:a3:d7:9b:51:6f:13:8e:4c:14:6c:04:
13:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:1C:D0:F7:31:AD:D3:58:3B:F4:C9:48:D1:5A:24:4D:C4:F7:34:24
X509v3 Authority Key Identifier:
keyid:F7:74:27:25:86:2B:90:BD:A4:51:0A:02:E8:04:FE:F3:AD:11:42:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93QnJYYrkL2kUQoC6AT-860RQtw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/1BzQ9zGt01g79MlI0VokTcT3NCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/93QnJYYrkL2kUQoC6AT-860RQtw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.168.0/21
87.255.64.0/19
185.46.60.0/22
212.28.64.0/19
217.26.160.0/20
IPv6:
2a03:a80::/32
Signature Algorithm: sha256WithRSAEncryption
94:25:7a:e4:ca:08:6d:6d:88:80:6f:39:0f:1f:dd:b3:ee:cb:
da:fc:6c:89:9d:5e:e0:c4:f1:94:21:27:7f:77:88:58:d4:1e:
ec:ff:0c:9d:ae:f1:cf:d3:71:4f:37:35:78:9c:2c:1b:fe:19:
35:8b:fb:7f:d8:80:7f:c6:4a:fc:c3:9a:df:3f:56:36:c2:33:
2d:3d:b7:63:0e:5c:d2:41:10:ad:7f:01:c0:5f:b7:9e:52:d4:
ca:e5:18:e1:78:13:99:39:88:ab:0d:d6:4e:4a:d3:a2:f8:b2:
66:65:54:e1:c1:a6:92:10:fd:a6:cd:ad:3f:9a:e0:30:20:a1:
58:c0:c1:2f:b3:34:5e:a8:76:8d:0f:65:3a:88:21:46:e2:92:
21:ba:45:ba:41:5f:fb:7f:f5:34:f0:89:29:e1:ba:1d:a0:26:
52:98:72:82:c6:ab:46:41:d6:0b:20:3f:39:d1:6c:b2:6e:7d:
5e:10:04:bb:33:5f:ba:9c:ce:12:9a:1f:a7:c4:93:83:f2:0a:
39:a1:2b:db:ed:76:ca:23:b0:00:a1:a8:d5:9d:4c:ce:b4:01:
fe:b2:19:37:09:dc:a4:24:58:54:4b:58:d8:8c:bd:e6:74:4d:
a6:93:c5:65:8d:1b:3f:71:38:ed:83:f6:40:6a:09:3a:eb:d1:
ff:d3:58:06
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYOiCbPwzcRqq6juU9uFfxR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzQyNzI1ODYyYjkwYmRhNDUxMGEwMmU4MDRmZWYzYWQx
MTQyZGMwHhcNMjIxMDA0MDgwODA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDFjZDBmNzMxYWRkMzU4M2JmNGM5NDhkMTVhMjQ0ZGM0ZjczNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTr8NiTpSXcnTTv4Hy5XUhx+QDY9
cv0ZzQbHdBzAXDAyYrToFXqKjI0vcUZBjNwxNm5cZ62HVM8eK41l/TGkKsmDJU+y
MVG5VLzNcl8WImWwBm5MLZMd0Qdc7HTRlTVKNYN6+VPhNg1CsTDnikk1hzh2SHED
5xrNeqzHZ3wwrziZMgp/uaHqODAsLESI59PawEQZ5FzPYSfGguoftm1ni1aabkes
f1YU+FBq5N+kkY0PTBPLchThm42oC4tU7gDde66B8uebtGdrR6vYT65YyBSPp7NE
hmQJLk4PFlU4y3PV4KjmajYAiEZ1vMxycGIx7gdoo9ebUW8TjkwUbAQTdQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNQc0PcxrdNYO/TJSNFaJE3E9zQkMB8GA1UdIwQY
MBaAFPd0JyWGK5C9pFEKAugE/vOtEULcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNRbkpZWXJrTDJrVVFvQzZBVC04NjBSUXR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni84ZTdlMzAtYzJiOC00NTkxLThjZmUt
N2I4ZTlkMzM1Y2E4LzEvMUJ6UTl6R3QwMWc3OU1sSTBWb2tUY1QzTkNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni84ZTdlMzAtYzJiOC00NTkxLThjZmUtN2I4ZTlkMzM1Y2E4
LzEvOTNRbkpZWXJrTDJrVVFvQzZBVC04NjBSUXR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBSCoAwQF
V/9AAwQCuS48AwQF1BxAAwQE2RqgMA0EAgACMAcDBQAqAwqAMA0GCSqGSIb3DQEB
CwUAA4IBAQCUJXrkyghtbYiAbzkPH92z7sva/GyJnV7gxPGUISd/d4hY1B7s/wyd
rvHP03FPNzV4nCwb/hk1i/t/2IB/xkr8w5rfP1Y2wjMtPbdjDlzSQRCtfwHAX7ee
UtTK5RjheBOZOYirDdZOStOi+LJmZVThwaaSEP2mza0/muAwIKFYwMEvszReqHaN
D2U6iCFG4pIhukW6QV/7f/U08Ikp4bodoCZSmHKCxqtGQdYLID850Wyybn1eEAS7
M1+6nM4Smh+nxJOD8go5oSvb7XbKI7AAoajVnUzOtAH+shk3CdykJFhUS1jYjL3m
dE2mk8VljRs/cTjtg/ZAagk669H/01gG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:12 2024 by rpki-client on console-ams.rpki-client.org