Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/aaa77b-9a09-4f0a-a885-3176f0999dda/1/zaWRFkIPwekyJJWoexgLPcl0-l8.roa
File: zaWRFkIPwekyJJWoexgLPcl0-l8.roa (raw, json)
Hash identifier: oRnLU5wRqrmfWSp2ja8kUt6bO0atCEnJbD/2A1SzcWY=
Subject key identifier: CD:A5:91:16:42:0F:C1:E9:32:24:95:A8:7B:18:0B:3D:C9:74:FA:5F
Certificate issuer: /CN=bea1890c305b0f2da420b01697e3bf23d485ab64
Certificate serial: 103AC6
Authority key identifier: BE:A1:89:0C:30:5B:0F:2D:A4:20:B0:16:97:E3:BF:23:D4:85:AB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vqGJDDBbDy2kILAWl-O_I9SFq2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/aaa77b-9a09-4f0a-a885-3176f0999dda/1/zaWRFkIPwekyJJWoexgLPcl0-l8.roa
Signing time: Tue 04 Jan 2022 18:48:53 +0000
ROA not before: Tue 04 Jan 2022 18:48:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210477
IP address blocks: 146.19.17.0/24 maxlen: 24
2a12:b500::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1063622 (0x103ac6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bea1890c305b0f2da420b01697e3bf23d485ab64
Validity
Not Before: Jan 4 18:48:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cda59116420fc1e9322495a87b180b3dc974fa5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e6:2f:92:28:33:1e:61:af:59:c2:08:e3:64:
c7:10:91:f0:d3:1c:a1:7c:a1:4f:09:8d:a9:d7:9c:
f4:f5:59:77:68:4a:27:1c:26:c9:c0:5f:00:f3:38:
ae:b7:52:7a:d6:cd:a3:ee:11:ea:e0:4c:63:3b:51:
25:38:19:c0:bf:b0:1c:94:10:af:9d:1d:69:f9:61:
b3:6d:00:61:89:0d:7b:ab:6f:81:1e:01:c0:6b:28:
a3:08:49:22:da:4b:e5:3b:f0:94:fd:32:c2:e0:00:
9a:df:1e:ef:c6:b1:db:aa:83:a2:75:47:92:cf:67:
88:19:aa:1e:02:ab:14:ca:fd:c2:6f:5d:69:09:89:
db:b3:70:e9:4e:e1:69:60:bf:e0:b2:f1:72:8b:92:
da:29:37:4b:c1:34:14:d2:67:90:47:b5:28:27:fa:
55:ee:79:21:76:55:00:af:57:19:db:89:d7:a7:d2:
77:4d:a7:b7:19:e3:28:4b:3b:1f:93:4b:a4:74:05:
81:7c:c6:6d:2c:c6:d6:5c:92:fb:a5:91:b3:b2:05:
93:5f:34:82:ec:6a:31:11:5a:a2:5b:bb:67:2d:4f:
e0:30:63:57:9d:a3:8e:3b:22:a0:dd:ce:52:ab:9f:
5a:46:7f:c1:43:c3:b1:a9:3e:ee:a0:d7:13:de:23:
7b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A5:91:16:42:0F:C1:E9:32:24:95:A8:7B:18:0B:3D:C9:74:FA:5F
X509v3 Authority Key Identifier:
keyid:BE:A1:89:0C:30:5B:0F:2D:A4:20:B0:16:97:E3:BF:23:D4:85:AB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vqGJDDBbDy2kILAWl-O_I9SFq2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/aaa77b-9a09-4f0a-a885-3176f0999dda/1/zaWRFkIPwekyJJWoexgLPcl0-l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/aaa77b-9a09-4f0a-a885-3176f0999dda/1/vqGJDDBbDy2kILAWl-O_I9SFq2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.17.0/24
IPv6:
2a12:b500::/32
Signature Algorithm: sha256WithRSAEncryption
85:c6:fa:47:a1:48:a5:02:19:9b:4f:cb:45:ec:76:c5:6d:22:
be:d0:5f:7b:3b:26:af:2a:a2:a0:6c:ea:93:68:27:37:6a:a8:
ab:14:7a:46:0e:17:99:25:1f:89:f2:d7:51:a9:68:68:ec:ef:
1a:9b:07:71:75:33:28:0e:f0:20:58:bc:08:38:8d:fc:24:ff:
0c:c2:ed:34:5f:4a:45:75:96:aa:1f:65:40:00:48:da:92:17:
a2:ae:62:29:79:61:8f:7c:e2:35:c3:f3:5f:1c:6c:4f:07:94:
25:cc:2a:3d:41:5c:af:30:01:8d:ee:3e:e1:85:2d:e5:96:dd:
82:00:31:a8:43:d7:2f:5a:02:9c:ed:0f:3a:4a:60:1f:ca:ed:
c0:a3:22:67:3d:8d:c6:ca:88:3d:48:0f:40:36:12:9a:63:7a:
08:50:32:c5:88:8d:d3:94:c6:b4:e6:de:83:ad:59:98:58:be:
6c:8e:9d:12:30:72:93:1e:2c:33:f2:26:27:99:01:4b:4b:60:
c1:d5:32:68:7b:6f:cc:da:bd:02:a3:1b:29:84:73:0c:1b:3e:
27:ef:fb:ad:35:ee:f8:a5:a4:33:37:e2:b2:f8:97:94:ac:64:
44:26:d9:d1:8f:32:72:81:95:ab:65:26:3f:eb:dc:a5:05:34:
fe:6c:fc:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDEDrGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJl
YTE4OTBjMzA1YjBmMmRhNDIwYjAxNjk3ZTNiZjIzZDQ4NWFiNjQwHhcNMjIwMTA0
MTg0ODUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjZGE1OTExNjQyMGZj
MWU5MzIyNDk1YTg3YjE4MGIzZGM5NzRmYTVmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAluYvkigzHmGvWcII42THEJHw0xyhfKFPCY2p15z09Vl3aEon
HCbJwF8A8ziut1J61s2j7hHq4ExjO1ElOBnAv7AclBCvnR1p+WGzbQBhiQ17q2+B
HgHAayijCEki2kvlO/CU/TLC4ACa3x7vxrHbqoOidUeSz2eIGaoeAqsUyv3Cb11p
CYnbs3DpTuFpYL/gsvFyi5LaKTdLwTQU0meQR7UoJ/pV7nkhdlUAr1cZ24nXp9J3
Tae3GeMoSzsfk0ukdAWBfMZtLMbWXJL7pZGzsgWTXzSC7GoxEVqiW7tnLU/gMGNX
naOOOyKg3c5Sq59aRn/BQ8OxqT7uoNcT3iN7ewIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFM2lkRZCD8HpMiSVqHsYCz3JdPpfMB8GA1UdIwQYMBaAFL6hiQwwWw8tpCCw
FpfjvyPUhatkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dnFHSkREQmJEeTJrSUxBV2wtT19JOVNGcTJRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81NC9hYWE3N2ItOWEwOS00ZjBhLWE4ODUtMzE3NmYwOTk5ZGRhLzEv
emFXUkZrSVB3ZWt5SkpXb2V4Z0xQY2wwLWw4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9h
YWE3N2ItOWEwOS00ZjBhLWE4ODUtMzE3NmYwOTk5ZGRhLzEvdnFHSkREQmJEeTJr
SUxBV2wtT19JOVNGcTJRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAkhMRMA0EAgACMAcDBQAqErUAMA0G
CSqGSIb3DQEBCwUAA4IBAQCFxvpHoUilAhmbT8tF7HbFbSK+0F97OyavKqKgbOqT
aCc3aqirFHpGDheZJR+J8tdRqWho7O8amwdxdTMoDvAgWLwIOI38JP8Mwu00X0pF
dZaqH2VAAEjakheirmIpeWGPfOI1w/NfHGxPB5QlzCo9QVyvMAGN7j7hhS3llt2C
ADGoQ9cvWgKc7Q86SmAfyu3AoyJnPY3Gyog9SA9ANhKaY3oIUDLFiI3TlMa05t6D
rVmYWL5sjp0SMHKTHiwz8iYnmQFLS2DB1TJoe2/M2r0CoxsphHMMGz4n7/utNe74
paQzN+Ky+JeUrGREJtnRjzJygZWrZSY/69ylBTT+bPx5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:08 2024 by rpki-client on console-ams.rpki-client.org