Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/aAPigXXk12bTihlRyaWA1KWXNLY.roa
File: aAPigXXk12bTihlRyaWA1KWXNLY.roa (raw, json)
Hash identifier: pYZq+TA6yaIBifgIiFokQl646bZzVqThZmHxh8ildMk=
Subject key identifier: 68:03:E2:81:75:E4:D7:66:D3:8A:19:51:C9:A5:80:D4:A5:97:34:B6
Certificate issuer: /CN=afd23cc55aeeaf337edb73eae25b59097a27784c
Certificate serial: 341CAD43
Authority key identifier: AF:D2:3C:C5:5A:EE:AF:33:7E:DB:73:EA:E2:5B:59:09:7A:27:78:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r9I8xVrurzN-23Pq4ltZCXoneEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/aAPigXXk12bTihlRyaWA1KWXNLY.roa
Signing time: Sat 01 Jan 2022 09:54:34 +0000
ROA not before: Sat 01 Jan 2022 09:54:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25358
IP address blocks: 185.25.40.0/22 maxlen: 22
109.70.168.0/21 maxlen: 21
193.189.104.0/23 maxlen: 23
195.140.148.0/22 maxlen: 22
2a00:14e8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 874294595 (0x341cad43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afd23cc55aeeaf337edb73eae25b59097a27784c
Validity
Not Before: Jan 1 09:54:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6803e28175e4d766d38a1951c9a580d4a59734b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:46:9f:6a:f1:1a:7c:05:6e:b6:2e:9f:17:35:
1d:54:86:d6:d8:47:fc:35:30:4e:94:74:16:a4:3d:
8b:c9:38:ff:81:e0:3a:34:8e:fb:9a:ef:09:a9:67:
54:fc:eb:6f:de:da:a8:01:1f:a6:cc:f3:63:06:e0:
d4:c2:c9:36:4c:15:0e:c7:43:96:23:1a:52:28:f8:
fd:85:f6:b3:64:96:5d:9e:c7:78:c4:c6:94:b1:0f:
17:81:4d:38:49:ab:90:cc:d8:06:29:95:18:56:de:
41:66:a0:d1:2d:d9:f6:7d:d6:78:7b:89:76:ff:07:
6f:80:ce:18:0d:48:76:af:44:c8:33:92:6e:8b:1e:
f2:15:4c:ab:5d:a2:c9:9d:0e:c6:8a:f7:65:4a:5d:
c7:b4:5e:44:b0:8c:f7:a4:8a:06:e0:49:66:35:b6:
fe:63:fa:06:35:7f:39:b1:7f:6e:6d:85:33:51:d1:
0a:26:fe:56:da:94:ac:99:ac:02:1b:4e:26:a3:1b:
1c:3b:f7:d0:b1:c7:64:5d:64:83:10:0f:ab:31:2e:
69:5a:f0:5c:30:ca:ad:b8:dd:d9:3a:ad:d3:22:96:
75:46:a3:53:ff:85:a8:66:bc:3c:55:bd:63:10:b2:
66:d6:1e:55:64:b0:51:e3:0e:c0:f9:62:8d:0d:b4:
f3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:03:E2:81:75:E4:D7:66:D3:8A:19:51:C9:A5:80:D4:A5:97:34:B6
X509v3 Authority Key Identifier:
keyid:AF:D2:3C:C5:5A:EE:AF:33:7E:DB:73:EA:E2:5B:59:09:7A:27:78:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r9I8xVrurzN-23Pq4ltZCXoneEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/aAPigXXk12bTihlRyaWA1KWXNLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/r9I8xVrurzN-23Pq4ltZCXoneEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.168.0/21
185.25.40.0/22
193.189.104.0/23
195.140.148.0/22
IPv6:
2a00:14e8::/29
Signature Algorithm: sha256WithRSAEncryption
b1:d2:62:3f:7c:a5:af:06:e9:d2:36:4c:a7:fe:9d:27:0f:bd:
7d:be:b7:2a:a0:55:90:de:e0:a0:6d:3a:87:19:44:8a:d1:e5:
c6:d5:75:81:7f:e0:a7:ff:65:f5:e4:99:6c:61:dc:ce:96:45:
2e:43:e0:bb:60:f9:c3:8d:08:b9:a1:2f:c1:49:a2:15:c1:67:
04:cb:2f:cf:fc:5f:8b:04:55:17:36:ab:06:3d:71:5e:5c:6a:
61:b4:da:87:b9:6e:2b:e3:d8:8e:92:bf:48:c9:bd:2e:d8:77:
95:bb:b6:59:10:3e:b1:28:f8:6c:db:5b:03:eb:9c:5f:66:ad:
7c:26:d1:44:ee:12:82:ca:1b:2a:95:ae:f9:fa:15:06:b1:c4:
c4:97:eb:1b:e8:1b:36:a0:84:de:43:76:95:49:02:56:e3:48:
ad:1d:ae:7a:e3:8a:77:1e:41:88:d6:40:64:48:95:e1:50:e9:
0d:b3:9b:90:56:2a:54:7c:65:2f:c5:a5:e8:8f:f1:31:a3:90:
3d:7e:93:ef:19:8c:af:a8:8d:b3:26:6f:9a:70:28:cc:c8:76:
d1:57:5a:27:80:0a:24:9f:c4:06:4f:5e:2e:a7:28:a4:86:22:
d0:fa:88:44:7b:b4:d5:a8:f1:dd:0a:ed:3f:2f:75:0e:40:c4:
35:d4:13:cb
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIENBytQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZmQyM2NjNTVhZWVhZjMzN2VkYjczZWFlMjViNTkwOTdhMjc3ODRjMB4XDTIyMDEw
MTA5NTQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjgwM2UyODE3NWU0
ZDc2NmQzOGExOTUxYzlhNTgwZDRhNTk3MzRiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5Gn2rxGnwFbrYunxc1HVSG1thH/DUwTpR0FqQ9i8k4/4Hg
OjSO+5rvCalnVPzrb97aqAEfpszzYwbg1MLJNkwVDsdDliMaUij4/YX2s2SWXZ7H
eMTGlLEPF4FNOEmrkMzYBimVGFbeQWag0S3Z9n3WeHuJdv8Hb4DOGA1Idq9EyDOS
bose8hVMq12iyZ0Oxor3ZUpdx7ReRLCM96SKBuBJZjW2/mP6BjV/ObF/bm2FM1HR
Cib+VtqUrJmsAhtOJqMbHDv30LHHZF1kgxAPqzEuaVrwXDDKrbjd2Tqt0yKWdUaj
U/+FqGa8PFW9YxCyZtYeVWSwUeMOwPlijQ2084cCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRoA+KBdeTXZtOKGVHJpYDUpZc0tjAfBgNVHSMEGDAWgBSv0jzFWu6vM37b
c+riW1kJeid4TDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3I5STh4VnJ1cnpOLTIzUHE0bHRaQ1hvbmVFdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvNTNmNDU4LTc2MWEtNDM4Mi04MjdjLTQ5NGYwOGMyMTQ5Ny8x
L2FBUGlnWFhrMTJiVGlobFJ5YVdBMUtXWE5MWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
NTNmNDU4LTc2MWEtNDM4Mi04MjdjLTQ5NGYwOGMyMTQ5Ny8xL3I5STh4VnJ1cnpO
LTIzUHE0bHRaQ1hvbmVFdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEA21GqAMEArkZKAMEAcG9aAMEAsOM
lDANBAIAAjAHAwUDKgAU6DANBgkqhkiG9w0BAQsFAAOCAQEAsdJiP3ylrwbp0jZM
p/6dJw+9fb63KqBVkN7goG06hxlEitHlxtV1gX/gp/9l9eSZbGHczpZFLkPgu2D5
w40IuaEvwUmiFcFnBMsvz/xfiwRVFzarBj1xXlxqYbTah7luK+PYjpK/SMm9Lth3
lbu2WRA+sSj4bNtbA+ucX2atfCbRRO4SgsobKpWu+foVBrHExJfrG+gbNqCE3kN2
lUkCVuNIrR2ueuOKdx5BiNZAZEiV4VDpDbObkFYqVHxlL8Wl6I/xMaOQPX6T7xmM
r6iNsyZvmnAozMh20VdaJ4AKJJ/EBk9eLqcopIYi0PqIRHu01ajx3QrtPy91DkDE
NdQTyw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:46 2025 by rpki-client