Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/f15rYJs5-Pjz-yP6SORjH69KhuI.roa
File: f15rYJs5-Pjz-yP6SORjH69KhuI.roa (raw, json)
Hash identifier: DzVnndIjpPVjtKG390KzZFe0EuctU9eUxGD4d+sL9Ak=
Subject key identifier: 7F:5E:6B:60:9B:39:F8:F8:F3:FB:23:FA:48:E4:63:1F:AF:4A:86:E2
Certificate issuer: /CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Certificate serial: 0183118AC6BF8EB03FEA48E3A9B0FF355C1D
Authority key identifier: 2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/f15rYJs5-Pjz-yP6SORjH69KhuI.roa
Signing time: Tue 06 Sep 2022 06:44:10 +0000
ROA not before: Tue 06 Sep 2022 06:44:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30801
IP address blocks: 82.98.0.0/18 maxlen: 24
85.203.64.0/18 maxlen: 24
82.98.0.0/19 maxlen: 19
82.98.32.0/20 maxlen: 20
92.61.128.0/20 maxlen: 20
82.98.48.0/21 maxlen: 21
178.16.240.0/20 maxlen: 24
82.98.56.0/22 maxlen: 22
82.98.60.0/22 maxlen: 22
217.67.144.0/20 maxlen: 20
2a04:1e00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:11:8a:c6:bf:8e:b0:3f:ea:48:e3:a9:b0:ff:35:5c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Validity
Not Before: Sep 6 06:44:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f5e6b609b39f8f8f3fb23fa48e4631faf4a86e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b1:bf:ec:49:b0:38:64:47:0e:1a:20:87:6e:
cc:37:9e:6e:e8:3b:84:5d:d0:e4:ad:5c:cc:bf:61:
82:3a:9c:54:25:f1:ff:a2:43:3b:b5:13:f9:67:6d:
07:b5:78:f7:05:c9:81:79:d8:a0:81:42:10:cd:1b:
0e:2c:75:20:32:62:9b:81:f1:d1:21:42:a1:16:18:
a3:ad:14:10:00:67:46:b8:db:d8:c2:10:26:e7:c3:
a0:44:fb:a6:0d:54:6d:4a:3f:ba:64:e1:25:40:d1:
4c:8f:54:c0:29:dc:73:a0:89:fa:d9:02:76:cf:fc:
32:cc:e4:bc:1b:fc:8e:6e:fc:c4:54:fd:25:c8:e9:
47:b1:f9:f6:6e:fb:aa:d8:34:db:64:91:44:71:50:
97:85:84:7d:a2:2c:a2:a9:cd:b9:65:2b:96:d0:e2:
6f:82:72:34:3e:02:19:ef:8a:1b:c9:3d:39:49:84:
be:ba:78:0d:e2:3d:c6:66:7a:51:4e:f7:7e:37:79:
66:da:6c:b0:f2:f4:b0:f6:7c:df:65:2a:ad:11:4a:
46:7d:0e:04:a4:ba:21:71:2f:9a:64:af:c2:58:69:
00:ad:80:37:ba:d5:52:60:97:a3:e9:1d:c2:17:6e:
4d:5b:84:2e:bb:19:a0:9b:d4:e5:fd:10:bd:03:91:
30:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5E:6B:60:9B:39:F8:F8:F3:FB:23:FA:48:E4:63:1F:AF:4A:86:E2
X509v3 Authority Key Identifier:
keyid:2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/f15rYJs5-Pjz-yP6SORjH69KhuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LsEh4VRd8-W7hukYjygl-tdHf3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.98.0.0/18
85.203.64.0/18
92.61.128.0/20
178.16.240.0/20
217.67.144.0/20
IPv6:
2a04:1e00::/29
Signature Algorithm: sha256WithRSAEncryption
8a:a6:e8:88:f0:4c:9e:c8:5d:43:39:7a:14:fa:f8:89:b4:28:
2f:df:34:0e:b8:b5:27:88:7f:10:d9:df:49:b6:71:cb:f4:5a:
61:87:4a:3d:29:18:67:6d:41:37:39:b6:72:ca:e6:aa:ec:2c:
2b:0e:07:a4:7d:ed:64:d8:b7:b4:e2:31:42:94:0c:49:ee:44:
1f:bc:2f:64:a0:5c:ff:fb:71:66:18:0a:44:b4:50:cf:2f:7a:
f4:e4:1a:77:e0:0d:4f:e1:e8:f4:85:ff:8d:45:2b:00:08:02:
da:4e:bc:ce:b7:3b:14:60:ff:45:a2:d0:26:2a:7e:b2:cc:83:
d8:80:18:6a:a3:a3:27:3b:04:5b:8f:a3:19:f9:d4:8c:03:2c:
9c:92:3b:c7:01:67:51:52:6a:b4:f5:2e:cd:3a:81:da:de:fb:
a9:cc:d6:6d:e1:1b:eb:2d:39:11:5d:44:83:ef:7a:f0:c6:f2:
85:3a:68:96:ba:65:2a:89:4a:db:e8:9e:ec:e9:3c:d2:b5:63:
3f:d4:fc:65:52:53:0c:49:bd:6f:fb:7d:7a:85:29:16:ac:98:
5d:fa:0a:79:2f:33:4b:ff:2d:5a:88:bd:5e:1f:44:ce:fb:1b:
2e:65:5c:cf:8d:25:26:d8:5a:42:8a:49:4f:ad:23:ea:27:0d:
82:7c:3a:8a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYMRisa/jrA/6kjjqbD/NVwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzEyMWUxNTQ1ZGYzZTViYjg2ZTkxODhmMjgyNWZhZDc0
NzdmNzUwHhcNMjIwOTA2MDY0NDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjVlNmI2MDliMzlmOGY4ZjNmYjIzZmE0OGU0NjMxZmFmNGE4NmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrG/7EmwOGRHDhogh27MN55u6DuE
XdDkrVzMv2GCOpxUJfH/okM7tRP5Z20HtXj3BcmBediggUIQzRsOLHUgMmKbgfHR
IUKhFhijrRQQAGdGuNvYwhAm58OgRPumDVRtSj+6ZOElQNFMj1TAKdxzoIn62QJ2
z/wyzOS8G/yObvzEVP0lyOlHsfn2bvuq2DTbZJFEcVCXhYR9oiyiqc25ZSuW0OJv
gnI0PgIZ74obyT05SYS+ungN4j3GZnpRTvd+N3lm2myw8vSw9nzfZSqtEUpGfQ4E
pLohcS+aZK/CWGkArYA3utVSYJej6R3CF25NW4Quuxmgm9Tl/RC9A5EwIQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFH9ea2CbOfj48/sj+kjkYx+vSobiMB8GA1UdIwQY
MBaAFC7BIeFUXfPlu4bpGI8oJfrXR391MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgt
OWY1MjJhMjg0NTk1LzEvZjE1cllKczUtUGp6LXlQNlNPUmpINjlLaHVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgtOWY1MjJhMjg0NTk1
LzEvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGUmIAAwQG
VctAAwQEXD2AAwQEshDwAwQE2UOQMA0EAgACMAcDBQMqBB4AMA0GCSqGSIb3DQEB
CwUAA4IBAQCKpuiI8EyeyF1DOXoU+viJtCgv3zQOuLUniH8Q2d9JtnHL9Fphh0o9
KRhnbUE3ObZyyuaq7CwrDgekfe1k2Le04jFClAxJ7kQfvC9koFz/+3FmGApEtFDP
L3r05Bp34A1P4ej0hf+NRSsACALaTrzOtzsUYP9FotAmKn6yzIPYgBhqo6MnOwRb
j6MZ+dSMAyyckjvHAWdRUmq09S7NOoHa3vupzNZt4RvrLTkRXUSD73rwxvKFOmiW
umUqiUrb6J7s6TzStWM/1PxlUlMMSb1v+316hSkWrJhd+gp5LzNL/y1aiL1eH0TO
+xsuZVzPjSUm2FpCiklPrSPqJw2CfDqK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:11 2024 by rpki-client on console-ams.rpki-client.org