Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/l2_sn8j0AwaQr4_qixAbiP0-2pc.roa
File: l2_sn8j0AwaQr4_qixAbiP0-2pc.roa (raw, json)
Hash identifier: /0oRF9E2vgrlrEURE/qn5UlU9S5Jm3UvLt2XBPAEdVs=
Subject key identifier: 97:6F:EC:9F:C8:F4:03:06:90:AF:8F:EA:8B:10:1B:88:FD:3E:DA:97
Certificate issuer: /CN=b443914a48e5dae5a756b1e3b8fbe437ee0d8b0c
Certificate serial: 4133B45A
Authority key identifier: B4:43:91:4A:48:E5:DA:E5:A7:56:B1:E3:B8:FB:E4:37:EE:0D:8B:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEORSkjl2uWnVrHjuPvkN-4Niww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/l2_sn8j0AwaQr4_qixAbiP0-2pc.roa
Signing time: Sat 01 Jan 2022 13:56:10 +0000
ROA not before: Sat 01 Jan 2022 13:56:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199670
IP address blocks: 194.0.6.0/24 maxlen: 24
194.0.37.0/24 maxlen: 24
194.0.44.0/24 maxlen: 24
194.0.43.0/24 maxlen: 24
2001:678:68::/48 maxlen: 48
2001:678:9::/48 maxlen: 48
2001:678:6c::/48 maxlen: 48
2001:678:64::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1093907546 (0x4133b45a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b443914a48e5dae5a756b1e3b8fbe437ee0d8b0c
Validity
Not Before: Jan 1 13:56:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=976fec9fc8f4030690af8fea8b101b88fd3eda97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ac:3b:c8:0e:56:69:09:e0:5e:ee:84:70:99:
ad:58:cc:3e:ed:0c:b3:20:5b:01:ca:8b:61:5f:69:
e0:b3:12:a7:c9:15:9c:9d:c2:95:7b:ad:91:57:32:
dd:43:da:02:ef:0c:c6:85:29:9c:9a:92:de:f7:e7:
12:f1:ed:51:8d:03:2a:e4:8e:6a:41:c2:35:2c:24:
d2:a0:c0:54:39:f9:c6:c0:54:db:a6:5e:02:5e:45:
33:36:89:fd:ae:0d:09:96:3a:c2:a2:c9:31:63:29:
dd:c7:e7:02:2c:4a:dd:b7:4c:2a:cf:bd:33:c7:42:
e2:8e:09:72:62:03:13:2a:24:1c:9d:c2:34:ed:25:
73:4f:e3:2d:cb:d9:81:64:0f:3c:eb:a1:42:3c:bd:
af:ad:27:26:11:9b:4b:44:3a:e3:f5:bc:cc:13:33:
6a:ea:9a:99:d9:bc:28:78:6a:84:ea:e3:69:57:c7:
8e:8b:23:63:32:51:71:1e:df:bf:2f:9e:f5:d8:ea:
d5:44:61:00:7b:5d:c4:f8:ac:56:21:32:16:d1:91:
a4:5f:75:60:bf:c7:d2:6d:9f:03:e5:9e:c0:64:57:
75:88:71:f6:02:4c:64:c0:0b:e7:12:93:40:1c:c0:
cf:08:29:8b:21:34:83:b4:62:e1:21:6b:4c:dc:37:
fb:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:6F:EC:9F:C8:F4:03:06:90:AF:8F:EA:8B:10:1B:88:FD:3E:DA:97
X509v3 Authority Key Identifier:
keyid:B4:43:91:4A:48:E5:DA:E5:A7:56:B1:E3:B8:FB:E4:37:EE:0D:8B:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEORSkjl2uWnVrHjuPvkN-4Niww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/l2_sn8j0AwaQr4_qixAbiP0-2pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/tEORSkjl2uWnVrHjuPvkN-4Niww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.6.0/24
194.0.37.0/24
194.0.43.0-194.0.44.255
IPv6:
2001:678:9::/48
2001:678:64::/48
2001:678:68::/48
2001:678:6c::/48
Signature Algorithm: sha256WithRSAEncryption
72:c0:8f:e9:f3:47:50:40:17:fe:8d:da:86:c0:fc:28:ce:6b:
64:06:a6:b3:05:2a:63:56:76:f9:2f:1c:f1:53:ec:4c:52:26:
b7:a0:05:82:60:bc:d7:96:d2:f1:14:eb:eb:e7:69:83:f9:e3:
1f:e1:2c:27:c3:63:b7:ff:99:d4:9b:d3:2e:0f:ca:d5:ec:47:
ae:e8:16:95:08:81:b5:83:d4:c2:ec:3f:dc:55:27:8f:14:3f:
f6:a9:31:93:96:31:e2:7f:bb:15:d6:d0:9e:80:ec:aa:0e:c4:
c4:4b:7a:de:ff:81:4d:1f:b5:d0:2c:ff:43:ba:a7:67:46:31:
54:94:02:71:fc:1d:36:fb:7b:8a:03:55:e9:c3:e8:92:02:7a:
ed:55:8c:4f:de:d6:38:e8:5a:4a:65:40:19:62:29:38:86:5d:
5e:4b:38:f3:6d:d3:a1:97:4a:a9:e7:a1:63:60:41:e9:c9:8b:
63:02:43:49:71:f6:a7:f4:16:03:04:96:75:2d:f2:b9:dc:95:
19:25:df:bd:a6:8b:59:c7:13:ae:37:1b:f2:95:63:3a:9d:d9:
af:72:9f:55:d4:8d:d8:f8:98:a2:94:15:84:ee:e4:9c:d0:7a:
c5:14:3f:c4:8c:6d:1f:f6:0a:5e:37:45:1b:de:17:63:95:a4:
7f:4a:88:bc
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEQTO0WjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDQzOTE0YTQ4ZTVkYWU1YTc1NmIxZTNiOGZiZTQzN2VlMGQ4YjBjMB4XDTIyMDEw
MTEzNTYxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc2ZmVjOWZjOGY0
MDMwNjkwYWY4ZmVhOGIxMDFiODhmZDNlZGE5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOsO8gOVmkJ4F7uhHCZrVjMPu0MsyBbAcqLYV9p4LMSp8kV
nJ3ClXutkVcy3UPaAu8MxoUpnJqS3vfnEvHtUY0DKuSOakHCNSwk0qDAVDn5xsBU
26ZeAl5FMzaJ/a4NCZY6wqLJMWMp3cfnAixK3bdMKs+9M8dC4o4JcmIDEyokHJ3C
NO0lc0/jLcvZgWQPPOuhQjy9r60nJhGbS0Q64/W8zBMzauqamdm8KHhqhOrjaVfH
josjYzJRcR7fvy+e9djq1URhAHtdxPisViEyFtGRpF91YL/H0m2fA+WewGRXdYhx
9gJMZMAL5xKTQBzAzwgpiyE0g7Ri4SFrTNw3+yUCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBSXb+yfyPQDBpCvj+qLEBuI/T7alzAfBgNVHSMEGDAWgBS0Q5FKSOXa5adW
seO4++Q37g2LDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RFT1JTa2psMnVXblZySGp1UHZrTi00Tml3dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvNjkyMGQyLWE3YTYtNDFhNS05NmUwLTMxNGVmNzQ2ZDhhNi8x
L2wyX3NuOGowQXdhUXI0X3FpeEFiaVAwLTJwYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
NjkyMGQyLWE3YTYtNDFhNS05NmUwLTMxNGVmNzQ2ZDhhNi8xL3RFT1JTa2psMnVX
blZySGp1UHZrTi00Tml3dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wIAQCAAEwGgMEAMIABgMEAMIAJTAMAwQAwgArAwQA
wgAsMCoEAgACMCQDBwAgAQZ4AAkDBwAgAQZ4AGQDBwAgAQZ4AGgDBwAgAQZ4AGww
DQYJKoZIhvcNAQELBQADggEBAHLAj+nzR1BAF/6N2obA/CjOa2QGprMFKmNWdvkv
HPFT7ExSJregBYJgvNeW0vEU6+vnaYP54x/hLCfDY7f/mdSb0y4PytXsR67oFpUI
gbWD1MLsP9xVJ48UP/apMZOWMeJ/uxXW0J6A7KoOxMRLet7/gU0ftdAs/0O6p2dG
MVSUAnH8HTb7e4oDVenD6JICeu1VjE/e1jjoWkplQBliKTiGXV5LOPNt06GXSqnn
oWNgQenJi2MCQ0lx9qf0FgMElnUt8rnclRkl372mi1nHE643G/KVYzqd2a9yn1XU
jdj4mKKUFYTu5JzQesUUP8SMbR/2Cl43RRveF2OVpH9KiLw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:37 2023 by rpki-client on console-ams.rpki-client.org