Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/u3KuHjuR6oU-G4_RpkYXo1hAfr8.roa
File: u3KuHjuR6oU-G4_RpkYXo1hAfr8.roa (raw, json)
Hash identifier: ueLrozb0MyFKJk0kQqay2XYqUdVTsWc+iFoR7OO9kcQ=
Subject key identifier: BB:72:AE:1E:3B:91:EA:85:3E:1B:8F:D1:A6:46:17:A3:58:40:7E:BF
Certificate issuer: /CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00
Certificate serial: 3221F9AD
Authority key identifier: 5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/u3KuHjuR6oU-G4_RpkYXo1hAfr8.roa
Signing time: Sat 01 Jan 2022 11:53:39 +0000
ROA not before: Sat 01 Jan 2022 11:53:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29695
IP address blocks: 188.228.0.0/17 maxlen: 17
45.13.240.0/22 maxlen: 22
37.97.0.0/18 maxlen: 18
2a00:fd00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 841087405 (0x3221f9ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00
Validity
Not Before: Jan 1 11:53:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb72ae1e3b91ea853e1b8fd1a64617a358407ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a4:c3:b7:c3:cb:47:73:cf:95:2f:c2:ff:41:
18:3e:fd:77:6e:25:02:65:95:c9:22:6c:0e:92:ed:
17:3c:5f:e2:34:30:77:99:da:c8:ec:aa:95:45:40:
84:85:88:00:c7:a3:12:52:68:aa:71:24:ee:34:8c:
af:0f:16:96:6d:e0:5d:b6:71:82:c1:03:03:d4:f5:
81:9e:7c:87:fc:fd:eb:3a:e6:fa:58:e1:7a:05:87:
c1:10:6f:80:7e:31:7b:b0:38:92:23:29:aa:e9:77:
ab:57:d9:f4:6a:27:23:15:c2:e8:03:97:f3:0b:72:
3e:ac:12:b1:98:cd:24:fb:3f:d5:ac:48:22:74:55:
59:4e:d9:96:09:63:6a:1b:40:e4:7e:f2:bd:5e:e5:
4a:97:3c:4d:89:d1:7c:4b:95:0e:81:70:3c:62:c8:
93:4d:67:e6:c5:82:f6:1b:a5:ae:9c:da:74:95:63:
b7:ee:ae:b7:0f:b9:2a:34:a3:48:2e:28:e2:77:f8:
9c:45:bf:48:56:f2:13:c1:a5:ee:f7:f5:05:ab:1d:
bf:ca:a9:97:a0:93:46:d5:19:6e:1c:c5:dd:41:e6:
a8:9c:c1:22:f6:37:18:dd:cd:7a:f7:a3:37:35:98:
bf:f1:a4:3c:f4:bc:54:1c:8c:5f:eb:1f:01:5e:e4:
62:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:72:AE:1E:3B:91:EA:85:3E:1B:8F:D1:A6:46:17:A3:58:40:7E:BF
X509v3 Authority Key Identifier:
keyid:5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/u3KuHjuR6oU-G4_RpkYXo1hAfr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.0.0/18
45.13.240.0/22
188.228.0.0/17
IPv6:
2a00:fd00::/32
Signature Algorithm: sha256WithRSAEncryption
78:b0:54:da:96:15:79:4a:07:6c:81:61:68:40:c0:ac:bd:c5:
08:9a:1b:b9:5a:63:4d:76:07:73:f5:62:46:ed:e4:fe:ca:4f:
d0:da:70:96:03:98:f8:99:f5:3a:6c:f3:7f:2e:fe:f0:57:35:
2e:c6:1d:e8:ea:2b:81:93:8e:3a:d3:21:7a:ad:a7:ae:66:2f:
b2:cb:80:d0:5c:5b:d0:a8:45:a1:df:d6:06:0a:68:e5:29:f0:
b9:8e:c5:6a:b6:2d:da:c9:00:41:74:e1:18:57:e9:5a:e3:a4:
a7:03:c6:d9:81:f1:d1:2a:60:a2:6c:d8:3c:2b:33:26:bb:67:
e2:80:ba:62:fd:66:f5:d3:ea:a9:c2:2b:3d:97:bd:4a:63:34:
db:6d:59:fb:91:b3:d7:1f:c6:88:bd:fb:44:88:fb:05:de:ce:
86:3b:5b:7e:a4:9f:c6:e2:80:98:0f:44:d6:48:7b:f8:15:29:
0f:2d:cf:16:3f:6c:1b:d6:43:4b:79:e9:a6:fd:06:e4:af:23:
8e:a5:0c:18:ac:d8:ac:6f:7f:22:39:ab:32:8a:e2:a7:9c:d2:
53:16:7f:5e:8a:31:60:a3:09:7d:37:97:fd:ba:8b:1a:c1:53:
79:ac:23:60:01:d1:22:8c:11:b3:48:0d:8c:f8:95:b1:c5:88:
cf:dd:d7:94
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEMiH5rTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZDEyOWIwNDYwY2Y5ZWUwNTAwZWU4ODBhMmNmYTFhNTI0ZTRkZjAwMB4XDTIyMDEw
MTExNTMzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI3MmFlMWUzYjkx
ZWE4NTNlMWI4ZmQxYTY0NjE3YTM1ODQwN2ViZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMikw7fDy0dzz5Uvwv9BGD79d24lAmWVySJsDpLtFzxf4jQw
d5nayOyqlUVAhIWIAMejElJoqnEk7jSMrw8Wlm3gXbZxgsEDA9T1gZ58h/z96zrm
+ljhegWHwRBvgH4xe7A4kiMpqul3q1fZ9GonIxXC6AOX8wtyPqwSsZjNJPs/1axI
InRVWU7ZlgljahtA5H7yvV7lSpc8TYnRfEuVDoFwPGLIk01n5sWC9hulrpzadJVj
t+6utw+5KjSjSC4o4nf4nEW/SFbyE8Gl7vf1Basdv8qpl6CTRtUZbhzF3UHmqJzB
IvY3GN3NevejNzWYv/GkPPS8VByMX+sfAV7kYpECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBS7cq4eO5HqhT4bj9GmRhejWEB+vzAfBgNVHSMEGDAWgBRdEpsEYM+e4FAO
6ICiz6GlJOTfADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hSS2JCR0RQbnVCUUR1aUFvcy1ocFNUazN3QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvODU1N2UwLTM2OGQtNGQ4ZS05NzQxLWE4NzdkZDUxYmM0OS8x
L3UzS3VIanVSNm9VLUc0X1Jwa1lYbzFoQWZyOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
ODU1N2UwLTM2OGQtNGQ4ZS05NzQxLWE4NzdkZDUxYmM0OS8xL1hSS2JCR0RQbnVC
UUR1aUFvcy1ocFNUazN3QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBiVhAAMEAi0N8AMEB7zkADANBAIA
AjAHAwUAKgD9ADANBgkqhkiG9w0BAQsFAAOCAQEAeLBU2pYVeUoHbIFhaEDArL3F
CJobuVpjTXYHc/ViRu3k/spP0NpwlgOY+Jn1Omzzfy7+8Fc1LsYd6OorgZOOOtMh
eq2nrmYvssuA0Fxb0KhFod/WBgpo5SnwuY7FarYt2skAQXThGFfpWuOkpwPG2YHx
0SpgomzYPCszJrtn4oC6Yv1m9dPqqcIrPZe9SmM0221Z+5Gz1x/GiL37RIj7Bd7O
hjtbfqSfxuKAmA9E1kh7+BUpDy3PFj9sG9ZDS3nppv0G5K8jjqUMGKzYrG9/Ijmr
Morip5zSUxZ/XooxYKMJfTeX/bqLGsFTeawjYAHRIowRs0gNjPiVscWIz93XlA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:34 2024 by rpki-client on console-fra.rpki-client.org