Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/6v6hRwTsASIxx8rSpRN0el2_888.roa
File: 6v6hRwTsASIxx8rSpRN0el2_888.roa (raw, json)
Hash identifier: MG7jOb20BI/rhKhdgHd8Aurd7ZuYA7W8V30EHSvssPE=
Subject key identifier: EA:FE:A1:47:04:EC:01:22:31:C7:CA:D2:A5:13:74:7A:5D:BF:F3:CF
Certificate issuer: /CN=fce4f396729bf478e636549821f6f6970d893f52
Certificate serial: 0CB637EA
Authority key identifier: FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/6v6hRwTsASIxx8rSpRN0el2_888.roa
Signing time: Sat 01 Jan 2022 15:00:22 +0000
ROA not before: Sat 01 Jan 2022 15:00:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47648
IP address blocks: 152.89.188.0/22 maxlen: 24
185.239.196.0/22 maxlen: 24
2a0c:6180::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213268458 (0xcb637ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fce4f396729bf478e636549821f6f6970d893f52
Validity
Not Before: Jan 1 15:00:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eafea14704ec012231c7cad2a513747a5dbff3cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f3:c9:bc:fc:34:ab:0e:74:b4:a5:06:04:ac:
c8:88:d1:c9:50:df:0b:14:2d:cc:10:9d:81:79:4e:
fb:b4:80:ba:be:c4:90:ea:06:e8:99:d4:93:e5:ca:
c3:1a:0c:29:52:a1:87:02:99:8f:08:e7:d5:c8:51:
7d:b5:2a:af:21:65:64:ca:04:b4:a9:e5:1a:de:3f:
3f:f8:0b:76:11:88:32:99:5a:a5:de:a1:fd:ec:8d:
64:f6:ab:2d:1f:06:69:88:7d:ba:fd:7f:87:6c:db:
5e:4d:db:09:60:43:ee:36:2b:1f:28:21:4f:bb:8f:
e1:51:02:4d:81:4c:31:44:3b:76:ae:95:ea:48:be:
92:1a:77:57:37:ec:10:82:73:f0:10:8a:c9:8a:7a:
11:a9:62:fe:88:19:a5:c0:a4:7b:a8:60:cf:32:55:
50:07:76:39:9d:29:15:62:f0:fd:70:3a:eb:db:08:
d5:e2:23:53:ae:c6:7a:20:5d:ba:91:ab:b7:17:a7:
ef:0a:e9:4b:71:59:b1:22:06:92:57:46:c9:28:32:
eb:ec:7e:e8:a3:85:69:38:70:37:b3:3e:38:29:84:
3c:06:cd:aa:46:8e:46:fa:d0:31:20:4e:db:d2:be:
b0:7d:07:35:9d:ab:24:13:9c:2b:e5:ff:5e:1b:4a:
08:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:FE:A1:47:04:EC:01:22:31:C7:CA:D2:A5:13:74:7A:5D:BF:F3:CF
X509v3 Authority Key Identifier:
keyid:FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/6v6hRwTsASIxx8rSpRN0el2_888.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.188.0/22
185.239.196.0/22
IPv6:
2a0c:6180::/29
Signature Algorithm: sha256WithRSAEncryption
85:ca:90:50:a1:cb:64:d3:a7:10:98:95:d8:9e:ac:3c:aa:be:
cb:75:85:91:3b:0f:c1:f1:55:be:21:c3:c4:89:24:3f:c5:d4:
9b:5e:01:5c:f2:65:7e:fd:c1:fc:6f:af:70:87:2c:4c:0c:a4:
06:f9:b6:4d:fd:d3:97:bc:ed:7c:75:9b:2e:2a:db:f0:1b:83:
c0:c2:13:e8:37:b6:06:28:a2:0c:d0:f8:45:b0:1c:85:38:eb:
c2:63:92:67:13:67:80:7a:d1:c0:fe:58:60:3f:40:09:ca:34:
9c:4a:54:c7:05:61:6b:57:37:3a:57:e9:56:c2:a3:6a:36:88:
b7:66:65:29:e7:f7:81:8a:0a:38:9c:67:8f:6f:2e:81:58:d9:
79:ac:38:4b:75:67:6f:65:22:88:45:d7:4f:e6:d1:29:cc:ca:
b8:95:7d:e9:43:18:17:44:78:d0:cb:45:d2:18:dc:4a:d1:6f:
a8:1d:ba:7b:56:64:13:96:74:54:13:c7:b5:5c:29:06:62:67:
13:f6:9d:f9:12:0e:5f:3d:4e:c3:72:a9:c6:e4:5a:e0:50:a6:
e9:fa:8a:49:24:00:9e:5b:af:ee:94:94:aa:bd:30:42:00:76:
bd:f0:da:b2:aa:f1:61:db:82:96:1d:a4:58:2c:4f:3b:bb:5e:
e8:0e:ab:f9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDLY36jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Y2U0ZjM5NjcyOWJmNDc4ZTYzNjU0OTgyMWY2ZjY5NzBkODkzZjUyMB4XDTIyMDEw
MTE1MDAyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWFmZWExNDcwNGVj
MDEyMjMxYzdjYWQyYTUxMzc0N2E1ZGJmZjNjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOXzybz8NKsOdLSlBgSsyIjRyVDfCxQtzBCdgXlO+7SAur7E
kOoG6JnUk+XKwxoMKVKhhwKZjwjn1chRfbUqryFlZMoEtKnlGt4/P/gLdhGIMpla
pd6h/eyNZParLR8GaYh9uv1/h2zbXk3bCWBD7jYrHyghT7uP4VECTYFMMUQ7dq6V
6ki+khp3VzfsEIJz8BCKyYp6Eali/ogZpcCke6hgzzJVUAd2OZ0pFWLw/XA669sI
1eIjU67GeiBdupGrtxen7wrpS3FZsSIGkldGySgy6+x+6KOFaThwN7M+OCmEPAbN
qkaORvrQMSBO29K+sH0HNZ2rJBOcK+X/XhtKCLsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTq/qFHBOwBIjHHytKlE3R6Xb/zzzAfBgNVHSMEGDAWgBT85POWcpv0eOY2
VJgh9vaXDYk/UjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19PVHpsbktiOUhqbU5sU1lJZmIybHcySlAxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvMzYyNzVlLTY3NTktNGQ1Mi1iMmQxLThjNzBkZTllOWI5ZC8x
LzZ2NmhSd1RzQVNJeHg4clNwUk4wZWwyXzg4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
MzYyNzVlLTY3NTktNGQ1Mi1iMmQxLThjNzBkZTllOWI5ZC8xL19PVHpsbktiOUhq
bU5sU1lJZmIybHcySlAxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAphZvAMEArnvxDANBAIAAjAHAwUD
KgxhgDANBgkqhkiG9w0BAQsFAAOCAQEAhcqQUKHLZNOnEJiV2J6sPKq+y3WFkTsP
wfFVviHDxIkkP8XUm14BXPJlfv3B/G+vcIcsTAykBvm2Tf3Tl7ztfHWbLirb8BuD
wMIT6De2BiiiDND4RbAchTjrwmOSZxNngHrRwP5YYD9ACco0nEpUxwVha1c3Olfp
VsKjajaIt2ZlKef3gYoKOJxnj28ugVjZeaw4S3Vnb2UiiEXXT+bRKczKuJV96UMY
F0R40MtF0hjcStFvqB26e1ZkE5Z0VBPHtVwpBmJnE/ad+RIOXz1Ow3KpxuRa4FCm
6fqKSSQAnluv7pSUqr0wQgB2vfDasqrxYduClh2kWCxPO7te6A6r+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:36 2024 by rpki-client on console-ams.rpki-client.org