Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/6b9822-2f3e-45ba-a018-88ba02786d0d/1/rNl7tTOckQML5IW1obIsUR6eLwM.roa
File: rNl7tTOckQML5IW1obIsUR6eLwM.roa (raw, json)
Hash identifier: ScIE/udLoNPiu9qmrJBJTw3CeQxySpJ6VWG6i4zhmxw=
Subject key identifier: AC:D9:7B:B5:33:9C:91:03:0B:E4:85:B5:A1:B2:2C:51:1E:9E:2F:03
Certificate issuer: /CN=5e81164ce388259186fba015acc4b0eb48beb552
Certificate serial: 36C27685
Authority key identifier: 5E:81:16:4C:E3:88:25:91:86:FB:A0:15:AC:C4:B0:EB:48:BE:B5:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XoEWTOOIJZGG-6AVrMSw60i-tVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/6b9822-2f3e-45ba-a018-88ba02786d0d/1/rNl7tTOckQML5IW1obIsUR6eLwM.roa
Signing time: Sat 01 Jan 2022 03:57:47 +0000
ROA not before: Sat 01 Jan 2022 03:57:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197197
IP address blocks: 109.224.64.0/18 maxlen: 18
2a00:7e80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 918713989 (0x36c27685)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e81164ce388259186fba015acc4b0eb48beb552
Validity
Not Before: Jan 1 03:57:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=acd97bb5339c91030be485b5a1b22c511e9e2f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:de:ef:31:06:8d:0f:fa:4e:75:7b:d8:3d:0f:
2a:2a:1e:43:c6:fc:9f:da:91:ad:4e:e9:3c:da:b0:
ff:04:65:a1:87:99:9e:c5:f6:69:b6:a0:5d:25:10:
3c:b8:03:99:da:c2:31:c8:f0:32:0f:00:56:a1:42:
34:31:64:61:3e:6b:d2:4e:62:59:42:eb:2e:83:bb:
b2:02:e2:8c:fc:75:ba:67:2f:a9:93:e8:08:f9:70:
ec:e5:10:26:d1:94:b8:aa:de:34:c5:65:e6:5e:1b:
52:d9:67:24:cf:99:2f:c6:43:fd:7a:ec:99:74:48:
cb:2c:96:51:97:51:37:a3:2e:c8:45:b1:e9:3c:f6:
d3:c1:1d:94:10:1c:5c:ae:bb:ee:41:26:c8:01:f5:
54:fb:96:61:0e:04:3a:ca:fb:9c:54:65:2d:34:9f:
3a:5e:ef:55:c7:bd:ca:06:fe:17:89:2f:51:62:89:
d8:c2:9b:88:3f:94:ff:b9:ac:bd:0d:eb:f1:ac:74:
48:ba:9d:61:52:a0:87:47:4c:ff:ac:2f:af:3c:5e:
e1:e5:61:ab:ee:cc:7d:93:3a:bf:d4:02:46:22:91:
c1:17:86:fc:37:ea:e6:a5:8c:36:7c:5d:52:69:6f:
40:ff:8c:f8:4b:a3:9c:9f:68:80:3b:dd:08:80:e1:
64:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D9:7B:B5:33:9C:91:03:0B:E4:85:B5:A1:B2:2C:51:1E:9E:2F:03
X509v3 Authority Key Identifier:
keyid:5E:81:16:4C:E3:88:25:91:86:FB:A0:15:AC:C4:B0:EB:48:BE:B5:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XoEWTOOIJZGG-6AVrMSw60i-tVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/6b9822-2f3e-45ba-a018-88ba02786d0d/1/rNl7tTOckQML5IW1obIsUR6eLwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/6b9822-2f3e-45ba-a018-88ba02786d0d/1/XoEWTOOIJZGG-6AVrMSw60i-tVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.64.0/18
IPv6:
2a00:7e80::/32
Signature Algorithm: sha256WithRSAEncryption
58:83:0e:a7:2e:7e:2f:db:dd:cb:b9:4b:af:7a:71:8a:67:cc:
3b:0b:bd:3a:31:9a:c7:92:0e:3e:03:f1:0b:a9:f0:04:09:20:
e1:58:0e:34:81:d2:1f:a0:51:bd:dc:89:45:9b:71:50:cf:94:
02:84:55:e2:39:42:0f:6b:63:ff:05:e6:5d:15:da:7e:9f:97:
d3:7d:64:c7:71:21:b2:96:6a:56:24:3c:35:fa:2e:c7:5f:91:
e5:c1:8f:c1:19:e8:fd:40:00:68:41:6d:f4:b5:04:bd:7a:39:
d3:ce:d6:37:0f:cc:0a:26:92:81:ed:7e:64:6d:38:6c:9c:57:
fb:30:04:72:37:b6:ea:9b:5e:9e:fa:b4:87:be:41:f8:75:d2:
50:ce:e6:90:ab:8b:22:43:c9:e6:d2:ba:28:84:16:0a:41:35:
48:28:09:0d:69:0c:38:d4:c0:40:87:4e:59:03:06:07:94:01:
6f:46:94:93:c8:61:67:7a:74:83:88:f3:0c:7f:ad:fb:0f:4d:
c7:36:4d:dc:52:4b:a9:ef:44:de:ae:9a:2e:06:74:e0:cb:d8:
1d:e2:38:d7:8d:f7:41:ea:63:7a:47:a8:24:8d:a4:ca:8f:86:
5b:fe:72:40:2c:75:a0:e1:f2:d8:1a:81:b0:16:ed:47:0f:7e:
5b:6f:9d:94
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIENsJ2hTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZTgxMTY0Y2UzODgyNTkxODZmYmEwMTVhY2M0YjBlYjQ4YmViNTUyMB4XDTIyMDEw
MTAzNTc0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNkOTdiYjUzMzlj
OTEwMzBiZTQ4NWI1YTFiMjJjNTExZTllMmYwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKve7zEGjQ/6TnV72D0PKioeQ8b8n9qRrU7pPNqw/wRloYeZ
nsX2abagXSUQPLgDmdrCMcjwMg8AVqFCNDFkYT5r0k5iWULrLoO7sgLijPx1umcv
qZPoCPlw7OUQJtGUuKreNMVl5l4bUtlnJM+ZL8ZD/XrsmXRIyyyWUZdRN6MuyEWx
6Tz208EdlBAcXK677kEmyAH1VPuWYQ4EOsr7nFRlLTSfOl7vVce9ygb+F4kvUWKJ
2MKbiD+U/7msvQ3r8ax0SLqdYVKgh0dM/6wvrzxe4eVhq+7MfZM6v9QCRiKRwReG
/Dfq5qWMNnxdUmlvQP+M+EujnJ9ogDvdCIDhZEcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSs2Xu1M5yRAwvkhbWhsixRHp4vAzAfBgNVHSMEGDAWgBRegRZM44glkYb7
oBWsxLDrSL61UjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hvRVdUT09JSlpHRy02QVZyTVN3NjBpLXRWSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvNmI5ODIyLTJmM2UtNDViYS1hMDE4LTg4YmEwMjc4NmQwZC8x
L3JObDd0VE9ja1FNTDVJVzFvYklzVVI2ZUx3TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
NmI5ODIyLTJmM2UtNDViYS1hMDE4LTg4YmEwMjc4NmQwZC8xL1hvRVdUT09JSlpH
Ry02QVZyTVN3NjBpLXRWSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBm3gQDANBAIAAjAHAwUAKgB+gDAN
BgkqhkiG9w0BAQsFAAOCAQEAWIMOpy5+L9vdy7lLr3pximfMOwu9OjGax5IOPgPx
C6nwBAkg4VgONIHSH6BRvdyJRZtxUM+UAoRV4jlCD2tj/wXmXRXafp+X031kx3Eh
spZqViQ8Nfoux1+R5cGPwRno/UAAaEFt9LUEvXo5087WNw/MCiaSge1+ZG04bJxX
+zAEcje26ptenvq0h75B+HXSUM7mkKuLIkPJ5tK6KIQWCkE1SCgJDWkMONTAQIdO
WQMGB5QBb0aUk8hhZ3p0g4jzDH+t+w9NxzZN3FJLqe9E3q6aLgZ04MvYHeI41433
QepjekeoJI2kyo+GW/5yQCx1oOHy2BqBsBbtRw9+W2+dlA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:49 2024 by rpki-client on console-fra.rpki-client.org