Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/lL8KVB6-8TuYOhnWkSxtv4w9UEk.roa
File: lL8KVB6-8TuYOhnWkSxtv4w9UEk.roa (raw, json)
Hash identifier: OS2wVzFpEM8eGgsP9q2jFK3jGdsgYrJOA69hzCz404I=
Subject key identifier: 94:BF:0A:54:1E:BE:F1:3B:98:3A:19:D6:91:2C:6D:BF:8C:3D:50:49
Certificate issuer: /CN=1aa19c92e96677f5f96f68f1ca0aad9fa311eb45
Certificate serial: 0182CF5DF09C255EA324E0A58AB29AD84923
Authority key identifier: 1A:A1:9C:92:E9:66:77:F5:F9:6F:68:F1:CA:0A:AD:9F:A3:11:EB:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GqGckulmd_X5b2jxygqtn6MR60U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/lL8KVB6-8TuYOhnWkSxtv4w9UEk.roa
Signing time: Wed 24 Aug 2022 10:20:16 +0000
ROA not before: Wed 24 Aug 2022 10:20:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49859
IP address blocks: 194.32.111.0/24 maxlen: 24
2a00:e780:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:cf:5d:f0:9c:25:5e:a3:24:e0:a5:8a:b2:9a:d8:49:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aa19c92e96677f5f96f68f1ca0aad9fa311eb45
Validity
Not Before: Aug 24 10:20:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94bf0a541ebef13b983a19d6912c6dbf8c3d5049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:45:e1:c9:fd:43:9d:48:3a:9b:d2:4d:cf:c5:
a5:63:69:9c:a7:a7:d6:90:61:16:61:2e:4c:47:d9:
98:46:5d:56:33:b3:b1:02:2a:91:61:7a:b8:92:6e:
fc:fc:c8:d9:11:f7:99:3b:87:8f:02:7f:c6:42:99:
61:74:f6:c7:58:4f:88:ca:30:69:d8:8c:20:a2:c6:
46:16:01:31:14:f0:cf:66:d6:87:7f:f0:38:24:a6:
52:7f:7e:f4:ec:aa:12:77:a9:90:2f:44:3f:3d:36:
0a:3d:1e:40:db:7d:69:5c:91:c7:a0:cb:27:c7:bb:
f2:a3:c8:05:23:8e:9a:50:a8:87:4b:c1:e8:5f:71:
c8:09:62:5d:0b:bb:6f:86:3d:e9:88:a2:da:08:a0:
19:c1:e8:3c:4a:14:7a:f6:21:d9:d0:8d:d5:b0:6a:
94:81:24:61:c0:2e:74:42:8a:7d:49:df:27:92:62:
95:df:81:23:f5:de:1f:a4:20:56:56:f4:7a:aa:7a:
87:cc:de:ec:6f:f2:13:7e:ef:5e:d2:16:08:a3:60:
02:e5:52:d5:22:d8:e9:fa:7e:94:34:f6:2c:a8:b9:
06:c4:ab:37:75:fb:9a:1b:ca:f2:03:fd:07:3c:94:
2b:3c:02:c3:00:2b:e5:2f:1a:ad:2b:bd:bf:11:c6:
b8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:BF:0A:54:1E:BE:F1:3B:98:3A:19:D6:91:2C:6D:BF:8C:3D:50:49
X509v3 Authority Key Identifier:
keyid:1A:A1:9C:92:E9:66:77:F5:F9:6F:68:F1:CA:0A:AD:9F:A3:11:EB:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GqGckulmd_X5b2jxygqtn6MR60U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/lL8KVB6-8TuYOhnWkSxtv4w9UEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/GqGckulmd_X5b2jxygqtn6MR60U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.111.0/24
IPv6:
2a00:e780:1::/48
Signature Algorithm: sha256WithRSAEncryption
13:f3:7d:d1:30:8a:dd:3a:7d:ee:90:91:65:2c:c6:03:f2:78:
9e:7b:38:49:66:b7:0c:b5:90:1f:0d:81:d7:09:2b:90:ff:98:
88:b7:97:c8:24:08:92:3e:dc:c9:10:79:c4:04:6d:65:68:60:
70:73:3e:f7:53:1b:05:9e:d4:90:73:00:5c:bc:a4:e9:2e:c8:
de:fc:48:c3:99:a0:2c:86:b8:8c:55:2e:82:95:65:37:c8:54:
e9:ee:90:c4:c9:dc:4c:7c:f4:7c:60:ff:14:e6:05:9c:3c:ab:
29:24:6c:ea:22:1d:10:ce:fc:7f:0b:7c:82:ad:ad:1f:14:aa:
eb:07:8e:6e:62:c5:92:56:e9:00:4e:c0:d3:e5:65:91:07:3f:
fa:90:31:85:ed:25:bd:a9:1a:e5:ab:ae:c9:da:54:37:7d:c7:
41:00:5b:d5:93:3a:d7:b5:8c:e0:c5:b7:ad:0b:12:35:fa:19:
46:6f:7d:13:ef:87:ea:7c:3b:a9:60:7c:5a:47:c3:f3:76:b5:
b7:8c:7d:2e:2e:dc:dc:9a:6e:00:70:12:a6:2f:10:b0:4d:9a:
7f:8b:b2:27:e4:40:56:63:b9:29:45:82:af:ca:1b:eb:9d:fc:
5c:29:84:18:85:ca:93:fe:21:3f:8e:69:df:4d:e9:82:c9:90:
2a:90:b5:22
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYLPXfCcJV6jJOClirKa2EkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYTE5YzkyZTk2Njc3ZjVmOTZmNjhmMWNhMGFhZDlmYTMx
MWViNDUwHhcNMjIwODI0MTAyMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGJmMGE1NDFlYmVmMTNiOTgzYTE5ZDY5MTJjNmRiZjhjM2Q1MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50Xhyf1DnUg6m9JNz8WlY2mcp6fW
kGEWYS5MR9mYRl1WM7OxAiqRYXq4km78/MjZEfeZO4ePAn/GQplhdPbHWE+IyjBp
2IwgosZGFgExFPDPZtaHf/A4JKZSf3707KoSd6mQL0Q/PTYKPR5A231pXJHHoMsn
x7vyo8gFI46aUKiHS8HoX3HICWJdC7tvhj3piKLaCKAZweg8ShR69iHZ0I3VsGqU
gSRhwC50Qop9Sd8nkmKV34Ej9d4fpCBWVvR6qnqHzN7sb/ITfu9e0hYIo2AC5VLV
Itjp+n6UNPYsqLkGxKs3dfuaG8ryA/0HPJQrPALDACvlLxqtK72/Eca4vQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJS/ClQevvE7mDoZ1pEsbb+MPVBJMB8GA1UdIwQY
MBaAFBqhnJLpZnf1+W9o8coKrZ+jEetFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3FHY2t1bG1kX1g1YjJqeHlncXRuNk1SNjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8wMGFkYjAtODkwZC00N2FkLWExOGMt
NGFkMGFiZWMyNzVlLzEvbEw4S1ZCNi04VHVZT2huV2tTeHR2NHc5VUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8wMGFkYjAtODkwZC00N2FkLWExOGMtNGFkMGFiZWMyNzVl
LzEvR3FHY2t1bG1kX1g1YjJqeHlncXRuNk1SNjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwiBvMA8E
AgACMAkDBwAqAOeAAAEwDQYJKoZIhvcNAQELBQADggEBABPzfdEwit06fe6QkWUs
xgPyeJ57OElmtwy1kB8NgdcJK5D/mIi3l8gkCJI+3MkQecQEbWVoYHBzPvdTGwWe
1JBzAFy8pOkuyN78SMOZoCyGuIxVLoKVZTfIVOnukMTJ3Ex89Hxg/xTmBZw8qykk
bOoiHRDO/H8LfIKtrR8UqusHjm5ixZJW6QBOwNPlZZEHP/qQMYXtJb2pGuWrrsna
VDd9x0EAW9WTOte1jODFt60LEjX6GUZvfRPvh+p8O6lgfFpHw/N2tbeMfS4u3Nya
bgBwEqYvELBNmn+LsifkQFZjuSlFgq/KG+ud/FwphBiFypP+IT+Oad9N6YLJkCqQ
tSI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:24 2023 by rpki-client on console-fra.rpki-client.org