Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/aMWX0HY8JHsmqx-KJKioxaKVFYQ.roa
File: aMWX0HY8JHsmqx-KJKioxaKVFYQ.roa (raw, json)
Hash identifier: K1716hf1fXMvVbz2s8+yvLvOe2DmrXc3QzsJxUCbOCQ=
Subject key identifier: 68:C5:97:D0:76:3C:24:7B:26:AB:1F:8A:24:A8:A8:C5:A2:95:15:84
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 05435AD5
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/aMWX0HY8JHsmqx-KJKioxaKVFYQ.roa
Signing time: Sat 01 Jan 2022 06:04:04 +0000
ROA not before: Sat 01 Jan 2022 06:04:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29321
IP address blocks: 217.195.160.0/20 maxlen: 20
80.243.96.0/20 maxlen: 20
94.143.168.0/21 maxlen: 21
109.239.64.0/20 maxlen: 20
194.59.240.0/22 maxlen: 22
2a02:b20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88300245 (0x5435ad5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 1 06:04:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68c597d0763c247b26ab1f8a24a8a8c5a2951584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e8:2d:26:80:15:69:f2:77:c0:68:4a:f0:02:
60:1b:e4:d2:bf:9b:97:8a:f0:67:af:21:a4:84:b9:
8f:a2:9a:aa:70:6f:0d:01:71:9a:6c:49:a5:9b:ee:
76:ec:c2:5c:27:1b:e7:c7:6b:6b:24:30:30:29:42:
16:f9:c3:63:73:a6:54:18:b8:cb:1a:9a:fd:8e:34:
d9:70:b4:7e:f2:7c:e3:c8:34:2d:68:d3:9d:05:1d:
3b:79:ee:c4:15:62:44:1c:c5:51:82:1c:39:72:de:
2a:6b:41:fb:40:ed:01:e2:f3:a3:63:4f:d9:12:79:
b3:64:2e:44:dd:0e:71:00:cd:49:a1:73:28:6e:ba:
10:61:f6:67:d5:26:f1:fd:bf:65:1b:46:ef:bc:db:
37:1a:a9:99:6b:d4:d6:73:33:4f:66:0f:5e:e3:59:
91:fb:55:7b:b6:62:6e:3a:c7:e3:bf:5e:ee:3f:af:
99:25:98:67:aa:cc:6c:76:a3:25:74:da:aa:f4:8e:
c3:09:6e:7e:08:b0:f1:32:28:cd:77:c9:ff:a5:cc:
96:34:74:db:54:98:77:25:da:ce:4c:1e:a6:8d:b8:
24:0a:8c:95:5c:08:84:0d:52:dd:1a:d2:ff:54:05:
a2:28:b7:8d:0b:d0:fd:3f:ca:6c:37:f1:85:0e:92:
8f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C5:97:D0:76:3C:24:7B:26:AB:1F:8A:24:A8:A8:C5:A2:95:15:84
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/aMWX0HY8JHsmqx-KJKioxaKVFYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.96.0/20
94.143.168.0/21
109.239.64.0/20
194.59.240.0/22
217.195.160.0/20
IPv6:
2a02:b20::/32
Signature Algorithm: sha256WithRSAEncryption
4d:3d:f1:62:df:24:28:06:3c:7d:5c:7d:f4:77:3f:e1:d5:ef:
1a:1b:8d:f1:16:17:e2:64:ca:b2:8f:f2:25:91:64:84:54:57:
a2:3a:76:23:d7:80:6d:94:39:3f:1e:08:9a:f2:c0:41:be:3d:
02:d7:54:b5:7c:e4:64:ae:bb:a8:66:16:1d:5e:6d:28:8c:de:
72:60:a2:24:e2:0b:60:8c:af:45:e2:52:b8:cb:58:a4:11:40:
80:39:e3:19:a3:2f:a3:7d:40:a9:5d:8a:b8:34:56:9d:79:07:
d4:3d:48:c2:8a:59:c4:ee:34:93:61:97:38:39:10:5f:e3:09:
1a:aa:23:1b:b0:c1:66:51:14:27:8e:fa:d9:99:40:16:d0:de:
2b:3b:2a:ef:80:6d:d0:f5:82:4f:ba:82:cf:c9:ec:04:07:9f:
ff:02:b2:77:99:59:22:11:ef:9f:d5:20:46:a2:f0:ff:58:6b:
6a:7b:ca:a8:b2:7f:83:e6:d2:ee:5e:a5:8f:37:b1:f9:c1:37:
6d:8c:94:88:9f:41:bd:3a:6d:0a:57:00:7e:6c:03:6c:c3:fb:
73:64:a6:f9:b6:86:ca:fa:b9:64:1d:55:ab:a9:b6:68:df:5d:
52:c7:cc:40:75:d1:4d:09:78:28:6a:fc:c7:93:01:b6:1c:70:
8a:37:d5:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBUNa1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGZmMGZlY2Q3YmY0NDE0ODkzMTc4OGRmZTdmMjBkNjdhNjdhMGRiMB4XDTIyMDEw
MTA2MDQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhjNTk3ZDA3NjNj
MjQ3YjI2YWIxZjhhMjRhOGE4YzVhMjk1MTU4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAODoLSaAFWnyd8BoSvACYBvk0r+bl4rwZ68hpIS5j6KaqnBv
DQFxmmxJpZvuduzCXCcb58drayQwMClCFvnDY3OmVBi4yxqa/Y402XC0fvJ848g0
LWjTnQUdO3nuxBViRBzFUYIcOXLeKmtB+0DtAeLzo2NP2RJ5s2QuRN0OcQDNSaFz
KG66EGH2Z9Um8f2/ZRtG77zbNxqpmWvU1nMzT2YPXuNZkftVe7ZibjrH479e7j+v
mSWYZ6rMbHajJXTaqvSOwwlufgiw8TIozXfJ/6XMljR021SYdyXazkwepo24JAqM
lVwIhA1S3RrS/1QFoii3jQvQ/T/KbDfxhQ6Sjz8CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRoxZfQdjwkeyarH4okqKjFopUVhDAfBgNVHSMEGDAWgBTU/w/s179EFIkx
eI3+fyDWemeg2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFQOFA3TmVfUkJTSk1YaU5fbjhnMW5wbm9Ocy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMGMwYzY1LTlmODItNDQ1MC05MTY1LWYwYzIxZjgxODZmMC8x
L2FNV1gwSFk4SkhzbXF4LUtKS2lveGFLVkZZUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MGMwYzY1LTlmODItNDQ1MC05MTY1LWYwYzIxZjgxODZmMC8xLzFQOFA3TmVfUkJT
Sk1YaU5fbjhnMW5wbm9Ocy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBFDzYAMEA16PqAMEBG3vQAMEAsI7
8AMEBNnDoDANBAIAAjAHAwUAKgILIDANBgkqhkiG9w0BAQsFAAOCAQEATT3xYt8k
KAY8fVx99Hc/4dXvGhuN8RYX4mTKso/yJZFkhFRXojp2I9eAbZQ5Px4ImvLAQb49
AtdUtXzkZK67qGYWHV5tKIzecmCiJOILYIyvReJSuMtYpBFAgDnjGaMvo31AqV2K
uDRWnXkH1D1IwopZxO40k2GXODkQX+MJGqojG7DBZlEUJ4762ZlAFtDeKzsq74Bt
0PWCT7qCz8nsBAef/wKyd5lZIhHvn9UgRqLw/1hranvKqLJ/g+bS7l6ljzex+cE3
bYyUiJ9BvTptClcAfmwDbMP7c2Sm+baGyvq5ZB1Vq6m2aN9dUsfMQHXRTQl4KGr8
x5MBthxwijfVxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:18 2024 by rpki-client on console-ams.rpki-client.org