Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/2b8e6d-a2c8-4e7d-96ca-ac764c952357/1/a0csQAlV0dyMDryMTFemeGem2uU.roa
File: a0csQAlV0dyMDryMTFemeGem2uU.roa (raw, json)
Hash identifier: uDP8Fly/VXbJIp+Rswmo0sJ1CjVyk2j2YRb7Ih5Em2I=
Subject key identifier: 6B:47:2C:40:09:55:D1:DC:8C:0E:BC:8C:4C:57:A6:78:67:A6:DA:E5
Certificate issuer: /CN=5920d670649a4a4a9cb2e66772170741adf7c51a
Certificate serial: 0184B9
Authority key identifier: 59:20:D6:70:64:9A:4A:4A:9C:B2:E6:67:72:17:07:41:AD:F7:C5:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WSDWcGSaSkqcsuZnchcHQa33xRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/2b8e6d-a2c8-4e7d-96ca-ac764c952357/1/a0csQAlV0dyMDryMTFemeGem2uU.roa
Signing time: Thu 28 Apr 2022 12:29:40 +0000
ROA not before: Thu 28 Apr 2022 12:29:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3303
IP address blocks: 194.59.152.0/23 maxlen: 23
194.59.152.0/24 maxlen: 24
194.49.21.0/24 maxlen: 24
194.59.154.0/24 maxlen: 24
194.59.153.0/24 maxlen: 24
2001:67c:2950::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99513 (0x184b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5920d670649a4a4a9cb2e66772170741adf7c51a
Validity
Not Before: Apr 28 12:29:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b472c400955d1dc8c0ebc8c4c57a67867a6dae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c0:e3:b4:80:e2:46:6c:70:df:07:7e:12:98:
0d:2d:16:46:7b:37:6d:f6:7f:21:55:89:d3:ee:66:
59:28:8a:21:2b:37:84:3e:a2:72:92:52:7c:43:66:
47:63:21:df:9b:f7:bb:a4:c7:82:be:7b:bf:87:e8:
6a:c7:4b:c2:7c:49:16:9c:ad:e0:ee:b5:19:97:6a:
b1:37:be:d5:4c:7b:6c:1f:ab:0d:16:39:7d:97:3c:
bf:c1:4e:1c:0f:16:61:a4:14:58:40:4c:00:cd:38:
c2:2a:9f:1e:f7:ef:72:c6:3b:ee:17:c9:a7:03:f5:
79:ba:4c:9a:4a:59:14:76:fb:49:66:7c:ae:e1:b2:
41:7f:83:8c:2c:12:7b:64:6b:23:2e:1f:bb:c3:c4:
6c:80:ba:c8:58:0a:8f:df:d9:2e:dc:68:41:5b:15:
8c:44:ee:26:92:80:ac:cb:53:bd:72:e7:f8:dc:7b:
d1:55:26:31:da:1a:a4:cf:7e:77:f5:67:4c:80:a6:
99:b8:2f:67:66:36:81:af:83:81:c5:88:a4:b0:e6:
92:a7:99:23:8e:54:a7:65:bd:50:b5:cb:d7:69:91:
29:1d:d6:08:2c:d7:bb:08:4e:22:e3:2f:a0:02:fb:
64:9b:90:8b:c7:bc:5a:fd:05:96:ef:e2:7e:e2:3b:
05:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:47:2C:40:09:55:D1:DC:8C:0E:BC:8C:4C:57:A6:78:67:A6:DA:E5
X509v3 Authority Key Identifier:
keyid:59:20:D6:70:64:9A:4A:4A:9C:B2:E6:67:72:17:07:41:AD:F7:C5:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WSDWcGSaSkqcsuZnchcHQa33xRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/2b8e6d-a2c8-4e7d-96ca-ac764c952357/1/a0csQAlV0dyMDryMTFemeGem2uU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/2b8e6d-a2c8-4e7d-96ca-ac764c952357/1/WSDWcGSaSkqcsuZnchcHQa33xRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.21.0/24
194.59.152.0-194.59.154.255
IPv6:
2001:67c:2950::/48
Signature Algorithm: sha256WithRSAEncryption
a2:45:df:da:63:18:fc:05:ed:e0:b9:78:75:f3:ae:63:84:7c:
7f:5c:1f:45:a0:97:e9:a9:92:37:81:86:c0:af:ff:96:27:f3:
65:3d:5a:95:37:99:2d:a1:79:8e:48:53:33:12:c0:f4:f7:7d:
2f:3c:14:da:df:43:e5:67:f1:5e:2e:58:46:d0:a7:eb:40:d6:
4d:e6:6d:38:f2:e3:df:d0:c0:16:74:bd:a7:2d:a7:fb:fe:54:
43:1e:43:76:08:b5:54:c3:9a:c8:96:8a:89:70:97:cf:e3:94:
22:fa:3b:f7:f7:b2:b0:24:5e:ef:cf:56:ba:71:49:65:cf:8e:
ab:6a:1c:47:a8:a1:e3:72:92:fb:32:f7:4a:95:47:cf:c8:a1:
80:9d:11:ad:40:be:70:fd:c1:dc:03:ba:b2:89:28:60:e5:6a:
14:38:d1:5e:20:e9:1c:01:7d:c2:1e:a2:fb:ac:35:6a:ef:af:
c5:36:58:05:f3:3e:53:b4:43:3a:71:4a:df:61:d4:8d:1f:b4:
f7:cf:8d:ef:93:0b:ff:3b:53:48:a5:ea:ec:0c:3c:af:89:fe:
5f:00:b6:65:42:c0:27:84:7c:62:b5:3d:3b:cd:f7:5c:59:f1:
43:8b:8b:34:c0:0a:df:58:30:21:16:72:cb:af:d1:63:93:7d:
1d:df:85:fd
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIDAYS5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU5
MjBkNjcwNjQ5YTRhNGE5Y2IyZTY2NzcyMTcwNzQxYWRmN2M1MWEwHhcNMjIwNDI4
MTIyOTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2YjQ3MmM0MDA5NTVk
MWRjOGMwZWJjOGM0YzU3YTY3ODY3YTZkYWU1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4MDjtIDiRmxw3wd+EpgNLRZGezdt9n8hVYnT7mZZKIohKzeE
PqJyklJ8Q2ZHYyHfm/e7pMeCvnu/h+hqx0vCfEkWnK3g7rUZl2qxN77VTHtsH6sN
Fjl9lzy/wU4cDxZhpBRYQEwAzTjCKp8e9+9yxjvuF8mnA/V5ukyaSlkUdvtJZnyu
4bJBf4OMLBJ7ZGsjLh+7w8RsgLrIWAqP39ku3GhBWxWMRO4mkoCsy1O9cuf43HvR
VSYx2hqkz3539WdMgKaZuC9nZjaBr4OBxYiksOaSp5kjjlSnZb1QtcvXaZEpHdYI
LNe7CE4i4y+gAvtkm5CLx7xa/QWW7+J+4jsFkQIDAQABo4ICKDCCAiQwHQYDVR0O
BBYEFGtHLEAJVdHcjA68jExXpnhnptrlMB8GA1UdIwQYMBaAFFkg1nBkmkpKnLLm
Z3IXB0Gt98UaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
V1NEV2NHU2FTa3Fjc3VabmNoY0hRYTMzeFJvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82Zi8yYjhlNmQtYTJjOC00ZTdkLTk2Y2EtYWM3NjRjOTUyMzU3LzEv
YTBjc1FBbFYwZHlNRHJ5TVRGZW1lR2VtMnVVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8y
YjhlNmQtYTJjOC00ZTdkLTk2Y2EtYWM3NjRjOTUyMzU3LzEvV1NEV2NHU2FTa3Fj
c3VabmNoY0hRYTMzeFJvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD4G
CCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQAwjEVMAwDBAPCO5gDBADCO5owDwQC
AAIwCQMHACABBnwpUDANBgkqhkiG9w0BAQsFAAOCAQEAokXf2mMY/AXt4Ll4dfOu
Y4R8f1wfRaCX6amSN4GGwK//lifzZT1alTeZLaF5jkhTMxLA9Pd9LzwU2t9D5Wfx
Xi5YRtCn60DWTeZtOPLj39DAFnS9py2n+/5UQx5Ddgi1VMOayJaKiXCXz+OUIvo7
9/eysCRe789WunFJZc+Oq2ocR6ih43KS+zL3SpVHz8ihgJ0RrUC+cP3B3AO6soko
YOVqFDjRXiDpHAF9wh6i+6w1au+vxTZYBfM+U7RDOnFK32HUjR+098+N75ML/ztT
SKXq7Aw8r4n+XwC2ZULAJ4R8YrU9O833XFnxQ4uLNMAK31gwIRZyy6/RY5N9Hd+F
/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:57 2024 by rpki-client on console-ams.rpki-client.org