Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/PbD6MO7yo39k-r2GraqEg1O2GxU.roa
File: PbD6MO7yo39k-r2GraqEg1O2GxU.roa (raw, json)
Hash identifier: oL/ltB/Yne+ZZu6o0Qp41xQ98Vj3vUoPwHquRBkNvM8=
Subject key identifier: 3D:B0:FA:30:EE:F2:A3:7F:64:FA:BD:86:AD:AA:84:83:53:B6:1B:15
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018258E39213555CCC955594D60E6E65608D
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/PbD6MO7yo39k-r2GraqEg1O2GxU.roa
Signing time: Mon 01 Aug 2022 10:11:25 +0000
ROA not before: Mon 01 Aug 2022 10:11:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6057
IP address blocks: 2.22.26.0/23 maxlen: 23
2.22.28.0/24 maxlen: 24
2.18.64.0/24 maxlen: 24
2.19.251.0/24 maxlen: 24
2.22.24.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:58:e3:92:13:55:5c:cc:95:55:94:d6:0e:6e:65:60:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Aug 1 10:11:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3db0fa30eef2a37f64fabd86adaa848353b61b15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7f:36:23:2a:6b:86:73:80:e9:4a:33:86:54:
e1:36:cd:18:d6:03:3a:5a:ed:17:b1:ea:b9:cd:6b:
d4:c3:a2:40:82:81:39:29:d5:5c:a3:44:8f:01:f1:
f9:79:81:8a:24:3f:33:b9:70:21:bd:83:3b:c4:41:
e4:0d:c4:fd:34:7e:b3:75:42:6a:67:91:ab:5a:94:
7b:0f:9c:e8:6b:f0:73:75:3f:fa:7a:a3:07:e6:84:
8b:d6:9b:7b:ba:94:25:fe:26:d5:1f:a0:bf:1f:70:
02:8a:55:69:54:9f:cf:07:30:ad:45:b4:a6:c5:e1:
8f:a7:cf:80:da:8f:d9:9e:6d:55:c4:a9:91:3f:d2:
a6:73:4b:de:c1:00:69:35:a9:e0:9b:3c:d2:d9:3b:
cd:5d:99:1e:80:36:82:19:da:88:17:71:06:19:51:
d0:a1:37:01:52:10:35:78:49:7b:93:42:f1:de:0b:
30:b0:8d:d0:cb:22:de:0a:fc:65:ea:9d:75:ed:bc:
a5:20:ae:3d:eb:e2:71:58:15:19:e2:df:90:7d:0a:
73:14:da:eb:73:f5:76:5a:68:a3:fa:d3:6e:94:87:
81:01:aa:06:7e:64:fd:c8:39:e4:a8:7a:a9:9e:b8:
64:00:d6:17:92:b3:9b:9c:fb:3a:24:ff:8f:8d:4c:
c1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B0:FA:30:EE:F2:A3:7F:64:FA:BD:86:AD:AA:84:83:53:B6:1B:15
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/PbD6MO7yo39k-r2GraqEg1O2GxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.18.64.0/24
2.19.251.0/24
2.22.24.0-2.22.28.255
Signature Algorithm: sha256WithRSAEncryption
25:3d:88:83:39:29:68:c9:61:51:b7:b9:c3:8c:cf:09:fe:c5:
7d:5f:a5:90:ea:f1:e5:d7:63:a4:c5:51:f8:2f:b2:48:98:39:
df:7e:3f:04:86:76:47:38:79:9b:dc:a8:c3:77:e2:aa:f0:51:
2b:d3:30:49:07:9e:1b:78:b3:09:45:06:59:42:0a:22:0c:83:
92:58:a9:4f:6a:ae:7e:f3:3e:47:24:6a:d9:1b:9f:b6:e4:d6:
b6:ac:2f:15:93:2c:8b:df:89:15:e6:16:bd:cf:d9:c5:e6:cb:
57:db:90:fe:77:eb:15:f2:22:68:1a:e4:5b:d8:f0:76:af:72:
c0:7f:e3:47:11:86:c2:3e:37:5f:1a:0d:68:28:a0:5e:5f:b4:
5e:dd:70:07:02:54:ef:15:9e:e5:99:95:ac:04:06:81:6b:c6:
99:6e:de:dd:e3:4d:87:37:5e:ad:b3:d9:21:55:be:1e:c3:77:
a1:04:ff:36:12:b3:a1:e0:05:20:e0:91:71:3e:91:47:94:32:
d5:af:e1:fc:85:c5:3b:43:ff:f6:66:2c:77:16:b0:ac:d9:56:
d9:ef:e5:1e:c6:e8:f6:f2:45:cd:66:5d:56:2d:71:43:1f:61:
6b:c9:00:98:13:29:be:b8:d0:b2:75:a1:b0:6d:73:60:71:e5:
9f:53:f4:2a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYJY45ITVVzMlVWU1g5uZWCNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjIwODAxMTAxMTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGIwZmEzMGVlZjJhMzdmNjRmYWJkODZhZGFhODQ4MzUzYjYxYjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhH82IyprhnOA6UozhlThNs0Y1gM6
Wu0Xseq5zWvUw6JAgoE5KdVco0SPAfH5eYGKJD8zuXAhvYM7xEHkDcT9NH6zdUJq
Z5GrWpR7D5zoa/BzdT/6eqMH5oSL1pt7upQl/ibVH6C/H3ACilVpVJ/PBzCtRbSm
xeGPp8+A2o/Znm1VxKmRP9Kmc0vewQBpNangmzzS2TvNXZkegDaCGdqIF3EGGVHQ
oTcBUhA1eEl7k0Lx3gswsI3QyyLeCvxl6p117bylIK496+JxWBUZ4t+QfQpzFNrr
c/V2Wmij+tNulIeBAaoGfmT9yDnkqHqpnrhkANYXkrObnPs6JP+PjUzBSQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFD2w+jDu8qN/ZPq9hq2qhINTthsVMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvUGJENk1PN3lvMzlrLXIyR3JhcUVnMU8yR3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAAhJAAwQA
AhP7MAwDBAMCFhgDBAACFhwwDQYJKoZIhvcNAQELBQADggEBACU9iIM5KWjJYVG3
ucOMzwn+xX1fpZDq8eXXY6TFUfgvskiYOd9+PwSGdkc4eZvcqMN34qrwUSvTMEkH
nht4swlFBllCCiIMg5JYqU9qrn7zPkckatkbn7bk1rasLxWTLIvfiRXmFr3P2cXm
y1fbkP536xXyImga5FvY8HavcsB/40cRhsI+N18aDWgooF5ftF7dcAcCVO8VnuWZ
lawEBoFrxplu3t3jTYc3Xq2z2SFVvh7Dd6EE/zYSs6HgBSDgkXE+kUeUMtWv4fyF
xTtD//ZmLHcWsKzZVtnv5R7G6PbyRc1mXVYtcUMfYWvJAJgTKb640LJ1obBtc2Bx
5Z9T9Co=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:41 2023 by rpki-client on console-fra.rpki-client.org