Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6BEfsGOXKvFa-p8QkkYzT7AeIuU.roa
File: 6BEfsGOXKvFa-p8QkkYzT7AeIuU.roa (raw, json)
Hash identifier: xHZvyNAr3lIJVd1ttxd4IuXP1mkGmqtKLMSPApyCVtc=
Subject key identifier: E8:11:1F:B0:63:97:2A:F1:5A:FA:9F:10:92:46:33:4F:B0:1E:22:E5
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0183594B6D590D39835EA3B12A8E808AEBC0
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6BEfsGOXKvFa-p8QkkYzT7AeIuU.roa
Signing time: Tue 20 Sep 2022 05:07:38 +0000
ROA not before: Tue 20 Sep 2022 05:07:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60808
IP address blocks: 5.34.208.0/20 maxlen: 24
188.253.96.0/19 maxlen: 24
193.36.84.0/23 maxlen: 23
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:59:4b:6d:59:0d:39:83:5e:a3:b1:2a:8e:80:8a:eb:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Sep 20 05:07:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8111fb063972af15afa9f109246334fb01e22e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a2:c8:82:cc:fe:20:e5:a8:68:83:b9:03:28:
88:81:69:5b:3f:20:ec:25:54:9e:4f:e9:c0:56:82:
9f:8c:92:55:29:e8:e0:f3:9c:a5:81:66:85:3d:b1:
1e:27:e5:87:c2:25:fd:dd:bb:5f:de:b3:95:77:99:
ae:b5:9b:7d:fb:89:b2:91:40:97:2d:be:a7:f7:e9:
5c:e1:04:f2:7f:d4:5b:67:13:d7:31:9d:18:2b:aa:
34:83:0b:20:78:fd:e5:06:ea:7e:0d:09:9c:46:c3:
a0:1c:ac:b4:b8:8a:b6:49:0c:52:9a:d6:00:e0:31:
a4:38:d2:50:e2:68:22:af:37:3b:c0:80:6d:5e:0a:
82:e3:ae:0c:fd:32:87:ee:cc:1a:97:da:b3:39:24:
29:7f:49:c4:9d:1e:a9:d4:43:6b:93:ac:24:2e:98:
50:11:c6:c6:4f:81:2a:a8:42:a3:59:b7:53:e4:a3:
4a:f9:f1:a6:22:7a:37:2d:5e:f1:8b:c4:46:65:a8:
66:b0:69:db:e7:c7:74:60:e8:45:0a:f1:4c:1a:ef:
34:f3:8f:01:a7:30:80:f3:90:bf:c9:56:5b:83:8a:
24:2c:93:c8:60:6f:34:5f:10:59:17:78:5c:e4:d2:
e7:cb:d5:59:53:b0:37:5b:87:65:de:db:f9:57:06:
c5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:11:1F:B0:63:97:2A:F1:5A:FA:9F:10:92:46:33:4F:B0:1E:22:E5
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6BEfsGOXKvFa-p8QkkYzT7AeIuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/20
188.253.96.0/19
193.36.84.0/23
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
8c:93:80:0d:cc:4b:0b:b6:e8:6b:f2:47:93:de:52:7d:a9:82:
9f:a4:3d:47:0f:cf:1d:84:b4:cd:d5:30:e5:01:9c:bb:6a:fc:
c9:53:95:09:01:3d:5c:92:bc:78:26:28:e8:54:cb:11:98:a1:
7b:3d:0b:99:6f:bf:71:94:76:5a:a6:7e:90:99:ad:31:cc:47:
d5:68:be:d3:78:c8:13:69:fe:72:6e:35:75:f1:cb:eb:91:58:
ce:7a:ba:e0:d9:74:38:98:b9:67:91:42:24:ab:a6:24:ee:2a:
b8:3c:b2:74:28:f7:2a:33:15:89:a6:d7:e1:b1:ea:e7:11:cf:
dd:3d:ae:a5:2c:44:51:c3:f1:23:0f:b2:56:70:ff:8e:aa:70:
18:27:87:56:6f:43:c7:a4:4f:4c:8c:31:0b:44:61:0d:1c:c0:
70:8d:4c:54:8e:00:36:8a:39:b3:c4:dd:e7:61:6f:b2:23:7c:
3c:02:9c:f0:68:fa:82:19:12:66:95:85:a8:c8:1e:48:a3:05:
fd:c3:1a:03:02:9a:40:01:26:6c:43:17:a0:c3:13:ff:48:a4:
cd:fe:c3:45:8d:30:42:25:ee:d4:9d:71:b4:35:41:68:00:c3:
5b:2d:b6:24:a8:61:c3:e2:ce:47:98:1e:f5:53:05:2c:cd:2f:
9b:4d:a1:36
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYNZS21ZDTmDXqOxKo6AiuvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjIwOTIwMDUwNzM4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODExMWZiMDYzOTcyYWYxNWFmYTlmMTA5MjQ2MzM0ZmIwMWUyMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6LIgsz+IOWoaIO5AyiIgWlbPyDs
JVSeT+nAVoKfjJJVKejg85ylgWaFPbEeJ+WHwiX93btf3rOVd5mutZt9+4mykUCX
Lb6n9+lc4QTyf9RbZxPXMZ0YK6o0gwsgeP3lBup+DQmcRsOgHKy0uIq2SQxSmtYA
4DGkONJQ4mgirzc7wIBtXgqC464M/TKH7swal9qzOSQpf0nEnR6p1ENrk6wkLphQ
EcbGT4EqqEKjWbdT5KNK+fGmIno3LV7xi8RGZahmsGnb58d0YOhFCvFMGu80848B
pzCA85C/yVZbg4okLJPIYG80XxBZF3hc5NLny9VZU7A3W4dl3tv5VwbFewIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOgRH7BjlyrxWvqfEJJGM0+wHiLlMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvNkJFZnNHT1hLdkZhLXA4UWtrWXpUN0FlSXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEBSLQAwQF
vP1gAwQBwSRUMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEBCwUAA4IBAQCMk4AN
zEsLtuhr8keT3lJ9qYKfpD1HD88dhLTN1TDlAZy7avzJU5UJAT1ckrx4JijoVMsR
mKF7PQuZb79xlHZapn6Qma0xzEfVaL7TeMgTaf5ybjV18cvrkVjOerrg2XQ4mLln
kUIkq6Yk7iq4PLJ0KPcqMxWJptfhsernEc/dPa6lLERRw/EjD7JWcP+OqnAYJ4dW
b0PHpE9MjDELRGENHMBwjUxUjgA2ijmzxN3nYW+yI3w8ApzwaPqCGRJmlYWoyB5I
owX9wxoDAppAASZsQxegwxP/SKTN/sNFjTBCJe7UnXG0NUFoAMNbLbYkqGHD4s5H
mB71UwUszS+bTaE2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:24 2023 by rpki-client on console-ams.rpki-client.org