Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/D-iqATGx2EA1sUV9akn9NwTzhng.roa
File: D-iqATGx2EA1sUV9akn9NwTzhng.roa (raw, json)
Hash identifier: iCZ4pL5k4Rvkcb+hXU3Gpr7vRIEXpiUuk2fh03c+Sok=
Subject key identifier: 0F:E8:AA:01:31:B1:D8:40:35:B1:45:7D:6A:49:FD:37:04:F3:86:78
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 3767B99A
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/D-iqATGx2EA1sUV9akn9NwTzhng.roa
Signing time: Sat 01 Jan 2022 13:00:14 +0000
ROA not before: Sat 01 Jan 2022 13:00:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61976
IP address blocks: 79.141.65.0/24 maxlen: 24
79.141.66.0/24 maxlen: 24
79.141.64.0/20 maxlen: 20
79.141.64.0/24 maxlen: 24
2a00:ab00:6000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 929544602 (0x3767b99a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Jan 1 13:00:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fe8aa0131b1d84035b1457d6a49fd3704f38678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:86:61:5b:8a:ff:a1:70:11:5c:a3:d1:16:59:
9d:1e:1f:7e:59:8c:7a:9b:e1:59:22:94:f9:cf:1d:
5a:6d:e8:c0:84:78:84:ea:8c:6f:d9:63:1c:5f:21:
51:4b:aa:cd:20:e7:d3:20:51:af:2b:43:e9:0d:91:
a6:e2:44:95:03:4a:4f:29:81:65:43:3a:c1:c4:f3:
f2:06:1e:be:6e:dd:f5:92:3c:a0:be:c4:e0:21:04:
08:39:14:98:c2:5d:64:c3:f2:59:aa:46:56:ea:70:
32:85:c6:60:26:84:c7:52:5d:1c:46:52:6a:5f:93:
9f:11:2f:fe:f5:eb:1e:3d:f5:1f:6b:c7:55:39:3c:
88:8b:28:16:31:49:ca:c1:ba:3d:95:39:42:f5:0c:
19:3e:85:70:45:6a:25:88:0b:eb:c0:10:ca:7d:65:
41:ae:ab:e9:14:22:cd:54:2d:eb:eb:52:bd:9b:85:
30:10:21:53:b5:17:d3:e0:e3:8c:74:1f:24:a0:fc:
82:f9:5c:bc:f2:1a:d9:21:9c:0f:61:cb:bd:96:5e:
0f:c9:eb:bd:be:10:92:26:64:6c:09:88:81:32:15:
7b:31:3b:fe:5b:d9:34:6a:89:2c:c7:92:52:3b:6c:
01:05:1d:55:d2:61:f3:1e:51:f6:7c:d1:da:68:65:
54:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:E8:AA:01:31:B1:D8:40:35:B1:45:7D:6A:49:FD:37:04:F3:86:78
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/D-iqATGx2EA1sUV9akn9NwTzhng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.64.0/20
IPv6:
2a00:ab00:6000::/36
Signature Algorithm: sha256WithRSAEncryption
1a:7b:4f:f6:ce:aa:e5:ef:d6:78:09:f3:e0:cd:3b:c6:ad:41:
b6:c7:ab:84:c6:18:f9:b4:7b:c5:db:17:70:f8:f0:4e:e6:23:
7d:13:bd:2c:75:73:7f:86:27:3d:58:87:d8:ae:37:a4:26:64:
fb:2d:9a:0f:68:7c:8a:20:fc:0f:ca:07:46:3e:b0:8e:41:06:
43:02:48:20:7e:2d:12:b7:e3:e5:05:d2:7f:1c:9e:71:b1:81:
5d:8d:5c:d5:88:7d:7e:9d:5d:cb:62:7f:69:d0:a5:f6:0b:33:
d0:bb:32:8d:b6:61:88:65:66:77:2c:7e:64:1d:ac:bc:ca:b4:
b0:11:f4:aa:84:8b:ec:cc:a2:61:af:15:73:77:93:26:8b:84:
84:f3:cb:55:94:d9:3a:a4:5d:5b:fc:2d:25:80:29:6d:62:8c:
3b:09:04:e7:1b:a0:08:62:cb:0d:d8:f9:f6:04:d6:cc:26:78:
50:c3:ba:2c:75:4a:a2:04:c8:3e:3e:2e:60:e4:82:0f:e6:fc:
4d:32:ab:e0:8e:1a:ae:78:f8:54:4d:01:1a:0e:b4:4d:eb:9c:
46:03:fa:8c:38:e0:09:b7:c9:be:e9:78:48:8d:4b:a6:c2:62:
7a:fc:eb:5a:4c:be:5b:f9:f6:2a:a2:1e:12:7c:e9:dc:d4:93:
bb:54:77:cc
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEN2e5mjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWI2OWI1OWQxOWYyOTg3ZTQ5ZjE4NTJkNjBiYjE3NzdmODBhMzAxMB4XDTIyMDEw
MTEzMDAxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZlOGFhMDEzMWIx
ZDg0MDM1YjE0NTdkNmE0OWZkMzcwNGYzODY3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCGYVuK/6FwEVyj0RZZnR4fflmMepvhWSKU+c8dWm3owIR4
hOqMb9ljHF8hUUuqzSDn0yBRrytD6Q2RpuJElQNKTymBZUM6wcTz8gYevm7d9ZI8
oL7E4CEECDkUmMJdZMPyWapGVupwMoXGYCaEx1JdHEZSal+TnxEv/vXrHj31H2vH
VTk8iIsoFjFJysG6PZU5QvUMGT6FcEVqJYgL68AQyn1lQa6r6RQizVQt6+tSvZuF
MBAhU7UX0+DjjHQfJKD8gvlcvPIa2SGcD2HLvZZeD8nrvb4QkiZkbAmIgTIVezE7
/lvZNGqJLMeSUjtsAQUdVdJh8x5R9nzR2mhlVLECAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBQP6KoBMbHYQDWxRX1qSf03BPOGeDAfBgNVHSMEGDAWgBQRtptZ0Z8ph+Sf
GFLWC7F3f4CjATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ViYWJXZEdmS1lma254aFMxZ3V4ZDMtQW93RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNWVkZjdhLWFiOWEtNDVlNy1hNjEyLWQxNjljMDg4YjQxMi8x
L0QtaXFBVEd4MkVBMXNVVjlha245TndUemhuZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NWVkZjdhLWFiOWEtNDVlNy1hNjEyLWQxNjljMDg4YjQxMi8xL0ViYWJXZEdmS1lm
a254aFMxZ3V4ZDMtQW93RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEBE+NQDAOBAIAAjAIAwYEKgCrAGAw
DQYJKoZIhvcNAQELBQADggEBABp7T/bOquXv1ngJ8+DNO8atQbbHq4TGGPm0e8Xb
F3D48E7mI30TvSx1c3+GJz1Yh9iuN6QmZPstmg9ofIog/A/KB0Y+sI5BBkMCSCB+
LRK34+UF0n8cnnGxgV2NXNWIfX6dXctif2nQpfYLM9C7Mo22YYhlZncsfmQdrLzK
tLAR9KqEi+zMomGvFXN3kyaLhITzy1WU2TqkXVv8LSWAKW1ijDsJBOcboAhiyw3Y
+fYE1swmeFDDuix1SqIEyD4+LmDkgg/m/E0yq+COGq54+FRNARoOtE3rnEYD+ow4
4Am3yb7peEiNS6bCYnr861pMvlv59iqiHhJ86dzUk7tUd8w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:18 2024 by rpki-client on console-ams.rpki-client.org