Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/aL_w6GetAQd8CJoxz87-MRRnZ0c.roa
File: aL_w6GetAQd8CJoxz87-MRRnZ0c.roa (raw, json)
Hash identifier: P6PQQ82P+HV3dfvtP+03BXFGhYm3IlxaODjqI232Djg=
Subject key identifier: 68:BF:F0:E8:67:AD:01:07:7C:08:9A:31:CF:CE:FE:31:14:67:67:47
Certificate issuer: /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial: 34FCDBC8
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/aL_w6GetAQd8CJoxz87-MRRnZ0c.roa
Signing time: Sat 01 Jan 2022 05:57:45 +0000
ROA not before: Sat 01 Jan 2022 05:57:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25152
IP address blocks: 193.0.16.0/23 maxlen: 24
193.0.15.0/24 maxlen: 24
193.0.14.0/23 maxlen: 23
193.0.14.0/24 maxlen: 24
2001:7fd::/48 maxlen: 48
2001:7fd:16::/48 maxlen: 48
2001:7fd:17::/48 maxlen: 48
2001:7fd:15::/48 maxlen: 48
2001:7fd::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 888986568 (0x34fcdbc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Validity
Not Before: Jan 1 05:57:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68bff0e867ad01077c089a31cfcefe3114676747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e8:9f:3d:5f:f2:e9:05:fb:fd:a0:f4:2f:4b:
4c:af:b4:eb:50:b5:57:65:e4:83:4d:05:73:19:bb:
ac:39:d2:fa:73:9b:ef:6a:0a:1a:70:e5:ae:29:78:
9b:41:77:78:69:d9:41:cf:0c:e9:ab:d1:28:21:34:
70:26:73:ca:bb:a2:67:c6:ec:34:a0:6e:3a:43:37:
2f:2c:d3:7f:51:61:05:08:51:c5:94:7d:79:d6:ca:
23:3c:24:87:76:ce:b5:08:5d:81:54:62:99:9f:f8:
b7:1a:e7:84:27:c0:97:c1:47:30:7a:06:d2:4a:f2:
d5:6f:a1:73:99:f2:9a:d8:bb:d5:19:ce:c5:4b:ca:
14:11:e6:25:7f:dd:6a:59:bb:e1:34:3e:06:ec:08:
ce:07:36:71:f5:eb:47:17:b0:8c:4c:21:6a:4e:d7:
d5:d4:cc:8d:1f:df:94:d3:32:12:6c:55:c5:c9:87:
3d:ac:59:2b:b4:a6:cf:4b:59:72:5a:48:c7:6b:f6:
57:f7:83:40:27:64:86:d9:cc:06:35:a9:27:c5:18:
f7:b5:2d:06:6f:76:df:01:6f:ae:be:f2:b8:a9:00:
9c:67:4e:52:43:86:f6:e1:b6:4f:21:5f:32:b1:06:
84:20:32:fd:52:a6:95:5e:63:e1:fa:6a:b4:dd:26:
75:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BF:F0:E8:67:AD:01:07:7C:08:9A:31:CF:CE:FE:31:14:67:67:47
X509v3 Authority Key Identifier:
keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/aL_w6GetAQd8CJoxz87-MRRnZ0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.14.0-193.0.17.255
IPv6:
2001:7fd::/32
Signature Algorithm: sha256WithRSAEncryption
84:90:de:2f:cf:98:41:ca:e4:05:1c:82:a1:16:e0:70:06:9c:
2c:c6:94:98:e9:c9:be:36:f0:15:8f:59:6e:b0:f7:2f:9c:23:
62:9c:37:cf:42:e6:ae:4c:19:5f:f7:c4:c5:5a:00:4e:fd:7d:
fa:54:a0:bc:48:89:2c:25:ff:e2:70:87:b8:78:09:7b:7d:5b:
54:b3:9c:23:89:e1:cc:e6:d7:09:dc:bd:a3:b1:45:d4:85:9b:
d4:b9:d8:15:17:8b:97:11:61:a6:15:1e:ba:18:0f:3d:6b:10:
aa:2a:8d:4a:cf:c9:97:99:cd:48:dc:3c:70:9d:9e:cc:64:46:
13:62:9c:09:0c:b9:d1:e8:88:16:dc:2e:05:23:b8:e3:b6:c2:
7d:d6:cf:eb:e0:25:69:61:ae:5c:b4:58:be:41:37:1b:f3:45:
3a:1a:1d:0a:2c:20:6a:6f:2b:59:f4:22:4a:56:89:07:91:01:
84:db:9f:a0:90:80:ff:c6:50:8e:27:08:f6:70:58:34:c5:6c:
53:52:c7:e9:16:db:ce:63:39:75:5d:78:ad:95:bc:b7:f8:45:
4c:02:bd:fc:14:a9:d5:ba:57:43:36:23:ff:1e:67:f1:a4:0e:
74:6c:db:4a:f7:61:7b:62:3e:a8:2d:51:44:91:14:e7:22:e3:
63:e7:b1:71
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIENPzbyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODE3YWFmZWM2MWMzYTZiMDI0YjZhOWY1NGZmYjc2NGNhM2RmOTIyMB4XDTIyMDEw
MTA1NTc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhiZmYwZTg2N2Fk
MDEwNzdjMDg5YTMxY2ZjZWZlMzExNDY3Njc0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJfonz1f8ukF+/2g9C9LTK+061C1V2Xkg00Fcxm7rDnS+nOb
72oKGnDlril4m0F3eGnZQc8M6avRKCE0cCZzyruiZ8bsNKBuOkM3LyzTf1FhBQhR
xZR9edbKIzwkh3bOtQhdgVRimZ/4txrnhCfAl8FHMHoG0kry1W+hc5nymti71RnO
xUvKFBHmJX/dalm74TQ+BuwIzgc2cfXrRxewjEwhak7X1dTMjR/flNMyEmxVxcmH
PaxZK7Smz0tZclpIx2v2V/eDQCdkhtnMBjWpJ8UY97UtBm923wFvrr7yuKkAnGdO
UkOG9uG2TyFfMrEGhCAy/VKmlV5j4fpqtN0mdc8CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBRov/DoZ60BB3wImjHPzv4xFGdnRzAfBgNVHSMEGDAWgBSIF6r+xhw6awJL
ap9U/7dkyj35IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lCZXFfc1ljT21zQ1MycWZWUC0zWk1vOS1TSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvZmUyZDcyLWMyZGQtNDZjMS05NDI5LWU2NjM2OTY0OTQxMS8x
L2FMX3c2R2V0QVFkOENKb3h6ODctTVJSblowYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
ZmUyZDcyLWMyZGQtNDZjMS05NDI5LWU2NjM2OTY0OTQxMS8xL2lCZXFfc1ljT21z
Q1MycWZWUC0zWk1vOS1TSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwFAQCAAEwDjAMAwQBwQAOAwQBwQAQMA0EAgACMAcD
BQAgAQf9MA0GCSqGSIb3DQEBCwUAA4IBAQCEkN4vz5hByuQFHIKhFuBwBpwsxpSY
6cm+NvAVj1lusPcvnCNinDfPQuauTBlf98TFWgBO/X36VKC8SIksJf/icIe4eAl7
fVtUs5wjieHM5tcJ3L2jsUXUhZvUudgVF4uXEWGmFR66GA89axCqKo1Kz8mXmc1I
3DxwnZ7MZEYTYpwJDLnR6IgW3C4FI7jjtsJ91s/r4CVpYa5ctFi+QTcb80U6Gh0K
LCBqbytZ9CJKVokHkQGE25+gkID/xlCOJwj2cFg0xWxTUsfpFtvOYzl1XXitlby3
+EVMAr38FKnVuldDNiP/HmfxpA50bNtK92F7Yj6oLVFEkRTnIuNj57Fx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:59 2024 by rpki-client on console-ams.rpki-client.org