Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/us8vkJ9ARpXDZ0Z20EWuW_wM-t8.roa
File: us8vkJ9ARpXDZ0Z20EWuW_wM-t8.roa (raw, json)
Hash identifier: AV6Y9byc6RxDIQyElbXV1nnlsEdZOXMS7tNjAu7FeUo=
Subject key identifier: BA:CF:2F:90:9F:40:46:95:C3:67:46:76:D0:45:AE:5B:FC:0C:FA:DF
Certificate issuer: /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial: 01852A1A0976FE7FF32D986ECABB975C5D1A
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/us8vkJ9ARpXDZ0Z20EWuW_wM-t8.roa
Signing time: Mon 19 Dec 2022 11:17:07 +0000
ROA not before: Mon 19 Dec 2022 11:17:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3333
IP address blocks: 193.0.0.0/21 maxlen: 21
193.0.10.0/23 maxlen: 23
193.0.12.0/23 maxlen: 23
193.0.20.0/23 maxlen: 23
193.0.18.0/23 maxlen: 23
193.0.22.0/23 maxlen: 23
2a13:27c0::/29 maxlen: 48
2a13:27c0:10::/44 maxlen: 44
2001:67c:2e8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:1a:09:76:fe:7f:f3:2d:98:6e:ca:bb:97:5c:5d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Validity
Not Before: Dec 19 11:17:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bacf2f909f404695c3674676d045ae5bfc0cfadf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:31:2f:0b:d0:68:e6:67:7f:7d:85:ba:de:a2:
dc:31:5f:ba:7a:e2:d0:77:b3:cf:ef:69:b5:01:4d:
46:96:ae:d4:d8:68:bc:77:09:65:b4:3a:2c:cb:a6:
c4:3e:e5:73:89:98:b2:f8:91:0d:54:14:e7:c9:4f:
7e:7a:a3:70:29:ad:97:96:4b:78:c1:32:f4:6d:b6:
09:b8:81:d0:9b:0a:8e:55:21:46:38:e8:59:b4:7a:
57:40:bf:f1:15:ff:03:60:39:fe:e7:7e:6d:76:15:
69:58:04:a5:39:9c:28:b2:6c:ce:d5:6f:e3:0f:ef:
f3:01:42:3c:c6:7b:3b:35:24:ff:a9:76:d8:92:c1:
d8:4d:8a:7d:05:ae:a3:ab:bb:d0:b2:21:85:ed:ef:
29:0a:cd:0e:8f:97:b2:9f:ff:af:11:c7:72:d6:d8:
5a:29:78:7b:e8:e9:94:51:ec:37:d0:65:89:33:a6:
8f:93:e1:9e:9a:a2:2d:60:2c:56:53:9d:df:f5:67:
af:35:8f:d4:0c:d9:4a:5c:58:0c:e6:30:b1:8e:b5:
14:99:5c:71:33:2b:30:43:6f:be:5c:4d:2c:e8:df:
bc:dc:37:dd:53:e7:8f:45:80:dc:2d:87:3b:c1:c9:
dc:69:87:eb:20:ad:b8:11:8c:b3:c0:8c:10:54:b4:
6e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CF:2F:90:9F:40:46:95:C3:67:46:76:D0:45:AE:5B:FC:0C:FA:DF
X509v3 Authority Key Identifier:
keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/us8vkJ9ARpXDZ0Z20EWuW_wM-t8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.0.0/21
193.0.10.0-193.0.13.255
193.0.18.0-193.0.23.255
IPv6:
2001:67c:2e8::/48
2a13:27c0::/29
Signature Algorithm: sha256WithRSAEncryption
08:41:bb:78:eb:6c:02:b4:14:aa:ca:a2:94:7e:27:f7:9d:ab:
d8:01:c0:f5:6a:ad:a7:56:16:0a:f7:b4:22:2e:2e:84:c8:e0:
d4:8f:29:cd:c1:04:ee:20:fd:be:22:e1:2b:4f:8e:07:4c:d5:
a2:63:c5:02:d1:2f:ed:ba:9a:39:05:31:71:57:17:7c:21:70:
a8:c2:fd:13:db:b7:b7:02:be:b6:da:69:ff:87:ca:4c:42:4a:
5a:24:35:a5:24:73:41:af:6d:c2:b2:33:fe:70:38:90:54:b1:
56:67:d6:75:97:a7:d4:40:00:67:80:37:6e:a1:d1:89:bd:cb:
16:57:c2:a6:54:5e:f7:3d:e3:d2:33:35:f9:d0:44:25:c9:b3:
25:2e:a6:e6:50:09:c9:e8:2c:4e:0e:06:67:6a:3f:ee:b1:30:
23:bd:91:48:83:3c:6c:d1:ae:aa:f9:42:2f:57:76:0b:5b:5d:
4c:a1:79:68:39:85:ba:63:8d:a5:04:d6:6f:f0:9a:d7:29:8f:
7d:36:0d:68:97:4c:3c:b9:ba:04:bf:97:a1:5c:ff:51:90:c2:
f3:6f:b1:a1:d2:f0:ca:02:b4:d2:8b:ee:eb:09:14:02:8a:cd:
6d:7c:c7:d0:f5:1b:09:97:fe:45:9e:7b:79:83:da:d9:07:ad:
df:bb:07:79
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYUqGgl2/n/zLZhuyruXXF0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTdhYWZlYzYxYzNhNmIwMjRiNmE5ZjU0ZmZiNzY0Y2Ez
ZGY5MjIwHhcNMjIxMjE5MTExNzA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWNmMmY5MDlmNDA0Njk1YzM2NzQ2NzZkMDQ1YWU1YmZjMGNmYWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzEvC9Bo5md/fYW63qLcMV+6euLQ
d7PP72m1AU1Glq7U2Gi8dwlltDosy6bEPuVziZiy+JENVBTnyU9+eqNwKa2Xlkt4
wTL0bbYJuIHQmwqOVSFGOOhZtHpXQL/xFf8DYDn+535tdhVpWASlOZwosmzO1W/j
D+/zAUI8xns7NST/qXbYksHYTYp9Ba6jq7vQsiGF7e8pCs0Oj5eyn/+vEcdy1tha
KXh76OmUUew30GWJM6aPk+GemqItYCxWU53f9WevNY/UDNlKXFgM5jCxjrUUmVxx
MyswQ2++XE0s6N+83DfdU+ePRYDcLYc7wcncaYfrIK24EYyzwIwQVLRuvwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFLrPL5CfQEaVw2dGdtBFrlv8DPrfMB8GA1UdIwQY
MBaAFIgXqv7GHDprAktqn1T/t2TKPfkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0Mjkt
ZTY2MzY5NjQ5NDExLzEvdXM4dmtKOUFScFhEWjBaMjBFV3VXX3dNLXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0MjktZTY2MzY5NjQ5NDEx
LzEvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAoBAIAATAiAwQDwQAAMAwD
BAHBAAoDBAHBAAwwDAMEAcEAEgMEA8EAEDAWBAIAAjAQAwcAIAEGfALoAwUDKhMn
wDANBgkqhkiG9w0BAQsFAAOCAQEACEG7eOtsArQUqsqilH4n952r2AHA9Wqtp1YW
Cve0Ii4uhMjg1I8pzcEE7iD9viLhK0+OB0zVomPFAtEv7bqaOQUxcVcXfCFwqML9
E9u3twK+ttpp/4fKTEJKWiQ1pSRzQa9twrIz/nA4kFSxVmfWdZen1EAAZ4A3bqHR
ib3LFlfCplRe9z3j0jM1+dBEJcmzJS6m5lAJyegsTg4GZ2o/7rEwI72RSIM8bNGu
qvlCL1d2C1tdTKF5aDmFumONpQTWb/Ca1ymPfTYNaJdMPLm6BL+XoVz/UZDC82+x
odLwygK00ovu6wkUAorNbXzH0PUbCZf+RZ57eYPa2Qet37sHeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:02 2024 by rpki-client on console-fra.rpki-client.org