Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/pAKSqm74lPHe8-NunISjGrCswK4.roa
File: pAKSqm74lPHe8-NunISjGrCswK4.roa (raw, json)
Hash identifier: h7mnvAYFys9i/rYfwWnJLyZOAzFJo6mTTxyN49DqaXQ=
Subject key identifier: A4:02:92:AA:6E:F8:94:F1:DE:F3:E3:6E:9C:84:A3:1A:B0:AC:C0:AE
Certificate issuer: /CN=6c0946c081b32be848cb00d8d932e8c1f7179668
Certificate serial: 0896AB08
Authority key identifier: 6C:09:46:C0:81:B3:2B:E8:48:CB:00:D8:D9:32:E8:C1:F7:17:96:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAlGwIGzK-hIywDY2TLowfcXlmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/pAKSqm74lPHe8-NunISjGrCswK4.roa
Signing time: Sat 01 Jan 2022 08:04:02 +0000
ROA not before: Sat 01 Jan 2022 08:04:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200318
IP address blocks: 194.169.60.0/22 maxlen: 22
2a0d:d40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144091912 (0x896ab08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c0946c081b32be848cb00d8d932e8c1f7179668
Validity
Not Before: Jan 1 08:04:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a40292aa6ef894f1def3e36e9c84a31ab0acc0ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:36:d1:ae:43:8a:a4:c1:27:1d:25:85:c2:e0:
d1:3d:4e:53:44:43:17:b5:8f:3b:a1:08:84:75:77:
cd:32:ca:bf:09:9d:2c:d5:ae:d3:ca:d1:d0:8d:24:
9b:e5:9c:b2:19:38:0a:2e:e0:17:7e:ad:cc:0e:16:
ca:56:bf:87:f8:f6:c1:10:2f:0a:c1:54:1b:20:63:
8b:d1:9a:2f:2b:02:22:36:ba:cc:dc:d8:10:9a:b3:
ac:1c:4a:26:0c:98:04:e8:52:d4:a1:58:81:8f:18:
11:5e:6e:a6:f9:fe:ba:c8:1b:2f:11:24:f7:94:c9:
bc:22:49:d1:4c:94:67:75:e4:e9:3b:0c:8e:cb:cf:
5d:d2:ee:1e:3d:a2:bb:54:c6:7d:ee:48:8f:df:40:
fb:e2:de:94:65:0e:07:33:00:37:cd:d5:4d:bd:c4:
21:a0:e7:42:c5:56:5d:09:80:2b:0a:24:0f:89:87:
3a:f7:64:30:a8:35:2a:7b:6a:b4:83:b1:64:e2:fb:
ff:41:fe:a9:b6:fc:ae:c4:12:4f:91:c6:ca:96:be:
f0:a0:f0:44:72:5c:1c:ca:de:44:b4:09:1e:e0:b6:
dc:93:76:f1:54:63:24:54:ce:6f:25:01:e7:dc:bd:
ca:14:79:d8:ea:57:3d:fa:53:96:e5:15:10:e5:5b:
7d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:02:92:AA:6E:F8:94:F1:DE:F3:E3:6E:9C:84:A3:1A:B0:AC:C0:AE
X509v3 Authority Key Identifier:
keyid:6C:09:46:C0:81:B3:2B:E8:48:CB:00:D8:D9:32:E8:C1:F7:17:96:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAlGwIGzK-hIywDY2TLowfcXlmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/pAKSqm74lPHe8-NunISjGrCswK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.60.0/22
IPv6:
2a0d:d40::/32
Signature Algorithm: sha256WithRSAEncryption
ae:28:9d:8d:d8:c2:09:5b:33:09:79:30:0b:fa:78:de:ce:c6:
d6:a2:33:b8:94:67:07:2e:d9:76:85:c7:04:b8:bf:db:6b:35:
ff:38:6c:79:cc:fe:a1:0e:b3:91:e0:f8:a5:af:f6:25:26:44:
05:74:ee:6c:a2:53:ab:16:c0:a0:58:84:64:b0:29:f1:96:8c:
14:d6:0a:62:38:fa:de:a5:a7:dd:4f:d6:82:28:89:47:f5:0b:
83:a7:48:e4:44:c7:c5:1e:55:cc:f2:fd:e1:a4:28:00:f0:c8:
cf:f3:80:cb:fc:4a:53:bf:10:ae:53:2c:bf:d4:c7:e6:fd:67:
18:79:96:59:02:0c:9e:c5:9e:81:74:40:ba:7b:bf:25:14:cc:
f6:3e:cd:ea:53:2e:ec:3b:78:12:1a:c7:42:c0:03:37:7c:e7:
a0:9f:06:1d:6e:9d:b4:46:56:d6:ed:4f:9a:01:94:d1:9a:0a:
94:bc:0d:61:83:25:5b:b7:78:ce:74:24:a9:b9:29:fb:74:ea:
20:7e:47:3f:88:7c:24:28:bb:1b:c1:40:41:ca:e3:ea:bf:75:
aa:a2:04:4c:3b:d6:11:18:89:4a:01:0e:fa:ea:da:c0:58:ca:
a5:54:9b:1e:d1:93:86:a6:05:ec:d4:84:2c:dd:1d:cf:61:d3:
d0:df:51:43
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECJarCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzA5NDZjMDgxYjMyYmU4NDhjYjAwZDhkOTMyZThjMWY3MTc5NjY4MB4XDTIyMDEw
MTA4MDQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQwMjkyYWE2ZWY4
OTRmMWRlZjNlMzZlOWM4NGEzMWFiMGFjYzBhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMs20a5DiqTBJx0lhcLg0T1OU0RDF7WPO6EIhHV3zTLKvwmd
LNWu08rR0I0km+Wcshk4Ci7gF36tzA4Wyla/h/j2wRAvCsFUGyBji9GaLysCIja6
zNzYEJqzrBxKJgyYBOhS1KFYgY8YEV5upvn+usgbLxEk95TJvCJJ0UyUZ3Xk6TsM
jsvPXdLuHj2iu1TGfe5Ij99A++LelGUOBzMAN83VTb3EIaDnQsVWXQmAKwokD4mH
OvdkMKg1KntqtIOxZOL7/0H+qbb8rsQST5HGypa+8KDwRHJcHMreRLQJHuC23JN2
8VRjJFTObyUB59y9yhR52OpXPfpTluUVEOVbfYkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSkApKqbviU8d7z426chKMasKzArjAfBgNVHSMEGDAWgBRsCUbAgbMr6EjL
ANjZMujB9xeWaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JBbEd3SUd6Sy1oSXl3RFkyVExvd2ZjWGxtZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvYzhkYzExLTkwZWYtNDg3ZS1hMDczLWRmMmJiYzlkMDQ3My8x
L3BBS1NxbTc0bFBIZTgtTnVuSVNqR3JDc3dLNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
YzhkYzExLTkwZWYtNDg3ZS1hMDczLWRmMmJiYzlkMDQ3My8xL2JBbEd3SUd6Sy1o
SXl3RFkyVExvd2ZjWGxtZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAsKpPDANBAIAAjAHAwUAKg0NQDAN
BgkqhkiG9w0BAQsFAAOCAQEAriidjdjCCVszCXkwC/p43s7G1qIzuJRnBy7ZdoXH
BLi/22s1/zhsecz+oQ6zkeD4pa/2JSZEBXTubKJTqxbAoFiEZLAp8ZaMFNYKYjj6
3qWn3U/WgiiJR/ULg6dI5ETHxR5VzPL94aQoAPDIz/OAy/xKU78QrlMsv9TH5v1n
GHmWWQIMnsWegXRAunu/JRTM9j7N6lMu7Dt4EhrHQsADN3znoJ8GHW6dtEZW1u1P
mgGU0ZoKlLwNYYMlW7d4znQkqbkp+3TqIH5HP4h8JCi7G8FAQcrj6r91qqIETDvW
ERiJSgEO+urawFjKpVSbHtGThqYF7NSELN0dz2HT0N9RQw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:07 2025 by rpki-client