Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/aoAF46gfO1FtxxH8AF1geXQwTss.roa
File: aoAF46gfO1FtxxH8AF1geXQwTss.roa (raw, json)
Hash identifier: BuTS97S/zcp47thcHkAr1k9D2+ejLz48mLuIDuo3kwo=
Subject key identifier: 6A:80:05:E3:A8:1F:3B:51:6D:C7:11:FC:00:5D:60:79:74:30:4E:CB
Certificate issuer: /CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Certificate serial: 01850312C6FE8AA0BD3C4637AA504B93FD31
Authority key identifier: D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/aoAF46gfO1FtxxH8AF1geXQwTss.roa
Signing time: Sun 11 Dec 2022 21:24:00 +0000
ROA not before: Sun 11 Dec 2022 21:24:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5608
IP address blocks: 193.16.32.0/22 maxlen: 22
2a00:9b40:100::/40 maxlen: 40
2a00:9b40:200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:03:12:c6:fe:8a:a0:bd:3c:46:37:aa:50:4b:93:fd:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Validity
Not Before: Dec 11 21:24:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a8005e3a81f3b516dc711fc005d607974304ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a6:a4:49:2e:da:80:fd:7c:5f:d7:b8:c8:36:
9a:a4:0b:89:80:cd:00:ee:55:47:90:57:68:5a:b9:
37:f0:97:82:80:50:74:ba:de:8c:87:82:71:ea:d0:
50:fd:13:6e:dd:22:eb:88:a2:8b:2f:f3:51:81:55:
9b:36:92:39:09:0e:1e:3e:2f:84:3e:88:5b:e4:0a:
51:88:80:e7:05:8f:3b:04:04:20:12:c4:4b:d2:ef:
86:5d:02:47:fa:63:b3:8f:a4:f5:37:ee:a0:d9:86:
e6:6e:dd:b4:81:c9:ff:74:ab:04:c2:13:38:0f:a8:
7e:f7:49:9a:5c:bc:bd:45:f0:f9:5a:5e:06:20:e4:
0e:fa:8c:fa:9e:d2:2e:ab:3d:9d:22:a9:59:c7:47:
24:5d:ba:ff:2c:a5:34:65:62:97:64:8f:fb:99:46:
92:a2:94:ae:73:8c:32:a9:d3:06:9a:e1:83:46:38:
01:57:15:0a:4d:cb:f5:3a:03:95:9b:cc:e7:c5:00:
4f:b5:bf:2b:9e:8e:82:0e:1f:00:d6:e0:1f:ae:25:
30:09:ec:13:6c:d0:b2:2d:9d:db:5e:d6:36:f5:1f:
82:5a:46:a7:f7:93:91:fb:28:51:e8:93:ce:e5:b9:
99:6f:4f:9f:33:7e:03:9a:01:dc:7e:a9:4c:45:cf:
6d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:80:05:E3:A8:1F:3B:51:6D:C7:11:FC:00:5D:60:79:74:30:4E:CB
X509v3 Authority Key Identifier:
keyid:D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/aoAF46gfO1FtxxH8AF1geXQwTss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.32.0/22
IPv6:
2a00:9b40:100::-2a00:9b40:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a4:67:74:9b:ea:67:e4:d4:63:7b:e4:20:41:b7:ae:dc:2a:c1:
43:ab:cb:fd:13:6a:af:b6:a2:01:0f:99:5f:c6:69:94:2f:fa:
62:30:ba:e1:4d:ad:28:59:41:28:cb:86:72:8a:e6:0c:89:e6:
20:ae:15:e7:10:2e:c9:7f:88:a1:3e:a2:17:3d:c2:af:4f:55:
4c:81:84:b0:fa:3a:36:45:b2:b8:65:25:45:25:56:cd:71:75:
d2:78:dd:40:47:bf:12:4d:7c:d0:72:32:57:97:61:80:d7:e6:
c1:d1:0b:b6:1b:fb:45:12:f7:2c:5a:16:d0:36:63:b8:f6:87:
77:07:46:a3:d4:b8:9c:e0:69:ca:73:90:d5:14:ba:f6:02:b1:
60:cb:79:d5:c6:3d:5e:50:18:40:0f:9b:33:95:8c:1d:9e:6c:
1a:08:16:c8:e0:6b:67:06:d1:63:0c:7b:11:5f:bc:02:ce:3b:
f8:43:c5:07:5e:43:d0:a3:47:cd:60:1b:03:88:2b:75:99:95:
09:68:d2:fd:65:67:52:d2:7a:af:01:f7:03:eb:96:fe:48:bc:
32:23:ea:b2:57:e7:10:f7:4f:40:4f:88:ac:ea:68:57:13:ce:
85:fc:95:ff:63:bd:89:7d:6d:f3:0f:32:87:e9:30:d7:7d:41:
f2:f8:e9:ab
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYUDEsb+iqC9PEY3qlBLk/0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTU2ZTJkNjNhYzVkYTliZWQzNWRhMDFjYmZhZDIyNWYw
NGJlYjAwHhcNMjIxMjExMjEyNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTgwMDVlM2E4MWYzYjUxNmRjNzExZmMwMDVkNjA3OTc0MzA0ZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKakSS7agP18X9e4yDaapAuJgM0A
7lVHkFdoWrk38JeCgFB0ut6Mh4Jx6tBQ/RNu3SLriKKLL/NRgVWbNpI5CQ4ePi+E
Pohb5ApRiIDnBY87BAQgEsRL0u+GXQJH+mOzj6T1N+6g2Ybmbt20gcn/dKsEwhM4
D6h+90maXLy9RfD5Wl4GIOQO+oz6ntIuqz2dIqlZx0ckXbr/LKU0ZWKXZI/7mUaS
opSuc4wyqdMGmuGDRjgBVxUKTcv1OgOVm8znxQBPtb8rno6CDh8A1uAfriUwCewT
bNCyLZ3bXtY29R+CWkan95OR+yhR6JPO5bmZb0+fM34DmgHcfqlMRc9tYwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGqABeOoHztRbccR/ABdYHl0ME7LMB8GA1UdIwQY
MBaAFNilbi1jrF2pvtNdoBy/rSJfBL6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4Njct
ZThkNDdiYmEyNWJmLzEvYW9BRjQ2Z2ZPMUZ0eHhIOEFGMWdlWFF3VHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4NjctZThkNDdiYmEyNWJm
LzEvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCwRAgMBgE
AgACMBIwEAMGACoAm0ABAwYAKgCbQAIwDQYJKoZIhvcNAQELBQADggEBAKRndJvq
Z+TUY3vkIEG3rtwqwUOry/0Taq+2ogEPmV/GaZQv+mIwuuFNrShZQSjLhnKK5gyJ
5iCuFecQLsl/iKE+ohc9wq9PVUyBhLD6OjZFsrhlJUUlVs1xddJ43UBHvxJNfNBy
MleXYYDX5sHRC7Yb+0US9yxaFtA2Y7j2h3cHRqPUuJzgacpzkNUUuvYCsWDLedXG
PV5QGEAPmzOVjB2ebBoIFsjga2cG0WMMexFfvALOO/hDxQdeQ9CjR81gGwOIK3WZ
lQlo0v1lZ1LSeq8B9wPrlv5IvDIj6rJX5xD3T0BPiKzqaFcTzoX8lf9jvYl9bfMP
MofpMNd9QfL46as=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:03 2025 by rpki-client