Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/R-aLTTuqXfi87iq2MvPqlIetBLk.roa
File: R-aLTTuqXfi87iq2MvPqlIetBLk.roa (raw, json)
Hash identifier: t5VwbJLp6zwJEzXecI80zcxDsMwUXl48oiD8QwsxytA=
Subject key identifier: 47:E6:8B:4D:3B:AA:5D:F8:BC:EE:2A:B6:32:F3:EA:94:87:AD:04:B9
Certificate issuer: /CN=330e640f9d63ba943a97b3dc10d4c6844a5d3dc1
Certificate serial: 09E11887
Authority key identifier: 33:0E:64:0F:9D:63:BA:94:3A:97:B3:DC:10:D4:C6:84:4A:5D:3D:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mw5kD51jupQ6l7PcENTGhEpdPcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/R-aLTTuqXfi87iq2MvPqlIetBLk.roa
Signing time: Tue 10 May 2022 17:42:03 +0000
ROA not before: Tue 10 May 2022 17:42:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210278
IP address blocks: 101.60.0.0/14 maxlen: 14
101.56.192.0/18 maxlen: 18
101.56.128.0/18 maxlen: 18
101.59.0.0/16 maxlen: 16
101.56.0.0/13 maxlen: 13
195.162.92.0/22 maxlen: 22
101.56.64.0/18 maxlen: 18
101.58.0.0/16 maxlen: 16
101.56.0.0/18 maxlen: 18
101.62.194.0/23 maxlen: 23
101.62.196.0/23 maxlen: 23
101.57.0.0/16 maxlen: 16
2a0e:400::/25 maxlen: 25
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165746823 (0x9e11887)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=330e640f9d63ba943a97b3dc10d4c6844a5d3dc1
Validity
Not Before: May 10 17:42:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47e68b4d3baa5df8bcee2ab632f3ea9487ad04b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:42:98:6b:11:8e:4d:ea:0f:70:27:02:19:e4:
12:15:b6:81:a7:99:d7:38:2e:78:84:f4:59:96:dd:
09:75:2b:a8:5e:71:d4:1c:23:54:22:77:5a:68:ff:
8c:db:8b:f6:bb:f4:e3:71:fb:08:07:87:01:0b:5a:
23:51:2f:54:ef:62:b5:2d:d5:27:ac:ae:b1:27:14:
77:6d:f8:25:26:8d:3b:4c:f8:ae:ab:dd:71:d1:ef:
72:ed:79:f0:71:b1:22:45:fb:a1:2f:89:71:81:31:
40:79:60:13:43:27:5f:86:d8:78:17:bf:73:e7:0d:
4d:1e:a1:85:1a:cc:04:7b:44:13:ea:40:c0:a3:e5:
d3:79:d3:b0:e6:f1:2b:e9:41:9e:27:98:a6:44:35:
d9:c0:d4:e2:54:18:e0:22:a2:c0:92:aa:e4:34:a1:
0a:a7:5c:df:91:e3:d0:e3:ec:60:50:1f:ab:a9:ab:
bb:25:76:89:df:3d:b7:43:44:c0:3f:93:f0:62:0b:
62:e2:56:2e:ea:3b:40:17:07:68:4f:00:7f:4a:1d:
e7:f7:e6:0d:85:50:40:e1:71:f0:10:ab:ae:22:f7:
d2:03:99:ea:77:cf:26:4e:3d:ac:2f:71:e0:c2:69:
23:0a:5f:ec:2b:c5:29:39:33:21:8c:5a:0e:a9:e8:
28:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E6:8B:4D:3B:AA:5D:F8:BC:EE:2A:B6:32:F3:EA:94:87:AD:04:B9
X509v3 Authority Key Identifier:
keyid:33:0E:64:0F:9D:63:BA:94:3A:97:B3:DC:10:D4:C6:84:4A:5D:3D:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mw5kD51jupQ6l7PcENTGhEpdPcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/R-aLTTuqXfi87iq2MvPqlIetBLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/Mw5kD51jupQ6l7PcENTGhEpdPcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
101.56.0.0/13
195.162.92.0/22
IPv6:
2a0e:400::/25
Signature Algorithm: sha256WithRSAEncryption
23:08:dd:11:e8:ff:01:d7:f7:3a:e1:de:fc:b9:54:40:2f:de:
3b:d1:6a:b7:a8:5a:23:33:b7:e3:91:4e:1e:51:73:94:d0:14:
69:a9:f1:a7:c3:3f:c7:eb:bc:32:02:be:95:63:d8:83:ca:04:
f4:9e:39:d0:b7:49:0d:c1:1d:6a:d3:ef:00:df:68:99:30:f8:
9a:e9:2a:4b:2e:4b:1a:a6:59:61:77:95:63:f6:4c:7d:72:56:
04:7a:d5:22:df:f6:d8:7f:4d:cb:0a:3a:46:f0:a7:81:d8:ee:
96:32:0d:62:34:00:2a:9b:8b:3e:c4:26:07:94:0e:6a:9e:b1:
95:bc:5d:0d:b7:82:68:84:e3:4d:33:87:af:79:71:d1:26:be:
41:2e:b0:70:3e:26:d2:a9:fd:d6:af:8f:da:af:be:b7:8e:4b:
03:04:f3:83:d2:58:03:1a:85:70:ce:ac:17:51:8c:e9:8c:9a:
07:9f:cd:a2:56:21:04:7a:b4:65:3c:8b:17:93:fd:b1:01:ef:
80:e2:52:01:87:ef:0c:2a:cc:d3:76:74:d3:40:e0:1f:0f:ff:
93:95:95:fc:9b:8c:d4:af:ed:f4:b1:b0:16:50:ff:7b:20:73:
b4:3e:42:62:e3:af:ec:98:e2:6a:6e:2b:44:11:11:7d:a1:a5:
66:58:97:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECeEYhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MzBlNjQwZjlkNjNiYTk0M2E5N2IzZGMxMGQ0YzY4NDRhNWQzZGMxMB4XDTIyMDUx
MDE3NDIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdlNjhiNGQzYmFh
NWRmOGJjZWUyYWI2MzJmM2VhOTQ4N2FkMDRiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANJCmGsRjk3qD3AnAhnkEhW2gaeZ1zgueIT0WZbdCXUrqF5x
1BwjVCJ3Wmj/jNuL9rv043H7CAeHAQtaI1EvVO9itS3VJ6yusScUd234JSaNO0z4
rqvdcdHvcu158HGxIkX7oS+JcYExQHlgE0MnX4bYeBe/c+cNTR6hhRrMBHtEE+pA
wKPl03nTsObxK+lBnieYpkQ12cDU4lQY4CKiwJKq5DShCqdc35Hj0OPsYFAfq6mr
uyV2id89t0NEwD+T8GILYuJWLuo7QBcHaE8Af0od5/fmDYVQQOFx8BCrriL30gOZ
6nfPJk49rC9x4MJpIwpf7CvFKTkzIYxaDqnoKDkCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRH5otNO6pd+LzuKrYy8+qUh60EuTAfBgNVHSMEGDAWgBQzDmQPnWO6lDqX
s9wQ1MaESl09wTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L013NWtENTFqdXBRNmw3UGNFTlRHaEVwZFBjRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvZTcxOGU0LTUzYjctNDdiYi1hMzM2LTVhMTc3MTlkNDQ5ZS8x
L1ItYUxUVHVxWGZpODdpcTJNdlBxbElldEJMay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
ZTcxOGU0LTUzYjctNDdiYi1hMzM2LTVhMTc3MTlkNDQ5ZS8xL013NWtENTFqdXBR
Nmw3UGNFTlRHaEVwZFBjRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwEQQCAAEwCwMDA2U4AwQCw6JcMA0EAgACMAcDBQcq
DgQAMA0GCSqGSIb3DQEBCwUAA4IBAQAjCN0R6P8B1/c64d78uVRAL9470Wq3qFoj
M7fjkU4eUXOU0BRpqfGnwz/H67wyAr6VY9iDygT0njnQt0kNwR1q0+8A32iZMPia
6SpLLksapllhd5Vj9kx9clYEetUi3/bYf03LCjpG8KeB2O6WMg1iNAAqm4s+xCYH
lA5qnrGVvF0Nt4JohONNM4eveXHRJr5BLrBwPibSqf3Wr4/ar763jksDBPOD0lgD
GoVwzqwXUYzpjJoHn82iViEEerRlPIsXk/2xAe+A4lIBh+8MKszTdnTTQOAfD/+T
lZX8m4zUr+30sbAWUP97IHO0PkJi46/smOJqbitEERF9oaVmWJfx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:33 2024 by rpki-client on console-fra.rpki-client.org