Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/7ljcZnxjzaS4seZmSLDOz5UbQGo.roa
File: 7ljcZnxjzaS4seZmSLDOz5UbQGo.roa (raw, json)
Hash identifier: GzLdNyDlcWb7IV78Oe3ZstvhheC4BghsEFQ+9Q5W8q4=
Subject key identifier: EE:58:DC:66:7C:63:CD:A4:B8:B1:E6:66:48:B0:CE:CF:95:1B:40:6A
Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial: 1422967B
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/7ljcZnxjzaS4seZmSLDOz5UbQGo.roa
Signing time: Sat 01 Jan 2022 04:51:27 +0000
ROA not before: Sat 01 Jan 2022 04:51:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 132892
IP address blocks: 141.101.89.0/24 maxlen: 24
141.101.88.0/24 maxlen: 24
2a06:98c0:3604::/48 maxlen: 48
2a06:98c0:360a::/48 maxlen: 48
2a06:98c0:3605::/48 maxlen: 48
2a06:98c0:3608::/48 maxlen: 48
2a06:98c0:3603::/48 maxlen: 48
2a06:98c0:3609::/48 maxlen: 48
2a06:98c0:360c::/48 maxlen: 48
2a06:98c0:3607::/48 maxlen: 48
2a06:98c0:3602::/48 maxlen: 48
2a06:98c0:360d::/48 maxlen: 48
2a06:98c0:3600::/48 maxlen: 48
2a06:98c0:360b::/48 maxlen: 48
2a06:98c0:3606::/48 maxlen: 48
2a06:98c0:3601::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 337811067 (0x1422967b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Validity
Not Before: Jan 1 04:51:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee58dc667c63cda4b8b1e66648b0cecf951b406a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b0:ec:b7:24:9c:60:cb:80:77:d9:84:1e:5c:
5c:c8:c4:6e:1a:aa:e5:e5:3d:7d:f7:1f:9f:e7:5b:
bd:3d:e8:12:82:87:3d:d6:19:df:5f:8e:3b:dc:91:
a7:9e:38:01:45:4a:a3:f6:a1:74:22:47:7c:9d:f8:
44:a4:54:30:25:b6:ff:74:19:cb:0a:f2:1d:2d:8c:
75:fc:5d:68:22:7f:d4:12:cd:f3:01:b8:3e:72:de:
83:9a:aa:9b:ee:e1:0c:90:6f:a5:7c:ae:32:c9:b5:
09:b5:34:18:13:a2:f7:40:34:49:a3:78:7b:8b:b2:
19:61:e8:73:6e:36:52:a4:56:9b:41:7a:08:ac:06:
93:c8:f3:95:83:95:f5:91:41:bf:4d:54:ac:fc:fd:
84:3a:94:6e:38:71:bc:39:ab:8e:b1:1c:0e:e7:a5:
72:3f:5d:6c:ae:dc:dc:60:ac:36:e4:28:73:58:a8:
af:b0:fd:44:2d:e2:8d:7b:fa:c8:9b:68:5e:ea:7e:
eb:12:78:ac:8e:90:c8:30:83:ff:37:13:c0:7b:12:
0c:d0:49:64:5c:5b:e1:12:69:01:98:b0:39:0f:52:
27:59:23:0d:a0:37:d9:91:9d:53:fe:64:59:49:d2:
7f:5d:5d:58:39:4b:a7:bf:2c:39:06:50:9c:c9:aa:
6f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:58:DC:66:7C:63:CD:A4:B8:B1:E6:66:48:B0:CE:CF:95:1B:40:6A
X509v3 Authority Key Identifier:
keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/7ljcZnxjzaS4seZmSLDOz5UbQGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.88.0/23
IPv6:
2a06:98c0:3600::-2a06:98c0:360d:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0f:2d:54:af:af:3a:67:fc:c2:23:26:7e:59:1e:b2:29:85:dd:
dc:fd:f5:a2:95:54:e5:77:fc:de:ff:ce:bb:5d:de:44:f8:0e:
3c:e1:67:9e:ff:bf:65:1b:13:b5:6c:38:18:ea:64:7a:19:46:
3e:dc:27:94:06:f6:74:a1:8b:f9:02:5e:55:47:50:71:57:a0:
a8:eb:87:81:4c:73:93:78:02:cd:4d:34:9a:1a:3c:30:51:81:
a7:25:c8:ba:81:7e:ca:b6:d4:df:69:33:ae:8d:2a:a9:72:5a:
dc:47:1c:09:17:ea:dc:0a:46:b7:68:26:d9:80:18:67:fd:a7:
4d:aa:e2:d5:06:e3:71:33:77:90:c2:b2:c9:70:e8:6c:97:72:
a5:79:3f:41:ff:71:29:f1:f5:87:a9:e7:8c:b7:47:c3:6c:ff:
3f:a4:ab:b5:67:98:be:5a:22:33:9e:26:f8:16:ce:05:64:99:
b5:f5:38:f1:66:9b:32:b4:21:3d:da:71:2b:23:d1:bd:34:d3:
e3:d7:d8:81:b1:31:d7:8d:4b:39:10:48:91:b3:b9:25:ba:18:
f8:fd:68:b8:df:76:d0:2a:a4:15:ac:74:1f:0a:db:07:d7:d4:
3d:2c:9a:ad:3a:4d:2d:cd:29:68:55:9e:9b:13:7e:4f:1a:d6:
e7:9e:46:49
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEFCKWezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OWQ1YmZhZDQ1ZDdjNjVhNmUzNDMwMjg1MDlmZDE4OTJlOTdiOWQwMB4XDTIyMDEw
MTA0NTEyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWU1OGRjNjY3YzYz
Y2RhNGI4YjFlNjY2NDhiMGNlY2Y5NTFiNDA2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN+w7LcknGDLgHfZhB5cXMjEbhqq5eU9ffcfn+dbvT3oEoKH
PdYZ31+OO9yRp544AUVKo/ahdCJHfJ34RKRUMCW2/3QZywryHS2MdfxdaCJ/1BLN
8wG4PnLeg5qqm+7hDJBvpXyuMsm1CbU0GBOi90A0SaN4e4uyGWHoc242UqRWm0F6
CKwGk8jzlYOV9ZFBv01UrPz9hDqUbjhxvDmrjrEcDuelcj9dbK7c3GCsNuQoc1io
r7D9RC3ijXv6yJtoXup+6xJ4rI6QyDCD/zcTwHsSDNBJZFxb4RJpAZiwOQ9SJ1kj
DaA32ZGdU/5kWUnSf11dWDlLp78sOQZQnMmqb+ECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTuWNxmfGPNpLix5mZIsM7PlRtAajAfBgNVHSMEGDAWgBSZ1b+tRdfGWm40
MChQn9GJLpe50DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21kV19yVVhYeGxwdU5EQW9VSl9SaVM2WHVkQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvODE3MWUzLTJkMjktNGNiNi04YTk0LTc1NTE4MDljYjczMS8x
LzdsamNabnhqemFTNHNlWm1TTERPejVVYlFHby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
ODE3MWUzLTJkMjktNGNiNi04YTk0LTc1NTE4MDljYjczMS8xL21kV19yVVhYeGxw
dU5EQW9VSl9SaVM2WHVkQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwDAQCAAEwBgMEAY1lWDAZBAIAAjATMBEDBgEqBpjA
NgMHASoGmMA2DDANBgkqhkiG9w0BAQsFAAOCAQEADy1Ur686Z/zCIyZ+WR6yKYXd
3P31opVU5Xf83v/Ou13eRPgOPOFnnv+/ZRsTtWw4GOpkehlGPtwnlAb2dKGL+QJe
VUdQcVegqOuHgUxzk3gCzU00mho8MFGBpyXIuoF+yrbU32kzro0qqXJa3EccCRfq
3ApGt2gm2YAYZ/2nTari1QbjcTN3kMKyyXDobJdypXk/Qf9xKfH1h6nnjLdHw2z/
P6SrtWeYvloiM54m+BbOBWSZtfU48WabMrQhPdpxKyPRvTTT49fYgbEx141LORBI
kbO5JboY+P1ouN920CqkFax0HwrbB9fUPSyarTpNLc0paFWemxN+TxrW555GSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:48 2024 by rpki-client on console-ams.rpki-client.org