Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/lDSd6-alcuHDsWxCEHkzx_rFKAw.roa
File: lDSd6-alcuHDsWxCEHkzx_rFKAw.roa (raw, json)
Hash identifier: yt6urrsSc5UtEOm8vZWelDexO1yMSzfkje0KZjRUsLI=
Subject key identifier: 94:34:9D:EB:E6:A5:72:E1:C3:B1:6C:42:10:79:33:C7:FA:C5:28:0C
Certificate issuer: /CN=70b4da0f1013acdb61c2f7a26d14c4f0de8222ec
Certificate serial: 06982F76
Authority key identifier: 70:B4:DA:0F:10:13:AC:DB:61:C2:F7:A2:6D:14:C4:F0:DE:82:22:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cLTaDxATrNthwveibRTE8N6CIuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/lDSd6-alcuHDsWxCEHkzx_rFKAw.roa
Signing time: Sat 01 Jan 2022 01:51:59 +0000
ROA not before: Sat 01 Jan 2022 01:51:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 559
IP address blocks: 129.194.0.0/15 maxlen: 16
192.33.212.0/22 maxlen: 22
192.33.216.0/22 maxlen: 22
192.33.222.0/23 maxlen: 23
192.33.220.0/24 maxlen: 24
192.33.224.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110636918 (0x6982f76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70b4da0f1013acdb61c2f7a26d14c4f0de8222ec
Validity
Not Before: Jan 1 01:51:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94349debe6a572e1c3b16c42107933c7fac5280c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:77:5f:67:d6:8d:56:55:fb:74:6d:30:d6:67:
f3:b5:4e:bd:f8:ee:f4:f3:06:b6:f4:1a:d7:53:09:
b5:d3:6b:b6:93:b2:65:fd:49:4b:55:19:46:0c:95:
a7:c7:d0:28:da:ba:d5:6c:55:ad:fe:e1:12:e2:07:
10:44:0d:d1:2c:61:ab:c7:b4:ee:fa:13:94:32:8a:
b9:5d:c0:90:53:85:68:b6:00:df:b6:c5:9e:56:1f:
c4:f6:39:93:a8:c3:75:e0:d5:5f:50:01:ec:64:c6:
e7:87:59:10:25:2a:f0:38:18:14:7a:9c:69:56:97:
a0:6d:dd:4c:02:8e:7e:2e:ea:dc:ba:f6:b3:e6:bc:
ab:26:1d:e9:50:18:99:49:fb:99:2f:4c:49:d4:57:
7c:86:0e:8a:86:09:67:97:68:61:92:dd:75:ea:54:
d9:70:16:d6:ec:11:cc:25:3a:1a:9c:74:4f:eb:7a:
6c:ec:e5:e0:34:28:b3:9f:26:03:6e:5c:1d:0f:79:
8a:61:8e:eb:cb:5f:8e:6b:c0:bc:0e:fd:04:ba:60:
39:07:fb:e4:9a:ff:4c:cd:4b:a0:da:9d:d8:c2:19:
45:df:09:96:77:c3:52:cb:ff:09:6a:19:bc:d3:a4:
d5:b8:26:6f:b8:96:ba:6b:f4:93:38:aa:f7:4d:b4:
f1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:34:9D:EB:E6:A5:72:E1:C3:B1:6C:42:10:79:33:C7:FA:C5:28:0C
X509v3 Authority Key Identifier:
keyid:70:B4:DA:0F:10:13:AC:DB:61:C2:F7:A2:6D:14:C4:F0:DE:82:22:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLTaDxATrNthwveibRTE8N6CIuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/lDSd6-alcuHDsWxCEHkzx_rFKAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/cLTaDxATrNthwveibRTE8N6CIuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.194.0.0/15
192.33.212.0-192.33.220.255
192.33.222.0-192.33.231.255
Signature Algorithm: sha256WithRSAEncryption
71:82:4b:3c:d5:ac:c4:4f:72:af:9a:ab:89:36:31:3b:e2:65:
94:f9:da:81:47:b2:ce:cd:d4:50:b1:b1:41:2a:06:77:73:a4:
6c:c0:28:07:12:d9:6e:0f:dc:27:49:b2:83:26:6e:f2:53:cc:
60:6c:06:7e:e9:d6:43:62:c7:68:74:06:f7:9b:b6:04:ba:95:
ac:98:fa:12:1e:48:17:4c:6d:f3:15:db:66:f9:1d:d0:25:92:
2a:e9:fe:d0:46:13:de:cf:2f:b8:d5:87:32:c5:e9:16:b7:14:
c7:c8:1c:aa:01:2d:35:a0:7f:e5:9e:c4:19:cb:d6:33:0a:72:
30:02:96:8d:d9:03:41:76:48:f2:e5:9c:5e:91:d0:18:3c:89:
11:36:22:46:8f:dd:2f:1b:45:b6:1b:38:1c:8b:85:33:65:1c:
92:e6:87:07:40:fa:3c:a4:7c:4e:23:f2:77:19:b1:df:0b:ad:
69:8f:2f:d9:ba:45:44:03:e0:42:ca:28:af:a4:18:25:ae:36:
91:31:3a:31:55:cc:65:eb:11:55:cf:ec:de:b7:f0:3a:76:d5:
51:c4:66:7c:30:ad:c9:e7:19:e4:9d:d1:4e:de:72:a4:da:22:
b2:96:4a:4b:1b:60:8c:db:5d:00:19:ca:40:36:ce:40:82:09:
94:1b:cc:4a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBpgvdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MGI0ZGEwZjEwMTNhY2RiNjFjMmY3YTI2ZDE0YzRmMGRlODIyMmVjMB4XDTIyMDEw
MTAxNTE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQzNDlkZWJlNmE1
NzJlMWMzYjE2YzQyMTA3OTMzYzdmYWM1MjgwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO93X2fWjVZV+3RtMNZn87VOvfju9PMGtvQa11MJtdNrtpOy
Zf1JS1UZRgyVp8fQKNq61WxVrf7hEuIHEEQN0Sxhq8e07voTlDKKuV3AkFOFaLYA
37bFnlYfxPY5k6jDdeDVX1AB7GTG54dZECUq8DgYFHqcaVaXoG3dTAKOfi7q3Lr2
s+a8qyYd6VAYmUn7mS9MSdRXfIYOioYJZ5doYZLddepU2XAW1uwRzCU6Gpx0T+t6
bOzl4DQos58mA25cHQ95imGO68tfjmvAvA79BLpgOQf75Jr/TM1LoNqd2MIZRd8J
lnfDUsv/CWoZvNOk1bgmb7iWumv0kziq90208TMCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSUNJ3r5qVy4cOxbEIQeTPH+sUoDDAfBgNVHSMEGDAWgBRwtNoPEBOs22HC
96JtFMTw3oIi7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NMVGFEeEFUck50aHd2ZWliUlRFOE42Q0l1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvODgzZmQ2LWM2YjYtNGFlMS1hMTg3LWYzMDY5ZWU1OTBkYS8x
L2xEU2Q2LWFsY3VIRHNXeENFSGt6eF9yRktBdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
ODgzZmQ2LWM2YjYtNGFlMS1hMTg3LWYzMDY5ZWU1OTBkYS8xL2NMVGFEeEFUck50
aHd2ZWliUlRFOE42Q0l1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwJwQCAAEwIQMDAYHCMAwDBALAIdQDBADAIdwwDAME
AcAh3gMEA8Ah4DANBgkqhkiG9w0BAQsFAAOCAQEAcYJLPNWsxE9yr5qriTYxO+Jl
lPnagUeyzs3UULGxQSoGd3OkbMAoBxLZbg/cJ0mygyZu8lPMYGwGfunWQ2LHaHQG
95u2BLqVrJj6Eh5IF0xt8xXbZvkd0CWSKun+0EYT3s8vuNWHMsXpFrcUx8gcqgEt
NaB/5Z7EGcvWMwpyMAKWjdkDQXZI8uWcXpHQGDyJETYiRo/dLxtFths4HIuFM2Uc
kuaHB0D6PKR8TiPydxmx3wutaY8v2bpFRAPgQsoor6QYJa42kTE6MVXMZesRVc/s
3rfwOnbVUcRmfDCtyecZ5J3RTt5ypNoispZKSxtgjNtdABnKQDbOQIIJlBvMSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:41 2024 by rpki-client on console-fra.rpki-client.org