Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/8aud__etoT3aTqt2QdZecB6yh0w.roa
File: 8aud__etoT3aTqt2QdZecB6yh0w.roa (raw, json)
Hash identifier: Cg1707rF/h3YE/4Ck4fM+SN7wpY2GArLFOPS5+jMl5U=
Subject key identifier: F1:AB:9D:FF:F7:AD:A1:3D:DA:4E:AB:76:41:D6:5E:70:1E:B2:87:4C
Certificate issuer: /CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Certificate serial: 01848509D142FC09CF9008A7D557EA83F84A
Authority key identifier: 92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/8aud__etoT3aTqt2QdZecB6yh0w.roa
Signing time: Thu 17 Nov 2022 10:02:03 +0000
ROA not before: Thu 17 Nov 2022 10:02:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203759
IP address blocks: 45.129.40.0/21 maxlen: 24
185.86.188.0/22 maxlen: 24
193.148.160.0/19 maxlen: 24
185.124.192.0/22 maxlen: 24
193.19.128.0/22 maxlen: 24
2a05:b540::/29 maxlen: 48
2a06:b500::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:09:d1:42:fc:09:cf:90:08:a7:d5:57:ea:83:f8:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Validity
Not Before: Nov 17 10:02:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1ab9dfff7ada13dda4eab7641d65e701eb2874c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:76:78:35:16:be:41:72:d5:2c:7c:3f:47:c6:
58:aa:07:fd:0f:01:87:09:cc:13:ae:68:49:b5:b2:
31:97:39:7d:e9:ab:a8:d4:09:c0:12:b5:33:93:b8:
73:ad:2a:ec:b3:ef:6f:6a:0f:00:e4:e3:b8:1f:1a:
03:e2:99:b2:51:6c:0f:ee:e3:5e:cf:93:00:a7:bf:
bf:1a:49:bf:09:7c:1b:d7:c1:e9:b9:84:67:08:fb:
bb:e1:46:91:aa:21:a6:2f:af:ee:1e:89:3d:39:dd:
9b:ce:45:61:b2:e1:3b:3e:8d:1a:21:d8:0b:b4:bb:
5e:6e:a2:f1:ba:92:a0:f8:93:88:47:bd:47:87:ba:
7b:4e:43:bd:4c:51:7c:63:ec:a1:cc:5d:b9:62:96:
3d:de:83:03:50:13:55:e1:ee:f0:33:d6:3d:be:b8:
da:e6:9e:76:99:fa:2a:e1:f4:bc:89:f1:4c:17:2a:
c8:17:b8:ff:0a:6a:fe:1e:ca:32:1e:ab:51:c4:a9:
d1:a4:05:ce:4f:f6:39:63:96:b0:e0:fa:9d:9c:f1:
06:98:21:3b:17:2e:85:3f:84:66:bd:0c:45:ea:6c:
af:5a:d2:1a:62:d6:f1:0e:d6:e6:21:f9:d6:82:e9:
e4:01:de:1e:4f:28:55:39:3a:af:42:59:0b:45:82:
44:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:AB:9D:FF:F7:AD:A1:3D:DA:4E:AB:76:41:D6:5E:70:1E:B2:87:4C
X509v3 Authority Key Identifier:
keyid:92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/8aud__etoT3aTqt2QdZecB6yh0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/kmYLI_47hkLWv0dfjrf8rZ0TxBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.40.0/21
185.86.188.0/22
185.124.192.0/22
193.19.128.0/22
193.148.160.0/19
IPv6:
2a05:b540::/29
2a06:b500::/29
Signature Algorithm: sha256WithRSAEncryption
5f:70:d8:76:b4:88:d3:3d:4c:7c:ce:f1:cd:02:f8:49:fe:4e:
0a:bd:57:5e:e4:a7:fb:0e:c9:c1:73:b2:70:b4:4d:ba:48:e4:
fe:60:b4:4e:71:f9:8a:95:89:65:1e:e6:cd:7d:5b:21:2f:ed:
90:44:f8:a5:09:59:ef:02:55:2b:8c:e2:72:f2:20:ef:d2:fe:
a2:47:0f:ea:50:88:d5:30:b0:3c:01:5d:aa:ac:9b:e2:31:47:
f5:08:a9:2f:70:18:18:c4:ee:c6:b7:b0:53:32:a9:12:7a:7a:
f7:10:6b:0f:d4:1b:b2:24:fa:b6:b8:d1:59:f1:03:ce:ee:8a:
b3:b3:f5:9e:37:13:43:ef:ff:8f:4e:e0:dd:5c:2d:fe:d7:cb:
11:ae:7c:63:92:39:46:97:ea:2a:ef:b1:3a:a3:b7:11:0b:3b:
3d:c8:24:cd:3b:5e:cb:64:22:43:66:0c:fc:64:ce:5c:41:b6:
cd:cb:e1:7d:19:43:c8:0b:6e:b3:47:c4:8c:71:dd:72:c1:4b:
fc:60:1f:7b:db:8d:a3:87:7c:5f:fc:50:23:06:fa:6c:d3:f2:
09:2a:6b:42:e5:bb:61:3d:70:df:89:67:5e:09:29:f7:a5:cb:
a2:69:8c:ef:5f:a4:ba:42:c4:88:03:a7:20:e4:57:c9:7e:2b:
7c:42:31:60
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYSFCdFC/AnPkAin1Vfqg/hKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjYwYjIzZmUzYjg2NDJkNmJmNDc1ZjhlYjdmY2FkOWQx
M2M0MTMwHhcNMjIxMTE3MTAwMjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWFiOWRmZmY3YWRhMTNkZGE0ZWFiNzY0MWQ2NWU3MDFlYjI4NzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXZ4NRa+QXLVLHw/R8ZYqgf9DwGH
CcwTrmhJtbIxlzl96auo1AnAErUzk7hzrSrss+9vag8A5OO4HxoD4pmyUWwP7uNe
z5MAp7+/Gkm/CXwb18HpuYRnCPu74UaRqiGmL6/uHok9Od2bzkVhsuE7Po0aIdgL
tLtebqLxupKg+JOIR71Hh7p7TkO9TFF8Y+yhzF25YpY93oMDUBNV4e7wM9Y9vrja
5p52mfoq4fS8ifFMFyrIF7j/Cmr+HsoyHqtRxKnRpAXOT/Y5Y5aw4PqdnPEGmCE7
Fy6FP4RmvQxF6myvWtIaYtbxDtbmIfnWgunkAd4eTyhVOTqvQlkLRYJEGwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPGrnf/3raE92k6rdkHWXnAesodMMB8GA1UdIwQY
MBaAFJJmCyP+O4ZC1r9HX463/K2dE8QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21ZTElfNDdoa0xXdjBkZmpyZjhyWjBUeEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZTNiYWMtM2RhMi00ZTQ5LWJkYWIt
MTNlZjFjNDU1Y2M0LzEvOGF1ZF9fZXRvVDNhVHF0MlFkWmVjQjZ5aDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZTNiYWMtM2RhMi00ZTQ5LWJkYWItMTNlZjFjNDU1Y2M0
LzEva21ZTElfNDdoa0xXdjBkZmpyZjhyWjBUeEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDLYEoAwQC
uVa8AwQCuXzAAwQCwROAAwQFwZSgMBQEAgACMA4DBQMqBbVAAwUDKga1ADANBgkq
hkiG9w0BAQsFAAOCAQEAX3DYdrSI0z1MfM7xzQL4Sf5OCr1XXuSn+w7JwXOycLRN
ukjk/mC0TnH5ipWJZR7mzX1bIS/tkET4pQlZ7wJVK4zicvIg79L+okcP6lCI1TCw
PAFdqqyb4jFH9QipL3AYGMTuxrewUzKpEnp69xBrD9QbsiT6trjRWfEDzu6Ks7P1
njcTQ+//j07g3Vwt/tfLEa58Y5I5RpfqKu+xOqO3EQs7PcgkzTtey2QiQ2YM/GTO
XEG2zcvhfRlDyAtus0fEjHHdcsFL/GAfe9uNo4d8X/xQIwb6bNPyCSprQuW7YT1w
34lnXgkp96XLommM71+kukLEiAOnIORXyX4rfEIxYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:04 2024 by rpki-client on console-fra.rpki-client.org