Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/rO5ixlaLNKy_WDMCoBQLOSpH1eI.roa
File: rO5ixlaLNKy_WDMCoBQLOSpH1eI.roa (raw, json)
Hash identifier: 3tZchNU4mFUanBeFMv3BJI6Ku7TZqr/i6aqngtuO4vs=
Subject key identifier: AC:EE:62:C6:56:8B:34:AC:BF:58:33:02:A0:14:0B:39:2A:47:D5:E2
Certificate issuer: /CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Certificate serial: 01825853B2900B0186DB21996D33401F1924
Authority key identifier: DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/rO5ixlaLNKy_WDMCoBQLOSpH1eI.roa
Signing time: Mon 01 Aug 2022 07:34:16 +0000
ROA not before: Mon 01 Aug 2022 07:34:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204561
IP address blocks: 128.127.182.0/24 maxlen: 24
185.192.44.0/24 maxlen: 24
2a05:8a40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:58:53:b2:90:0b:01:86:db:21:99:6d:33:40:1f:19:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Validity
Not Before: Aug 1 07:34:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=acee62c6568b34acbf583302a0140b392a47d5e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:dc:45:9d:34:2e:be:62:f5:cb:11:dc:0b:2b:
65:7c:fb:f4:a4:d2:56:19:17:9d:ee:00:de:36:f8:
d6:a9:4b:63:f2:12:0e:03:1d:e7:68:e6:46:48:bd:
38:64:6d:5b:c2:1e:fd:b1:b4:57:4a:39:9f:d3:18:
5a:8b:f4:9c:77:0f:a9:ff:6d:c3:17:06:fd:92:20:
47:fa:ef:50:09:06:8e:ac:d8:ea:de:58:30:a9:13:
67:7d:4a:19:7e:30:14:50:7b:ba:e1:8b:a8:6f:17:
cb:f4:c5:8c:d5:1b:a0:63:da:cd:4a:94:43:de:3d:
25:5e:15:e4:10:f0:d0:33:97:df:19:60:e6:01:15:
ab:f6:40:18:fa:4a:59:59:28:88:2a:eb:0c:13:71:
55:b1:29:cb:51:5e:fa:3f:03:eb:ea:e6:fb:9c:02:
b7:e5:79:f1:cc:7b:df:57:20:c2:25:c4:69:15:a6:
40:01:bc:a8:06:7c:db:7c:3f:f2:79:0c:94:2c:a8:
e3:f2:4a:1b:ac:33:8b:72:76:fe:26:3f:a8:c0:94:
c2:2b:7e:3a:a9:84:fd:75:a0:b2:34:9a:58:37:9d:
dd:d3:62:17:50:6f:b4:b5:26:33:06:28:b0:47:de:
73:79:41:cf:02:62:38:2f:c2:80:1d:63:e5:52:eb:
54:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:EE:62:C6:56:8B:34:AC:BF:58:33:02:A0:14:0B:39:2A:47:D5:E2
X509v3 Authority Key Identifier:
keyid:DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/rO5ixlaLNKy_WDMCoBQLOSpH1eI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.182.0/24
185.192.44.0/24
IPv6:
2a05:8a40::/29
Signature Algorithm: sha256WithRSAEncryption
84:5f:98:c4:42:08:c2:b3:9b:66:6f:50:ee:ae:89:af:7f:6f:
37:0d:dd:40:1c:82:85:32:5d:f4:89:94:90:17:1e:f7:16:49:
67:87:8c:ec:46:e5:08:91:e4:2e:8f:98:b4:fa:a7:df:64:8d:
0c:88:b5:1f:e8:39:27:63:a6:5e:d0:f6:5a:4a:f1:bf:ae:31:
9d:4f:80:69:31:ac:23:d7:65:4f:0d:c9:a7:9d:1b:16:fa:cf:
85:f4:f9:0f:5c:e6:48:4e:33:37:de:f7:03:3a:e9:6b:26:54:
40:01:a6:b8:62:3a:a3:b1:67:db:c6:68:6d:7a:7d:22:9a:1d:
41:0d:92:2c:38:84:d3:9d:00:0a:60:60:d8:07:93:c0:67:83:
61:b0:4c:c7:a3:53:ad:16:e0:43:09:16:3c:34:89:fd:48:26:
1d:ee:27:57:42:07:fa:58:b8:07:de:ce:c4:fa:ff:1f:92:4f:
12:10:0d:94:5b:ee:b4:5c:35:10:8a:77:26:80:26:75:4d:c8:
e3:67:ea:8b:fa:fd:7e:8d:5f:a9:d8:ae:bc:1b:42:d1:50:c3:
62:6d:fc:ef:80:ef:c0:00:b6:be:ca:b4:a2:0c:5b:3b:bf:44:
b2:7b:e6:03:22:4b:27:6f:00:26:f7:47:49:fb:eb:04:12:84:
27:d0:9b:31
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYJYU7KQCwGG2yGZbTNAHxkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDU2Y2RiNGQxNDAzNDVjM2RjYWViZmM3NjM0ZDRlN2Nk
Y2I5MTMwHhcNMjIwODAxMDczNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2VlNjJjNjU2OGIzNGFjYmY1ODMzMDJhMDE0MGIzOTJhNDdkNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdxFnTQuvmL1yxHcCytlfPv0pNJW
GRed7gDeNvjWqUtj8hIOAx3naOZGSL04ZG1bwh79sbRXSjmf0xhai/Scdw+p/23D
Fwb9kiBH+u9QCQaOrNjq3lgwqRNnfUoZfjAUUHu64YuobxfL9MWM1RugY9rNSpRD
3j0lXhXkEPDQM5ffGWDmARWr9kAY+kpZWSiIKusME3FVsSnLUV76PwPr6ub7nAK3
5XnxzHvfVyDCJcRpFaZAAbyoBnzbfD/yeQyULKjj8kobrDOLcnb+Jj+owJTCK346
qYT9daCyNJpYN53d02IXUG+0tSYzBiiwR95zeUHPAmI4L8KAHWPlUutUjQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKzuYsZWizSsv1gzAqAUCzkqR9XiMB8GA1UdIwQY
MBaAFN5FbNtNFANFw9yuv8djTU583LkTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEt
OTI4ZTdiYzY5NTcwLzEvck81aXhsYUxOS3lfV0RNQ29CUUxPU3BIMWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEtOTI4ZTdiYzY5NTcw
LzEvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAgH+2AwQA
ucAsMA0EAgACMAcDBQMqBYpAMA0GCSqGSIb3DQEBCwUAA4IBAQCEX5jEQgjCs5tm
b1Duromvf283Dd1AHIKFMl30iZSQFx73Fklnh4zsRuUIkeQuj5i0+qffZI0MiLUf
6DknY6Ze0PZaSvG/rjGdT4BpMawj12VPDcmnnRsW+s+F9PkPXOZITjM33vcDOulr
JlRAAaa4YjqjsWfbxmhten0imh1BDZIsOITTnQAKYGDYB5PAZ4NhsEzHo1OtFuBD
CRY8NIn9SCYd7idXQgf6WLgH3s7E+v8fkk8SEA2UW+60XDUQincmgCZ1TcjjZ+qL
+v1+jV+p2K68G0LRUMNibfzvgO/AALa+yrSiDFs7v0Sye+YDIksnbwAm90dJ++sE
EoQn0Jsx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:17 2024 by rpki-client on console-fra.rpki-client.org