Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/v4nwXVwEliu5S1o2KQAPK85iHxk.roa
File: v4nwXVwEliu5S1o2KQAPK85iHxk.roa (raw, json)
Hash identifier: xDcT0HSqveuf+fk93K50KNO7DWhoLoboVKhmeX9MDb8=
Subject key identifier: BF:89:F0:5D:5C:04:96:2B:B9:4B:5A:36:29:00:0F:2B:CE:62:1F:19
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 06102779
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/v4nwXVwEliu5S1o2KQAPK85iHxk.roa
Signing time: Sat 01 Jan 2022 16:01:30 +0000
ROA not before: Sat 01 Jan 2022 16:01:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213291
IP address blocks: 2a0a:6507:f391::/48 maxlen: 48
2a0d:f407:1005::/48 maxlen: 48
2a0e:9300:3973::/48 maxlen: 48
2a0e:d000:a310::/48 maxlen: 48
2a0e:8101:9124::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101721977 (0x6102779)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 1 16:01:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf89f05d5c04962bb94b5a3629000f2bce621f19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:45:82:9b:46:db:dc:6f:a2:f2:47:db:2d:8c:
1d:32:10:d7:d7:8c:e5:c1:a0:cd:69:a3:df:f9:87:
08:aa:b3:f8:6a:d7:d1:f4:5f:e3:5a:30:c1:82:dd:
0f:3a:db:a7:97:dd:95:69:7e:c7:f7:74:d2:61:ec:
b1:27:90:f3:cf:63:25:0c:ed:9f:2b:c3:63:24:b9:
ed:81:10:88:c8:d6:6d:d6:90:67:2d:7f:70:cc:13:
75:c2:13:84:e9:fd:7f:82:8b:62:89:8b:db:15:42:
63:90:05:fc:c0:40:3e:e5:98:05:5d:28:b9:73:20:
d5:b9:07:1a:b8:ae:c5:be:2d:ea:b0:35:fd:d2:1d:
7b:7e:b9:30:bd:23:3d:9d:4e:9e:5c:5a:5d:4f:68:
7f:59:0c:c7:7d:c2:08:55:8e:5d:a3:f1:28:dd:43:
03:e8:d0:f2:17:df:c1:1b:e3:e2:00:bd:b3:ac:91:
01:c8:fe:03:13:0e:e9:4d:e8:da:fd:52:38:ce:ba:
e0:4e:d6:cf:12:c1:3e:ea:7b:88:8d:7d:10:f9:85:
d7:71:f2:77:36:4c:2d:a1:17:a4:45:b9:0f:f4:d8:
7d:85:e3:db:3d:69:9c:8d:8b:30:07:97:ff:2a:db:
f8:46:65:6b:83:12:d3:51:34:3b:ff:7f:f2:0a:9a:
58:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:89:F0:5D:5C:04:96:2B:B9:4B:5A:36:29:00:0F:2B:CE:62:1F:19
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/v4nwXVwEliu5S1o2KQAPK85iHxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6507:f391::/48
2a0d:f407:1005::/48
2a0e:8101:9124::/48
2a0e:9300:3973::/48
2a0e:d000:a310::/48
Signature Algorithm: sha256WithRSAEncryption
02:52:1e:60:50:52:26:24:62:24:5b:39:ea:f3:43:0f:67:96:
fd:ad:31:66:5d:b5:1a:6d:10:51:b9:ed:38:0e:13:3a:9d:6b:
f0:9e:53:9d:f3:4e:a1:57:46:9f:28:5a:56:d6:04:31:b6:82:
c7:18:79:d1:06:18:0d:7c:9d:81:f9:ae:d1:85:69:7c:d5:44:
f0:e2:fa:8e:8e:df:9b:ab:32:fd:52:04:2e:99:27:fe:e2:7e:
ca:63:de:9f:a8:bd:28:e1:22:f2:e2:59:f1:d2:f7:18:31:4b:
99:bf:8d:bc:e5:cc:53:27:cf:53:a6:f9:c7:ef:91:0c:65:18:
9b:25:f0:a9:3c:fa:09:89:27:f4:de:ca:08:09:d8:6d:86:5d:
39:39:27:97:7b:d5:8d:18:bb:f4:cd:74:39:19:b3:bc:d8:cb:
c2:cb:59:ae:c5:68:46:24:c3:74:3d:89:8b:6d:a0:24:ca:eb:
6f:2c:c3:bc:85:fa:a4:3a:e6:c5:b8:5b:7d:3c:7c:ed:ce:7e:
05:e8:08:18:43:5a:ef:b6:02:15:d2:ea:7f:5f:65:17:3a:9f:
90:c2:ca:60:e6:a5:27:2f:4d:9b:0c:02:10:a6:33:ff:cd:e4:
b6:bb:d0:ec:dd:d0:1e:8a:c3:b8:34:8f:f6:06:83:70:5f:9c:
ec:68:b3:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBhAneTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjZkOWQ1MGIzYjg5ZDUxYzhhYTI0OTNlN2VmNDcwMWQ2MjUxZGFkMB4XDTIyMDEw
MTE2MDEzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmY4OWYwNWQ1YzA0
OTYyYmI5NGI1YTM2MjkwMDBmMmJjZTYyMWYxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOxFgptG29xvovJH2y2MHTIQ19eM5cGgzWmj3/mHCKqz+GrX
0fRf41owwYLdDzrbp5fdlWl+x/d00mHssSeQ889jJQztnyvDYyS57YEQiMjWbdaQ
Zy1/cMwTdcIThOn9f4KLYomL2xVCY5AF/MBAPuWYBV0ouXMg1bkHGriuxb4t6rA1
/dIde365ML0jPZ1OnlxaXU9of1kMx33CCFWOXaPxKN1DA+jQ8hffwRvj4gC9s6yR
Acj+AxMO6U3o2v1SOM664E7WzxLBPup7iI19EPmF13HydzZMLaEXpEW5D/TYfYXj
2z1pnI2LMAeX/yrb+EZla4MS01E0O/9/8gqaWPUCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBS/ifBdXASWK7lLWjYpAA8rzmIfGTAfBgNVHSMEGDAWgBTGbZ1Qs7idUciq
JJPn70cB1iUdrTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3htMmRVTE80blZISXFpU1Q1LTlIQWRZbEhhMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvNGJiNzRiLThkNmQtNDUxNC1hMzljLWI3YzU3OGI3NGUzNS8x
L3Y0bndYVndFbGl1NVMxbzJLUUFQSzg1aUh4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
NGJiNzRiLThkNmQtNDUxNC1hMzljLWI3YzU3OGI3NGUzNS8xL3htMmRVTE80blZI
SXFpU1Q1LTlIQWRZbEhhMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwMwQCAAIwLQMHACoKZQfzkQMHACoN9AcQBQMHACoO
gQGRJAMHACoOkwA5cwMHACoO0ACjEDANBgkqhkiG9w0BAQsFAAOCAQEAAlIeYFBS
JiRiJFs56vNDD2eW/a0xZl21Gm0QUbntOA4TOp1r8J5TnfNOoVdGnyhaVtYEMbaC
xxh50QYYDXydgfmu0YVpfNVE8OL6jo7fm6sy/VIELpkn/uJ+ymPen6i9KOEi8uJZ
8dL3GDFLmb+NvOXMUyfPU6b5x++RDGUYmyXwqTz6CYkn9N7KCAnYbYZdOTknl3vV
jRi79M10ORmzvNjLwstZrsVoRiTDdD2Ji22gJMrrbyzDvIX6pDrmxbhbfTx87c5+
BegIGENa77YCFdLqf19lFzqfkMLKYOalJy9NmwwCEKYz/83ktrvQ7N3QHorDuDSP
9gaDcF+c7GizCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:36 2024 by rpki-client on console-ams.rpki-client.org