Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/rPMcF6604xF2yY5V8ALqywdYftU.roa
File: rPMcF6604xF2yY5V8ALqywdYftU.roa (raw, json)
Hash identifier: RFtsbc9B32WNIoCeVGdQAxDYYHIY7w+ISZ6XY1CAoHw=
Subject key identifier: AC:F3:1C:17:AE:B4:E3:11:76:C9:8E:55:F0:02:EA:CB:07:58:7E:D5
Certificate issuer: /CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Certificate serial: 0233A9
Authority key identifier: E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/rPMcF6604xF2yY5V8ALqywdYftU.roa
Signing time: Thu 14 Apr 2022 08:53:53 +0000
ROA not before: Thu 14 Apr 2022 08:53:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15594
IP address blocks: 217.116.112.0/20 maxlen: 25
212.9.32.0/19 maxlen: 25
217.10.64.0/20 maxlen: 25
82.116.96.0/19 maxlen: 25
95.174.128.0/19 maxlen: 25
2001:ab0::/29 maxlen: 48
2001:ab7:f000::/36 maxlen: 49
2001:ab7:3000::/36 maxlen: 49
2001:ab7:2000::/36 maxlen: 49
2001:ab7:1000::/36 maxlen: 49
2001:ab7::/36 maxlen: 49
2001:ab0::/36 maxlen: 49
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144297 (0x233a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Validity
Not Before: Apr 14 08:53:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=acf31c17aeb4e31176c98e55f002eacb07587ed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7b:cc:c9:ba:dc:f2:ee:bf:ec:b4:6d:f3:bf:
ed:bd:e3:47:fb:fa:0a:49:b2:dc:23:55:ff:e9:42:
be:ed:47:c5:26:a2:d2:82:b4:32:c6:f7:af:aa:da:
1a:2b:4c:cb:86:e5:8e:a5:02:08:d0:e7:4f:55:91:
9a:36:c1:78:89:06:fd:9a:a6:ed:cb:e7:52:cd:08:
eb:31:01:be:8d:6b:4a:5a:72:6c:2c:91:4a:dc:87:
a4:f1:16:de:8e:cf:49:72:13:f7:72:7b:58:37:ab:
e5:cf:c9:f6:a7:f8:ba:5e:6b:86:e0:4a:73:da:c0:
63:ca:ec:4f:3b:25:1c:47:54:29:1b:f1:3b:be:9a:
15:e0:7f:74:7b:0b:59:fc:3c:ab:d9:89:2b:60:86:
cf:b2:b5:a4:19:97:b8:c6:66:d5:4a:e0:67:9e:15:
3c:7d:90:63:35:cc:5c:4a:67:12:cd:e3:47:77:e5:
1e:62:ed:b7:87:4e:74:2e:6f:58:7e:96:0f:36:8c:
6b:a2:05:3a:41:ef:63:df:8f:6b:ac:2d:3e:ce:dd:
fc:64:e5:53:52:23:bc:12:72:af:eb:d8:65:2d:cb:
7d:fa:c1:5a:c7:a8:30:1c:fc:35:3b:f8:2d:80:c6:
cc:c4:83:9e:03:a9:c6:89:db:16:96:5b:33:e6:06:
4c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:F3:1C:17:AE:B4:E3:11:76:C9:8E:55:F0:02:EA:CB:07:58:7E:D5
X509v3 Authority Key Identifier:
keyid:E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/rPMcF6604xF2yY5V8ALqywdYftU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.116.96.0/19
95.174.128.0/19
212.9.32.0/19
217.10.64.0/20
217.116.112.0/20
IPv6:
2001:ab0::/29
Signature Algorithm: sha256WithRSAEncryption
35:12:c6:17:cb:25:10:67:9a:91:84:35:c3:db:01:ee:da:d8:
e8:d7:a4:b5:7d:98:9b:4d:09:7a:92:50:0a:21:56:fa:6d:dd:
1c:c9:83:88:40:d1:cc:77:45:76:94:ac:c4:c9:41:b9:dc:60:
ad:86:be:95:89:ea:84:35:13:f6:87:74:ff:08:b7:27:e0:f6:
b8:87:47:39:67:ee:27:92:51:01:c1:d3:b3:56:bd:b7:97:76:
a5:b0:7c:73:10:47:13:b0:0b:02:d7:45:d9:0c:0b:2e:6b:ec:
ea:50:6f:00:27:ef:e1:a4:c8:07:5e:08:78:ae:3d:9a:a8:9a:
ac:7c:c5:69:dd:e6:6b:1b:13:56:c9:93:36:7d:06:24:39:02:
41:3d:10:43:97:a9:8b:a0:57:0f:77:5c:d2:2c:1e:bc:f6:9b:
d2:ac:9c:f6:23:5f:98:23:44:dd:2a:c2:63:32:11:ed:29:7c:
62:1b:09:86:54:ba:b2:16:0d:9f:97:3a:bd:f0:aa:f7:2e:91:
ee:43:22:d9:35:38:9e:c7:5d:50:7b:39:7f:a0:f1:e4:bc:b5:
7b:0c:64:f5:b7:29:5b:51:88:4f:40:1a:f0:7c:0b:cd:4a:c6:
a7:20:2e:5e:84:d9:1f:68:7a:a4:db:8f:e2:53:33:97:c3:77:
5c:55:76:ab
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIDAjOpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGUz
ZjcwNzA2ZjZjMGNmYmQ5YzczYTdmM2Q4MzAyMzI0MGE0MmY1MGQwHhcNMjIwNDE0
MDg1MzUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhY2YzMWMxN2FlYjRl
MzExNzZjOThlNTVmMDAyZWFjYjA3NTg3ZWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5nvMybrc8u6/7LRt87/tveNH+/oKSbLcI1X/6UK+7UfFJqLS
grQyxvevqtoaK0zLhuWOpQII0OdPVZGaNsF4iQb9mqbty+dSzQjrMQG+jWtKWnJs
LJFK3Iek8Rbejs9JchP3cntYN6vlz8n2p/i6XmuG4Epz2sBjyuxPOyUcR1QpG/E7
vpoV4H90ewtZ/Dyr2YkrYIbPsrWkGZe4xmbVSuBnnhU8fZBjNcxcSmcSzeNHd+Ue
Yu23h050Lm9YfpYPNoxrogU6Qe9j349rrC0+zt38ZOVTUiO8EnKv69hlLct9+sFa
x6gwHPw1O/gtgMbMxIOeA6nGidsWllsz5gZMdwIDAQABo4ICMDCCAiwwHQYDVR0O
BBYEFKzzHBeutOMRdsmOVfAC6ssHWH7VMB8GA1UdIwQYMBaAFOP3Bwb2wM+9nHOn
89gwIyQKQvUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTItMDlmZjc5MzA4YmJlLzEv
clBNY0Y2NjA0eEYyeVk1VjhBTHF5d2RZZnRVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8y
ODZkNDctNjQzNC00MWJkLTlhYTItMDlmZjc5MzA4YmJlLzEvNF9jSEJ2YkF6NzJj
YzZmejJEQWpKQXBDOVEwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYG
CCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFUnRgAwQFX66AAwQF1AkgAwQE2QpA
AwQE2XRwMA0EAgACMAcDBQMgAQqwMA0GCSqGSIb3DQEBCwUAA4IBAQA1EsYXyyUQ
Z5qRhDXD2wHu2tjo16S1fZibTQl6klAKIVb6bd0cyYOIQNHMd0V2lKzEyUG53GCt
hr6VieqENRP2h3T/CLcn4Pa4h0c5Z+4nklEBwdOzVr23l3alsHxzEEcTsAsC10XZ
DAsua+zqUG8AJ+/hpMgHXgh4rj2aqJqsfMVp3eZrGxNWyZM2fQYkOQJBPRBDl6mL
oFcPd1zSLB689pvSrJz2I1+YI0TdKsJjMhHtKXxiGwmGVLqyFg2flzq98Kr3LpHu
QyLZNTiex11Qezl/oPHkvLV7DGT1tylbUYhPQBrwfAvNSsanIC5ehNkfaHqk24/i
UzOXw3dcVXar
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:45 2023 by rpki-client on console-ams.rpki-client.org