Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/Ahfg-yuNGA-RYWRCcCRP7-JcUkE.roa
File: Ahfg-yuNGA-RYWRCcCRP7-JcUkE.roa (raw, json)
Hash identifier: H3znZIFpYO/ComZ6BDLWOfY/VnnUU3Oil6OeRTiquYw=
Subject key identifier: 02:17:E0:FB:2B:8D:18:0F:91:61:64:42:70:24:4F:EF:E2:5C:52:41
Certificate issuer: /CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4
Certificate serial: 01831C73A0A9491829745D994CC08A7887CF
Authority key identifier: 8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/Ahfg-yuNGA-RYWRCcCRP7-JcUkE.roa
Signing time: Thu 08 Sep 2022 09:34:43 +0000
ROA not before: Thu 08 Sep 2022 09:34:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 559
IP address blocks: 129.132.0.0/16 maxlen: 16
192.33.87.0/24 maxlen: 24
192.33.88.0/21 maxlen: 24
192.33.96.0/21 maxlen: 21
192.33.104.0/22 maxlen: 22
192.33.108.0/23 maxlen: 23
192.33.110.0/24 maxlen: 24
82.130.64.0/18 maxlen: 18
2001:67c:10ec::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1c:73:a0:a9:49:18:29:74:5d:99:4c:c0:8a:78:87:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4
Validity
Not Before: Sep 8 09:34:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0217e0fb2b8d180f9161644270244fefe25c5241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:33:2a:3c:bb:be:e8:52:1e:f4:eb:59:01:c3:
ed:4c:78:7c:ed:9d:1b:f4:5c:25:13:17:80:95:15:
b0:96:65:ea:81:54:a1:bb:d5:a2:25:13:4d:8f:d7:
4f:91:04:51:a8:93:d7:9f:bd:e0:fe:8f:b2:40:11:
88:a2:fd:5b:77:f6:04:91:46:49:7e:19:6f:8d:8f:
bc:63:1d:f2:06:75:ed:31:ae:55:a9:87:fb:e4:79:
ec:57:73:72:05:99:ca:ed:89:f7:2b:d3:78:f7:bf:
7d:6c:25:43:d3:83:36:c6:23:3f:d2:d9:eb:63:f2:
0d:16:12:61:e7:7a:0e:1f:43:16:87:4e:af:84:58:
23:3d:f2:f4:a2:5f:8f:a9:e8:9e:02:13:16:2b:78:
5b:6b:cc:df:a5:54:3e:b8:69:63:9e:dc:fa:e3:59:
51:60:e3:9c:07:22:2b:68:d3:b5:ed:6f:29:3d:07:
88:8f:71:1a:ad:ba:b3:38:5e:10:8f:4c:5a:64:49:
cd:5f:85:66:79:17:1d:b8:83:3e:91:37:2c:30:e7:
0d:d4:55:82:98:d1:6e:64:df:22:32:b1:4c:60:3d:
6b:b3:d8:3d:71:52:a7:df:e1:10:e0:09:36:b0:77:
bb:3e:6d:f3:97:c1:84:19:de:ee:9c:01:b5:54:ae:
db:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:17:E0:FB:2B:8D:18:0F:91:61:64:42:70:24:4F:EF:E2:5C:52:41
X509v3 Authority Key Identifier:
keyid:8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/Ahfg-yuNGA-RYWRCcCRP7-JcUkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/jagkvGMczuGumdcQOv0tx08eKcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.130.64.0/18
129.132.0.0/16
192.33.87.0-192.33.110.255
IPv6:
2001:67c:10ec::/48
Signature Algorithm: sha256WithRSAEncryption
65:62:f7:0c:c6:cb:e3:d8:b5:ac:88:9c:20:48:83:66:f9:0c:
e1:71:31:89:d8:cf:68:c2:b3:d7:94:46:17:8e:45:f3:82:b9:
3a:9e:4c:de:aa:bf:37:26:e4:c4:46:f0:6a:7b:b1:e7:32:94:
11:a8:6b:88:e5:bb:9e:37:74:40:32:40:1d:8d:70:7c:fa:18:
d8:2f:cf:6e:35:d0:0d:82:70:21:de:e8:0c:2d:33:d9:ac:bc:
4f:9b:65:57:c5:7a:8a:cb:c1:cb:e9:a9:2e:04:7b:8e:d8:e3:
2b:94:0d:6a:38:43:26:1d:5f:cf:11:02:4c:a6:32:44:b0:7c:
64:5a:05:5d:8b:34:da:1b:27:b6:b9:9f:f7:11:ec:27:a4:e1:
e7:4b:14:ec:1a:de:a1:ba:18:c8:cf:e4:64:f7:64:ee:5e:cf:
73:cd:c6:0b:2c:39:36:df:18:89:58:40:00:58:d0:bc:f9:ae:
ba:8f:da:75:80:83:6f:41:9b:79:86:7e:09:bb:f3:3e:08:b0:
99:44:5d:f4:ac:af:ad:8a:4e:0c:1e:9f:c6:b5:5f:87:78:15:
62:8d:4a:26:70:77:b6:50:45:97:c4:3d:81:5e:5d:b8:bf:fa:
e8:d9:2d:23:f3:e2:e7:7e:d5:58:50:c7:75:22:d9:4e:ae:e6:
07:7d:d2:43
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYMcc6CpSRgpdF2ZTMCKeIfPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTgyNGJjNjMxY2NlZTFhZTk5ZDcxMDNhZmQyZGM3NGYx
ZTI5YzQwHhcNMjIwOTA4MDkzNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjE3ZTBmYjJiOGQxODBmOTE2MTY0NDI3MDI0NGZlZmUyNWM1MjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9TMqPLu+6FIe9OtZAcPtTHh87Z0b
9FwlExeAlRWwlmXqgVShu9WiJRNNj9dPkQRRqJPXn73g/o+yQBGIov1bd/YEkUZJ
fhlvjY+8Yx3yBnXtMa5VqYf75HnsV3NyBZnK7Yn3K9N49799bCVD04M2xiM/0tnr
Y/INFhJh53oOH0MWh06vhFgjPfL0ol+PqeieAhMWK3hba8zfpVQ+uGljntz641lR
YOOcByIraNO17W8pPQeIj3EarbqzOF4Qj0xaZEnNX4VmeRcduIM+kTcsMOcN1FWC
mNFuZN8iMrFMYD1rs9g9cVKn3+EQ4Ak2sHe7Pm3zl8GEGd7unAG1VK7bPQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAIX4PsrjRgPkWFkQnAkT+/iXFJBMB8GA1UdIwQY
MBaAFI2oJLxjHM7hrpnXEDr9LcdPHinEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUt
Mzg2YzFmOGIwNjQwLzEvQWhmZy15dU5HQS1SWVdSQ2NDUlA3LUpjVWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUtMzg2YzFmOGIwNjQw
LzEvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAfBAIAATAZAwQGUoJAAwMA
gYQwDAMEAMAhVwMEAMAhbjAPBAIAAjAJAwcAIAEGfBDsMA0GCSqGSIb3DQEBCwUA
A4IBAQBlYvcMxsvj2LWsiJwgSINm+QzhcTGJ2M9owrPXlEYXjkXzgrk6nkzeqr83
JuTERvBqe7HnMpQRqGuI5bueN3RAMkAdjXB8+hjYL89uNdANgnAh3ugMLTPZrLxP
m2VXxXqKy8HL6akuBHuO2OMrlA1qOEMmHV/PEQJMpjJEsHxkWgVdizTaGye2uZ/3
EewnpOHnSxTsGt6huhjIz+Rk92TuXs9zzcYLLDk23xiJWEAAWNC8+a66j9p1gINv
QZt5hn4Ju/M+CLCZRF30rK+tik4MHp/GtV+HeBVijUomcHe2UEWXxD2BXl24v/ro
2S0j8+LnftVYUMd1ItlOruYHfdJD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:25 2024 by rpki-client on console-fra.rpki-client.org