Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/bCoO1a9nnrldt6Y72DMxbMobRiI.roa
File: bCoO1a9nnrldt6Y72DMxbMobRiI.roa (raw, json)
Hash identifier: uPflUfjIflyZnYUDpy3nmFwqgH4yWLkC/KL+JnNCSJk=
Subject key identifier: 6C:2A:0E:D5:AF:67:9E:B9:5D:B7:A6:3B:D8:33:31:6C:CA:1B:46:22
Certificate issuer: /CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4
Certificate serial: 06A8A663
Authority key identifier: 8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/bCoO1a9nnrldt6Y72DMxbMobRiI.roa
Signing time: Sat 01 Jan 2022 13:56:32 +0000
ROA not before: Sat 01 Jan 2022 13:56:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 559
IP address blocks: 129.132.0.0/16 maxlen: 16
192.33.87.0/24 maxlen: 24
192.33.88.0/21 maxlen: 21
192.33.96.0/21 maxlen: 21
192.33.104.0/22 maxlen: 22
192.33.108.0/23 maxlen: 23
192.33.110.0/24 maxlen: 24
82.130.64.0/18 maxlen: 18
2001:67c:10ec::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111715939 (0x6a8a663)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4
Validity
Not Before: Jan 1 13:56:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c2a0ed5af679eb95db7a63bd833316cca1b4622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a1:7c:ad:5d:4f:7e:08:ad:29:b0:f8:f8:f1:
10:ce:59:62:05:18:19:bf:13:0b:12:ba:96:d9:44:
8e:87:ee:02:29:cb:2a:b9:ac:91:42:9e:d3:97:7f:
31:e6:87:1c:69:80:db:19:54:2a:18:b2:2d:3f:ee:
c9:cb:92:68:fe:83:63:c8:56:f1:1a:0b:e9:16:30:
a4:9b:af:0d:fb:1c:e6:fa:24:b5:6b:18:2f:d5:01:
b3:e3:8a:ac:90:f0:1c:87:c7:6f:8d:4f:74:eb:44:
01:cb:a2:d5:80:1e:d2:eb:da:f7:c8:71:df:9f:5e:
1e:bc:d6:bd:5a:68:20:f2:bb:97:94:32:1f:e9:e8:
27:69:38:20:d3:33:fe:31:60:f3:b2:68:8b:d6:d3:
7c:07:26:67:90:65:58:ac:cb:5d:35:05:ad:3c:38:
b3:3a:c4:59:60:20:3b:c3:ac:1c:50:5c:5a:b6:ec:
eb:4a:ca:77:b7:f0:a9:b3:b1:2d:14:5d:87:23:cd:
e0:f0:99:1b:ea:81:d2:af:8d:0e:94:ec:c1:6f:e2:
e4:2b:58:bc:41:c3:d4:b0:58:db:49:09:16:0e:80:
56:59:30:7c:ac:da:6c:69:4a:cc:00:6c:17:43:a2:
32:7a:39:13:0e:ec:a7:44:d0:fb:f8:24:11:43:0c:
ca:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:2A:0E:D5:AF:67:9E:B9:5D:B7:A6:3B:D8:33:31:6C:CA:1B:46:22
X509v3 Authority Key Identifier:
keyid:8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/bCoO1a9nnrldt6Y72DMxbMobRiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/jagkvGMczuGumdcQOv0tx08eKcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.130.64.0/18
129.132.0.0/16
192.33.87.0-192.33.110.255
IPv6:
2001:67c:10ec::/48
Signature Algorithm: sha256WithRSAEncryption
37:86:32:26:6a:69:11:f8:db:a0:d0:64:02:15:f5:3e:d7:75:
be:35:ab:82:58:07:03:84:29:86:5a:1d:88:97:91:b6:61:44:
62:a1:6f:d7:0a:2c:28:51:89:86:ff:a4:81:94:4a:b2:6d:eb:
a1:a6:4e:c6:21:57:ed:7d:0a:24:c0:e5:0d:67:67:a2:84:17:
3c:2f:c5:e2:18:08:83:8e:57:b3:45:d4:a6:9b:43:6b:6a:44:
88:41:a3:76:57:72:9a:ab:f2:dd:a8:19:c5:18:f8:12:94:53:
d1:69:78:88:df:f5:ad:81:38:25:2f:0e:ec:c1:ae:83:17:d0:
58:97:e3:02:c2:bd:80:e0:94:a9:ac:f7:fb:dd:88:45:6b:7b:
97:4d:9e:39:30:61:a7:1d:11:ed:5a:86:f7:4c:14:ec:0f:05:
55:44:c0:44:29:9f:18:99:b5:df:dc:99:6b:67:a2:41:24:73:
9e:d7:28:cc:42:8d:ba:82:33:08:39:ca:c6:8d:19:54:6a:19:
0a:62:73:ad:e4:8a:90:a0:e0:3d:e8:e1:07:f0:fc:ba:26:a0:
a6:b8:95:9d:e5:ba:d4:fb:9f:7e:77:72:00:2b:91:27:ae:8a:
1d:3d:67:df:a2:7c:54:0d:30:cc:3f:91:4d:b6:31:27:6c:63:
17:db:aa:25
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEBqimYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZGE4MjRiYzYzMWNjZWUxYWU5OWQ3MTAzYWZkMmRjNzRmMWUyOWM0MB4XDTIyMDEw
MTEzNTYzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmMyYTBlZDVhZjY3
OWViOTVkYjdhNjNiZDgzMzMxNmNjYTFiNDYyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWhfK1dT34IrSmw+PjxEM5ZYgUYGb8TCxK6ltlEjofuAinL
KrmskUKe05d/MeaHHGmA2xlUKhiyLT/uycuSaP6DY8hW8RoL6RYwpJuvDfsc5vok
tWsYL9UBs+OKrJDwHIfHb41PdOtEAcui1YAe0uva98hx359eHrzWvVpoIPK7l5Qy
H+noJ2k4INMz/jFg87Joi9bTfAcmZ5BlWKzLXTUFrTw4szrEWWAgO8OsHFBcWrbs
60rKd7fwqbOxLRRdhyPN4PCZG+qB0q+NDpTswW/i5CtYvEHD1LBY20kJFg6AVlkw
fKzabGlKzABsF0OiMno5Ew7sp0TQ+/gkEUMMygcCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRsKg7Vr2eeuV23pjvYMzFsyhtGIjAfBgNVHSMEGDAWgBSNqCS8YxzO4a6Z
1xA6/S3HTx4pxDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2phZ2t2R01jenVHdW1kY1FPdjB0eDA4ZUtjUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvMWNhYTc5LWI4YzQtNGQwOC05YmJlLTM4NmMxZjhiMDY0MC8x
L2JDb08xYTlubnJsZHQ2WTcyRE14Yk1vYlJpSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
MWNhYTc5LWI4YzQtNGQwOC05YmJlLTM4NmMxZjhiMDY0MC8xL2phZ2t2R01jenVH
dW1kY1FPdjB0eDA4ZUtjUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwHwQCAAEwGQMEBlKCQAMDAIGEMAwDBADAIVcDBADA
IW4wDwQCAAIwCQMHACABBnwQ7DANBgkqhkiG9w0BAQsFAAOCAQEAN4YyJmppEfjb
oNBkAhX1Ptd1vjWrglgHA4QphlodiJeRtmFEYqFv1wosKFGJhv+kgZRKsm3roaZO
xiFX7X0KJMDlDWdnooQXPC/F4hgIg45Xs0XUpptDa2pEiEGjdldymqvy3agZxRj4
EpRT0Wl4iN/1rYE4JS8O7MGugxfQWJfjAsK9gOCUqaz3+92IRWt7l02eOTBhpx0R
7VqG90wU7A8FVUTARCmfGJm139yZa2eiQSRzntcozEKNuoIzCDnKxo0ZVGoZCmJz
reSKkKDgPejhB/D8uiagpriVneW61PuffndyACuRJ66KHT1n36J8VA0wzD+RTbYx
J2xjF9uqJQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:58 2023 by rpki-client on console-ams.rpki-client.org