Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/_elPj6YyPcZxgFgybXdfJ5IuGzY.roa
File: _elPj6YyPcZxgFgybXdfJ5IuGzY.roa (raw, json)
Hash identifier: 4wyMUPcO4S19cTnJpacaZP1Etsn7UYzlTPGSZ1hkmFI=
Subject key identifier: FD:E9:4F:8F:A6:32:3D:C6:71:80:58:32:6D:77:5F:27:92:2E:1B:36
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 01821A90A5741F9A19C7F78A286FB7D5D3A3
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/_elPj6YyPcZxgFgybXdfJ5IuGzY.roa
Signing time: Wed 20 Jul 2022 07:44:23 +0000
ROA not before: Wed 20 Jul 2022 07:44:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8562
IP address blocks: 217.76.160.0/20 maxlen: 20
193.154.144.0/20 maxlen: 20
90.152.128.0/17 maxlen: 17
84.20.184.0/22 maxlen: 22
176.66.64.0/18 maxlen: 18
2001:890:c000::/34 maxlen: 34
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1a:90:a5:74:1f:9a:19:c7:f7:8a:28:6f:b7:d5:d3:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jul 20 07:44:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fde94f8fa6323dc6718058326d775f27922e1b36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8f:fc:12:0c:a8:b7:8a:83:3e:cf:9d:ba:ed:
b7:7b:7e:b1:6a:ae:e6:68:0f:d4:a2:63:92:83:b4:
39:00:c7:51:55:6f:72:fe:af:66:e9:f0:24:33:d8:
63:c5:e6:47:5d:7f:0a:76:1a:9f:9d:ee:6a:5f:30:
b9:e7:8f:7a:32:94:1f:27:f7:df:b4:ac:d8:92:de:
4b:57:5f:79:58:0c:97:36:ef:27:64:b8:39:69:ef:
7f:1d:20:59:13:0a:85:a9:6a:35:c7:1d:f2:72:8c:
7c:2f:9b:5d:fb:4e:e2:37:46:3b:92:db:0d:07:a5:
da:e8:1b:e7:9c:b4:5c:e9:d2:d5:45:a4:2d:75:c2:
fa:2d:b3:5d:a6:de:e4:cd:1d:2b:c3:5b:cf:1b:3b:
a0:d7:b5:3e:20:16:13:8c:8a:4e:53:d0:fd:0a:cc:
8f:af:c2:ce:b3:be:fa:6f:e4:ca:ea:e5:fa:d3:58:
25:3b:d1:27:c1:2f:ca:98:14:c0:d5:97:8d:48:8f:
d9:03:bd:70:ca:0e:47:ae:e6:52:60:d8:f3:02:7c:
fb:3c:ef:70:db:80:56:12:a7:72:56:c4:9a:20:82:
9f:e2:01:ca:3f:b7:51:41:8c:e6:32:bf:5f:84:06:
bc:fd:de:2f:eb:2d:05:46:af:46:59:75:c0:a2:62:
c2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:E9:4F:8F:A6:32:3D:C6:71:80:58:32:6D:77:5F:27:92:2E:1B:36
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/_elPj6YyPcZxgFgybXdfJ5IuGzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.20.184.0/22
90.152.128.0/17
176.66.64.0/18
193.154.144.0/20
217.76.160.0/20
IPv6:
2001:890:c000::/34
Signature Algorithm: sha256WithRSAEncryption
25:d3:84:f1:bc:7e:af:6b:90:b4:24:90:a7:6f:c5:f0:7f:99:
3b:bd:e4:7d:67:8f:9e:de:e2:54:3a:c4:c0:6b:2e:5a:52:bc:
ff:77:24:e2:49:7b:ce:e1:22:22:3f:13:f6:7c:26:58:d5:ce:
8b:36:8c:90:b8:6f:e8:49:01:7b:94:83:7e:d5:99:81:c3:8f:
4a:56:c7:81:40:2d:49:5b:f8:cc:c3:d6:ed:ed:3c:6d:7b:04:
6f:10:01:78:24:c1:13:94:7a:61:a3:82:8f:f0:f8:32:e7:17:
c0:ce:d0:3d:d0:bf:cf:a8:6f:b1:f4:68:f4:03:5f:eb:9b:c6:
b2:fe:08:67:50:49:1f:04:67:12:17:62:a2:fa:35:33:df:6b:
09:47:3b:e6:bb:8e:77:ad:24:e4:97:98:a3:92:71:45:71:49:
dd:63:25:90:b9:7e:84:df:d5:a3:c3:fb:90:a6:10:d6:58:d4:
10:f7:6a:41:a4:a7:3e:a1:99:df:41:2b:81:a8:fb:5a:bb:a9:
5f:9f:12:56:34:f0:84:1b:43:e7:3c:3f:9c:42:d6:48:8a:1d:
4a:5d:46:1f:48:7f:c3:56:e7:21:c4:53:db:d2:af:28:29:d1:
56:a0:bd:31:9a:13:dc:fa:1c:df:9d:c7:39:2c:22:42:12:3d:
2a:65:5c:1b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYIakKV0H5oZx/eKKG+31dOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjIwNzIwMDc0NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGU5NGY4ZmE2MzIzZGM2NzE4MDU4MzI2ZDc3NWYyNzkyMmUxYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4/8Egyot4qDPs+duu23e36xaq7m
aA/UomOSg7Q5AMdRVW9y/q9m6fAkM9hjxeZHXX8Kdhqfne5qXzC55496MpQfJ/ff
tKzYkt5LV195WAyXNu8nZLg5ae9/HSBZEwqFqWo1xx3ycox8L5td+07iN0Y7ktsN
B6Xa6BvnnLRc6dLVRaQtdcL6LbNdpt7kzR0rw1vPGzug17U+IBYTjIpOU9D9CsyP
r8LOs776b+TK6uX601glO9EnwS/KmBTA1ZeNSI/ZA71wyg5HruZSYNjzAnz7PO9w
24BWEqdyVsSaIIKf4gHKP7dRQYzmMr9fhAa8/d4v6y0FRq9GWXXAomLCLwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFP3pT4+mMj3GcYBYMm13XyeSLhs2MB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvX2VsUGo2WXlQY1p4Z0ZneWJYZGZKNUl1R3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQCVBS4AwQH
WpiAAwQGsEJAAwQEwZqQAwQE2UygMA4EAgACMAgDBgYgAQiQwDANBgkqhkiG9w0B
AQsFAAOCAQEAJdOE8bx+r2uQtCSQp2/F8H+ZO73kfWePnt7iVDrEwGsuWlK8/3ck
4kl7zuEiIj8T9nwmWNXOizaMkLhv6EkBe5SDftWZgcOPSlbHgUAtSVv4zMPW7e08
bXsEbxABeCTBE5R6YaOCj/D4MucXwM7QPdC/z6hvsfRo9ANf65vGsv4IZ1BJHwRn
Ehdiovo1M99rCUc75ruOd60k5JeYo5JxRXFJ3WMlkLl+hN/Vo8P7kKYQ1ljUEPdq
QaSnPqGZ30Ergaj7WrupX58SVjTwhBtD5zw/nELWSIodSl1GH0h/w1bnIcRT29Kv
KCnRVqC9MZoT3Poc353HOSwiQhI9KmVcGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:16 2024 by rpki-client on console-ams.rpki-client.org