Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/e8bd0b-f36d-45f5-b985-09bb5287531b/1/l2jtrIry6-qkPwrVrmX9nlA6J60.roa
File: l2jtrIry6-qkPwrVrmX9nlA6J60.roa (raw, json)
Hash identifier: bAaSB27tUq+AIjO+NrHLvy6PCbaDXgnvMnseAmV8Na8=
Subject key identifier: 97:68:ED:AC:8A:F2:EB:EA:A4:3F:0A:D5:AE:65:FD:9E:50:3A:27:AD
Certificate issuer: /CN=e53ad9b432bb83d141c480dee78bc35ff47cb72c
Certificate serial: 109AD745
Authority key identifier: E5:3A:D9:B4:32:BB:83:D1:41:C4:80:DE:E7:8B:C3:5F:F4:7C:B7:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5TrZtDK7g9FBxIDe54vDX_R8tyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/e8bd0b-f36d-45f5-b985-09bb5287531b/1/l2jtrIry6-qkPwrVrmX9nlA6J60.roa
Signing time: Sat 01 Jan 2022 01:53:28 +0000
ROA not before: Sat 01 Jan 2022 01:53:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 192.35.63.0/24 maxlen: 24
192.35.64.0/24 maxlen: 24
192.35.66.0/23 maxlen: 23
192.35.68.0/22 maxlen: 22
129.217.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278583109 (0x109ad745)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e53ad9b432bb83d141c480dee78bc35ff47cb72c
Validity
Not Before: Jan 1 01:53:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9768edac8af2ebeaa43f0ad5ae65fd9e503a27ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d5:f0:59:83:57:47:f3:c6:54:94:c2:c4:25:
f7:44:d5:94:67:f7:38:86:18:be:9b:93:0d:6c:68:
bf:cc:1b:bb:32:fe:4a:68:ac:7d:bd:d5:6e:00:52:
27:05:32:5c:f4:2b:98:4b:55:5e:96:4f:c5:25:07:
96:f3:e5:da:37:07:1e:c0:4d:86:03:a9:ce:c9:52:
b2:2a:f4:6b:ea:b0:53:68:87:f1:6a:42:5a:09:d6:
19:4a:6d:6b:27:58:bb:32:58:88:49:b8:ae:c5:42:
17:06:59:b1:16:81:b4:96:9d:78:52:c6:f7:57:d1:
9e:ad:6a:7b:74:d1:bb:46:a9:1e:87:b9:38:ad:d5:
9e:92:f8:b1:ca:80:8f:0a:27:79:f6:d8:3a:16:06:
15:f8:f5:90:a4:23:18:06:29:b3:c7:35:df:83:3e:
96:a8:16:1c:d8:50:f4:4c:bb:bd:3c:62:5e:3d:2a:
6e:e1:28:42:65:fe:5d:24:6a:ab:37:e0:30:07:7c:
9e:df:b6:37:c1:d8:9b:99:8b:9e:09:0e:3a:a5:ee:
e3:37:50:d9:04:12:fa:b4:f4:12:2a:6b:d9:f3:05:
c6:29:3d:44:cd:63:35:71:64:56:f2:cf:0f:c0:8b:
a2:1c:aa:8e:bc:b6:0a:39:b2:bc:eb:01:08:4b:94:
d7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:68:ED:AC:8A:F2:EB:EA:A4:3F:0A:D5:AE:65:FD:9E:50:3A:27:AD
X509v3 Authority Key Identifier:
keyid:E5:3A:D9:B4:32:BB:83:D1:41:C4:80:DE:E7:8B:C3:5F:F4:7C:B7:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5TrZtDK7g9FBxIDe54vDX_R8tyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/e8bd0b-f36d-45f5-b985-09bb5287531b/1/l2jtrIry6-qkPwrVrmX9nlA6J60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/e8bd0b-f36d-45f5-b985-09bb5287531b/1/5TrZtDK7g9FBxIDe54vDX_R8tyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.217.0.0/16
192.35.63.0-192.35.64.255
192.35.66.0-192.35.71.255
Signature Algorithm: sha256WithRSAEncryption
89:42:6c:77:e2:75:f9:b3:78:95:fe:cf:c6:f6:0d:19:e6:63:
93:b7:89:2f:61:92:62:4f:3f:df:36:5c:7a:ec:cc:f6:05:fe:
19:f0:da:07:b9:66:ea:63:d5:6c:30:ba:80:be:59:23:ae:1d:
cd:79:d6:e4:b9:2f:73:df:f4:1b:d5:02:31:b0:f9:e3:01:f9:
ee:af:24:51:64:e9:5e:4b:e9:ea:99:b2:c7:89:37:4b:b3:02:
8d:5a:e7:79:7c:9b:d1:b6:52:61:e7:fc:b4:5b:33:d5:66:31:
13:50:c7:2d:c3:3e:64:8f:95:3c:a7:cc:13:ca:17:1b:c2:27:
f6:45:09:81:de:a2:f0:98:97:a4:f6:cd:1f:3a:a2:c5:34:5f:
e2:b1:f0:5c:dd:a9:02:05:8e:22:20:83:9b:68:b7:14:58:09:
bd:c7:cc:a5:a1:75:20:3b:84:9f:36:d1:c3:6e:df:66:cb:fd:
08:8d:54:a5:d0:8f:4e:37:08:56:57:2d:21:55:d6:1d:36:f1:
60:d2:17:7b:8f:45:80:55:8b:8f:2b:fe:b6:9f:e8:3f:64:08:
02:84:18:e2:a8:66:13:a9:de:a2:af:a1:b0:34:17:fc:f4:49:
fb:af:af:f2:27:3c:99:f6:25:ec:71:02:0f:68:71:ea:8a:9f:
74:77:81:00
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEEJrXRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTNhZDliNDMyYmI4M2QxNDFjNDgwZGVlNzhiYzM1ZmY0N2NiNzJjMB4XDTIyMDEw
MTAxNTMyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc2OGVkYWM4YWYy
ZWJlYWE0M2YwYWQ1YWU2NWZkOWU1MDNhMjdhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/V8FmDV0fzxlSUwsQl90TVlGf3OIYYvpuTDWxov8wbuzL+
Smisfb3VbgBSJwUyXPQrmEtVXpZPxSUHlvPl2jcHHsBNhgOpzslSsir0a+qwU2iH
8WpCWgnWGUptaydYuzJYiEm4rsVCFwZZsRaBtJadeFLG91fRnq1qe3TRu0apHoe5
OK3VnpL4scqAjwonefbYOhYGFfj1kKQjGAYps8c134M+lqgWHNhQ9Ey7vTxiXj0q
buEoQmX+XSRqqzfgMAd8nt+2N8HYm5mLngkOOqXu4zdQ2QQS+rT0Eipr2fMFxik9
RM1jNXFkVvLPD8CLohyqjry2CjmyvOsBCEuU14ECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSXaO2sivLr6qQ/CtWuZf2eUDonrTAfBgNVHSMEGDAWgBTlOtm0MruD0UHE
gN7ni8Nf9Hy3LDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVUclp0REs3ZzlGQnhJRGU1NHZEWF9SOHR5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvZThiZDBiLWYzNmQtNDVmNS1iOTg1LTA5YmI1Mjg3NTMxYi8x
L2wyanRySXJ5Ni1xa1B3clZybVg5bmxBNko2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
ZThiZDBiLWYzNmQtNDVmNS1iOTg1LTA5YmI1Mjg3NTMxYi8xLzVUclp0REs3ZzlG
QnhJRGU1NHZEWF9SOHR5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwJwQCAAEwIQMDAIHZMAwDBADAIz8DBADAI0AwDAME
AcAjQgMEA8AjQDANBgkqhkiG9w0BAQsFAAOCAQEAiUJsd+J1+bN4lf7PxvYNGeZj
k7eJL2GSYk8/3zZceuzM9gX+GfDaB7lm6mPVbDC6gL5ZI64dzXnW5Lkvc9/0G9UC
MbD54wH57q8kUWTpXkvp6pmyx4k3S7MCjVrneXyb0bZSYef8tFsz1WYxE1DHLcM+
ZI+VPKfME8oXG8In9kUJgd6i8JiXpPbNHzqixTRf4rHwXN2pAgWOIiCDm2i3FFgJ
vcfMpaF1IDuEnzbRw27fZsv9CI1UpdCPTjcIVlctIVXWHTbxYNIXe49FgFWLjyv+
tp/oP2QIAoQY4qhmE6neoq+hsDQX/PRJ+6+v8ic8mfYl7HECD2hx6oqfdHeBAA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:16 2023 by rpki-client on console-ams.rpki-client.org