Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/AEL96TGGdAOjYvCMvfi0bU5trOo.roa
File: AEL96TGGdAOjYvCMvfi0bU5trOo.roa (raw, json)
Hash identifier: 8mkKBwoa+Q6l1Q+IX+8AJPoYawFeNz+I4zVfJX0YU6g=
Subject key identifier: 00:42:FD:E9:31:86:74:03:A3:62:F0:8C:BD:F8:B4:6D:4E:6D:AC:EA
Certificate issuer: /CN=f26920bbd7fb70ef5dbcf2d0fea202bd95765eba
Certificate serial: 0724E9A2
Authority key identifier: F2:69:20:BB:D7:FB:70:EF:5D:BC:F2:D0:FE:A2:02:BD:95:76:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8mkgu9f7cO9dvPLQ_qICvZV2Xro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/AEL96TGGdAOjYvCMvfi0bU5trOo.roa
Signing time: Fri 15 Apr 2022 07:10:29 +0000
ROA not before: Fri 15 Apr 2022 07:10:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24929
IP address blocks: 45.66.140.0/22 maxlen: 24
83.175.168.0/22 maxlen: 24
109.232.240.0/24 maxlen: 24
194.54.24.0/22 maxlen: 22
2a0e:84c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119859618 (0x724e9a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f26920bbd7fb70ef5dbcf2d0fea202bd95765eba
Validity
Not Before: Apr 15 07:10:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0042fde931867403a362f08cbdf8b46d4e6dacea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bf:1e:e0:25:8a:da:5c:18:9a:5b:be:11:fa:
21:7f:0b:62:0b:9c:76:54:b0:ae:53:d1:01:bf:03:
9d:01:06:85:7c:7b:f3:df:c9:30:b2:69:81:59:4b:
0b:a8:11:0c:9f:2e:f7:72:09:6b:4a:be:6e:51:ac:
f8:84:3e:3f:7a:68:07:fb:2a:3b:e6:2a:e6:a6:a1:
fe:d6:0d:8b:67:5c:e2:34:6d:3a:1a:da:c8:41:c2:
50:f0:b0:21:a2:fd:f5:b2:f9:80:93:29:06:bd:9c:
e7:26:eb:bd:12:cf:60:a3:0b:ff:9c:2c:3c:db:c4:
a7:d5:63:df:a6:56:10:1b:57:a4:75:73:a5:0d:6f:
b8:5a:51:e5:78:6f:d4:df:78:7c:6f:72:73:00:a1:
07:f7:c8:74:ee:89:d4:c3:0d:38:2d:9e:5f:2b:f1:
bf:aa:b1:6f:a9:57:c2:8a:1a:7c:6b:96:d5:5b:c3:
8e:a1:39:aa:04:26:e6:b9:70:66:d7:b1:4c:fe:de:
47:d5:8a:c1:97:01:01:23:44:a8:0f:ec:a5:c5:9b:
61:ab:5d:0c:0d:ff:58:fe:86:a0:9a:9d:7f:a3:6c:
35:39:e1:0d:5e:b8:bb:26:b5:12:2d:9a:4d:90:8e:
68:19:00:af:96:30:48:ec:aa:dd:df:cb:d9:cc:99:
28:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:42:FD:E9:31:86:74:03:A3:62:F0:8C:BD:F8:B4:6D:4E:6D:AC:EA
X509v3 Authority Key Identifier:
keyid:F2:69:20:BB:D7:FB:70:EF:5D:BC:F2:D0:FE:A2:02:BD:95:76:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8mkgu9f7cO9dvPLQ_qICvZV2Xro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/AEL96TGGdAOjYvCMvfi0bU5trOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/8mkgu9f7cO9dvPLQ_qICvZV2Xro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.140.0/22
83.175.168.0/22
109.232.240.0/24
194.54.24.0/22
IPv6:
2a0e:84c0::/32
Signature Algorithm: sha256WithRSAEncryption
83:78:4f:f1:b0:5d:f2:6e:ad:bc:3c:77:4c:23:96:e0:9e:44:
b4:76:21:dd:db:87:ce:68:e6:76:7b:e5:e0:00:72:5f:df:7b:
64:e1:f5:99:14:ef:21:21:04:69:e7:c8:07:26:5e:d6:c9:4c:
2b:57:22:bb:cc:65:f8:48:f7:8a:fc:f8:ad:98:39:83:ae:15:
94:ff:d5:99:69:49:2a:85:54:de:07:94:37:bd:61:56:e8:e2:
91:34:42:d5:64:e8:3e:67:da:d4:35:53:55:19:1f:75:f2:9e:
ef:cc:d2:1b:66:56:76:a4:99:cc:55:87:36:19:b3:75:3b:92:
31:e2:fb:f9:ab:a4:39:8a:24:93:31:7c:ec:60:eb:c2:ba:30:
0d:b8:d6:f5:a2:5b:3c:77:2a:14:64:9f:ba:13:df:3d:7e:bd:
1d:bd:05:3a:13:07:81:7f:2f:d9:c0:ec:ba:f3:58:ae:0f:97:
f8:3c:1b:f0:e0:4d:cf:33:6f:f1:50:84:ea:0a:a5:03:38:30:
48:69:64:10:0b:dd:69:39:00:84:9b:df:16:88:62:6d:1d:99:
e1:52:16:5d:92:7b:7f:26:dc:28:f2:f7:c1:6b:75:4b:b1:65:
08:8d:4d:48:ef:40:ca:bb:75:42:d8:b2:7b:a0:e0:5d:35:be:
05:7d:df:9c
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEByTpojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MjY5MjBiYmQ3ZmI3MGVmNWRiY2YyZDBmZWEyMDJiZDk1NzY1ZWJhMB4XDTIyMDQx
NTA3MTAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA0MmZkZTkzMTg2
NzQwM2EzNjJmMDhjYmRmOGI0NmQ0ZTZkYWNlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKy/HuAlitpcGJpbvhH6IX8LYgucdlSwrlPRAb8DnQEGhXx7
89/JMLJpgVlLC6gRDJ8u93IJa0q+blGs+IQ+P3poB/sqO+Yq5qah/tYNi2dc4jRt
OhrayEHCUPCwIaL99bL5gJMpBr2c5ybrvRLPYKML/5wsPNvEp9Vj36ZWEBtXpHVz
pQ1vuFpR5Xhv1N94fG9ycwChB/fIdO6J1MMNOC2eXyvxv6qxb6lXwooafGuW1VvD
jqE5qgQm5rlwZtexTP7eR9WKwZcBASNEqA/spcWbYatdDA3/WP6GoJqdf6NsNTnh
DV64uya1Ei2aTZCOaBkAr5YwSOyq3d/L2cyZKNcCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQAQv3pMYZ0A6Ni8Iy9+LRtTm2s6jAfBgNVHSMEGDAWgBTyaSC71/tw7128
8tD+ogK9lXZeujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzhta2d1OWY3Y085ZHZQTFFfcUlDdlpWMlhyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvYTE4YTk3LThmYzctNDk1NS04N2FmLTBiY2ZjNTMyOTMzYy8x
L0FFTDk2VEdHZEFPall2Q012ZmkwYlU1dHJPby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
YTE4YTk3LThmYzctNDk1NS04N2FmLTBiY2ZjNTMyOTMzYy8xLzhta2d1OWY3Y085
ZHZQTFFfcUlDdlpWMlhyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAi1CjAMEAlOvqAMEAG3o8AMEAsI2
GDANBAIAAjAHAwUAKg6EwDANBgkqhkiG9w0BAQsFAAOCAQEAg3hP8bBd8m6tvDx3
TCOW4J5EtHYh3duHzmjmdnvl4AByX997ZOH1mRTvISEEaefIByZe1slMK1ciu8xl
+Ej3ivz4rZg5g64VlP/VmWlJKoVU3geUN71hVujikTRC1WToPmfa1DVTVRkfdfKe
78zSG2ZWdqSZzFWHNhmzdTuSMeL7+aukOYokkzF87GDrwrowDbjW9aJbPHcqFGSf
uhPfPX69Hb0FOhMHgX8v2cDsuvNYrg+X+Dwb8OBNzzNv8VCE6gqlAzgwSGlkEAvd
aTkAhJvfFohibR2Z4VIWXZJ7fybcKPL3wWt1S7FlCI1NSO9Ayrt1Qtiye6DgXTW+
BX3fnA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:34 2023 by rpki-client on console-ams.rpki-client.org