Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/tnFADA8rtMYg3VxN6Q4mSv3GSF4.roa
File: tnFADA8rtMYg3VxN6Q4mSv3GSF4.roa (raw, json)
Hash identifier: 9Y9gTgMRsh/m0UYg0Sjl6+YEwYNs52fcH6BubfPMD48=
Subject key identifier: B6:71:40:0C:0F:2B:B4:C6:20:DD:5C:4D:E9:0E:26:4A:FD:C6:48:5E
Certificate issuer: /CN=c5119e75200392f1a2f08be990732d8047b28b09
Certificate serial: 3CBC7743
Authority key identifier: C5:11:9E:75:20:03:92:F1:A2:F0:8B:E9:90:73:2D:80:47:B2:8B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xRGedSADkvGi8IvpkHMtgEeyiwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/tnFADA8rtMYg3VxN6Q4mSv3GSF4.roa
Signing time: Sat 01 Jan 2022 05:00:19 +0000
ROA not before: Sat 01 Jan 2022 05:00:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57388
IP address blocks: 130.0.24.0/24 maxlen: 24
130.0.24.0/22 maxlen: 24
130.0.25.0/24 maxlen: 24
130.0.30.0/24 maxlen: 24
130.0.26.0/24 maxlen: 24
130.0.31.0/24 maxlen: 24
185.85.152.0/22 maxlen: 24
130.0.27.0/24 maxlen: 24
130.0.28.0/22 maxlen: 24
2a02:dd00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1018984259 (0x3cbc7743)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5119e75200392f1a2f08be990732d8047b28b09
Validity
Not Before: Jan 1 05:00:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b671400c0f2bb4c620dd5c4de90e264afdc6485e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:be:7a:c2:4e:42:5e:38:68:1e:1c:9f:58:62:
af:38:25:9c:02:0a:90:c3:53:0f:9d:60:bd:2d:80:
ea:c2:9f:44:21:93:e6:ff:d8:6d:8e:75:db:a7:2f:
80:bf:77:88:4a:95:99:41:bc:3f:77:22:34:e2:51:
eb:7d:7d:6d:86:e9:f2:68:93:6d:b5:92:09:eb:db:
14:56:4c:19:58:c7:48:bd:54:64:e1:6c:52:50:35:
62:e1:29:16:26:5f:80:26:e8:4a:4c:c7:8b:30:a9:
56:1e:1e:b1:d0:41:d7:3d:cd:53:6c:2a:a7:0c:6b:
7c:47:a7:c8:26:b8:97:44:c3:36:c5:8f:e5:34:7c:
a4:8e:59:16:6b:34:cf:a5:cb:eb:ce:aa:a8:95:37:
a9:ba:45:a6:57:dc:94:49:11:d7:dd:a2:da:e2:19:
c1:a7:66:99:3e:d2:ca:cb:e1:f0:53:b3:d2:92:7c:
d0:8c:36:7b:9e:05:db:57:1c:04:de:fc:db:5b:32:
f8:2d:85:bb:86:29:47:a1:2b:a9:de:a6:47:a2:33:
51:75:4f:a1:43:cf:f6:9e:de:72:6b:78:b4:1a:f9:
f8:8b:3d:87:84:c6:7b:a3:e2:fe:85:ae:11:58:fd:
4f:81:41:46:38:81:d3:70:53:96:e7:1f:2a:e3:c0:
f5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:71:40:0C:0F:2B:B4:C6:20:DD:5C:4D:E9:0E:26:4A:FD:C6:48:5E
X509v3 Authority Key Identifier:
keyid:C5:11:9E:75:20:03:92:F1:A2:F0:8B:E9:90:73:2D:80:47:B2:8B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRGedSADkvGi8IvpkHMtgEeyiwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/tnFADA8rtMYg3VxN6Q4mSv3GSF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/xRGedSADkvGi8IvpkHMtgEeyiwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.0.24.0/21
185.85.152.0/22
IPv6:
2a02:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
6b:61:dc:07:2e:1f:72:96:b5:c0:d0:de:75:d2:f8:3e:8e:8c:
e6:15:42:29:d0:75:7a:f8:b3:d9:d4:da:b5:77:01:ce:aa:68:
c5:06:05:75:c6:79:0c:90:31:57:7b:56:f3:3e:af:32:cc:6c:
09:22:4b:43:8b:8a:84:4c:37:fa:f1:9d:b0:6d:0a:c5:5d:33:
cd:31:fb:6c:0a:e5:9f:40:9f:d2:81:3c:fe:ea:5e:7d:20:4d:
69:64:78:2e:67:2a:10:36:3c:c0:5b:2a:90:bf:d9:14:43:29:
b9:c6:f0:f1:e5:f8:d1:fb:d7:07:58:20:ce:d2:5f:a4:3b:fc:
9b:8d:95:c8:6b:73:87:db:e8:a6:6b:a5:74:67:80:19:12:79:
2b:17:13:ba:1b:73:93:e4:f8:ad:31:70:bb:f9:84:a3:24:a5:
2e:20:f8:e0:1e:54:a9:0f:55:b2:dc:c4:1b:a3:cc:ee:d0:05:
c7:e5:dd:32:9c:fa:21:1f:c3:f6:0b:e6:84:8e:4b:97:db:22:
01:d7:db:cc:ed:29:8e:3a:ac:02:0d:a2:cf:ba:43:e1:99:f0:
1e:06:3d:e0:36:9d:7d:9d:39:96:fa:44:27:91:fb:d5:8c:5a:
ed:38:8a:68:63:79:46:9f:d8:ea:58:4c:48:d6:e0:46:ec:02:
df:32:31:5e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEPLx3QzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NTExOWU3NTIwMDM5MmYxYTJmMDhiZTk5MDczMmQ4MDQ3YjI4YjA5MB4XDTIyMDEw
MTA1MDAxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY3MTQwMGMwZjJi
YjRjNjIwZGQ1YzRkZTkwZTI2NGFmZGM2NDg1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJu+esJOQl44aB4cn1hirzglnAIKkMNTD51gvS2A6sKfRCGT
5v/YbY5126cvgL93iEqVmUG8P3ciNOJR6319bYbp8miTbbWSCevbFFZMGVjHSL1U
ZOFsUlA1YuEpFiZfgCboSkzHizCpVh4esdBB1z3NU2wqpwxrfEenyCa4l0TDNsWP
5TR8pI5ZFms0z6XL686qqJU3qbpFplfclEkR192i2uIZwadmmT7Sysvh8FOz0pJ8
0Iw2e54F21ccBN7821sy+C2Fu4YpR6Erqd6mR6IzUXVPoUPP9p7ecmt4tBr5+Is9
h4TGe6Pi/oWuEVj9T4FBRjiB03BTlucfKuPA9ekCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS2cUAMDyu0xiDdXE3pDiZK/cZIXjAfBgNVHSMEGDAWgBTFEZ51IAOS8aLw
i+mQcy2AR7KLCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hSR2VkU0FEa3ZHaThJdnBrSE10Z0VleWl3ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvMzIwYmFmLTU5ZGMtNDZhMi1hZjdkLWQ4MTljZWQ1ZDM1YS8x
L3RuRkFEQThydE1ZZzNWeE42UTRtU3YzR1NGNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
MzIwYmFmLTU5ZGMtNDZhMi1hZjdkLWQ4MTljZWQ1ZDM1YS8xL3hSR2VkU0FEa3ZH
aThJdnBrSE10Z0VleWl3ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA4IAGAMEArlVmDANBAIAAjAHAwUD
KgLdADANBgkqhkiG9w0BAQsFAAOCAQEAa2HcBy4fcpa1wNDeddL4Po6M5hVCKdB1
eviz2dTatXcBzqpoxQYFdcZ5DJAxV3tW8z6vMsxsCSJLQ4uKhEw3+vGdsG0KxV0z
zTH7bArln0Cf0oE8/upefSBNaWR4LmcqEDY8wFsqkL/ZFEMpucbw8eX40fvXB1gg
ztJfpDv8m42VyGtzh9vopmuldGeAGRJ5KxcTuhtzk+T4rTFwu/mEoySlLiD44B5U
qQ9VstzEG6PM7tAFx+XdMpz6IR/D9gvmhI5Ll9siAdfbzO0pjjqsAg2iz7pD4Znw
HgY94DadfZ05lvpEJ5H71Yxa7TiKaGN5Rp/Y6lhMSNbgRuwC3zIxXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:03 2024 by rpki-client on console-ams.rpki-client.org