Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/11488d-c66a-4006-8f62-250980e75bdf/1/avD6Hg5PtyCwEvEuIU1zvbM22eU.roa
File: avD6Hg5PtyCwEvEuIU1zvbM22eU.roa (raw, json)
Hash identifier: 2lUe+JQZKytIbFnHGP76womcFLgB8Dg9mfGRUsJHESI=
Subject key identifier: 6A:F0:FA:1E:0E:4F:B7:20:B0:12:F1:2E:21:4D:73:BD:B3:36:D9:E5
Certificate issuer: /CN=ac4f3157599b66f28cbc5a2eed36fba23f03d2ce
Certificate serial: 09B83F95
Authority key identifier: AC:4F:31:57:59:9B:66:F2:8C:BC:5A:2E:ED:36:FB:A2:3F:03:D2:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rE8xV1mbZvKMvFou7Tb7oj8D0s4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/11488d-c66a-4006-8f62-250980e75bdf/1/avD6Hg5PtyCwEvEuIU1zvbM22eU.roa
Signing time: Sat 01 Jan 2022 05:57:39 +0000
ROA not before: Sat 01 Jan 2022 05:57:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41848
IP address blocks: 83.137.8.0/21 maxlen: 21
2a02:ea8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163069845 (0x9b83f95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac4f3157599b66f28cbc5a2eed36fba23f03d2ce
Validity
Not Before: Jan 1 05:57:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6af0fa1e0e4fb720b012f12e214d73bdb336d9e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:66:86:c3:5a:2a:20:bc:07:8c:ea:cd:d2:1c:
8c:0e:5b:d5:35:0b:b2:7c:d9:45:f0:1e:d3:f0:a8:
1e:5d:33:8f:ff:5c:55:27:b5:04:f8:1e:e6:e0:ae:
1a:b6:a0:91:58:3e:91:56:ca:1d:3f:16:39:e2:5b:
12:32:07:38:54:bb:61:fb:23:d1:d8:07:e2:ad:96:
1e:b1:a5:35:52:fa:56:7e:d2:51:65:b7:57:4f:42:
9b:2b:c3:b0:b2:61:ec:10:9e:b1:2a:1d:58:c2:94:
d1:7b:21:6d:49:21:65:0b:f1:2d:73:e1:74:b2:f0:
fc:85:65:c1:19:52:bf:24:68:66:2c:32:04:4a:4b:
c6:5a:7b:f6:bd:e1:65:e1:66:cf:28:f9:dc:9e:84:
89:1c:46:10:fc:ff:45:2a:7e:b9:37:40:99:a0:f0:
32:10:d7:20:a1:cd:98:85:84:f9:97:78:5b:0a:57:
6f:51:3c:46:9a:a9:86:dd:99:74:f9:b7:c8:34:03:
e4:1b:57:7d:cc:d6:6e:29:f4:92:a2:aa:ec:b2:80:
33:38:ca:bf:12:dd:a5:68:3d:43:61:b7:d1:53:7b:
3a:39:f8:41:ac:f4:5c:43:3e:26:2c:a0:1d:cc:38:
58:cf:cb:d6:d7:b6:72:2f:1d:45:a6:bb:28:4c:a7:
ac:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F0:FA:1E:0E:4F:B7:20:B0:12:F1:2E:21:4D:73:BD:B3:36:D9:E5
X509v3 Authority Key Identifier:
keyid:AC:4F:31:57:59:9B:66:F2:8C:BC:5A:2E:ED:36:FB:A2:3F:03:D2:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rE8xV1mbZvKMvFou7Tb7oj8D0s4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/11488d-c66a-4006-8f62-250980e75bdf/1/avD6Hg5PtyCwEvEuIU1zvbM22eU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/11488d-c66a-4006-8f62-250980e75bdf/1/rE8xV1mbZvKMvFou7Tb7oj8D0s4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.8.0/21
IPv6:
2a02:ea8::/32
Signature Algorithm: sha256WithRSAEncryption
11:d5:f3:6b:15:57:7c:fb:7d:e8:22:5f:30:e0:5b:3a:f2:ac:
6e:c8:8e:64:ab:a6:e1:b6:b4:b3:53:ae:c1:35:f7:ac:a6:ec:
ba:01:04:8f:66:c9:a2:c7:0f:d3:cd:fe:1a:e4:7f:c7:3c:70:
53:f8:8c:f2:83:76:5f:87:a6:14:45:aa:a1:a7:ad:c0:d7:77:
69:98:14:4d:43:83:fa:e8:d0:c6:00:a6:97:f4:17:80:0e:bb:
b9:12:35:0f:1b:78:a8:35:f0:27:08:4d:e8:3e:fe:41:90:45:
86:52:7c:eb:54:2d:70:46:6a:4e:45:c9:fe:71:72:a1:61:70:
1e:c9:f0:9a:03:c1:fe:04:c6:60:dd:df:4e:b7:8e:09:4f:d4:
d7:d6:48:bc:38:38:4a:f0:e6:7d:c4:6c:6c:68:88:c2:da:d3:
e8:23:6f:2a:ff:b9:41:8c:36:8c:d8:3d:cb:69:e6:7f:43:3a:
2f:02:73:a0:d9:a4:3a:78:69:65:07:ed:b4:e7:81:1b:47:f1:
b2:01:10:55:ac:eb:85:e7:80:ab:76:3f:ca:87:36:b2:ae:fc:
c3:65:bb:a1:bd:55:e4:b2:72:18:71:b9:de:0f:10:6a:2e:a0:
52:8f:d1:68:b6:f6:5a:2a:26:92:80:f4:95:ae:76:ed:7f:e7:
f9:09:e6:a6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECbg/lTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YzRmMzE1NzU5OWI2NmYyOGNiYzVhMmVlZDM2ZmJhMjNmMDNkMmNlMB4XDTIyMDEw
MTA1NTczOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmFmMGZhMWUwZTRm
YjcyMGIwMTJmMTJlMjE0ZDczYmRiMzM2ZDllNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhmhsNaKiC8B4zqzdIcjA5b1TULsnzZRfAe0/CoHl0zj/9c
VSe1BPge5uCuGragkVg+kVbKHT8WOeJbEjIHOFS7Yfsj0dgH4q2WHrGlNVL6Vn7S
UWW3V09CmyvDsLJh7BCesSodWMKU0XshbUkhZQvxLXPhdLLw/IVlwRlSvyRoZiwy
BEpLxlp79r3hZeFmzyj53J6EiRxGEPz/RSp+uTdAmaDwMhDXIKHNmIWE+Zd4WwpX
b1E8Rpqpht2ZdPm3yDQD5BtXfczWbin0kqKq7LKAMzjKvxLdpWg9Q2G30VN7Ojn4
Qaz0XEM+JiygHcw4WM/L1te2ci8dRaa7KEynrNcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRq8PoeDk+3ILAS8S4hTXO9szbZ5TAfBgNVHSMEGDAWgBSsTzFXWZtm8oy8
Wi7tNvuiPwPSzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JFOHhWMW1iWnZLTXZGb3U3VGI3b2o4RDBzNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvMTE0ODhkLWM2NmEtNDAwNi04ZjYyLTI1MDk4MGU3NWJkZi8x
L2F2RDZIZzVQdHlDd0V2RXVJVTF6dmJNMjJlVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
MTE0ODhkLWM2NmEtNDAwNi04ZjYyLTI1MDk4MGU3NWJkZi8xL3JFOHhWMW1iWnZL
TXZGb3U3VGI3b2o4RDBzNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA1OJCDANBAIAAjAHAwUAKgIOqDAN
BgkqhkiG9w0BAQsFAAOCAQEAEdXzaxVXfPt96CJfMOBbOvKsbsiOZKum4ba0s1Ou
wTX3rKbsugEEj2bJoscP083+GuR/xzxwU/iM8oN2X4emFEWqoaetwNd3aZgUTUOD
+ujQxgCml/QXgA67uRI1Dxt4qDXwJwhN6D7+QZBFhlJ861QtcEZqTkXJ/nFyoWFw
HsnwmgPB/gTGYN3fTreOCU/U19ZIvDg4SvDmfcRsbGiIwtrT6CNvKv+5QYw2jNg9
y2nmf0M6LwJzoNmkOnhpZQfttOeBG0fxsgEQVazrheeAq3Y/yoc2sq78w2W7ob1V
5LJyGHG53g8Qai6gUo/RaLb2WiomkoD0la527X/n+Qnmpg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:54 2024 by rpki-client on console-fra.rpki-client.org