Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/8ee1b7-b145-4f1b-9847-3e881f53499f/1/AG73CbaYhZokeH2cDxXyani3PBw.roa
File: AG73CbaYhZokeH2cDxXyani3PBw.roa (raw, json)
Hash identifier: WIttua9nJjg3OuOwwn9qi7QgmSA3WHJFGkZnD4pb5kA=
Subject key identifier: 00:6E:F7:09:B6:98:85:9A:24:78:7D:9C:0F:15:F2:6A:78:B7:3C:1C
Certificate issuer: /CN=d0a4cae70f72621d109fee0f08e2c0c3a0d87d25
Certificate serial: 3488F20D
Authority key identifier: D0:A4:CA:E7:0F:72:62:1D:10:9F:EE:0F:08:E2:C0:C3:A0:D8:7D:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KTK5w9yYh0Qn-4PCOLAw6DYfSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/8ee1b7-b145-4f1b-9847-3e881f53499f/1/AG73CbaYhZokeH2cDxXyani3PBw.roa
Signing time: Sat 01 Jan 2022 08:59:00 +0000
ROA not before: Sat 01 Jan 2022 08:59:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198484
IP address blocks: 141.226.132.0/24 maxlen: 24
141.226.134.0/24 maxlen: 24
37.26.144.0/21 maxlen: 24
147.161.8.0/21 maxlen: 24
2a03:c5c0:2100::/40 maxlen: 40
2a03:c5c0:2000::/40 maxlen: 40
2a03:c5c0:1100::/40 maxlen: 40
2a03:c5c0:1000::/40 maxlen: 40
2a03:c5c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 881390093 (0x3488f20d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a4cae70f72621d109fee0f08e2c0c3a0d87d25
Validity
Not Before: Jan 1 08:59:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=006ef709b698859a24787d9c0f15f26a78b73c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:dc:34:2d:16:fa:36:45:81:9e:95:06:c3:a3:
14:04:d6:ef:ec:f5:68:5d:7a:09:cb:62:53:04:e3:
a9:31:66:2b:45:e5:ac:c9:af:b7:93:9d:47:91:3c:
73:40:ba:1f:f6:2d:b5:9b:46:22:64:52:0f:23:80:
4c:2e:cb:98:77:f2:73:0f:34:31:17:f6:ed:19:6a:
24:2f:b7:1e:98:13:c3:d5:e1:20:bc:80:c4:9d:09:
ac:9b:36:73:1a:14:db:11:65:9c:ed:8d:ad:81:5a:
7f:c2:e5:62:c0:e6:e0:ff:41:b8:80:43:a0:64:cc:
53:c2:be:b7:cf:4b:dc:f4:90:67:a3:2c:4d:02:67:
e9:ac:ca:65:46:27:d5:91:10:31:dc:92:0f:11:ee:
ef:72:55:de:2b:7d:68:da:f9:59:79:fd:d6:41:43:
f2:c1:94:cd:6c:c7:c9:d1:09:00:5c:c0:09:c8:57:
30:ed:0c:40:2e:3e:77:33:29:3d:8b:b2:93:cd:7c:
d8:7b:6c:e8:cf:7f:2a:14:f4:cb:fd:20:a6:c7:77:
95:0d:84:23:c2:c8:94:75:2d:78:c5:d4:35:85:db:
ab:6f:fc:13:4f:cd:22:b0:a5:55:44:46:2a:4f:6f:
67:bf:e4:3d:f0:32:b0:31:39:00:d2:f6:e7:ee:3f:
f3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:6E:F7:09:B6:98:85:9A:24:78:7D:9C:0F:15:F2:6A:78:B7:3C:1C
X509v3 Authority Key Identifier:
keyid:D0:A4:CA:E7:0F:72:62:1D:10:9F:EE:0F:08:E2:C0:C3:A0:D8:7D:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KTK5w9yYh0Qn-4PCOLAw6DYfSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8ee1b7-b145-4f1b-9847-3e881f53499f/1/AG73CbaYhZokeH2cDxXyani3PBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8ee1b7-b145-4f1b-9847-3e881f53499f/1/0KTK5w9yYh0Qn-4PCOLAw6DYfSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.144.0/21
141.226.132.0/24
141.226.134.0/24
147.161.8.0/21
IPv6:
2a03:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
ac:9b:8e:fe:2e:21:c1:d8:3a:c8:d8:d4:ad:dc:a5:fd:99:94:
44:50:a0:bb:11:da:0f:3b:e2:a6:88:52:3d:3b:5f:a0:2d:b4:
c3:d0:f0:5e:8f:d1:ac:5b:a9:86:8f:18:45:8c:e3:34:60:39:
6b:7d:20:71:d9:a7:29:0d:9f:c9:54:fc:18:b7:26:9f:8f:cf:
01:75:cd:34:f2:c9:09:cf:fc:6a:22:a6:06:5c:1c:60:bc:16:
2e:cb:8c:b7:49:e6:93:33:cb:04:19:dc:73:3e:16:63:44:2b:
09:d8:d6:a4:09:b9:d2:9d:60:29:66:a8:53:ca:04:f8:29:d9:
bb:b7:aa:db:4d:c2:6f:63:0e:a5:bd:cf:8c:1d:bb:85:c9:1a:
d2:6f:90:c0:7a:d6:7e:7b:c7:b6:f5:ff:7c:07:c5:2b:7b:f5:
6a:68:5f:69:48:40:6e:0a:d1:30:6b:61:08:e1:55:81:ca:b5:
a7:2f:81:5e:e5:7e:d5:a8:97:b6:47:c1:81:32:c5:7c:74:1f:
a6:e2:e8:a0:60:b2:6a:2d:82:5d:c0:4e:4f:1f:98:87:ea:66:
86:da:26:4e:f8:2f:68:c9:d8:01:42:75:9d:06:71:f6:77:f4:
5c:d9:93:27:e2:e5:12:70:ca:d4:18:8f:90:07:94:db:0f:f7:
ba:bc:83:c9
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIENIjyDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MGE0Y2FlNzBmNzI2MjFkMTA5ZmVlMGYwOGUyYzBjM2EwZDg3ZDI1MB4XDTIyMDEw
MTA4NTkwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA2ZWY3MDliNjk4
ODU5YTI0Nzg3ZDljMGYxNWYyNmE3OGI3M2MxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTcNC0W+jZFgZ6VBsOjFATW7+z1aF16CctiUwTjqTFmK0Xl
rMmvt5OdR5E8c0C6H/YttZtGImRSDyOATC7LmHfycw80MRf27RlqJC+3HpgTw9Xh
ILyAxJ0JrJs2cxoU2xFlnO2NrYFaf8LlYsDm4P9BuIBDoGTMU8K+t89L3PSQZ6Ms
TQJn6azKZUYn1ZEQMdySDxHu73JV3it9aNr5WXn91kFD8sGUzWzHydEJAFzACchX
MO0MQC4+dzMpPYuyk8182Hts6M9/KhT0y/0gpsd3lQ2EI8LIlHUteMXUNYXbq2/8
E0/NIrClVURGKk9vZ7/kPfAysDE5ANL25+4/8ykCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQAbvcJtpiFmiR4fZwPFfJqeLc8HDAfBgNVHSMEGDAWgBTQpMrnD3JiHRCf
7g8I4sDDoNh9JTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBLVEs1dzl5WWgwUW4tNFBDT0xBdzZEWWZTVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvOGVlMWI3LWIxNDUtNGYxYi05ODQ3LTNlODgxZjUzNDk5Zi8x
L0FHNzNDYmFZaFpva2VIMmNEeFh5YW5pM1BCdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
OGVlMWI3LWIxNDUtNGYxYi05ODQ3LTNlODgxZjUzNDk5Zi8xLzBLVEs1dzl5WWgw
UW4tNFBDT0xBdzZEWWZTVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAyUakAMEAI3ihAMEAI3ihgMEA5Oh
CDANBAIAAjAHAwUAKgPFwDANBgkqhkiG9w0BAQsFAAOCAQEArJuO/i4hwdg6yNjU
rdyl/ZmURFCguxHaDzvipohSPTtfoC20w9DwXo/RrFupho8YRYzjNGA5a30gcdmn
KQ2fyVT8GLcmn4/PAXXNNPLJCc/8aiKmBlwcYLwWLsuMt0nmkzPLBBnccz4WY0Qr
CdjWpAm50p1gKWaoU8oE+CnZu7eq203Cb2MOpb3PjB27hcka0m+QwHrWfnvHtvX/
fAfFK3v1amhfaUhAbgrRMGthCOFVgcq1py+BXuV+1aiXtkfBgTLFfHQfpuLooGCy
ai2CXcBOTx+Yh+pmhtomTvgvaMnYAUJ1nQZx9nf0XNmTJ+LlEnDK1BiPkAeU2w/3
uryDyQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:21 2023 by rpki-client on console-fra.rpki-client.org