Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/1q_BDDoK99Q-MwCozS2yZSjh3j8.roa
File: 1q_BDDoK99Q-MwCozS2yZSjh3j8.roa (raw, json)
Hash identifier: kxv5pK2QKrEZvdXIvxBq50IXZNYO6noO8beAXx6Vfyw=
Subject key identifier: D6:AF:C1:0C:3A:0A:F7:D4:3E:33:00:A8:CD:2D:B2:65:28:E1:DE:3F
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 08257278
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/1q_BDDoK99Q-MwCozS2yZSjh3j8.roa
Signing time: Tue 05 Apr 2022 08:26:34 +0000
ROA not before: Tue 05 Apr 2022 08:26:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208046
IP address blocks: 193.142.147.0/24 maxlen: 24
193.142.146.0/24 maxlen: 24
193.142.59.0/24 maxlen: 24
2a0f:ca80:1338::/48 maxlen: 48
2a0f:ca80::/48 maxlen: 48
2a0f:ca86::/40 maxlen: 40
2a0f:ca80:1::/48 maxlen: 48
2a0f:ca80:1337::/48 maxlen: 48
2a0f:ca83:1337::/48 maxlen: 48
2a0f:ca84::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136671864 (0x8257278)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Apr 5 08:26:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6afc10c3a0af7d43e3300a8cd2db26528e1de3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7a:a5:f4:47:54:3a:e0:ee:fe:23:bd:ac:b1:
68:39:49:a0:dd:10:9c:1f:fb:e1:ed:35:a7:9b:92:
cb:94:48:b0:ce:37:0b:52:14:93:02:ba:fa:42:27:
cf:c0:7e:5b:5e:83:6b:3f:56:54:bf:32:95:11:b3:
de:e9:ec:4d:ff:1a:8c:13:64:88:ff:09:19:c6:ed:
28:19:3c:92:68:c0:8b:85:54:24:b8:52:77:7c:e8:
be:75:ab:7a:e3:16:f6:50:36:38:e9:66:2d:de:52:
2f:08:5d:c5:b0:ea:36:6e:ee:94:61:b0:bb:af:d9:
82:09:7c:5f:03:e6:d9:cd:a2:72:4a:c4:e9:44:81:
93:21:20:5f:81:50:87:6c:37:5c:a0:c2:92:ad:e8:
3b:f0:06:63:f5:ff:27:83:97:6d:6c:9d:5b:3e:f4:
82:f8:7d:23:6d:38:ae:2f:f3:87:ef:82:06:d7:58:
bb:b3:e7:11:2c:be:c2:7b:ce:f7:14:38:25:cc:99:
5b:8d:ef:b9:10:c8:dd:1b:d2:c8:ca:f7:8a:c6:94:
92:5c:3f:65:b7:5f:e6:ac:36:53:b1:c7:97:8f:81:
34:09:5b:aa:28:78:de:1c:b9:48:24:70:e7:0a:2e:
ec:63:40:58:00:85:6b:94:de:4c:95:0d:bc:3b:89:
b6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AF:C1:0C:3A:0A:F7:D4:3E:33:00:A8:CD:2D:B2:65:28:E1:DE:3F
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/1q_BDDoK99Q-MwCozS2yZSjh3j8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.59.0/24
193.142.146.0/23
IPv6:
2a0f:ca80::/47
2a0f:ca80:1337::-2a0f:ca80:1338:ffff:ffff:ffff:ffff:ffff
2a0f:ca83:1337::/48
2a0f:ca84::/40
2a0f:ca86::/40
Signature Algorithm: sha256WithRSAEncryption
89:0d:9e:92:9b:7f:2c:9e:b3:50:d7:b6:30:a5:61:e8:7e:30:
b7:1b:f4:97:1a:39:dd:32:1d:c8:45:ec:d9:be:e8:89:96:51:
0f:65:dc:68:98:af:f5:d5:97:05:e5:c0:79:62:5e:3a:e0:c4:
30:21:ca:33:79:4a:c7:cb:8f:5e:f3:2c:93:52:87:43:62:12:
8e:e2:55:82:71:af:7a:98:25:18:bd:4c:06:6d:05:1b:45:e9:
4f:82:80:6d:12:94:be:c4:b0:cf:ef:56:0e:ef:f0:df:fb:96:
a0:69:a2:c1:4f:4d:e5:15:1b:af:47:13:52:2e:5a:8e:d9:64:
7e:f9:32:01:9b:66:2c:fc:45:e6:93:eb:ae:66:0c:0f:da:6d:
83:f2:bc:41:fc:03:cf:9e:d4:94:b2:06:14:11:ae:dd:0d:54:
18:e2:63:6a:92:ca:dd:25:0b:38:56:03:fb:35:36:94:6f:a6:
2b:16:0b:d6:3d:a2:f2:eb:f8:7c:7f:c4:f7:30:5a:63:00:f6:
cd:a0:05:7b:05:75:d3:c6:0b:5c:0c:44:18:c3:43:2a:05:ed:
d8:71:80:00:72:36:76:44:67:fe:01:02:6c:c7:c3:34:27:de:
ec:c8:1d:a3:40:d2:0d:f9:67:cc:76:c4:d9:87:67:77:77:56:
96:6a:98:84
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIECCVyeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmU2YWI4ZTBjNDZlODQxYjQ0ZDJiOWM2YjAzYmI2NWY1NjIxZGIxMB4XDTIyMDQw
NTA4MjYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDZhZmMxMGMzYTBh
ZjdkNDNlMzMwMGE4Y2QyZGIyNjUyOGUxZGUzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZ6pfRHVDrg7v4jvayxaDlJoN0QnB/74e01p5uSy5RIsM43
C1IUkwK6+kInz8B+W16Daz9WVL8ylRGz3unsTf8ajBNkiP8JGcbtKBk8kmjAi4VU
JLhSd3zovnWreuMW9lA2OOlmLd5SLwhdxbDqNm7ulGGwu6/Zggl8XwPm2c2ickrE
6USBkyEgX4FQh2w3XKDCkq3oO/AGY/X/J4OXbWydWz70gvh9I204ri/zh++CBtdY
u7PnESy+wnvO9xQ4JcyZW43vuRDI3RvSyMr3isaUklw/Zbdf5qw2U7HHl4+BNAlb
qih43hy5SCRw5wou7GNAWACFa5TeTJUNvDuJtn0CAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBTWr8EMOgr31D4zAKjNLbJlKOHePzAfBgNVHSMEGDAWgBTb5quODEboQbRN
K5xrA7tl9WIdsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzItYXJqZ3hHNkVHMFRTdWNhd083WmZWaUhiRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvOTY0MzZjLWY2ZmEtNDBiYS1hMjdjLWZiMTAzMDY1MTA2Ny8x
LzFxX0JERG9LOTlRLU13Q296UzJ5WlNqaDNqOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
OTY0MzZjLWY2ZmEtNDBiYS1hMjdjLWZiMTAzMDY1MTA2Ny8xLzItYXJqZ3hHNkVH
MFRTdWNhd083WmZWaUhiRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwEgQCAAEwDAMEAMGOOwMEAcGOkjA8BAIAAjA2AwcB
Kg/KgAAAMBIDBwAqD8qAEzcDBwAqD8qAEzgDBwAqD8qDEzcDBgAqD8qEAAMGACoP
yoYAMA0GCSqGSIb3DQEBCwUAA4IBAQCJDZ6Sm38snrNQ17YwpWHofjC3G/SXGjnd
Mh3IRezZvuiJllEPZdxomK/11ZcF5cB5Yl464MQwIcozeUrHy49e8yyTUodDYhKO
4lWCca96mCUYvUwGbQUbRelPgoBtEpS+xLDP71YO7/Df+5agaaLBT03lFRuvRxNS
LlqO2WR++TIBm2Ys/EXmk+uuZgwP2m2D8rxB/APPntSUsgYUEa7dDVQY4mNqksrd
JQs4VgP7NTaUb6YrFgvWPaLy6/h8f8T3MFpjAPbNoAV7BXXTxgtcDEQYw0MqBe3Y
cYAAcjZ2RGf+AQJsx8M0J97syB2jQNIN+WfMdsTZh2d3d1aWapiE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:46 2024 by rpki-client on console-ams.rpki-client.org