Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/tD1RoFeEVhPEqR3zKpmDD2atxII.roa
File: tD1RoFeEVhPEqR3zKpmDD2atxII.roa (raw, json)
Hash identifier: wsv658kOJJnswnlX5ftOEgte0eaOB8JOolc3hqEwRU4=
Subject key identifier: B4:3D:51:A0:57:84:56:13:C4:A9:1D:F3:2A:99:83:0F:66:AD:C4:82
Certificate issuer: /CN=3d92bc045ab9cc9f017e8bf7ffe423da804a614f
Certificate serial: 027C6C58
Authority key identifier: 3D:92:BC:04:5A:B9:CC:9F:01:7E:8B:F7:FF:E4:23:DA:80:4A:61:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/tD1RoFeEVhPEqR3zKpmDD2atxII.roa
Signing time: Wed 01 Jun 2022 19:42:20 +0000
ROA not before: Wed 01 Jun 2022 19:42:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14445
IP address blocks: 80.73.247.0/24 maxlen: 24
2a11:1680:21::/48 maxlen: 48
2a11:1680:1::/48 maxlen: 48
2a11:1680:1c::/48 maxlen: 48
2a11:1680:17::/48 maxlen: 48
2a11:1680:1a::/48 maxlen: 48
2a11:1680:15::/48 maxlen: 48
2a11:1680:b::/48 maxlen: 48
2a11:1680:1e::/48 maxlen: 48
2a11:1680:19::/48 maxlen: 48
2a11:1680:14::/48 maxlen: 48
2a11:1680:f::/48 maxlen: 48
2a11:1680:12::/48 maxlen: 48
2a11:1680:d::/48 maxlen: 48
2a11:1680:3::/48 maxlen: 48
2a11:1680:16::/48 maxlen: 48
2a11:1680:11::/48 maxlen: 48
2a11:1680:c::/48 maxlen: 48
2a11:1680:a::/48 maxlen: 48
2a11:1680:5::/48 maxlen: 48
2a11:1680:20::/48 maxlen: 48
2a11:1680::/48 maxlen: 48
2a11:1680:1b::/48 maxlen: 48
2a11:1680:e::/48 maxlen: 48
2a11:1680:1f::/48 maxlen: 48
2a11:1680:22::/48 maxlen: 48
2a11:1680:2::/48 maxlen: 48
2a11:1680:1d::/48 maxlen: 48
2a11:1680:18::/48 maxlen: 48
2a11:1680:13::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41708632 (0x27c6c58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d92bc045ab9cc9f017e8bf7ffe423da804a614f
Validity
Not Before: Jun 1 19:42:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b43d51a057845613c4a91df32a99830f66adc482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b4:58:53:3e:66:6f:84:9f:43:b1:7a:69:06:
d2:dd:13:4e:35:6c:44:f4:83:cc:bf:2d:48:d0:fd:
54:36:7a:d3:4b:f1:d3:61:fb:69:36:2c:af:e2:44:
a6:c1:ab:4e:a5:b4:58:be:7d:48:d3:6e:95:e6:c3:
8d:42:0f:f1:e8:9a:ef:b3:f4:a9:7e:d5:74:00:4a:
ab:10:1b:70:d9:e6:49:c8:0d:ff:e0:3d:79:b6:85:
7c:ce:c6:6f:87:b1:29:2b:86:ea:ca:6b:ff:fe:6b:
35:ab:ea:78:95:b2:b3:3f:c3:52:d4:05:8b:cc:a8:
a7:8c:f1:b0:9e:e0:b3:d6:fe:86:af:1e:c4:d2:4e:
d7:c1:94:b0:b3:8b:89:72:5c:ce:e5:86:e0:00:78:
e8:c6:fa:fb:fe:a3:bb:33:e5:f5:92:0f:66:73:40:
2a:b4:c1:62:30:84:e1:1b:c8:7c:b4:20:73:6b:ec:
ee:25:1b:9d:1a:bf:75:b5:f9:2e:d0:dd:0f:1b:f9:
81:2c:0f:52:9d:8b:40:e6:98:ec:0d:9d:56:00:ca:
df:27:67:15:cf:e2:f9:29:a0:7d:cd:f7:c6:dc:71:
60:9b:12:a4:8d:e9:9b:f1:27:05:27:62:5e:2a:3f:
ab:1c:02:3a:e2:5d:84:c4:0d:09:75:6b:5f:4e:7b:
f5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3D:51:A0:57:84:56:13:C4:A9:1D:F3:2A:99:83:0F:66:AD:C4:82
X509v3 Authority Key Identifier:
keyid:3D:92:BC:04:5A:B9:CC:9F:01:7E:8B:F7:FF:E4:23:DA:80:4A:61:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/tD1RoFeEVhPEqR3zKpmDD2atxII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.247.0/24
IPv6:
2a11:1680::/46
2a11:1680:5::/48
2a11:1680:a::-2a11:1680:f:ffff:ffff:ffff:ffff:ffff
2a11:1680:11::-2a11:1680:22:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
27:a8:6a:15:8c:5a:1d:10:14:e1:d0:e9:74:fd:f8:2f:bb:36:
9b:df:de:9a:49:71:2a:13:eb:4c:b7:71:ac:f5:84:dd:b2:0a:
9e:98:7b:ed:fc:a2:ef:73:f4:35:b6:8b:ff:df:02:b8:41:75:
88:a6:9e:2a:87:e3:de:43:fc:9d:06:c8:ab:de:b7:c1:21:c0:
94:f9:7d:a7:df:a7:c3:49:e2:85:8f:97:23:de:5d:11:fc:45:
e5:05:1d:a1:88:71:e5:20:31:1f:5c:e6:78:20:84:f8:8b:84:
dc:ed:b3:8f:be:5a:48:56:9a:e7:70:d8:83:d3:e3:68:42:33:
24:4f:a5:97:9a:6f:0f:ae:dc:8a:3f:7d:c1:78:a0:19:e6:32:
c7:1e:f1:71:9c:0e:a6:4e:1f:61:0d:32:8d:68:c4:97:91:13:
6f:0b:dc:fd:0b:4e:4a:35:db:5e:f0:62:59:b5:73:fc:99:91:
71:9b:c2:bc:02:61:3a:80:03:69:e1:bf:7d:65:1e:96:e4:dd:
5e:09:59:ca:a0:18:2e:d4:65:51:56:30:ee:61:1c:b1:60:e6:
80:2c:fa:00:07:d4:13:49:7e:d0:ca:18:df:2d:be:a4:60:d9:
7b:ad:13:7a:04:3e:3d:ed:d2:9c:95:5b:e7:ba:ed:47:96:2d:
75:07:b7:a7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEAnxsWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZDkyYmMwNDVhYjljYzlmMDE3ZThiZjdmZmU0MjNkYTgwNGE2MTRmMB4XDTIyMDYw
MTE5NDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQzZDUxYTA1Nzg0
NTYxM2M0YTkxZGYzMmE5OTgzMGY2NmFkYzQ4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALy0WFM+Zm+En0OxemkG0t0TTjVsRPSDzL8tSND9VDZ600vx
02H7aTYsr+JEpsGrTqW0WL59SNNulebDjUIP8eia77P0qX7VdABKqxAbcNnmScgN
/+A9ebaFfM7Gb4exKSuG6spr//5rNavqeJWysz/DUtQFi8yop4zxsJ7gs9b+hq8e
xNJO18GUsLOLiXJczuWG4AB46Mb6+/6juzPl9ZIPZnNAKrTBYjCE4RvIfLQgc2vs
7iUbnRq/dbX5LtDdDxv5gSwPUp2LQOaY7A2dVgDK3ydnFc/i+Smgfc33xtxxYJsS
pI3pm/EnBSdiXio/qxwCOuJdhMQNCXVrX0579VMCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBS0PVGgV4RWE8SpHfMqmYMPZq3EgjAfBgNVHSMEGDAWgBQ9krwEWrnMnwF+
i/f/5CPagEphTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BaSzhCRnE1eko4QmZvdjNfLVFqMm9CS1lVOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvMzYyNmRjLTIyMWYtNGI5YS1iYjY4LTNlMzgxMmZmYTE0Ny8x
L3REMVJvRmVFVmhQRXFSM3pLcG1ERDJhdHhJSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
MzYyNmRjLTIyMWYtNGI5YS1iYjY4LTNlMzgxMmZmYTE0Ny8xL1BaSzhCRnE1eko4
QmZvdjNfLVFqMm9CS1lVOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwDAQCAAEwBgMEAFBJ9zBABAIAAjA6AwcCKhEWgAAA
AwcAKhEWgAAFMBIDBwEqERaAAAoDBwQqERaAAAAwEgMHACoRFoAAEQMHACoRFoAA
IjANBgkqhkiG9w0BAQsFAAOCAQEAJ6hqFYxaHRAU4dDpdP34L7s2m9/emklxKhPr
TLdxrPWE3bIKnph77fyi73P0NbaL/98CuEF1iKaeKofj3kP8nQbIq963wSHAlPl9
p9+nw0nihY+XI95dEfxF5QUdoYhx5SAxH1zmeCCE+IuE3O2zj75aSFaa53DYg9Pj
aEIzJE+ll5pvD67cij99wXigGeYyxx7xcZwOpk4fYQ0yjWjEl5ETbwvc/QtOSjXb
XvBiWbVz/JmRcZvCvAJhOoADaeG/fWUeluTdXglZyqAYLtRlUVYw7mEcsWDmgCz6
AAfUE0l+0MoY3y2+pGDZe60TegQ+Pe3SnJVb57rtR5YtdQe3pw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:03 2024 by rpki-client on console-ams.rpki-client.org