Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/H6o7roZ2-vOg-kHQoiV4CwtKBEo.roa
File: H6o7roZ2-vOg-kHQoiV4CwtKBEo.roa (raw, json)
Hash identifier: nNFf5q/8/1PREqHoqiWzhhjc9fPKZ90wb0obtS/DSUo=
Subject key identifier: 1F:AA:3B:AE:86:76:FA:F3:A0:FA:41:D0:A2:25:78:0B:0B:4A:04:4A
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018419D13695E9950BF7F08E1B743003200D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/H6o7roZ2-vOg-kHQoiV4CwtKBEo.roa
Signing time: Thu 27 Oct 2022 14:20:52 +0000
ROA not before: Thu 27 Oct 2022 14:20:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 192.36.247.0/24 maxlen: 24
193.234.120.0/22 maxlen: 24
192.71.255.0/24 maxlen: 24
192.71.254.0/23 maxlen: 23
192.71.84.0/24 maxlen: 24
2a01:280:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:19:d1:36:95:e9:95:0b:f7:f0:8e:1b:74:30:03:20:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Oct 27 14:20:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1faa3bae8676faf3a0fa41d0a225780b0b4a044a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ed:b8:b3:82:7a:cb:8e:55:c6:c2:67:92:c0:
e0:01:34:16:11:b5:21:10:49:b0:2c:31:50:fe:c0:
7c:e7:94:de:25:af:63:f6:48:5b:f8:4f:6b:01:2f:
3d:13:b3:de:15:d8:6c:7d:5d:df:df:3f:2d:0f:da:
23:4e:f8:e8:29:02:c0:ad:19:bc:98:26:c0:9a:8d:
c3:68:98:7a:65:3b:af:8d:d5:0b:40:87:43:03:cb:
07:5f:5e:e1:b3:bc:b2:c0:da:14:7f:60:e0:2b:75:
6a:b6:0e:b2:53:9a:2c:88:eb:21:04:de:91:c2:35:
16:f0:44:e3:84:39:36:8d:3a:9d:2c:fd:9a:1f:8d:
e3:03:f2:fd:f7:68:1e:00:53:ac:95:89:0b:e0:30:
1b:3f:d7:a9:6e:ee:f5:bf:b3:a6:4c:5b:c5:62:4f:
e9:ec:18:d2:10:59:5a:45:a8:59:7e:ed:9f:95:44:
fe:90:61:ea:57:6c:63:a1:93:b7:7e:17:81:33:d7:
4c:dd:94:6b:92:7e:1f:42:65:cc:5c:ca:a0:fe:62:
83:9c:ee:2b:29:b6:cd:a1:d7:b0:27:36:30:3e:2c:
12:22:a5:9a:00:8e:fa:c1:3e:01:bd:b2:5a:02:c4:
fa:fc:af:dc:2f:40:33:67:09:5b:c2:3b:8b:f4:9c:
89:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:AA:3B:AE:86:76:FA:F3:A0:FA:41:D0:A2:25:78:0B:0B:4A:04:4A
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/H6o7roZ2-vOg-kHQoiV4CwtKBEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.247.0/24
192.71.84.0/24
192.71.254.0/23
193.234.120.0/22
IPv6:
2a01:280:6::/48
Signature Algorithm: sha256WithRSAEncryption
25:50:8d:30:0f:7b:0e:78:64:2f:f8:c9:4d:2b:c5:0e:ca:42:
20:bc:7f:52:bc:c8:56:1a:b8:ab:e5:89:07:68:7a:99:1c:c0:
f4:0b:52:ce:e5:49:c1:12:32:2b:ce:a8:93:58:a5:16:21:bd:
3d:8d:6c:0b:7f:8c:ff:e1:d5:ff:45:8b:2b:a1:28:13:5c:58:
af:ff:b5:da:17:36:42:e7:1b:6b:7d:ec:bf:65:68:9c:22:3b:
65:d5:d0:7c:36:3d:c0:42:b6:d4:96:99:bb:30:1f:f0:af:b6:
97:5b:43:cc:50:87:6a:a2:ad:f3:71:76:69:81:3a:e7:70:45:
6b:70:a2:1e:1b:b7:55:71:ec:f8:e1:e3:f3:e0:c6:1d:54:32:
89:cc:ff:ac:44:90:41:77:e7:58:be:32:b0:e4:85:5e:49:21:
a8:2d:19:cb:cf:eb:1f:a9:ba:77:f1:4f:ad:80:bb:94:32:02:
ac:b1:7c:02:8b:4d:d9:41:b1:53:92:79:29:7a:44:9a:2e:02:
0c:6c:ff:d6:93:53:5b:61:33:f4:4e:e5:66:48:c7:67:e9:3b:
26:94:4c:6b:99:62:a3:25:43:45:b8:5b:bc:39:82:25:5a:e9:
a8:5a:7d:ab:03:2c:ca:85:33:e9:64:19:9d:a6:9a:1c:b9:c0:
32:10:3d:67
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYQZ0TaV6ZUL9/COG3QwAyANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIxMDI3MTQyMDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmFhM2JhZTg2NzZmYWYzYTBmYTQxZDBhMjI1NzgwYjBiNGEwNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6u24s4J6y45VxsJnksDgATQWEbUh
EEmwLDFQ/sB855TeJa9j9khb+E9rAS89E7PeFdhsfV3f3z8tD9ojTvjoKQLArRm8
mCbAmo3DaJh6ZTuvjdULQIdDA8sHX17hs7yywNoUf2DgK3Vqtg6yU5osiOshBN6R
wjUW8ETjhDk2jTqdLP2aH43jA/L992geAFOslYkL4DAbP9epbu71v7OmTFvFYk/p
7BjSEFlaRahZfu2flUT+kGHqV2xjoZO3fheBM9dM3ZRrkn4fQmXMXMqg/mKDnO4r
KbbNodewJzYwPiwSIqWaAI76wT4BvbJaAsT6/K/cL0AzZwlbwjuL9JyJCQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFB+qO66GdvrzoPpB0KIleAsLSgRKMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvSDZvN3JvWjItdk9nLWtIUW9pVjRDd3RLQkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAwCT3AwQA
wEdUAwQBwEf+AwQCwep4MA8EAgACMAkDBwAqAQKAAAYwDQYJKoZIhvcNAQELBQAD
ggEBACVQjTAPew54ZC/4yU0rxQ7KQiC8f1K8yFYauKvliQdoepkcwPQLUs7lScES
MivOqJNYpRYhvT2NbAt/jP/h1f9FiyuhKBNcWK//tdoXNkLnG2t97L9laJwiO2XV
0Hw2PcBCttSWmbswH/CvtpdbQ8xQh2qirfNxdmmBOudwRWtwoh4bt1Vx7Pjh4/Pg
xh1UMonM/6xEkEF351i+MrDkhV5JIagtGcvP6x+punfxT62Au5QyAqyxfAKLTdlB
sVOSeSl6RJouAgxs/9aTU1thM/RO5WZIx2fpOyaUTGuZYqMlQ0W4W7w5giVa6aha
fasDLMqFM+lkGZ2mmhy5wDIQPWc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:38 2023 by rpki-client on console-ams.rpki-client.org