Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/_1kttDDbJLEDK8GmlTHR15CMl70.roa
File: _1kttDDbJLEDK8GmlTHR15CMl70.roa (raw, json)
Hash identifier: ErAVRn5cLBTJXtloPoFZb5cjajFRfCXeVLIZqMFpeGI=
Subject key identifier: FF:59:2D:B4:30:DB:24:B1:03:2B:C1:A6:95:31:D1:D7:90:8C:97:BD
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 42CC69C8
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/_1kttDDbJLEDK8GmlTHR15CMl70.roa
Signing time: Mon 24 Jan 2022 14:07:10 +0000
ROA not before: Mon 24 Jan 2022 14:07:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3301
IP address blocks: 194.68.127.0/24 maxlen: 24
193.183.230.0/23 maxlen: 23
193.183.228.0/23 maxlen: 23
193.183.236.0/23 maxlen: 23
194.103.240.0/20 maxlen: 20
192.165.12.0/24 maxlen: 24
192.121.115.0/24 maxlen: 24
192.121.229.0/24 maxlen: 24
193.180.7.0/24 maxlen: 24
193.182.152.0/23 maxlen: 23
193.182.152.0/24 maxlen: 24
193.182.153.0/24 maxlen: 24
192.121.40.0/24 maxlen: 24
192.121.50.0/23 maxlen: 23
192.121.52.0/24 maxlen: 24
192.176.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1120692680 (0x42cc69c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 24 14:07:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff592db430db24b1032bc1a69531d1d7908c97bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:93:00:23:01:7d:16:30:98:b9:0c:4d:eb:a0:
75:ec:b4:73:78:93:00:f2:af:23:1a:b9:3b:eb:44:
ad:5a:b0:c7:15:46:95:c0:0e:e8:9f:17:11:65:83:
b4:9f:6a:89:bd:41:c2:60:90:90:27:1f:f2:ba:68:
2c:3e:b1:2b:0f:49:3b:56:df:8c:db:be:74:a8:c7:
8c:40:68:d0:83:0b:ae:4b:37:06:4e:6f:b6:e8:f6:
31:17:3d:4f:f5:03:d6:9e:28:d1:2f:87:45:a8:53:
4e:08:62:83:fa:4f:2f:16:dc:c5:33:2e:c4:04:d2:
31:87:82:4e:a8:8d:c1:d0:a7:72:71:a3:f4:f6:d2:
70:2a:92:09:14:c8:17:11:f1:e8:6e:bd:23:40:93:
a0:3b:2e:d2:6f:77:7f:4a:24:69:db:5d:b0:89:57:
59:5b:a3:3b:f0:2c:ba:11:ec:cd:e5:15:8f:57:16:
a5:76:8e:04:9c:07:c7:43:ed:38:5d:8f:0f:2e:e3:
bf:38:01:6a:ee:66:39:05:b4:16:d3:cd:ea:46:61:
ab:2d:93:e1:29:72:e6:49:6b:5d:87:9d:98:ed:18:
04:6f:2b:03:6d:ee:6b:91:46:d1:f5:b2:c3:d9:07:
30:9d:73:c4:fc:c1:ae:be:65:94:4b:4d:72:32:54:
b8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:59:2D:B4:30:DB:24:B1:03:2B:C1:A6:95:31:D1:D7:90:8C:97:BD
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/_1kttDDbJLEDK8GmlTHR15CMl70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.40.0/24
192.121.50.0-192.121.52.255
192.121.115.0/24
192.121.229.0/24
192.165.12.0/24
192.176.124.0/24
193.180.7.0/24
193.182.152.0/23
193.183.228.0/22
193.183.236.0/23
194.68.127.0/24
194.103.240.0/20
Signature Algorithm: sha256WithRSAEncryption
49:d1:e0:d9:9d:6d:cf:4d:a4:f5:cc:cb:ef:7a:df:77:76:65:
5a:fb:35:14:72:e8:4c:b1:78:16:67:fa:94:b7:49:42:6a:62:
15:29:90:78:fd:7a:43:7c:5b:b8:9a:d7:62:f1:9c:ab:19:aa:
15:23:76:25:36:bf:73:0e:37:96:91:3c:a7:d5:35:74:ba:cb:
79:89:06:d4:aa:5f:c6:02:3c:25:e7:5d:2c:6d:12:53:ae:93:
6e:f9:d5:c0:da:5a:be:ca:94:ef:80:fe:30:16:d2:86:2c:18:
9e:a9:2c:d7:38:1d:aa:24:17:08:79:9f:70:b1:fa:34:83:71:
2b:c4:a1:e1:57:34:3c:9e:09:17:28:06:18:ff:ca:df:bc:3d:
d2:e1:1b:dd:39:f4:07:d3:38:2e:7d:c9:af:bc:69:60:10:19:
a0:42:52:a3:e0:21:f5:5d:c2:88:40:0f:f6:68:e5:6e:f2:a6:
a0:89:02:04:82:42:be:f1:cc:97:30:5d:fe:9b:3b:45:c0:6c:
cf:2c:de:2e:93:17:f6:c3:d5:3d:a2:e4:a3:7b:1b:04:f6:db:
f5:43:55:22:1f:ba:d9:c1:18:75:7c:c7:f2:35:33:ab:52:a2:
b2:2f:f9:c7:10:9a:ee:71:cd:c0:dc:e3:91:d5:ef:fc:bd:11:
ad:64:99:0c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIEQsxpyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEy
NDE0MDcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY1OTJkYjQzMGRi
MjRiMTAzMmJjMWE2OTUzMWQxZDc5MDhjOTdiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+TACMBfRYwmLkMTeugdey0c3iTAPKvIxq5O+tErVqwxxVG
lcAO6J8XEWWDtJ9qib1BwmCQkCcf8rpoLD6xKw9JO1bfjNu+dKjHjEBo0IMLrks3
Bk5vtuj2MRc9T/UD1p4o0S+HRahTTghig/pPLxbcxTMuxATSMYeCTqiNwdCncnGj
9PbScCqSCRTIFxHx6G69I0CToDsu0m93f0okadtdsIlXWVujO/AsuhHszeUVj1cW
pXaOBJwHx0PtOF2PDy7jvzgBau5mOQW0FtPN6kZhqy2T4Sly5klrXYedmO0YBG8r
A23ua5FG0fWyw9kHMJ1zxPzBrr5llEtNcjJUuFsCAwEAAaOCAlMwggJPMB0GA1Ud
DgQWBBT/WS20MNsksQMrwaaVMdHXkIyXvTAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L18xa3R0RERiSkxFREs4R21sVEhSMTVDTWw3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBp
BggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEAMB5KDAMAwQBwHkyAwQAwHk0AwQA
wHlzAwQAwHnlAwQAwKUMAwQAwLB8AwQAwbQHAwQBwbaYAwQCwbfkAwQBwbfsAwQA
wkR/AwQEwmfwMA0GCSqGSIb3DQEBCwUAA4IBAQBJ0eDZnW3PTaT1zMvvet93dmVa
+zUUcuhMsXgWZ/qUt0lCamIVKZB4/XpDfFu4mtdi8ZyrGaoVI3YlNr9zDjeWkTyn
1TV0ust5iQbUql/GAjwl510sbRJTrpNu+dXA2lq+ypTvgP4wFtKGLBieqSzXOB2q
JBcIeZ9wsfo0g3ErxKHhVzQ8ngkXKAYY/8rfvD3S4RvdOfQH0zgufcmvvGlgEBmg
QlKj4CH1XcKIQA/2aOVu8qagiQIEgkK+8cyXMF3+mztFwGzPLN4ukxf2w9U9ouSj
exsE9tv1Q1UiH7rZwRh1fMfyNTOrUqKyL/nHEJrucc3A3OOR1e/8vRGtZJkM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org