Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/E6ZlHbXWk3Q2l-wg6FkVkSKGB64.roa
File: E6ZlHbXWk3Q2l-wg6FkVkSKGB64.roa (raw, json)
Hash identifier: O/1Oo7PaLeG8yhqzcDlMBMOJRzTV+TLYifNa6DZl8Hw=
Subject key identifier: 13:A6:65:1D:B5:D6:93:74:36:97:EC:20:E8:59:15:91:22:86:07:AE
Certificate issuer: /CN=09e5518e68467b4290c3509268b6d6d664962c86
Certificate serial: 02E13AA8
Authority key identifier: 09:E5:51:8E:68:46:7B:42:90:C3:50:92:68:B6:D6:D6:64:96:2C:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeVRjmhGe0KQw1CSaLbW1mSWLIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/E6ZlHbXWk3Q2l-wg6FkVkSKGB64.roa
Signing time: Thu 30 Jun 2022 09:37:28 +0000
ROA not before: Thu 30 Jun 2022 09:37:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31515
IP address blocks: 161.30.33.0/24 maxlen: 24
161.30.40.0/23 maxlen: 23
161.30.5.0/24 maxlen: 24
161.30.12.0/22 maxlen: 22
161.30.16.0/22 maxlen: 22
161.30.237.0/24 maxlen: 24
161.30.22.0/23 maxlen: 23
161.30.238.0/24 maxlen: 24
161.30.236.0/22 maxlen: 24
2a11:ae00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48315048 (0x2e13aa8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e5518e68467b4290c3509268b6d6d664962c86
Validity
Not Before: Jun 30 09:37:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=13a6651db5d693743697ec20e8591591228607ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:55:69:44:c5:cf:51:33:5b:98:ac:de:89:69:
75:aa:80:b6:83:bd:9b:29:f3:90:45:d5:52:0d:2c:
0f:fa:54:f8:a2:5f:63:04:b7:9a:d6:f8:72:85:1a:
80:33:bc:00:7a:79:24:fb:89:ff:1b:43:87:ce:46:
c6:06:95:a4:47:69:e0:a9:fd:40:13:2e:d4:22:8c:
f8:cb:97:d6:85:a8:1a:33:0e:e7:53:00:53:7d:3b:
cb:52:eb:d7:f7:54:fe:db:48:27:9d:6c:f5:ca:89:
78:e3:1c:b1:bb:1f:03:7c:5b:11:bb:d0:68:a8:ea:
8c:dc:3f:51:06:9a:d9:d1:a1:22:1e:26:bb:5d:a4:
83:5f:f8:4f:89:b4:20:52:be:38:1a:51:99:5b:14:
42:e4:02:17:41:a6:d1:17:1e:53:3d:6b:d4:36:5b:
80:c0:e9:aa:5a:40:d0:e4:db:9a:24:fe:ca:34:4b:
fb:cb:86:e7:40:f3:67:eb:be:6c:6e:21:03:eb:b7:
0f:23:5f:02:87:b6:5c:61:5e:b3:a5:f9:28:52:4f:
dd:5c:fb:fe:63:41:28:3e:51:f1:b6:d1:83:15:b0:
c7:61:62:b4:df:e7:35:bd:b5:64:0d:e2:1a:14:d7:
cc:93:05:75:de:a7:cd:7a:4b:2f:d2:b7:6b:d9:6f:
e1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:A6:65:1D:B5:D6:93:74:36:97:EC:20:E8:59:15:91:22:86:07:AE
X509v3 Authority Key Identifier:
keyid:09:E5:51:8E:68:46:7B:42:90:C3:50:92:68:B6:D6:D6:64:96:2C:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVRjmhGe0KQw1CSaLbW1mSWLIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/E6ZlHbXWk3Q2l-wg6FkVkSKGB64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/CeVRjmhGe0KQw1CSaLbW1mSWLIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.30.5.0/24
161.30.12.0-161.30.19.255
161.30.22.0/23
161.30.33.0/24
161.30.40.0/23
161.30.236.0/22
IPv6:
2a11:ae00::/32
Signature Algorithm: sha256WithRSAEncryption
12:7e:c0:4b:d0:a4:3c:12:cf:53:29:a8:3a:d5:ea:42:74:d9:
68:89:59:af:be:f1:38:f6:d8:b7:8c:b7:19:67:13:1b:98:9d:
09:f6:24:5f:42:bc:88:a5:2a:ea:54:31:1d:8c:0b:5c:28:34:
94:24:ec:48:86:9d:8f:33:e9:a1:60:6e:12:a9:79:95:76:79:
ba:c0:8d:ac:7e:14:ad:39:f6:bb:8f:1b:c9:b5:d8:67:9e:c1:
72:6f:27:2c:b2:1f:f2:24:43:84:88:39:2a:0d:88:89:d8:b5:
85:f5:ab:9e:f4:20:7e:59:46:a1:82:7e:12:e9:b1:24:59:b7:
8a:d5:b4:39:b7:c6:ff:2f:1d:14:e5:ab:e4:e3:80:2b:ba:ec:
be:74:1a:98:75:57:fa:1e:47:1a:94:cc:f5:6e:c9:65:a9:ad:
05:7d:ea:34:76:24:7f:4a:bd:c1:21:a8:a5:e0:96:9a:01:82:
be:4d:73:69:1e:ac:bf:02:18:81:86:44:9d:61:d9:17:55:62:
70:0f:f5:ef:df:15:dd:b5:33:f2:63:9a:05:f2:d1:aa:13:68:
f0:f7:e6:47:a0:2c:66:8b:1a:fa:d1:2b:6c:af:8e:6a:81:3f:
a0:6d:92:b5:c8:d8:91:af:76:af:eb:fb:c9:9b:11:f5:5d:d6:
2f:47:36:14
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIEAuE6qDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OWU1NTE4ZTY4NDY3YjQyOTBjMzUwOTI2OGI2ZDZkNjY0OTYyYzg2MB4XDTIyMDYz
MDA5MzcyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTNhNjY1MWRiNWQ2
OTM3NDM2OTdlYzIwZTg1OTE1OTEyMjg2MDdhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJRVaUTFz1EzW5is3olpdaqAtoO9mynzkEXVUg0sD/pU+KJf
YwS3mtb4coUagDO8AHp5JPuJ/xtDh85GxgaVpEdp4Kn9QBMu1CKM+MuX1oWoGjMO
51MAU307y1Lr1/dU/ttIJ51s9cqJeOMcsbsfA3xbEbvQaKjqjNw/UQaa2dGhIh4m
u12kg1/4T4m0IFK+OBpRmVsUQuQCF0Gm0RceUz1r1DZbgMDpqlpA0OTbmiT+yjRL
+8uG50DzZ+u+bG4hA+u3DyNfAoe2XGFes6X5KFJP3Vz7/mNBKD5R8bbRgxWwx2Fi
tN/nNb21ZA3iGhTXzJMFdd6nzXpLL9K3a9lv4TMCAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBQTpmUdtdaTdDaX7CDoWRWRIoYHrjAfBgNVHSMEGDAWgBQJ5VGOaEZ7QpDD
UJJottbWZJYshjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NlVlJqbWhHZTBLUXcxQ1NhTGJXMW1TV0xJWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvMzAyODJjLTNjODItNDczMC1iOTVlLWU3NDU5NDg5ODNlZC8x
L0U2WmxIYlhXazNRMmwtd2c2RmtWa1NLR0I2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
MzAyODJjLTNjODItNDczMC1iOTVlLWU3NDU5NDg5ODNlZC8xL0NlVlJqbWhHZTBL
UXcxQ1NhTGJXMW1TV0xJWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwMgQCAAEwLAMEAKEeBTAMAwQCoR4MAwQCoR4QAwQB
oR4WAwQAoR4hAwQBoR4oAwQCoR7sMA0EAgACMAcDBQAqEa4AMA0GCSqGSIb3DQEB
CwUAA4IBAQASfsBL0KQ8Es9TKag61epCdNloiVmvvvE49ti3jLcZZxMbmJ0J9iRf
QryIpSrqVDEdjAtcKDSUJOxIhp2PM+mhYG4SqXmVdnm6wI2sfhStOfa7jxvJtdhn
nsFybycssh/yJEOEiDkqDYiJ2LWF9aue9CB+WUahgn4S6bEkWbeK1bQ5t8b/Lx0U
5avk44Aruuy+dBqYdVf6HkcalMz1bsllqa0Ffeo0diR/Sr3BIail4JaaAYK+TXNp
Hqy/AhiBhkSdYdkXVWJwD/Xv3xXdtTPyY5oF8tGqE2jw9+ZHoCxmixr60Stsr45q
gT+gbZK1yNiRr3av6/vJmxH1XdYvRzYU
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:50 2023 by rpki-client on console-ams.rpki-client.org