Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3040df-768d-4c70-9aa0-011ba072f42c/1/c-lCCG0KaxRwhQ5G2mVvLGe7fQY.roa
File: c-lCCG0KaxRwhQ5G2mVvLGe7fQY.roa (raw, json)
Hash identifier: wpmniPKe2iB/LFKU15wSGD+lwBkCH24LS3AKL/jCrh8=
Subject key identifier: 73:E9:42:08:6D:0A:6B:14:70:85:0E:46:DA:65:6F:2C:67:BB:7D:06
Certificate issuer: /CN=335525f5e51b622fdfee730cda8cda311b4400dd
Certificate serial: 0182E3AD6B202509528302C37D000FC0F35D
Authority key identifier: 33:55:25:F5:E5:1B:62:2F:DF:EE:73:0C:DA:8C:DA:31:1B:44:00:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M1Ul9eUbYi_f7nMM2ozaMRtEAN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3040df-768d-4c70-9aa0-011ba072f42c/1/c-lCCG0KaxRwhQ5G2mVvLGe7fQY.roa
Signing time: Sun 28 Aug 2022 08:59:29 +0000
ROA not before: Sun 28 Aug 2022 08:59:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211413
IP address blocks: 193.56.135.0/24 maxlen: 24
2a10:e8c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e3:ad:6b:20:25:09:52:83:02:c3:7d:00:0f:c0:f3:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=335525f5e51b622fdfee730cda8cda311b4400dd
Validity
Not Before: Aug 28 08:59:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73e942086d0a6b1470850e46da656f2c67bb7d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8c:43:b7:8c:77:a4:a8:ef:17:e2:26:64:ec:
ec:88:f0:cb:04:2e:0b:fb:41:6a:f7:a1:bb:69:19:
41:16:4d:9e:5e:e4:63:2d:ab:7f:ca:35:58:14:29:
cc:2f:ea:f7:6f:48:d0:e1:58:4a:b9:46:da:cd:7a:
76:fd:a8:2c:a8:bc:0e:44:4f:50:ee:eb:d5:d2:13:
dc:43:9a:11:ec:1b:3b:99:e1:47:93:70:ee:2d:6b:
cb:8b:34:ba:f8:37:ad:ed:5f:94:52:ad:e8:4f:93:
4c:04:e0:0a:7c:74:e1:f3:fd:2c:e6:62:53:75:53:
df:22:55:10:e0:c8:16:c4:4c:8b:bb:56:76:d4:a5:
6a:9a:a0:bb:29:3c:b3:c4:63:e0:14:7e:72:10:0b:
04:74:e1:be:f7:5b:6b:8e:9c:56:09:83:7c:5f:90:
38:0c:2a:5a:75:20:3d:92:70:f7:48:7f:7d:b3:91:
9c:7d:28:a6:81:3f:f1:d6:d5:24:cd:6e:fa:97:b7:
30:a5:ea:b8:c5:d6:00:17:86:71:a9:3b:bd:41:2e:
16:34:0a:0d:db:00:00:cf:73:fe:ab:71:f6:5f:f0:
de:f9:4d:02:e4:6c:1c:4b:15:67:4e:33:d5:3f:2e:
80:05:18:fc:2f:aa:e2:af:97:ef:77:a4:e2:92:0c:
a9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E9:42:08:6D:0A:6B:14:70:85:0E:46:DA:65:6F:2C:67:BB:7D:06
X509v3 Authority Key Identifier:
keyid:33:55:25:F5:E5:1B:62:2F:DF:EE:73:0C:DA:8C:DA:31:1B:44:00:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1Ul9eUbYi_f7nMM2ozaMRtEAN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3040df-768d-4c70-9aa0-011ba072f42c/1/c-lCCG0KaxRwhQ5G2mVvLGe7fQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3040df-768d-4c70-9aa0-011ba072f42c/1/M1Ul9eUbYi_f7nMM2ozaMRtEAN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.135.0/24
IPv6:
2a10:e8c0::/29
Signature Algorithm: sha256WithRSAEncryption
62:76:cd:77:2b:16:ec:ef:b9:1e:dd:cb:0c:2a:1a:e4:45:74:
5e:88:85:ec:7c:09:73:f3:c4:89:9a:5a:a5:5c:ba:07:58:e6:
bd:2d:32:34:17:56:b1:87:2b:7d:5c:fd:76:0f:09:94:f8:d9:
a7:12:88:04:f3:0f:b4:b9:86:70:76:7e:ef:cb:db:32:97:a0:
b2:3a:f4:36:cb:67:61:4d:2a:9c:67:4d:bb:ee:5f:51:9e:b5:
74:74:06:e2:90:5a:54:8c:b4:94:dc:99:eb:88:95:41:37:2a:
74:ae:e0:ef:23:01:2e:ec:27:d1:56:41:23:58:44:b5:fc:73:
ea:de:e0:bd:d4:e3:a0:00:bb:74:42:9e:fb:0f:3d:ae:34:0c:
64:25:3e:41:8a:d1:25:c4:46:1b:9a:84:5b:ff:01:ad:91:cb:
a8:de:f5:7c:8f:80:56:ba:b7:30:ae:c5:01:bc:8e:15:f1:1a:
9f:8d:72:d2:8e:16:43:3f:59:2b:12:f3:00:78:3b:52:8b:e5:
62:4f:64:fb:4b:5b:00:05:7d:11:00:a0:9d:da:f0:0c:fa:ce:
9e:4e:47:3f:81:f2:6b:cc:d1:e5:3e:8c:95:83:2b:3e:a4:42:
a3:b0:49:1e:78:7f:36:bf:0d:3f:0f:6f:dd:b7:e6:23:42:70:
c6:8a:00:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYLjrWsgJQlSgwLDfQAPwPNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTUyNWY1ZTUxYjYyMmZkZmVlNzMwY2RhOGNkYTMxMWI0
NDAwZGQwHhcNMjIwODI4MDg1OTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2U5NDIwODZkMGE2YjE0NzA4NTBlNDZkYTY1NmYyYzY3YmI3ZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoxDt4x3pKjvF+ImZOzsiPDLBC4L
+0Fq96G7aRlBFk2eXuRjLat/yjVYFCnML+r3b0jQ4VhKuUbazXp2/agsqLwORE9Q
7uvV0hPcQ5oR7Bs7meFHk3DuLWvLizS6+Det7V+UUq3oT5NMBOAKfHTh8/0s5mJT
dVPfIlUQ4MgWxEyLu1Z21KVqmqC7KTyzxGPgFH5yEAsEdOG+91trjpxWCYN8X5A4
DCpadSA9knD3SH99s5GcfSimgT/x1tUkzW76l7cwpeq4xdYAF4ZxqTu9QS4WNAoN
2wAAz3P+q3H2X/De+U0C5GwcSxVnTjPVPy6ABRj8L6rir5fvd6Tikgyp7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHPpQghtCmsUcIUORtplbyxnu30GMB8GA1UdIwQY
MBaAFDNVJfXlG2Iv3+5zDNqM2jEbRADdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFVbDllVWJZaV9mN25NTTJvemFNUnRFQU4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMDQwZGYtNzY4ZC00YzcwLTlhYTAt
MDExYmEwNzJmNDJjLzEvYy1sQ0NHMEtheFJ3aFE1RzJtVnZMR2U3ZlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zMDQwZGYtNzY4ZC00YzcwLTlhYTAtMDExYmEwNzJmNDJj
LzEvTTFVbDllVWJZaV9mN25NTTJvemFNUnRFQU4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTiHMA0E
AgACMAcDBQMqEOjAMA0GCSqGSIb3DQEBCwUAA4IBAQBids13Kxbs77ke3csMKhrk
RXReiIXsfAlz88SJmlqlXLoHWOa9LTI0F1axhyt9XP12DwmU+NmnEogE8w+0uYZw
dn7vy9syl6CyOvQ2y2dhTSqcZ0277l9RnrV0dAbikFpUjLSU3JnriJVBNyp0ruDv
IwEu7CfRVkEjWES1/HPq3uC91OOgALt0Qp77Dz2uNAxkJT5BitElxEYbmoRb/wGt
kcuo3vV8j4BWurcwrsUBvI4V8RqfjXLSjhZDP1krEvMAeDtSi+ViT2T7S1sABX0R
AKCd2vAM+s6eTkc/gfJrzNHlPoyVgys+pEKjsEkeeH82vw0/D2/dt+YjQnDGigC6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:24 2024 by rpki-client on console-ams.rpki-client.org