Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/a0G3mEzlicgsbGODAnFOj5tqE9I.roa
File: a0G3mEzlicgsbGODAnFOj5tqE9I.roa (raw, json)
Hash identifier: ZBpRjmcvTF7RuPA8CHLohW/7Cs+pbT7vh1tBHn9NwtE=
Subject key identifier: 6B:41:B7:98:4C:E5:89:C8:2C:6C:63:83:02:71:4E:8F:9B:6A:13:D2
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 18C82A4D
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/a0G3mEzlicgsbGODAnFOj5tqE9I.roa
Signing time: Sat 01 Jan 2022 02:59:08 +0000
ROA not before: Sat 01 Jan 2022 02:59:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6584
IP address blocks: 194.69.96.0/19 maxlen: 19
194.69.96.0/22 maxlen: 24
194.69.100.0/22 maxlen: 22
194.69.126.0/23 maxlen: 24
2a01:110:8012::/48 maxlen: 48
2a01:110::/32 maxlen: 32
2a01:110:e050::/48 maxlen: 48
2a01:110:a008::/48 maxlen: 48
2a01:110:8008::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 415771213 (0x18c82a4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Jan 1 02:59:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b41b7984ce589c82c6c638302714e8f9b6a13d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b7:f6:3c:5f:ea:b0:b8:84:46:3a:26:44:14:
92:cb:ae:0d:47:b1:f7:23:57:3f:87:3d:82:fe:a3:
03:94:ed:62:85:60:a4:99:d9:8f:2f:c0:c2:35:80:
b4:54:de:33:2b:cd:69:dc:ab:bd:97:d2:52:22:1c:
24:21:16:da:d9:ec:6d:7b:8f:10:15:96:e4:77:51:
aa:82:b5:73:33:00:6f:47:50:89:69:4a:3a:f4:55:
a2:44:57:fc:0b:ab:e3:5d:e8:1a:29:43:52:3a:d4:
97:02:97:bd:e8:04:a7:8a:ad:7a:ff:07:d8:4d:f6:
db:bc:60:61:b7:7d:7c:59:8b:79:d9:0d:41:4c:68:
86:a7:78:6c:8f:93:ed:dd:66:ba:44:00:00:4a:ff:
6e:ba:26:ea:6f:51:8b:25:72:dc:d6:c4:48:c6:69:
c9:4e:9d:56:88:02:56:61:36:10:87:1a:70:22:44:
e2:4f:1a:61:e4:b8:af:36:21:81:a3:7a:23:41:90:
fa:75:89:9e:f7:89:23:8f:15:ab:b0:35:3b:4e:74:
04:33:94:69:39:90:fb:06:51:7c:dd:3e:60:74:18:
e8:ba:b1:e8:ea:80:82:57:77:e8:4a:94:3c:4c:d7:
d0:a4:aa:af:9e:21:28:64:b7:0a:02:33:c5:ef:4c:
6f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:41:B7:98:4C:E5:89:C8:2C:6C:63:83:02:71:4E:8F:9B:6A:13:D2
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/a0G3mEzlicgsbGODAnFOj5tqE9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.69.96.0/19
IPv6:
2a01:110::/32
Signature Algorithm: sha256WithRSAEncryption
48:2e:8a:15:24:5e:46:09:19:48:18:69:e7:e7:61:62:f8:6b:
2d:7f:c0:1b:a2:2a:7c:53:54:06:1f:4f:d3:3e:94:a1:16:c3:
04:ca:d0:2f:66:89:8c:ef:20:bc:df:17:72:6f:a1:90:66:33:
e8:d2:07:04:cf:5a:c8:37:ce:1c:ce:6f:2f:59:25:95:d3:d2:
bc:44:13:49:51:e0:2f:1b:96:0f:b2:46:1e:fd:c4:a7:e4:27:
aa:2e:62:1f:d6:08:e0:35:e6:97:32:dd:42:29:3a:7a:38:24:
c0:0a:d2:6c:58:43:64:f8:c7:de:ab:d0:8a:d7:d2:df:44:0a:
ca:a5:ce:f0:14:d2:73:44:17:52:c2:a8:b7:98:3b:a1:7f:c9:
8a:b7:98:e6:85:f6:df:3c:ce:75:5c:74:6c:c2:ff:ff:18:d3:
c6:1e:51:cd:82:78:21:74:1a:88:57:76:ba:19:0f:f0:02:7d:
fc:08:d3:0d:d5:01:35:ba:10:bd:63:05:3d:68:16:b7:94:e0:
1c:42:1b:51:2d:c4:1f:aa:bd:a1:f0:11:68:2d:1a:b6:73:f1:
f5:2d:3d:d0:1f:66:07:17:4c:43:d0:0c:a8:96:5a:b5:6e:a2:
16:3e:b5:04:9b:8d:78:25:4c:26:a3:82:37:f9:4c:a7:20:20:
fb:60:4f:c7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGMgqTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2U2OGRhZjVmMDg5NDU2YzBlMWQwMjI0NTM5MzUzMWFjNWI4ZmNiMB4XDTIyMDEw
MTAyNTkwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI0MWI3OTg0Y2U1
ODljODJjNmM2MzgzMDI3MTRlOGY5YjZhMTNkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+39jxf6rC4hEY6JkQUksuuDUex9yNXP4c9gv6jA5TtYoVg
pJnZjy/AwjWAtFTeMyvNadyrvZfSUiIcJCEW2tnsbXuPEBWW5HdRqoK1czMAb0dQ
iWlKOvRVokRX/Aur413oGilDUjrUlwKXvegEp4qtev8H2E3227xgYbd9fFmLedkN
QUxohqd4bI+T7d1mukQAAEr/brom6m9RiyVy3NbESMZpyU6dVogCVmE2EIcacCJE
4k8aYeS4rzYhgaN6I0GQ+nWJnveJI48Vq7A1O050BDOUaTmQ+wZRfN0+YHQY6Lqx
6OqAgld36EqUPEzX0KSqr54hKGS3CgIzxe9Mbz0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRrQbeYTOWJyCxsY4MCcU6Pm2oT0jAfBgNVHSMEGDAWgBR85o2vXwiUVsDh
0CJFOTUxrFuPyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZPYU5yMThJbEZiQTRkQWlSVGsxTWF4Ymo4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZWMwYjg5LTFlNjgtNDVhMC04YjkzLTEzYTA2YTI2OWFhOC8x
L2EwRzNtRXpsaWNnc2JHT0RBbkZPajV0cUU5SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZWMwYjg5LTFlNjgtNDVhMC04YjkzLTEzYTA2YTI2OWFhOC8xL2ZPYU5yMThJbEZi
QTRkQWlSVGsxTWF4Ymo4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBcJFYDANBAIAAjAHAwUAKgEBEDAN
BgkqhkiG9w0BAQsFAAOCAQEASC6KFSReRgkZSBhp5+dhYvhrLX/AG6IqfFNUBh9P
0z6UoRbDBMrQL2aJjO8gvN8Xcm+hkGYz6NIHBM9ayDfOHM5vL1klldPSvEQTSVHg
LxuWD7JGHv3Ep+Qnqi5iH9YI4DXmlzLdQik6ejgkwArSbFhDZPjH3qvQitfS30QK
yqXO8BTSc0QXUsKot5g7oX/JireY5oX23zzOdVx0bML//xjTxh5RzYJ4IXQaiFd2
uhkP8AJ9/AjTDdUBNboQvWMFPWgWt5TgHEIbUS3EH6q9ofARaC0atnPx9S090B9m
BxdMQ9AMqJZatW6iFj61BJuNeCVMJqOCN/lMpyAg+2BPxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:00 2024 by rpki-client on console-ams.rpki-client.org