Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/6baeAFw0ooFCN8RZb1wAgUBynbU.roa
File: 6baeAFw0ooFCN8RZb1wAgUBynbU.roa (raw, json)
Hash identifier: TzA3ImUKElF5T2dFJ/s6MKwnmQb8uW92lj9NbdIr0y4=
Subject key identifier: E9:B6:9E:00:5C:34:A2:81:42:37:C4:59:6F:5C:00:81:40:72:9D:B5
Certificate issuer: /CN=5799b327dd6cda1ad37bc1c224a454b02dea2afc
Certificate serial: 0181EE494C4A4B3F30F9485F630E43CE0FFD
Authority key identifier: 57:99:B3:27:DD:6C:DA:1A:D3:7B:C1:C2:24:A4:54:B0:2D:EA:2A:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5mzJ91s2hrTe8HCJKRUsC3qKvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/6baeAFw0ooFCN8RZb1wAgUBynbU.roa
Signing time: Mon 11 Jul 2022 17:23:09 +0000
ROA not before: Mon 11 Jul 2022 17:23:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14593
IP address blocks: 145.224.64.0/21 maxlen: 24
145.224.64.0/18 maxlen: 24
145.224.72.0/21 maxlen: 24
145.224.80.0/21 maxlen: 24
145.224.88.0/22 maxlen: 24
188.92.248.0/21 maxlen: 24
145.224.94.0/23 maxlen: 24
145.224.96.0/21 maxlen: 24
145.224.92.0/23 maxlen: 24
145.224.108.0/22 maxlen: 24
145.224.124.0/22 maxlen: 24
2a0d:3340::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ee:49:4c:4a:4b:3f:30:f9:48:5f:63:0e:43:ce:0f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5799b327dd6cda1ad37bc1c224a454b02dea2afc
Validity
Not Before: Jul 11 17:23:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e9b69e005c34a2814237c4596f5c008140729db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:15:aa:d4:e8:e4:27:d7:8a:0d:21:ab:ac:c4:
90:ee:36:8d:f4:14:e1:cc:df:90:b9:e8:d8:76:22:
f2:44:37:58:d3:a2:0d:91:2a:89:e6:30:ff:e7:dd:
13:89:2f:55:b5:55:e0:81:19:5d:c6:a5:04:13:aa:
2b:8c:3e:a7:b3:d4:bd:39:2c:47:60:c9:25:eb:d6:
4e:82:c5:dd:21:fc:6f:9c:9f:f7:5f:96:34:59:7b:
a6:02:a3:ca:e1:a8:88:ac:8d:6d:d2:35:2c:09:5d:
94:3a:1e:d3:30:60:7b:10:d7:3d:16:60:84:ed:c3:
ba:37:93:ef:ff:30:9f:4d:66:ce:8b:da:92:43:1c:
9a:4e:b4:3b:3a:58:e0:7a:aa:59:e1:5d:ec:7d:04:
ca:2e:df:04:37:20:fc:f7:90:c6:a2:6f:4e:1b:72:
5b:67:30:90:01:d9:a9:e1:f7:d1:f0:3d:e3:68:4a:
e7:8f:49:19:d9:b2:8d:8c:e0:de:4b:7b:12:a4:f4:
80:1e:68:7c:83:ee:12:aa:50:df:40:e8:c3:b8:ae:
fb:8b:ff:18:b9:9a:08:e5:45:f6:75:18:df:d0:bf:
4e:03:81:a5:ff:53:57:cc:fb:fe:a3:63:38:f1:fb:
dc:d1:db:ad:96:33:42:2a:4a:1b:8c:7c:7b:9c:14:
1d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:B6:9E:00:5C:34:A2:81:42:37:C4:59:6F:5C:00:81:40:72:9D:B5
X509v3 Authority Key Identifier:
keyid:57:99:B3:27:DD:6C:DA:1A:D3:7B:C1:C2:24:A4:54:B0:2D:EA:2A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5mzJ91s2hrTe8HCJKRUsC3qKvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/6baeAFw0ooFCN8RZb1wAgUBynbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/V5mzJ91s2hrTe8HCJKRUsC3qKvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.224.64.0/18
188.92.248.0/21
IPv6:
2a0d:3340::/29
Signature Algorithm: sha256WithRSAEncryption
d9:a1:e2:00:85:cd:1d:b6:24:67:00:1c:80:b6:cb:98:c7:3d:
29:a6:46:a4:fd:c7:85:fc:83:00:51:ce:c1:0c:06:66:7e:12:
11:23:a4:d9:e3:d7:09:34:7d:1e:4b:ce:85:e6:f3:0a:b8:c6:
49:2a:40:7c:f3:6b:92:78:b6:00:06:ba:fc:e4:ca:ae:41:1c:
a4:b7:d1:68:2f:a6:26:61:4d:8a:b9:d7:65:49:ef:60:8a:35:
ed:f5:14:eb:88:c0:bb:5c:3b:12:89:17:d8:da:fe:6a:3b:c4:
c7:3b:80:9a:55:e9:08:f2:3b:a0:4a:d3:c7:f2:5e:1d:d9:97:
ec:28:c1:72:a7:ba:e7:3c:79:28:3b:25:df:74:bc:a2:99:4a:
d7:73:c2:4e:bb:00:ed:fe:ab:c7:40:ad:96:79:2b:93:84:95:
27:5f:42:a6:bd:56:87:a1:ce:bf:5e:cd:c1:bc:92:59:23:a7:
cf:2c:b3:aa:10:72:8d:de:51:94:c0:74:48:09:51:33:f9:e3:
a2:89:7e:d5:4d:90:7e:e9:c9:d8:2b:07:e6:89:69:58:df:f0:
d9:7e:d8:5d:6c:a4:9d:47:10:61:b8:a6:c5:11:74:2f:45:53:
08:3c:0d:02:95:31:54:de:8a:5b:9a:db:a6:f9:46:35:32:2f:
fd:e6:cf:20
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYHuSUxKSz8w+UhfYw5Dzg/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTliMzI3ZGQ2Y2RhMWFkMzdiYzFjMjI0YTQ1NGIwMmRl
YTJhZmMwHhcNMjIwNzExMTcyMzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWI2OWUwMDVjMzRhMjgxNDIzN2M0NTk2ZjVjMDA4MTQwNzI5ZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBWq1OjkJ9eKDSGrrMSQ7jaN9BTh
zN+QuejYdiLyRDdY06INkSqJ5jD/590TiS9VtVXggRldxqUEE6orjD6ns9S9OSxH
YMkl69ZOgsXdIfxvnJ/3X5Y0WXumAqPK4aiIrI1t0jUsCV2UOh7TMGB7ENc9FmCE
7cO6N5Pv/zCfTWbOi9qSQxyaTrQ7OljgeqpZ4V3sfQTKLt8ENyD895DGom9OG3Jb
ZzCQAdmp4ffR8D3jaErnj0kZ2bKNjODeS3sSpPSAHmh8g+4SqlDfQOjDuK77i/8Y
uZoI5UX2dRjf0L9OA4Gl/1NXzPv+o2M48fvc0dutljNCKkobjHx7nBQdaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOm2ngBcNKKBQjfEWW9cAIFAcp21MB8GA1UdIwQY
MBaAFFeZsyfdbNoa03vBwiSkVLAt6ir8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVteko5MXMyaHJUZThIQ0pLUlVzQzNxS3Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84YzJhZTktMGE3Ny00OWViLWFkM2Et
ZWExNTBlNzYzOGNlLzEvNmJhZUFGdzBvb0ZDTjhSWmIxd0FnVUJ5bmJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84YzJhZTktMGE3Ny00OWViLWFkM2EtZWExNTBlNzYzOGNl
LzEvVjVteko5MXMyaHJUZThIQ0pLUlVzQzNxS3Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGkeBAAwQD
vFz4MA0EAgACMAcDBQMqDTNAMA0GCSqGSIb3DQEBCwUAA4IBAQDZoeIAhc0dtiRn
AByAtsuYxz0ppkak/ceF/IMAUc7BDAZmfhIRI6TZ49cJNH0eS86F5vMKuMZJKkB8
82uSeLYABrr85MquQRykt9FoL6YmYU2KuddlSe9gijXt9RTriMC7XDsSiRfY2v5q
O8THO4CaVekI8jugStPH8l4d2ZfsKMFyp7rnPHkoOyXfdLyimUrXc8JOuwDt/qvH
QK2WeSuThJUnX0KmvVaHoc6/Xs3BvJJZI6fPLLOqEHKN3lGUwHRICVEz+eOiiX7V
TZB+6cnYKwfmiWlY3/DZfthdbKSdRxBhuKbFEXQvRVMIPA0ClTFU3opbmtum+UY1
Mi/95s8g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:18 2024 by rpki-client on console-ams.rpki-client.org