Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/AtiH1l92wqNRgDkBuG8DM3oo1r0.roa
File: AtiH1l92wqNRgDkBuG8DM3oo1r0.roa (raw, json)
Hash identifier: XK9tqWyUkyT4TL8/isiWDcPU8hzrTFJ8sOXVef4auaM=
Subject key identifier: 02:D8:87:D6:5F:76:C2:A3:51:80:39:01:B8:6F:03:33:7A:28:D6:BD
Certificate issuer: /CN=dbcc2bbaf3e0d4342a014f8b70f873cee9a8cac5
Certificate serial: 0C8CC184
Authority key identifier: DB:CC:2B:BA:F3:E0:D4:34:2A:01:4F:8B:70:F8:73:CE:E9:A8:CA:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28wruvPg1DQqAU-LcPhzzumoysU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/AtiH1l92wqNRgDkBuG8DM3oo1r0.roa
Signing time: Sat 01 Jan 2022 10:58:46 +0000
ROA not before: Sat 01 Jan 2022 10:58:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28788
IP address blocks: 62.133.192.0/18 maxlen: 18
193.16.234.0/24 maxlen: 24
2001:4128::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 210551172 (0xc8cc184)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbcc2bbaf3e0d4342a014f8b70f873cee9a8cac5
Validity
Not Before: Jan 1 10:58:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02d887d65f76c2a351803901b86f03337a28d6bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:46:3e:52:bd:7f:c7:55:4b:91:4a:82:4a:37:
a6:d1:90:a5:e0:9d:04:bb:af:a0:ea:8e:db:1d:9f:
3e:84:f1:eb:17:58:7c:7c:1b:cc:9a:72:4d:b8:e0:
17:23:ed:94:e5:06:fb:3d:df:21:05:7c:00:ab:d9:
6d:e8:04:cf:22:ef:47:64:3a:0a:34:a4:73:14:e1:
67:8e:73:0e:52:11:40:b1:14:53:36:62:f0:59:ca:
ec:d1:9d:15:27:94:48:a3:12:e6:5a:3e:62:e8:1e:
18:33:93:d6:2e:4d:6f:81:b1:ff:a0:67:b5:b7:d9:
32:2f:07:4a:de:0d:05:cb:bf:af:d9:15:2c:0a:32:
94:60:ba:7f:c6:94:01:11:f4:60:2c:c9:f1:43:6e:
fe:a8:9e:52:21:9b:34:bf:b7:be:19:d5:92:14:37:
78:d6:90:f6:32:cf:70:60:16:81:49:57:27:7a:ae:
69:e7:2c:b9:dc:fb:21:b3:99:14:0f:6e:8c:38:05:
1f:83:08:1c:51:50:77:a1:4b:4c:b6:17:87:58:c7:
cd:b4:9f:ab:fb:b6:94:19:12:c6:ae:32:55:c2:44:
9a:d0:92:ed:ab:45:ba:f9:fa:2f:23:0e:a5:71:7e:
f6:d8:20:cd:06:58:b0:87:c6:5a:42:4b:69:48:89:
6d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D8:87:D6:5F:76:C2:A3:51:80:39:01:B8:6F:03:33:7A:28:D6:BD
X509v3 Authority Key Identifier:
keyid:DB:CC:2B:BA:F3:E0:D4:34:2A:01:4F:8B:70:F8:73:CE:E9:A8:CA:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28wruvPg1DQqAU-LcPhzzumoysU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/AtiH1l92wqNRgDkBuG8DM3oo1r0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/28wruvPg1DQqAU-LcPhzzumoysU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.192.0/18
193.16.234.0/24
IPv6:
2001:4128::/32
Signature Algorithm: sha256WithRSAEncryption
01:6f:4a:9e:6f:dd:2d:56:c4:d3:ba:2a:d5:70:39:53:7d:23:
27:71:6d:5f:25:f2:72:f9:01:83:09:e4:cf:b6:ac:84:13:07:
39:1b:47:7e:d7:c8:16:66:fb:a5:01:7a:b1:28:31:2c:dd:f4:
de:80:df:13:4f:68:0c:68:6c:9b:ad:f2:dd:29:76:75:e2:eb:
a1:58:33:c3:66:45:61:b8:8c:a3:d5:5d:a5:a0:ef:3b:06:e4:
cd:67:a5:52:fa:ce:02:49:0f:3b:7a:da:f4:4f:6d:0d:6e:ba:
84:2e:ac:df:c6:69:0c:7a:93:06:d9:41:86:b5:55:a9:c5:ca:
55:36:60:58:c2:10:ac:03:0e:f2:ea:08:e5:52:c7:3e:4b:38:
4d:37:b8:6d:1d:7e:e2:be:5c:bc:78:f1:c2:4e:19:77:b4:36:
03:6e:41:e5:c6:80:ae:d0:c0:57:8e:37:43:0d:c9:69:e0:df:
03:09:ef:66:66:83:62:df:b7:c6:e0:a9:c0:42:aa:b1:6c:6c:
b3:6f:51:64:57:31:15:aa:e2:c0:f4:95:c5:12:2e:e4:a6:5f:
78:e1:16:e0:60:4d:1e:87:bc:18:c1:21:34:bc:ce:f6:19:3c:
1c:ad:9a:85:21:3e:bb:ba:3b:23:b8:e2:43:04:ae:fa:6d:6b:
9f:69:38:5e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDIzBhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmNjMmJiYWYzZTBkNDM0MmEwMTRmOGI3MGY4NzNjZWU5YThjYWM1MB4XDTIyMDEw
MTEwNTg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJkODg3ZDY1Zjc2
YzJhMzUxODAzOTAxYjg2ZjAzMzM3YTI4ZDZiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1GPlK9f8dVS5FKgko3ptGQpeCdBLuvoOqO2x2fPoTx6xdY
fHwbzJpyTbjgFyPtlOUG+z3fIQV8AKvZbegEzyLvR2Q6CjSkcxThZ45zDlIRQLEU
UzZi8FnK7NGdFSeUSKMS5lo+YugeGDOT1i5Nb4Gx/6BntbfZMi8HSt4NBcu/r9kV
LAoylGC6f8aUARH0YCzJ8UNu/qieUiGbNL+3vhnVkhQ3eNaQ9jLPcGAWgUlXJ3qu
aecsudz7IbOZFA9ujDgFH4MIHFFQd6FLTLYXh1jHzbSfq/u2lBkSxq4yVcJEmtCS
7atFuvn6LyMOpXF+9tggzQZYsIfGWkJLaUiJbXUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQC2IfWX3bCo1GAOQG4bwMzeijWvTAfBgNVHSMEGDAWgBTbzCu68+DUNCoB
T4tw+HPO6ajKxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzI4d3J1dlBnMURRcUFVLUxjUGh6enVtb3lzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvNDE0ZWY0LTRjMWYtNDI1Ni04OGM5LWY0ZDVlODRhYzFkZC8x
L0F0aUgxbDkyd3FOUmdEa0J1RzhETTNvbzFyMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
NDE0ZWY0LTRjMWYtNDI1Ni04OGM5LWY0ZDVlODRhYzFkZC8xLzI4d3J1dlBnMURR
cUFVLUxjUGh6enVtb3lzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBj6FwAMEAMEQ6jANBAIAAjAHAwUA
IAFBKDANBgkqhkiG9w0BAQsFAAOCAQEAAW9Knm/dLVbE07oq1XA5U30jJ3FtXyXy
cvkBgwnkz7ashBMHORtHftfIFmb7pQF6sSgxLN303oDfE09oDGhsm63y3Sl2deLr
oVgzw2ZFYbiMo9VdpaDvOwbkzWelUvrOAkkPO3ra9E9tDW66hC6s38ZpDHqTBtlB
hrVVqcXKVTZgWMIQrAMO8uoI5VLHPks4TTe4bR1+4r5cvHjxwk4Zd7Q2A25B5caA
rtDAV443Qw3JaeDfAwnvZmaDYt+3xuCpwEKqsWxss29RZFcxFariwPSVxRIu5KZf
eOEW4GBNHoe8GMEhNLzO9hk8HK2ahSE+u7o7I7jiQwSu+m1rn2k4Xg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:39 2023 by rpki-client on console-fra.rpki-client.org