Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/6sWxK9M2L3G3msYjjw0h09WXh7Q.roa
File: 6sWxK9M2L3G3msYjjw0h09WXh7Q.roa (raw, json)
Hash identifier: w/PAOXGSCxtahPhommVn2S7YrIoN9OgcY5d4oyQPDAQ=
Subject key identifier: EA:C5:B1:2B:D3:36:2F:71:B7:9A:C6:23:8F:0D:21:D3:D5:97:87:B4
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 085C2C76
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/6sWxK9M2L3G3msYjjw0h09WXh7Q.roa
Signing time: Sat 01 Jan 2022 10:54:25 +0000
ROA not before: Sat 01 Jan 2022 10:54:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31400
IP address blocks: 194.126.196.0/24 maxlen: 24
2a03:2902::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140258422 (0x85c2c76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Jan 1 10:54:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eac5b12bd3362f71b79ac6238f0d21d3d59787b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8d:2e:d2:41:2d:4b:ec:34:04:7e:e3:38:04:
68:6b:35:d9:d7:85:fc:d7:ea:5c:ed:9d:f4:98:7c:
42:6b:d7:fc:bb:06:cb:cd:84:f1:d2:61:90:b6:1c:
8d:98:00:4e:ca:5a:05:4c:e4:7e:5e:7e:ff:7a:63:
bf:a3:c2:f0:96:80:0b:29:e4:c2:de:c1:b2:7c:13:
b3:f1:b0:1e:04:b0:b9:25:b8:89:d8:13:1c:74:2a:
79:4c:ef:eb:65:27:a7:ec:ff:91:cf:b2:23:c5:b4:
d7:48:21:5c:51:99:1a:9a:f8:f6:a6:ad:41:84:8d:
4c:49:aa:1c:48:5c:2b:90:31:2a:50:16:e6:42:0f:
4f:52:c0:f8:17:c2:58:87:77:ba:4b:55:85:93:e7:
69:e7:98:71:f6:89:ed:89:3c:2b:1d:9a:9c:16:d5:
92:fe:fb:4b:f9:e1:07:b2:e8:95:f2:99:b5:ff:07:
0b:d9:4e:23:0a:51:2c:c2:d8:33:35:29:cb:9d:f8:
32:d5:de:ca:21:02:47:7b:7e:b3:d4:c8:b7:aa:ba:
81:83:7b:19:87:91:d8:65:93:e5:7e:c4:62:f5:a5:
29:60:f4:61:5e:84:be:f0:5b:81:02:fa:b3:1b:97:
9b:2a:ec:4b:b3:f8:19:bc:19:bb:4a:25:08:49:cb:
ba:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:C5:B1:2B:D3:36:2F:71:B7:9A:C6:23:8F:0D:21:D3:D5:97:87:B4
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/6sWxK9M2L3G3msYjjw0h09WXh7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.196.0/24
IPv6:
2a03:2902::/32
Signature Algorithm: sha256WithRSAEncryption
9b:f1:f2:cd:ce:87:ee:ae:9d:94:46:6e:95:c6:6f:de:9b:9b:
93:a9:eb:74:a0:57:bf:5e:25:8d:87:cd:db:61:06:ed:f7:a1:
7d:46:56:cb:6f:36:b4:c0:28:b9:c2:c0:bd:bd:91:10:f1:5d:
93:90:95:f9:18:05:2b:7d:fc:70:c6:76:86:c6:bf:72:42:03:
7e:71:d1:d5:9c:02:c5:80:35:5f:25:3f:3e:ea:45:ab:3e:53:
88:06:82:13:2b:a7:30:e1:89:e2:74:53:69:2e:2b:a2:f5:d5:
65:16:36:e8:db:a6:97:46:33:30:07:88:62:61:5c:fc:5c:f3:
03:89:55:f7:3d:ad:47:18:68:55:e5:ac:39:12:4c:0c:1a:8f:
a3:50:18:4e:98:29:61:69:23:b1:31:ef:c3:e2:be:ba:e2:7c:
33:c2:74:10:74:f2:07:cd:bb:f7:31:8b:67:17:a3:d3:ad:19:
14:a1:b4:f0:d0:24:5d:85:04:7b:41:0a:7d:89:b6:b8:54:50:
59:d2:74:43:6a:5b:81:2e:46:38:18:d7:51:e9:bd:84:1b:67:
75:68:d8:db:27:15:b6:06:5d:f2:32:00:b1:fc:47:fd:3f:8c:
5b:a2:6b:a0:3f:d9:80:67:25:64:3e:62:ef:62:b1:84:a3:b1:
24:7e:23:89
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECFwsdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDVmZjljYzg5YzY2YThhM2E1ZDczNGEwZDY1YzYxZmRjODUxOGJlMB4XDTIyMDEw
MTEwNTQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWFjNWIxMmJkMzM2
MmY3MWI3OWFjNjIzOGYwZDIxZDNkNTk3ODdiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeNLtJBLUvsNAR+4zgEaGs12deF/NfqXO2d9Jh8QmvX/LsG
y82E8dJhkLYcjZgATspaBUzkfl5+/3pjv6PC8JaACynkwt7BsnwTs/GwHgSwuSW4
idgTHHQqeUzv62Unp+z/kc+yI8W010ghXFGZGpr49qatQYSNTEmqHEhcK5AxKlAW
5kIPT1LA+BfCWId3uktVhZPnaeeYcfaJ7Yk8Kx2anBbVkv77S/nhB7LolfKZtf8H
C9lOIwpRLMLYMzUpy534MtXeyiECR3t+s9TIt6q6gYN7GYeR2GWT5X7EYvWlKWD0
YV6EvvBbgQL6sxuXmyrsS7P4GbwZu0olCEnLup0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTqxbEr0zYvcbeaxiOPDSHT1ZeHtDAfBgNVHSMEGDAWgBQAX/nMicZqijpd
c0oNZcYf3IUYvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FGXzV6SW5HYW9vNlhYTktEV1hHSDl5RkdMNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvZDUzYzc4LTBkNWItNDIzNy05OTk5LTBlMmQ2OTdiMjdlMy8x
LzZzV3hLOU0yTDNHM21zWWpqdzBoMDlXWGg3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
ZDUzYzc4LTBkNWItNDIzNy05OTk5LTBlMmQ2OTdiMjdlMy8xL0FGXzV6SW5HYW9v
NlhYTktEV1hHSDl5RkdMNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMJ+xDANBAIAAjAHAwUAKgMpAjAN
BgkqhkiG9w0BAQsFAAOCAQEAm/Hyzc6H7q6dlEZulcZv3pubk6nrdKBXv14ljYfN
22EG7fehfUZWy282tMAoucLAvb2REPFdk5CV+RgFK338cMZ2hsa/ckIDfnHR1ZwC
xYA1XyU/PupFqz5TiAaCEyunMOGJ4nRTaS4rovXVZRY26Numl0YzMAeIYmFc/Fzz
A4lV9z2tRxhoVeWsORJMDBqPo1AYTpgpYWkjsTHvw+K+uuJ8M8J0EHTyB8279zGL
Zxej060ZFKG08NAkXYUEe0EKfYm2uFRQWdJ0Q2pbgS5GOBjXUem9hBtndWjY2ycV
tgZd8jIAsfxH/T+MW6JroD/ZgGclZD5i72KxhKOxJH4jiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:29 2024 by rpki-client on console-ams.rpki-client.org