Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/1QvczMlDdibHmPAo1kHizu_wEK8.roa
File: 1QvczMlDdibHmPAo1kHizu_wEK8.roa (raw, json)
Hash identifier: lZW3uv9erUsT82G/ZFKq4iTuH0oKPAsI/fJybs5pvoc=
Subject key identifier: D5:0B:DC:CC:C9:43:76:26:C7:98:F0:28:D6:41:E2:CE:EF:F0:10:AF
Certificate issuer: /CN=5b6d178f13851306b5634df159716319f4d82478
Certificate serial: 0182B37F3944057550AEB759D2395F5E5B2D
Authority key identifier: 5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/1QvczMlDdibHmPAo1kHizu_wEK8.roa
Signing time: Fri 19 Aug 2022 00:27:15 +0000
ROA not before: Fri 19 Aug 2022 00:27:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 2a0e:36c2::/32 maxlen: 32
2a0e:36c0::/32 maxlen: 32
2a0e:36c6::/32 maxlen: 32
2a0e:36c3::/32 maxlen: 32
2a0e:36c1::/32 maxlen: 32
2a0e:36c5::/32 maxlen: 32
2a0e:36c0::/29 maxlen: 32
2a0e:36c7::/32 maxlen: 32
2a0e:36c4::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b3:7f:39:44:05:75:50:ae:b7:59:d2:39:5f:5e:5b:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b6d178f13851306b5634df159716319f4d82478
Validity
Not Before: Aug 19 00:27:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d50bdcccc9437626c798f028d641e2ceeff010af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:9f:c5:9c:21:92:6f:7a:e4:8d:5b:b9:07:b8:
25:d5:a3:1a:7e:a0:7b:d4:8a:e2:ca:9e:13:d0:df:
b7:f7:ea:1d:b1:b9:31:30:27:11:9e:8c:ff:cd:e5:
68:58:2e:b1:99:9d:30:dc:d5:50:c1:d1:f0:d7:a5:
59:de:08:43:2b:00:c1:84:62:f6:3c:ea:24:7a:7b:
44:b4:49:9a:ae:24:ac:44:bc:83:0f:c6:6d:f2:92:
96:3e:07:29:48:3d:f9:c1:4e:4e:8d:30:ed:27:22:
df:5f:68:d7:f5:b3:a6:53:d2:7f:34:ec:0a:49:59:
f9:a3:26:94:ae:fc:8f:0b:1e:80:0a:46:cf:4e:c0:
f2:ab:d0:4c:d1:f4:af:e9:21:6e:18:cf:a2:21:b6:
56:3d:a7:03:ad:b3:da:3e:e9:d8:af:f7:d9:e0:a3:
73:62:bc:2a:4f:cb:f7:95:c3:f2:36:74:4d:af:6a:
c6:3f:f5:a6:55:cf:63:f6:b3:9c:6d:c4:d7:c1:88:
e2:f3:83:d2:48:04:b2:95:34:c1:30:b1:1f:8a:06:
be:97:ee:22:e0:ba:6c:4a:5e:dd:dc:83:b7:ef:82:
d6:2b:f6:d6:90:27:60:01:9e:a3:10:cd:d4:21:8f:
8b:cb:1d:9c:9a:cb:8d:cc:92:74:1a:55:10:90:2b:
17:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:0B:DC:CC:C9:43:76:26:C7:98:F0:28:D6:41:E2:CE:EF:F0:10:AF
X509v3 Authority Key Identifier:
keyid:5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/1QvczMlDdibHmPAo1kHizu_wEK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/W20XjxOFEwa1Y03xWXFjGfTYJHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:50:a7:cb:43:9c:34:68:5b:1d:0f:9e:3e:63:2e:c1:c8:6c:
20:d4:21:af:ba:a0:3d:47:a4:4f:05:79:2e:ad:83:85:66:67:
b9:28:09:5e:91:d9:a6:23:24:6c:20:a0:0d:22:11:0d:30:14:
38:8b:ef:c1:ac:24:c6:b8:82:04:3f:73:72:f9:bf:b0:6a:8d:
6d:6f:f6:fc:ff:62:dc:f5:5d:18:dd:c0:61:78:b5:62:28:7f:
52:49:85:7d:9e:12:84:88:fa:9f:d2:9c:1c:25:13:72:e5:1c:
22:92:56:48:c0:1c:ee:da:ce:49:c3:9c:4a:f3:aa:4d:de:8b:
ba:78:a5:4d:43:d3:47:93:a0:6b:8c:42:c5:a0:47:70:95:47:
0f:88:a1:16:1a:29:9c:fe:98:13:31:aa:66:18:89:13:cc:ce:
90:9c:4a:3e:54:41:24:7a:1f:1a:70:d0:52:f2:c3:41:5d:81:
14:57:f3:59:d4:03:00:11:e8:86:79:08:8f:f5:a1:67:8f:34:
11:3c:cc:b5:25:e8:48:7c:77:36:06:e9:35:a5:31:4c:55:f5:
b0:28:29:f1:67:d5:c3:ad:cc:9b:29:dc:cf:16:3f:ff:7c:2d:
99:2b:5c:49:f2:33:14:bb:76:b6:22:72:13:b1:a1:22:8e:32:
3c:20:8d:37
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYKzfzlEBXVQrrdZ0jlfXlstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNmQxNzhmMTM4NTEzMDZiNTYzNGRmMTU5NzE2MzE5ZjRk
ODI0NzgwHhcNMjIwODE5MDAyNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTBiZGNjY2M5NDM3NjI2Yzc5OGYwMjhkNjQxZTJjZWVmZjAxMGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Z/FnCGSb3rkjVu5B7gl1aMafqB7
1Iriyp4T0N+39+odsbkxMCcRnoz/zeVoWC6xmZ0w3NVQwdHw16VZ3ghDKwDBhGL2
POokentEtEmariSsRLyDD8Zt8pKWPgcpSD35wU5OjTDtJyLfX2jX9bOmU9J/NOwK
SVn5oyaUrvyPCx6ACkbPTsDyq9BM0fSv6SFuGM+iIbZWPacDrbPaPunYr/fZ4KNz
YrwqT8v3lcPyNnRNr2rGP/WmVc9j9rOcbcTXwYji84PSSASylTTBMLEfiga+l+4i
4LpsSl7d3IO374LWK/bWkCdgAZ6jEM3UIY+Lyx2cmsuNzJJ0GlUQkCsXxQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNUL3MzJQ3Ymx5jwKNZB4s7v8BCvMB8GA1UdIwQY
MBaAFFttF48ThRMGtWNN8VlxYxn02CR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2It
NGJiOTRjYmMyZTczLzEvMVF2Y3pNbERkaWJIbVBBbzFrSGl6dV93RUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2ItNGJiOTRjYmMyZTcz
LzEvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg42wDAN
BgkqhkiG9w0BAQsFAAOCAQEAO1Cny0OcNGhbHQ+ePmMuwchsINQhr7qgPUekTwV5
Lq2DhWZnuSgJXpHZpiMkbCCgDSIRDTAUOIvvwawkxriCBD9zcvm/sGqNbW/2/P9i
3PVdGN3AYXi1Yih/UkmFfZ4ShIj6n9KcHCUTcuUcIpJWSMAc7trOScOcSvOqTd6L
unilTUPTR5Oga4xCxaBHcJVHD4ihFhopnP6YEzGqZhiJE8zOkJxKPlRBJHofGnDQ
UvLDQV2BFFfzWdQDABHohnkIj/WhZ480ETzMtSXoSHx3NgbpNaUxTFX1sCgp8WfV
w63MmynczxY//3wtmStcSfIzFLt2tiJyE7GhIo4yPCCNNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:47 2024 by rpki-client on console-fra.rpki-client.org