Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/3ZTEMOzZi8I62dUov5mPntP77v4.roa
File: 3ZTEMOzZi8I62dUov5mPntP77v4.roa (raw, json)
Hash identifier: RfGDPCfrwUEMqb1gDx8LADSntDtFnnVOlTlVmC9wX5E=
Subject key identifier: DD:94:C4:30:EC:D9:8B:C2:3A:D9:D5:28:BF:99:8F:9E:D3:FB:EE:FE
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01839F49511A734D2901DE1DE34816B88378
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/3ZTEMOzZi8I62dUov5mPntP77v4.roa
Signing time: Mon 03 Oct 2022 19:18:45 +0000
ROA not before: Mon 03 Oct 2022 19:18:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25211
IP address blocks: 85.239.144.0/22 maxlen: 22
85.239.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9f:49:51:1a:73:4d:29:01:de:1d:e3:48:16:b8:83:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Oct 3 19:18:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd94c430ecd98bc23ad9d528bf998f9ed3fbeefe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e2:ee:c8:8a:20:9f:57:b1:b2:6b:d1:0b:25:
02:28:c9:54:8a:1d:87:aa:b5:76:87:70:de:bf:46:
e2:fc:a4:62:7b:fc:02:62:8b:ba:cd:ee:65:1a:75:
30:e6:b8:e0:0f:45:21:cb:65:7d:9a:86:d1:f0:0a:
0d:0a:6b:d5:81:45:19:17:8a:a2:00:4a:2b:7e:78:
27:97:01:75:92:f6:1e:04:09:a8:14:df:33:48:28:
58:96:90:72:e6:33:41:ba:ef:e7:da:67:da:71:29:
38:96:be:78:93:16:17:17:a3:48:47:aa:62:46:57:
76:3e:ba:7b:b6:58:d7:d9:9f:7a:e8:96:69:aa:74:
b5:03:ae:10:96:cf:17:d9:9f:c8:74:d1:2e:05:e1:
81:4e:d1:62:70:74:a4:bb:1c:d0:0a:c4:a6:41:27:
28:de:15:6b:b2:b2:4e:84:8e:e9:27:cc:3c:85:10:
70:b1:c1:8b:43:fc:af:7f:e3:3a:a6:07:33:88:02:
1e:b0:43:22:f9:a0:81:ae:9d:c0:08:58:08:9b:dc:
8c:bf:3d:53:bf:5a:03:dc:29:6c:bc:12:ee:39:95:
a2:5e:e5:94:ba:3a:8d:11:26:57:cb:a2:4f:12:16:
53:45:52:b3:e1:52:2a:b9:9c:79:40:39:15:0a:17:
10:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:94:C4:30:EC:D9:8B:C2:3A:D9:D5:28:BF:99:8F:9E:D3:FB:EE:FE
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/3ZTEMOzZi8I62dUov5mPntP77v4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/22
85.239.150.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:a5:37:72:d2:3e:02:7a:e5:26:83:e8:b9:d4:ad:35:bf:af:
15:ae:7c:41:76:af:34:cf:24:32:60:9d:b3:0c:95:6a:26:3f:
49:3f:09:5f:8d:01:10:66:98:35:3e:84:8d:00:e1:aa:64:20:
a2:62:f9:8e:52:db:8a:57:a8:28:4d:27:80:b2:c7:f7:32:58:
f4:91:fc:e9:8d:62:0d:f5:27:ee:14:7d:9b:0c:f6:e6:a8:50:
9d:09:cb:61:9f:a0:4b:e3:34:cd:ec:48:94:c5:9d:6a:95:71:
6f:30:a9:01:19:14:cd:fe:cc:29:65:ff:0e:4f:23:eb:ff:b9:
60:2b:1f:2d:6f:7c:09:8c:83:42:b2:60:c4:37:3c:95:32:a9:
4d:25:c7:8e:6e:76:84:80:99:41:f0:d9:27:b5:f5:da:41:a5:
91:1e:f8:53:fa:4b:67:ba:af:a7:13:db:3a:26:b1:83:85:2a:
52:18:a0:41:70:4a:6a:79:5d:43:ee:77:22:7c:a7:95:a6:46:
ff:ea:60:0b:7c:88:01:2a:15:28:5b:50:ea:ba:00:9c:4e:a4:
c2:ab:84:7a:27:88:55:6e:8b:ff:ee:ce:52:65:ec:6f:d6:04:
ce:e2:0c:bf:44:dd:b1:a8:34:43:e8:d2:50:e1:6d:3f:fd:93:
42:30:ce:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYOfSVEac00pAd4d40gWuIN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjIxMDAzMTkxODQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDk0YzQzMGVjZDk4YmMyM2FkOWQ1MjhiZjk5OGY5ZWQzZmJlZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+LuyIogn1exsmvRCyUCKMlUih2H
qrV2h3Dev0bi/KRie/wCYou6ze5lGnUw5rjgD0Uhy2V9mobR8AoNCmvVgUUZF4qi
AEorfngnlwF1kvYeBAmoFN8zSChYlpBy5jNBuu/n2mfacSk4lr54kxYXF6NIR6pi
Rld2Prp7tljX2Z966JZpqnS1A64Qls8X2Z/IdNEuBeGBTtFicHSkuxzQCsSmQSco
3hVrsrJOhI7pJ8w8hRBwscGLQ/yvf+M6pgcziAIesEMi+aCBrp3ACFgIm9yMvz1T
v1oD3ClsvBLuOZWiXuWUujqNESZXy6JPEhZTRVKz4VIquZx5QDkVChcQmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN2UxDDs2YvCOtnVKL+Zj57T++7+MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvM1pURU1PelppOEk2MmRVb3Y1bVBudFA3N3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVe+QAwQA
Ve+WMA0GCSqGSIb3DQEBCwUAA4IBAQDCpTdy0j4CeuUmg+i51K01v68VrnxBdq80
zyQyYJ2zDJVqJj9JPwlfjQEQZpg1PoSNAOGqZCCiYvmOUtuKV6goTSeAssf3Mlj0
kfzpjWIN9SfuFH2bDPbmqFCdCcthn6BL4zTN7EiUxZ1qlXFvMKkBGRTN/swpZf8O
TyPr/7lgKx8tb3wJjINCsmDENzyVMqlNJceObnaEgJlB8NkntfXaQaWRHvhT+ktn
uq+nE9s6JrGDhSpSGKBBcEpqeV1D7ncifKeVpkb/6mALfIgBKhUoW1DqugCcTqTC
q4R6J4hVbov/7s5SZexv1gTO4gy/RN2xqDRD6NJQ4W0//ZNCMM5V
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org