Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/DsTA7yRfXRgOegeh9oEv0SygzGU.roa
File: DsTA7yRfXRgOegeh9oEv0SygzGU.roa (raw, json)
Hash identifier: Q1Bofq6uICQljAL6/8m5TinXzh0Z/Fy6MKtw/iG9dls=
Subject key identifier: 0E:C4:C0:EF:24:5F:5D:18:0E:7A:07:A1:F6:81:2F:D1:2C:A0:CC:65
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 37EDEE4B
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/DsTA7yRfXRgOegeh9oEv0SygzGU.roa
Signing time: Sat 01 Jan 2022 06:01:00 +0000
ROA not before: Sat 01 Jan 2022 06:01:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198668
IP address blocks: 185.64.222.0/24 maxlen: 32
37.221.240.0/20 maxlen: 32
185.19.0.0/22 maxlen: 32
185.74.60.0/23 maxlen: 32
85.255.88.0/22 maxlen: 22
2a0d:3140::/29 maxlen: 29
2a03:d840:ffff::/48 maxlen: 48
2a04:c740::/29 maxlen: 48
2a03:d840::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 938339915 (0x37edee4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 1 06:01:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ec4c0ef245f5d180e7a07a1f6812fd12ca0cc65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9f:43:35:92:68:7f:fa:e0:59:71:0b:4d:fc:
48:9b:6a:9a:b4:6c:db:d0:56:4c:a4:38:ab:62:5b:
f8:a9:94:54:6f:53:41:d2:b0:53:02:c5:86:19:0f:
8b:6f:82:af:97:80:cb:a3:78:22:88:25:f3:87:68:
03:24:d0:de:dd:fe:69:43:37:81:4d:6b:e9:48:fd:
32:c3:dc:4c:2f:0f:36:24:27:66:4b:84:8b:c5:98:
05:b1:bd:ce:2f:ad:2f:72:e6:e9:65:4d:06:82:f9:
38:5e:b7:1a:f6:7a:d0:14:a7:d1:ab:b7:e1:6f:18:
a0:2b:4a:b4:1e:00:73:21:b9:b0:ab:ba:e5:87:22:
a5:c1:cb:8e:1d:e0:f4:90:54:2c:31:a4:15:64:48:
38:b3:86:74:63:1c:05:dc:18:ec:ae:4f:e5:0a:93:
a3:32:cf:72:8e:6e:5f:18:92:6b:a2:b5:13:91:e6:
a7:e5:d0:22:50:7a:c7:d5:b8:39:3d:fd:92:76:28:
0c:12:50:50:28:41:b6:d1:4c:97:ab:f2:8d:6b:dc:
7e:61:57:a4:f9:49:4e:98:39:b4:b4:5d:ea:7a:5d:
c0:fa:b1:82:0c:2a:f7:bc:f8:95:de:81:d7:bd:78:
09:cd:3c:1f:a2:94:be:12:02:11:c2:d3:ba:35:26:
67:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:C4:C0:EF:24:5F:5D:18:0E:7A:07:A1:F6:81:2F:D1:2C:A0:CC:65
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/DsTA7yRfXRgOegeh9oEv0SygzGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.240.0/20
85.255.88.0/22
185.19.0.0/22
185.64.222.0/24
185.74.60.0/23
IPv6:
2a03:d840::/32
2a04:c740::/29
2a0d:3140::/29
Signature Algorithm: sha256WithRSAEncryption
b6:dd:12:a0:c2:21:38:74:ef:8f:f7:a0:3a:bf:df:b4:e5:fc:
6c:58:ef:64:e8:3e:50:cf:d7:25:81:b7:fd:73:a7:7d:c5:fc:
a3:6b:6d:9e:2e:4e:99:ab:db:f4:69:03:72:57:35:c7:e7:8f:
92:9a:03:41:d2:0e:c7:1d:5a:24:37:71:ae:3a:87:66:a5:b0:
67:99:89:5b:28:8d:d9:48:b5:1b:5d:b1:3d:54:4d:97:30:5f:
0d:e3:50:29:c6:79:65:6c:67:e7:ad:7f:d0:30:c1:5a:a8:49:
88:6e:42:5a:e1:39:5e:6a:c2:ce:17:33:9f:44:48:4e:30:df:
01:b5:44:e2:74:78:47:96:e0:4e:82:af:a4:7f:c7:8e:00:1b:
29:ab:36:c3:dd:12:3e:9c:3a:da:00:1d:a3:28:2c:b0:c9:45:
5a:3e:77:9e:bb:7e:e7:60:f9:81:a2:db:96:f2:a6:8a:f6:e2:
15:c2:7c:3a:66:62:a5:a2:b1:4f:ca:cd:21:2d:c8:78:e2:c4:
f2:a5:ad:b9:a5:3f:bb:16:90:19:95:88:72:ab:5a:98:b1:53:
02:7e:b6:fa:a8:3b:02:d5:13:29:37:9a:a7:31:3a:5d:0d:e7:
72:9a:70:88:8b:a8:5c:5f:b6:32:46:00:9c:ec:fa:7b:99:b2:
77:54:96:22
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIEN+3uSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTlmMGY1ZmY2MjBlMGRiNTMxMWY2NDczNjkwOTk3M2FjNjBmNmYzMB4XDTIyMDEw
MTA2MDEwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGVjNGMwZWYyNDVm
NWQxODBlN2EwN2ExZjY4MTJmZDEyY2EwY2M2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMufQzWSaH/64FlxC038SJtqmrRs29BWTKQ4q2Jb+KmUVG9T
QdKwUwLFhhkPi2+Cr5eAy6N4Iogl84doAyTQ3t3+aUM3gU1r6Uj9MsPcTC8PNiQn
ZkuEi8WYBbG9zi+tL3Lm6WVNBoL5OF63GvZ60BSn0au34W8YoCtKtB4AcyG5sKu6
5YcipcHLjh3g9JBULDGkFWRIOLOGdGMcBdwY7K5P5QqTozLPco5uXxiSa6K1E5Hm
p+XQIlB6x9W4OT39knYoDBJQUChBttFMl6vyjWvcfmFXpPlJTpg5tLRd6npdwPqx
ggwq97z4ld6B1714Cc08H6KUvhICEcLTujUmZ58CAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBQOxMDvJF9dGA56B6H2gS/RLKDMZTAfBgNVHSMEGDAWgBQ1nw9f9iDg21MR
9kc2kJlzrGD28zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05aOFBYX1lnNE50VEVmWkhOcENaYzZ4Zzl2TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvNDBkOWE1LTI1NjYtNDllMS1hNTdiLWQxYWJmNGVlMzJjYi8x
L0RzVEE3eVJmWFJnT2VnZWg5b0V2MFN5Z3pHVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
NDBkOWE1LTI1NjYtNDllMS1hNTdiLWQxYWJmNGVlMzJjYi8xL05aOFBYX1lnNE50
VEVmWkhOcENaYzZ4Zzl2TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwJAQCAAEwHgMEBCXd8AMEAlX/WAMEArkTAAMEALlA
3gMEAblKPDAbBAIAAjAVAwUAKgPYQAMFAyoEx0ADBQMqDTFAMA0GCSqGSIb3DQEB
CwUAA4IBAQC23RKgwiE4dO+P96A6v9+05fxsWO9k6D5Qz9clgbf9c6d9xfyja22e
Lk6Zq9v0aQNyVzXH54+SmgNB0g7HHVokN3GuOodmpbBnmYlbKI3ZSLUbXbE9VE2X
MF8N41ApxnllbGfnrX/QMMFaqEmIbkJa4TleasLOFzOfREhOMN8BtUTidHhHluBO
gq+kf8eOABspqzbD3RI+nDraAB2jKCywyUVaPneeu37nYPmBotuW8qaK9uIVwnw6
ZmKlorFPys0hLch44sTypa25pT+7FpAZlYhyq1qYsVMCfrb6qDsC1RMpN5qnMTpd
DedymnCIi6hcX7YyRgCc7Pp7mbJ3VJYi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:32 2024 by rpki-client on console-fra.rpki-client.org