Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/_wPm-Vw6tv6UsSyzkvEgb4gxq0A.roa
File: _wPm-Vw6tv6UsSyzkvEgb4gxq0A.roa (raw, json)
Hash identifier: yJ3R7ll0A5NFcph9CPku514pJMeHS3yWCG+7C3LpXSM=
Subject key identifier: FF:03:E6:F9:5C:3A:B6:FE:94:B1:2C:B3:92:F1:20:6F:88:31:AB:40
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0182CC7F70E6691EBFBB03813BEF1F3E546E
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/_wPm-Vw6tv6UsSyzkvEgb4gxq0A.roa
Signing time: Tue 23 Aug 2022 20:58:00 +0000
ROA not before: Tue 23 Aug 2022 20:58:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49981
IP address blocks: 185.152.95.0/24 maxlen: 24
185.152.93.0/24 maxlen: 24
85.239.37.0/24 maxlen: 24
85.239.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:cc:7f:70:e6:69:1e:bf:bb:03:81:3b:ef:1f:3e:54:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Aug 23 20:58:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff03e6f95c3ab6fe94b12cb392f1206f8831ab40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:be:59:db:8e:a1:43:13:1d:7b:c9:85:55:24:
a8:08:d8:cc:75:b7:88:72:ea:de:38:0e:13:34:13:
96:ff:60:be:6c:38:00:22:2a:95:4b:e3:a5:76:11:
ad:ed:15:48:ab:fc:f9:fa:7c:3a:db:7c:6c:ab:23:
42:06:f7:9f:8e:7d:5b:76:5c:27:b0:12:ba:b6:e2:
46:b1:5a:52:f5:75:1b:22:bd:9a:9b:a4:2b:05:31:
c1:cf:23:e9:0e:fe:da:fc:63:90:95:15:fe:db:37:
23:a8:b6:85:61:62:70:dc:1f:41:8a:d6:26:a6:5b:
d6:a6:83:a0:05:95:b6:d7:4a:d6:5b:57:66:1f:f3:
e3:71:0f:c0:3e:74:d6:63:5a:f9:18:1b:67:30:02:
e1:97:2a:ff:5c:f7:0f:d2:a4:45:db:3b:69:92:6e:
83:1c:c6:98:be:59:1f:c9:e2:c3:5a:9d:7c:a9:ae:
e7:2c:55:ae:59:2d:cf:8b:41:53:05:3b:96:13:a6:
c2:99:35:d7:4f:62:10:cc:f6:d7:03:7c:1f:10:49:
37:bc:c0:55:30:c4:3b:ab:6d:d5:8b:73:bd:7a:84:
af:53:f3:79:a3:e8:36:45:29:ae:f5:05:2b:3e:f8:
b0:c0:71:be:0a:73:80:d6:2d:72:93:55:f4:78:c6:
ca:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:03:E6:F9:5C:3A:B6:FE:94:B1:2C:B3:92:F1:20:6F:88:31:AB:40
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/_wPm-Vw6tv6UsSyzkvEgb4gxq0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.37.0/24
85.239.39.0/24
185.152.93.0/24
185.152.95.0/24
Signature Algorithm: sha256WithRSAEncryption
25:5b:b8:0c:96:97:1a:80:c3:97:c2:4e:5d:46:40:28:aa:f9:
e7:92:be:a0:51:91:c3:64:46:74:8f:d9:7f:e9:18:5a:d8:79:
53:50:fa:78:b7:94:63:98:62:1b:8e:ee:06:2b:8a:00:8c:4c:
3f:de:5b:24:cd:89:ee:2f:2a:17:bd:48:16:b2:d5:47:b3:89:
65:cb:fc:0d:dd:e1:ac:70:ef:bb:18:9d:4b:17:59:94:a5:3f:
d3:3d:11:74:b8:73:3f:99:74:a0:f8:67:ca:4e:7a:13:1b:39:
f7:5a:bf:1d:60:3d:98:26:01:df:3c:f2:9d:83:9e:3b:82:21:
d8:b7:1b:65:b3:bd:7e:66:6c:b9:c0:fd:75:c9:ae:90:0a:5e:
e5:43:b5:ab:b3:29:a5:ba:2b:fe:df:8d:e8:b0:f6:f5:f0:d5:
64:bb:83:c7:7d:c4:09:9c:c3:33:87:73:3e:43:4b:ba:41:96:
24:73:83:42:1a:18:d6:40:28:98:76:26:61:6c:f7:45:0e:0f:
72:ee:68:cb:83:df:3c:e3:78:47:0c:db:87:6d:fa:48:b5:a4:
10:07:57:d2:9d:74:53:df:fd:57:13:a8:42:3e:82:eb:b3:5f:
0b:c8:b2:ea:b9:c6:43:0b:6b:8c:d7:5a:1d:c0:62:84:29:89:
6b:b1:f8:fa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYLMf3DmaR6/uwOBO+8fPlRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjIwODIzMjA1ODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjAzZTZmOTVjM2FiNmZlOTRiMTJjYjM5MmYxMjA2Zjg4MzFhYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv75Z246hQxMde8mFVSSoCNjMdbeI
cureOA4TNBOW/2C+bDgAIiqVS+OldhGt7RVIq/z5+nw623xsqyNCBvefjn1bdlwn
sBK6tuJGsVpS9XUbIr2am6QrBTHBzyPpDv7a/GOQlRX+2zcjqLaFYWJw3B9BitYm
plvWpoOgBZW210rWW1dmH/PjcQ/APnTWY1r5GBtnMALhlyr/XPcP0qRF2ztpkm6D
HMaYvlkfyeLDWp18qa7nLFWuWS3Pi0FTBTuWE6bCmTXXT2IQzPbXA3wfEEk3vMBV
MMQ7q23Vi3O9eoSvU/N5o+g2RSmu9QUrPviwwHG+CnOA1i1yk1X0eMbKIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP8D5vlcOrb+lLEss5LxIG+IMatAMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvX3dQbS1WdzZ0djZVc1N5emt2RWdiNGd4cTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVe8lAwQA
Ve8nAwQAuZhdAwQAuZhfMA0GCSqGSIb3DQEBCwUAA4IBAQAlW7gMlpcagMOXwk5d
RkAoqvnnkr6gUZHDZEZ0j9l/6Rha2HlTUPp4t5RjmGIbju4GK4oAjEw/3lskzYnu
LyoXvUgWstVHs4lly/wN3eGscO+7GJ1LF1mUpT/TPRF0uHM/mXSg+GfKTnoTGzn3
Wr8dYD2YJgHfPPKdg547giHYtxtls71+Zmy5wP11ya6QCl7lQ7Wrsymluiv+343o
sPb18NVku4PHfcQJnMMzh3M+Q0u6QZYkc4NCGhjWQCiYdiZhbPdFDg9y7mjLg988
43hHDNuHbfpItaQQB1fSnXRT3/1XE6hCPoLrs18LyLLqucZDC2uM11odwGKEKYlr
sfj6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org