Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/aVg4Tr00a-PZ_cMJtizGbs2LqpY.roa
File: aVg4Tr00a-PZ_cMJtizGbs2LqpY.roa (raw, json)
Hash identifier: afCT+4nuzShauZQHG9OnQ1J5tQWq4x7XGGWPeHaDrT0=
Subject key identifier: 69:58:38:4E:BD:34:6B:E3:D9:FD:C3:09:B6:2C:C6:6E:CD:8B:AA:96
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0A29824E
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/aVg4Tr00a-PZ_cMJtizGbs2LqpY.roa
Signing time: Sat 01 Jan 2022 14:59:15 +0000
ROA not before: Sat 01 Jan 2022 14:59:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35178
IP address blocks: 85.239.32.0/24 maxlen: 24
2a07:7dc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170492494 (0xa29824e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 1 14:59:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6958384ebd346be3d9fdc309b62cc66ecd8baa96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:56:7c:ca:94:3d:94:b4:5b:c2:95:6f:e6:8e:
ca:69:39:4a:e8:00:80:ac:0d:8d:78:58:98:92:0e:
2e:17:eb:00:98:02:ef:6c:7d:1d:57:93:e0:fd:5d:
1f:bb:e4:8d:49:2f:2a:be:7e:95:80:8b:6d:29:49:
86:35:d1:e3:cc:6f:1f:bb:8a:d4:b9:b8:76:95:a8:
eb:cb:5b:ad:56:44:bc:98:3a:b9:bc:e8:4c:0c:e9:
72:fc:21:23:cd:2b:a9:d5:de:91:d8:a8:26:ea:78:
fe:c6:04:75:30:94:9a:d5:98:c4:09:3f:63:b2:82:
bf:3c:cc:29:6b:85:fb:8a:98:f3:d8:e1:32:42:6d:
3d:f6:02:59:6d:a0:b2:36:9c:6a:93:96:08:4d:8b:
df:98:88:13:cf:e6:5d:4d:00:9f:d0:20:18:a8:03:
c9:1b:76:41:f8:b1:31:44:bb:7b:e9:7d:34:68:0e:
34:50:7b:5e:0e:3c:91:99:db:9f:e8:81:e9:34:cd:
33:37:99:61:35:4e:25:eb:a7:27:be:dd:34:5d:22:
5c:45:f6:c1:98:2a:20:d6:63:43:8d:09:b3:b3:d6:
42:e5:da:33:08:d1:cf:23:3b:56:c5:2d:23:1a:42:
88:cc:56:2e:06:5e:9b:80:9a:e8:58:1d:a5:38:d9:
89:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:58:38:4E:BD:34:6B:E3:D9:FD:C3:09:B6:2C:C6:6E:CD:8B:AA:96
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/aVg4Tr00a-PZ_cMJtizGbs2LqpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.32.0/24
IPv6:
2a07:7dc0::/29
Signature Algorithm: sha256WithRSAEncryption
81:23:f2:96:f0:10:63:45:e4:fd:db:7a:32:c7:a8:99:d3:6c:
6f:5d:25:b6:28:92:41:1f:e4:08:75:34:e1:fa:10:c4:d4:ce:
5b:a5:45:e1:3a:b1:db:99:cf:3b:fe:6d:6a:02:5f:34:5f:a9:
bc:4a:96:06:0a:f5:6f:9f:2e:f9:e2:6c:cb:aa:c7:7d:3a:58:
88:ef:98:df:1a:cd:7a:59:a2:f6:fe:f1:7a:0c:c0:ff:f7:10:
2e:89:22:39:be:68:a0:6c:4f:b2:33:37:0f:69:38:94:ab:40:
d6:30:5f:e8:f9:1f:6d:43:2e:0f:64:29:08:de:ed:b1:99:96:
39:e0:49:b1:91:33:7e:ed:16:eb:02:07:e3:54:f1:95:9e:5f:
ab:08:d0:73:64:18:47:40:f8:70:ea:94:8c:a7:ea:5b:ef:da:
ba:59:a9:c9:0d:0b:c9:4e:67:91:59:ad:29:a2:02:f1:20:19:
0d:ce:1f:bf:7b:4e:0b:b1:bc:f5:4f:1a:b3:9d:b5:27:ba:5c:
be:a0:11:16:56:ee:fb:0a:f5:a5:9a:f2:c8:99:12:46:fc:2a:
9b:cb:fc:88:d6:6f:c0:74:59:f0:72:a0:50:d6:b8:0c:8a:bf:
15:ac:e7:50:ca:96:16:cd:18:81:d8:65:e6:c8:8b:a7:70:03:
15:aa:d3:04
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECimCTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjdlYzk0MjNiZjkwYzgxZDIyZDk0ODQxYzEwMzU3YTU0MjYwMzc5MB4XDTIyMDEw
MTE0NTkxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjk1ODM4NGViZDM0
NmJlM2Q5ZmRjMzA5YjYyY2M2NmVjZDhiYWE5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxWfMqUPZS0W8KVb+aOymk5SugAgKwNjXhYmJIOLhfrAJgC
72x9HVeT4P1dH7vkjUkvKr5+lYCLbSlJhjXR48xvH7uK1Lm4dpWo68tbrVZEvJg6
ubzoTAzpcvwhI80rqdXekdioJup4/sYEdTCUmtWYxAk/Y7KCvzzMKWuF+4qY89jh
MkJtPfYCWW2gsjacapOWCE2L35iIE8/mXU0An9AgGKgDyRt2QfixMUS7e+l9NGgO
NFB7Xg48kZnbn+iB6TTNMzeZYTVOJeunJ77dNF0iXEX2wZgqINZjQ40Js7PWQuXa
MwjRzyM7VsUtIxpCiMxWLgZem4Ca6FgdpTjZiVMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRpWDhOvTRr49n9wwm2LMZuzYuqljAfBgNVHSMEGDAWgBQ7fslCO/kMgdIt
lIQcEDV6VCYDeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08zN0pRanY1RElIU0xaU0VIQkExZWxRbUEzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvOGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8x
L2FWZzRUcjAwYS1QWl9jTUp0aXpHYnMyTHFwWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
OGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8xL08zN0pRanY1RElI
U0xaU0VIQkExZWxRbUEzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFXvIDANBAIAAjAHAwUDKgd9wDAN
BgkqhkiG9w0BAQsFAAOCAQEAgSPylvAQY0Xk/dt6MseomdNsb10ltiiSQR/kCHU0
4foQxNTOW6VF4Tqx25nPO/5tagJfNF+pvEqWBgr1b58u+eJsy6rHfTpYiO+Y3xrN
elmi9v7xegzA//cQLokiOb5ooGxPsjM3D2k4lKtA1jBf6PkfbUMuD2QpCN7tsZmW
OeBJsZEzfu0W6wIH41TxlZ5fqwjQc2QYR0D4cOqUjKfqW+/aulmpyQ0LyU5nkVmt
KaIC8SAZDc4fv3tOC7G89U8as521J7pcvqARFlbu+wr1pZryyJkSRvwqm8v8iNZv
wHRZ8HKgUNa4DIq/FaznUMqWFs0Ygdhl5siLp3ADFarTBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org