Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/tyFK-fEPei7L4U539od7L05Dvd0.roa
File: tyFK-fEPei7L4U539od7L05Dvd0.roa (raw, json)
Hash identifier: Xm5D+164P9QmwsadI1+HfIICAtaknvhpzdLlFPpaMYE=
Subject key identifier: B7:21:4A:F9:F1:0F:7A:2E:CB:E1:4E:77:F6:87:7B:2F:4E:43:BD:DD
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0182A1B2F8BF42F237CAB8C24A0722148D1F
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/tyFK-fEPei7L4U539od7L05Dvd0.roa
Signing time: Mon 15 Aug 2022 13:30:37 +0000
ROA not before: Mon 15 Aug 2022 13:30:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 85.239.34.0/24 maxlen: 24
85.239.44.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a1:b2:f8:bf:42:f2:37:ca:b8:c2:4a:07:22:14:8d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Aug 15 13:30:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7214af9f10f7a2ecbe14e77f6877b2f4e43bddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:17:3a:a6:e5:31:2d:78:a9:bf:06:ec:15:97:
ef:cb:6a:d9:cb:e6:cc:c8:7c:d1:64:f8:d2:79:e6:
cb:32:94:07:b4:4b:c7:d5:3b:82:28:09:93:f5:07:
92:73:44:40:a0:16:f0:61:09:be:88:8a:9e:b3:85:
d6:02:4d:91:ea:a8:45:99:53:54:cd:76:bf:c8:28:
af:ec:7e:8c:3b:42:4d:4b:94:f1:cc:dc:2c:82:2a:
07:02:99:4d:0b:60:4f:2c:db:fd:09:f8:1f:44:b0:
f8:26:05:90:55:c8:13:74:18:72:84:ea:61:13:42:
5a:62:c2:ad:bb:dd:ba:98:db:84:a6:4b:69:43:dd:
73:96:71:50:1d:5f:47:03:60:43:14:92:08:86:b2:
fe:22:b1:f9:5c:12:5e:63:a1:9b:dd:6f:4a:15:1a:
68:2a:86:d1:3b:31:a2:93:0e:e8:65:c0:28:16:6e:
98:96:da:71:ee:da:74:c9:1d:cb:c6:fa:dc:f5:69:
35:8f:ee:cc:83:b5:0e:c0:98:4d:59:11:21:24:b2:
c0:db:a8:41:49:f4:83:cf:a3:e2:5e:05:c2:f9:0b:
03:cf:5f:62:87:a4:98:ea:7a:60:11:7e:5a:d5:41:
39:40:a7:df:dc:b5:47:6d:b0:29:5d:e1:99:0e:78:
34:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:21:4A:F9:F1:0F:7A:2E:CB:E1:4E:77:F6:87:7B:2F:4E:43:BD:DD
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/tyFK-fEPei7L4U539od7L05Dvd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.34.0/24
85.239.44.0/22
Signature Algorithm: sha256WithRSAEncryption
69:bd:cb:a4:dd:dc:b4:4d:ce:af:45:6e:0f:81:91:5b:96:a3:
f4:50:4b:fc:66:38:49:ac:d6:12:c6:68:20:9e:69:ac:5b:ed:
b4:a7:2e:25:5f:a3:a6:7d:9c:45:59:1e:0e:b4:58:4b:f4:79:
45:bf:51:d6:d3:46:1c:23:12:08:2b:6b:df:8f:cb:25:32:a0:
d5:b6:4b:c9:35:d3:27:dc:88:97:cf:63:3e:27:b8:e8:5d:a1:
9a:72:b6:bd:a6:0f:70:a4:cf:33:41:cd:5b:a3:a8:79:7f:2e:
6f:15:7c:e0:b9:a4:ea:18:56:0b:a3:13:02:ad:67:7c:20:2b:
4c:7a:8c:09:51:47:60:5e:0b:40:1e:71:7d:76:c7:18:74:8e:
18:12:88:c1:d3:4a:9e:ac:09:a7:90:3b:6b:8d:fa:85:74:ba:
88:0e:47:c7:a8:fb:67:27:89:9b:6d:fe:b2:87:38:81:d6:a1:
99:1c:af:84:40:a9:a5:88:4a:49:81:72:fc:35:60:f5:ae:ba:
f0:38:ed:ce:7b:0a:01:ca:85:65:50:d7:79:fe:8e:03:95:f0:
9c:96:0b:4f:2d:70:16:20:3e:df:24:33:83:99:e7:c5:1c:c5:
e1:4d:63:a6:14:1e:a2:87:7b:71:74:d4:7f:c2:99:61:e8:6b:
43:88:90:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKhsvi/QvI3yrjCSgciFI0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjIwODE1MTMzMDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzIxNGFmOWYxMGY3YTJlY2JlMTRlNzdmNjg3N2IyZjRlNDNiZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBc6puUxLXipvwbsFZfvy2rZy+bM
yHzRZPjSeebLMpQHtEvH1TuCKAmT9QeSc0RAoBbwYQm+iIqes4XWAk2R6qhFmVNU
zXa/yCiv7H6MO0JNS5TxzNwsgioHAplNC2BPLNv9CfgfRLD4JgWQVcgTdBhyhOph
E0JaYsKtu926mNuEpktpQ91zlnFQHV9HA2BDFJIIhrL+IrH5XBJeY6Gb3W9KFRpo
KobROzGikw7oZcAoFm6Yltpx7tp0yR3Lxvrc9Wk1j+7Mg7UOwJhNWREhJLLA26hB
SfSDz6PiXgXC+QsDz19ih6SY6npgEX5a1UE5QKff3LVHbbApXeGZDng03wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLchSvnxD3ouy+FOd/aHey9OQ73dMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvdHlGSy1mRVBlaTdMNFU1MzlvZDdMMDVEdmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe8iAwQC
Ve8sMA0GCSqGSIb3DQEBCwUAA4IBAQBpvcuk3dy0Tc6vRW4PgZFblqP0UEv8ZjhJ
rNYSxmggnmmsW+20py4lX6OmfZxFWR4OtFhL9HlFv1HW00YcIxIIK2vfj8slMqDV
tkvJNdMn3IiXz2M+J7joXaGacra9pg9wpM8zQc1bo6h5fy5vFXzguaTqGFYLoxMC
rWd8ICtMeowJUUdgXgtAHnF9dscYdI4YEojB00qerAmnkDtrjfqFdLqIDkfHqPtn
J4mbbf6yhziB1qGZHK+EQKmliEpJgXL8NWD1rrrwOO3OewoByoVlUNd5/o4DlfCc
lgtPLXAWID7fJDODmefFHMXhTWOmFB6ih3txdNR/wplh6GtDiJCF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org