Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DcGKFb6AjZZnzOwH8MiqO3aSyb0.roa
File: DcGKFb6AjZZnzOwH8MiqO3aSyb0.roa (raw, json)
Hash identifier: IvBAwFj+fR9sWEAhHe6RP4QA2kYoy1DzkG6GzJs01Ag=
Subject key identifier: 0D:C1:8A:15:BE:80:8D:96:67:CC:EC:07:F0:C8:AA:3B:76:92:C9:BD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01846790F5468D2C5C38395090B6D3A46085
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DcGKFb6AjZZnzOwH8MiqO3aSyb0.roa
Signing time: Fri 11 Nov 2022 16:41:03 +0000
ROA not before: Fri 11 Nov 2022 16:41:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136923
IP address blocks: 194.180.37.0/24 maxlen: 24
193.42.35.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:67:90:f5:46:8d:2c:5c:38:39:50:90:b6:d3:a4:60:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 11 16:41:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0dc18a15be808d9667ccec07f0c8aa3b7692c9bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6b:a3:4d:22:91:3a:59:cc:48:0d:52:c3:89:
33:4a:bb:2d:4d:cd:e4:a1:a7:e9:b6:d9:48:b5:a7:
12:d6:d0:1b:af:e6:a0:a9:61:b6:4f:e6:de:e6:dc:
9f:6a:c3:25:3f:37:98:51:ac:b7:c3:5b:28:b1:a8:
2e:c4:37:c7:41:d1:70:8e:81:30:36:43:23:18:ce:
87:8e:0e:1d:3d:fd:54:93:53:38:35:7f:cd:5b:34:
ae:41:72:7c:7f:91:5f:5c:00:4c:16:7a:04:52:d3:
1b:ab:71:ff:d6:04:a5:4a:1a:03:0c:90:16:5d:bb:
84:e9:57:42:0a:4f:40:45:39:4a:ca:76:39:2e:0a:
4e:11:6c:00:82:f3:74:b6:b4:a9:47:19:85:0f:3c:
e8:a2:41:23:05:7a:5a:bb:32:cb:ef:ce:dc:ea:88:
a7:3e:1a:01:a5:24:ae:c1:e0:5d:cd:88:60:ca:16:
74:91:ce:55:9f:db:5e:fb:81:89:86:12:4b:06:2f:
57:3b:73:fe:12:29:f1:bc:a3:5b:d5:2c:dc:22:f3:
87:8e:38:e7:b3:74:62:0f:b9:00:f9:53:1a:05:6a:
4c:a1:d6:32:91:87:fb:a9:29:83:84:81:05:6d:00:
69:41:86:6d:fb:72:bf:f7:9e:d0:4b:c6:e3:00:40:
a8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:C1:8A:15:BE:80:8D:96:67:CC:EC:07:F0:C8:AA:3B:76:92:C9:BD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DcGKFb6AjZZnzOwH8MiqO3aSyb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.240.0/24
193.42.35.0/24
194.180.37.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:07:31:0b:3b:02:18:c5:75:65:79:21:98:02:95:9b:2f:78:
b1:65:31:f5:0a:6e:c7:07:48:af:c3:89:f5:9c:31:f7:c5:bb:
aa:ff:4b:da:7c:18:2b:78:e7:64:b4:7b:17:5f:28:ce:99:33:
60:45:9d:93:65:87:e3:f3:66:aa:32:70:74:c3:aa:f1:c6:66:
b7:3c:6d:e3:90:85:25:7d:ba:a1:25:b2:34:41:cb:83:75:96:
13:bc:81:40:e0:34:37:ad:c7:fe:b3:9c:97:dd:ec:86:f8:28:
88:3d:55:84:f9:a3:77:d3:20:ad:28:bf:94:78:e2:a5:2d:b0:
05:96:b5:3a:21:6e:13:a2:bc:6c:aa:bd:97:8f:b4:33:72:0e:
f6:b1:cb:fa:f6:61:39:14:5f:9e:0c:43:f0:30:9c:eb:b3:f5:
c5:33:96:d1:41:af:3e:00:17:e2:ff:5a:a8:9f:57:a5:2e:1e:
ea:ea:ba:46:30:ca:66:24:ab:0f:0c:a4:19:9b:fd:7f:70:0e:
ce:15:c9:e8:35:6b:a8:8c:42:7c:5f:ba:41:9f:12:3b:5a:29:
91:66:59:ae:ab:d2:99:2c:f9:e5:3f:af:fe:22:dc:01:50:22:
99:33:6a:dc:b4:a2:d8:05:4e:08:84:c4:6a:17:3d:5d:a1:c3:
6c:a4:81:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRnkPVGjSxcODlQkLbTpGCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTExMTY0MTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGMxOGExNWJlODA4ZDk2NjdjY2VjMDdmMGM4YWEzYjc2OTJjOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2ujTSKROlnMSA1Sw4kzSrstTc3k
oafpttlItacS1tAbr+agqWG2T+be5tyfasMlPzeYUay3w1sosaguxDfHQdFwjoEw
NkMjGM6Hjg4dPf1Uk1M4NX/NWzSuQXJ8f5FfXABMFnoEUtMbq3H/1gSlShoDDJAW
XbuE6VdCCk9ARTlKynY5LgpOEWwAgvN0trSpRxmFDzzookEjBXpauzLL787c6oin
PhoBpSSuweBdzYhgyhZ0kc5Vn9te+4GJhhJLBi9XO3P+EinxvKNb1SzcIvOHjjjn
s3RiD7kA+VMaBWpModYykYf7qSmDhIEFbQBpQYZt+3K/957QS8bjAECoBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA3BihW+gI2WZ8zsB/DIqjt2ksm9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRGNHS0ZiNkFqWlpuek93SDhNaXFPM2FTeWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbc7wAwQA
wSojAwQAwrQlMA0GCSqGSIb3DQEBCwUAA4IBAQArBzELOwIYxXVleSGYApWbL3ix
ZTH1Cm7HB0ivw4n1nDH3xbuq/0vafBgreOdktHsXXyjOmTNgRZ2TZYfj82aqMnB0
w6rxxma3PG3jkIUlfbqhJbI0QcuDdZYTvIFA4DQ3rcf+s5yX3eyG+CiIPVWE+aN3
0yCtKL+UeOKlLbAFlrU6IW4Torxsqr2Xj7Qzcg72scv69mE5FF+eDEPwMJzrs/XF
M5bRQa8+ABfi/1qon1elLh7q6rpGMMpmJKsPDKQZm/1/cA7OFcnoNWuojEJ8X7pB
nxI7WimRZlmuq9KZLPnlP6/+ItwBUCKZM2rctKLYBU4IhMRqFz1docNspIHr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:33 2023 by rpki-client on console-ams.rpki-client.org