Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/v7s3L56qqOPwTGnW8EgydzmTpas.roa
File: v7s3L56qqOPwTGnW8EgydzmTpas.roa (raw, json)
Hash identifier: BrqugyQmFAHF04p9KqDzj5sCKbIBIucTkRyANXI8ZlA=
Subject key identifier: BF:BB:37:2F:9E:AA:A8:E3:F0:4C:69:D6:F0:48:32:77:39:93:A5:AB
Certificate issuer: /CN=5e35ed043c8de151bebdc09dfcbffcc7dc7759c7
Certificate serial: 0A7E22FF
Authority key identifier: 5E:35:ED:04:3C:8D:E1:51:BE:BD:C0:9D:FC:BF:FC:C7:DC:77:59:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XjXtBDyN4VG-vcCd_L_8x9x3Wcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/v7s3L56qqOPwTGnW8EgydzmTpas.roa
Signing time: Sat 01 Jan 2022 15:59:27 +0000
ROA not before: Sat 01 Jan 2022 15:59:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34942
IP address blocks: 185.100.36.0/22 maxlen: 24
193.189.139.0/24 maxlen: 24
2a06:340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176038655 (0xa7e22ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e35ed043c8de151bebdc09dfcbffcc7dc7759c7
Validity
Not Before: Jan 1 15:59:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bfbb372f9eaaa8e3f04c69d6f04832773993a5ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:07:21:25:db:16:19:05:d2:db:ff:8d:bb:28:
7f:51:e4:76:0a:ef:33:ef:4a:64:4f:07:15:8c:76:
de:80:ad:ca:97:f8:b7:fe:ac:1f:3c:40:00:0f:af:
c4:a6:03:ec:56:0b:cc:60:78:02:d1:ac:d1:ce:ea:
52:e5:72:db:a8:56:e4:cd:45:1a:af:0f:49:f0:c8:
fe:c7:ac:02:48:89:c4:15:8d:df:4b:5c:ff:06:82:
72:96:ae:1d:3f:7b:86:b3:70:c2:55:e9:b0:89:5c:
45:50:88:bb:33:ce:29:d4:bb:7b:a9:c4:f4:8e:0a:
cf:03:a9:7e:21:35:8c:b8:c3:ef:4a:27:c6:3a:47:
8e:cf:c5:b3:84:1d:d3:5a:16:26:4c:bc:7b:27:74:
91:ec:b6:c2:60:a4:4a:52:2b:4d:bd:ce:c7:32:cb:
6f:8b:18:06:a9:fa:be:f7:e1:d8:90:72:c3:74:fd:
1f:f6:d7:de:27:9f:30:c1:f7:c3:59:4f:e7:f0:f0:
bc:45:d9:69:5e:16:f1:2d:af:09:45:47:80:75:c2:
cd:b6:5c:bd:ec:4e:3d:96:71:fe:99:4e:52:ef:46:
1b:f9:da:56:f0:7f:82:c8:1b:48:57:ff:39:cc:71:
2e:12:6d:ef:91:85:9f:d9:f0:d9:31:7f:3a:c6:05:
05:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:BB:37:2F:9E:AA:A8:E3:F0:4C:69:D6:F0:48:32:77:39:93:A5:AB
X509v3 Authority Key Identifier:
keyid:5E:35:ED:04:3C:8D:E1:51:BE:BD:C0:9D:FC:BF:FC:C7:DC:77:59:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XjXtBDyN4VG-vcCd_L_8x9x3Wcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/v7s3L56qqOPwTGnW8EgydzmTpas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/XjXtBDyN4VG-vcCd_L_8x9x3Wcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.36.0/22
193.189.139.0/24
IPv6:
2a06:340::/29
Signature Algorithm: sha256WithRSAEncryption
16:b2:a5:2c:26:20:37:fa:68:0c:a8:b9:fe:6a:83:f1:62:30:
d9:ca:89:6f:05:3e:36:44:7e:f9:c5:30:1c:ea:7a:21:c8:b8:
ed:23:cb:e0:aa:1d:51:91:52:6b:82:e9:96:a9:5d:52:ba:d9:
5a:6a:08:06:98:70:e0:4f:37:e8:0c:2c:81:57:85:a2:36:12:
7b:57:d4:42:0f:bf:26:82:d5:7d:d3:94:74:e3:a5:e5:a7:80:
85:de:fe:1d:4e:bf:6c:19:01:eb:73:cf:08:46:cb:26:69:45:
fc:df:54:66:b5:cb:49:3b:ff:5f:38:49:ea:bb:61:0b:c6:dd:
73:df:c0:8e:7b:e9:c1:cf:57:7a:ee:40:e3:56:35:cb:70:1b:
fc:6d:3a:b0:f3:2a:8f:c8:09:e2:d7:5d:b9:f8:31:15:06:71:
2c:7b:45:c0:c9:3c:28:84:9c:a3:e1:9d:5e:ff:1c:e9:2b:60:
df:f6:e8:b8:c0:7b:ab:aa:7e:78:72:ad:91:ea:c2:cf:49:e2:
d0:7f:29:eb:75:3d:cc:79:aa:f4:42:6e:40:bf:c5:f6:4f:b0:
ee:1a:61:39:13:fb:7c:a3:1d:0b:7e:73:68:c5:85:5c:12:a5:
26:60:b8:35:27:83:66:aa:b1:e6:f2:d4:bf:d3:86:fd:3c:4c:
ea:28:28:91
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECn4i/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZTM1ZWQwNDNjOGRlMTUxYmViZGMwOWRmY2JmZmNjN2RjNzc1OWM3MB4XDTIyMDEw
MTE1NTkyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmZiYjM3MmY5ZWFh
YThlM2YwNGM2OWQ2ZjA0ODMyNzczOTkzYTVhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsHISXbFhkF0tv/jbsof1HkdgrvM+9KZE8HFYx23oCtypf4
t/6sHzxAAA+vxKYD7FYLzGB4AtGs0c7qUuVy26hW5M1FGq8PSfDI/sesAkiJxBWN
30tc/waCcpauHT97hrNwwlXpsIlcRVCIuzPOKdS7e6nE9I4KzwOpfiE1jLjD70on
xjpHjs/Fs4Qd01oWJky8eyd0key2wmCkSlIrTb3OxzLLb4sYBqn6vvfh2JByw3T9
H/bX3iefMMH3w1lP5/DwvEXZaV4W8S2vCUVHgHXCzbZcvexOPZZx/plOUu9GG/na
VvB/gsgbSFf/OcxxLhJt75GFn9nw2TF/OsYFBYECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS/uzcvnqqo4/BMadbwSDJ3OZOlqzAfBgNVHSMEGDAWgBReNe0EPI3hUb69
wJ38v/zH3HdZxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hqWHRCRHlONFZHLXZjQ2RfTF84eDl4M1djYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvZTE3ZmEyLTc4NjYtNGZhMS05NzJiLTE3NzY4MTNlNzIyNC8x
L3Y3czNMNTZxcU9Qd1RHblc4RWd5ZHptVHBhcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
ZTE3ZmEyLTc4NjYtNGZhMS05NzJiLTE3NzY4MTNlNzIyNC8xL1hqWHRCRHlONFZH
LXZjQ2RfTF84eDl4M1djYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlkJAMEAMG9izANBAIAAjAHAwUD
KgYDQDANBgkqhkiG9w0BAQsFAAOCAQEAFrKlLCYgN/poDKi5/mqD8WIw2cqJbwU+
NkR++cUwHOp6Ici47SPL4KodUZFSa4LplqldUrrZWmoIBphw4E836AwsgVeFojYS
e1fUQg+/JoLVfdOUdOOl5aeAhd7+HU6/bBkB63PPCEbLJmlF/N9UZrXLSTv/XzhJ
6rthC8bdc9/Ajnvpwc9Xeu5A41Y1y3Ab/G06sPMqj8gJ4tddufgxFQZxLHtFwMk8
KISco+GdXv8c6Stg3/bouMB7q6p+eHKtkerCz0ni0H8p63U9zHmq9EJuQL/F9k+w
7hphORP7fKMdC35zaMWFXBKlJmC4NSeDZqqx5vLUv9OG/TxM6igokQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:56 2023 by rpki-client on console-fra.rpki-client.org