Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/3oo3VvkwxUWumluaJ4rQF67OTVA.roa
File: 3oo3VvkwxUWumluaJ4rQF67OTVA.roa (raw, json)
Hash identifier: /ckHpTKTv0YdSqniCArAFg8iWNHtR/TAfLMwG/WZNpw=
Subject key identifier: DE:8A:37:56:F9:30:C5:45:AE:9A:5B:9A:27:8A:D0:17:AE:CE:4D:50
Certificate issuer: /CN=d038c338b128f83adec2f69d93c32c5353ca0398
Certificate serial: 036554B8
Authority key identifier: D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/3oo3VvkwxUWumluaJ4rQF67OTVA.roa
Signing time: Sat 01 Jan 2022 01:58:33 +0000
ROA not before: Sat 01 Jan 2022 01:58:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 559
IP address blocks: 192.41.132.0/22 maxlen: 22
130.60.0.0/16 maxlen: 16
192.41.136.0/24 maxlen: 24
185.207.116.0/22 maxlen: 22
192.12.247.0/24 maxlen: 24
89.206.64.0/18 maxlen: 18
2001:67c:16dc::/48 maxlen: 48
2a0b:2040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56972472 (0x36554b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d038c338b128f83adec2f69d93c32c5353ca0398
Validity
Not Before: Jan 1 01:58:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de8a3756f930c545ae9a5b9a278ad017aece4d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:27:81:b0:bc:7b:6c:c3:10:c4:6c:2f:e2:8b:
13:7c:6d:11:23:0c:09:0c:75:b7:4c:4d:a6:e4:6b:
ca:a2:7f:70:29:32:1f:91:df:9c:48:07:3f:cc:8a:
0e:c5:cf:8d:b2:28:67:a2:0f:c5:43:c3:29:f0:f4:
18:e2:f2:27:75:6d:0e:55:c2:e3:8b:2a:3b:4d:72:
c3:30:f2:e9:db:6e:8e:15:fc:fa:0d:b9:be:57:2c:
28:7e:6e:e7:e8:9b:13:00:3d:f6:7c:6b:8c:a1:dd:
74:56:d8:6b:3e:23:6d:43:4b:6e:c9:cb:9a:15:e8:
cc:1b:05:98:19:6b:dd:91:ff:c4:4c:60:a9:5f:9f:
f3:05:2d:8e:e8:94:65:db:b8:5d:0f:74:d3:f4:14:
87:69:1d:be:81:59:0e:7e:b8:7c:1e:c8:90:e9:b9:
ba:78:4a:5d:be:7e:a8:90:22:d2:8e:31:b7:1d:9f:
da:ab:06:12:2c:07:58:94:41:00:14:4a:30:6c:82:
10:df:80:ef:0e:d0:32:d3:90:e9:6f:36:a2:e8:20:
19:c9:42:ca:36:d6:1a:af:62:c0:de:18:16:fd:e7:
0d:49:ae:01:0f:17:1e:30:27:84:3d:17:55:87:5b:
06:04:a2:92:a7:f9:f4:77:bd:12:73:6a:26:6e:10:
86:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:8A:37:56:F9:30:C5:45:AE:9A:5B:9A:27:8A:D0:17:AE:CE:4D:50
X509v3 Authority Key Identifier:
keyid:D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/3oo3VvkwxUWumluaJ4rQF67OTVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.206.64.0/18
130.60.0.0/16
185.207.116.0/22
192.12.247.0/24
192.41.132.0-192.41.136.255
IPv6:
2001:67c:16dc::/48
2a0b:2040::/29
Signature Algorithm: sha256WithRSAEncryption
51:cc:74:8a:67:da:5b:a2:55:87:fb:ca:0b:6a:6a:e5:00:71:
65:52:d5:8c:63:ef:5d:1b:7e:30:f5:51:39:12:62:81:64:c8:
58:92:f1:95:47:5c:7f:82:c0:4b:e9:5d:93:78:de:03:6a:f7:
be:2b:d0:1a:02:91:5e:3a:1d:a7:cd:b5:b2:28:cb:97:b8:91:
3a:cc:90:a7:5e:5e:07:2a:64:ef:14:e9:24:f2:4b:ae:fa:bb:
41:c0:30:fc:cf:92:c5:dc:ae:9d:6b:8e:3c:cc:f3:56:7b:e4:
56:e4:d7:96:39:9c:ac:3a:65:c8:c6:cc:a8:82:e2:a2:77:13:
ae:3f:28:e1:21:ed:45:21:8e:bb:62:36:57:5f:c4:0c:fb:00:
c2:62:3d:d0:f1:53:8b:d6:d9:9b:4b:4e:5f:cc:92:34:9c:f2:
ef:c8:fb:95:6b:25:fb:e2:15:ae:9b:32:53:6c:95:9b:90:96:
0b:fc:14:7c:76:e0:27:ed:bc:64:4d:ad:b7:1d:6b:f9:2a:ee:
b2:18:cf:c1:a8:bd:92:42:2b:ac:64:64:2d:98:53:89:43:df:
1c:7a:33:16:80:31:3f:92:fe:b7:74:d5:8a:ad:b5:17:54:98:
c2:76:34:e7:61:7c:81:56:f7:c6:b1:88:24:61:fa:91:eb:a0:
b7:08:e0:c3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIEA2VUuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDM4YzMzOGIxMjhmODNhZGVjMmY2OWQ5M2MzMmM1MzUzY2EwMzk4MB4XDTIyMDEw
MTAxNTgzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGU4YTM3NTZmOTMw
YzU0NWFlOWE1YjlhMjc4YWQwMTdhZWNlNGQ1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKUngbC8e2zDEMRsL+KLE3xtESMMCQx1t0xNpuRryqJ/cCky
H5HfnEgHP8yKDsXPjbIoZ6IPxUPDKfD0GOLyJ3VtDlXC44sqO01ywzDy6dtujhX8
+g25vlcsKH5u5+ibEwA99nxrjKHddFbYaz4jbUNLbsnLmhXozBsFmBlr3ZH/xExg
qV+f8wUtjuiUZdu4XQ900/QUh2kdvoFZDn64fB7IkOm5unhKXb5+qJAi0o4xtx2f
2qsGEiwHWJRBABRKMGyCEN+A7w7QMtOQ6W82ouggGclCyjbWGq9iwN4YFv3nDUmu
AQ8XHjAnhD0XVYdbBgSikqf59He9EnNqJm4QhgMCAwEAAaOCAkAwggI8MB0GA1Ud
DgQWBBTeijdW+TDFRa6aW5onitAXrs5NUDAfBgNVHSMEGDAWgBTQOMM4sSj4Ot7C
9p2TwyxTU8oDmDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBEakRPTEVvLURyZXd2YWRrOE1zVTFQS0E1Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvOTI1ZjkxLTMwYzUtNGE2Yi1hMTQ5LTliZjhiMWVmMmU5Ni8x
LzNvbzNWdmt3eFVXdW1sdWFKNHJRRjY3T1RWQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
OTI1ZjkxLTMwYzUtNGE2Yi1hMTQ5LTliZjhiMWVmMmU5Ni8xLzBEakRPTEVvLURy
ZXd2YWRrOE1zVTFQS0E1Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBW
BggrBgEFBQcBBwEB/wRHMEUwKwQCAAEwJQMEBlnOQAMDAII8AwQCuc90AwQAwAz3
MAwDBALAKYQDBADAKYgwFgQCAAIwEAMHACABBnwW3AMFAyoLIEAwDQYJKoZIhvcN
AQELBQADggEBAFHMdIpn2luiVYf7ygtqauUAcWVS1Yxj710bfjD1UTkSYoFkyFiS
8ZVHXH+CwEvpXZN43gNq974r0BoCkV46HafNtbIoy5e4kTrMkKdeXgcqZO8U6STy
S676u0HAMPzPksXcrp1rjjzM81Z75Fbk15Y5nKw6ZcjGzKiC4qJ3E64/KOEh7UUh
jrtiNldfxAz7AMJiPdDxU4vW2ZtLTl/MkjSc8u/I+5VrJfviFa6bMlNslZuQlgv8
FHx24CftvGRNrbcda/kq7rIYz8GovZJCK6xkZC2YU4lD3xx6MxaAMT+S/rd01Yqt
tRdUmMJ2NOdhfIFW98axiCRh+pHroLcI4MM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:59 2023 by rpki-client on console-fra.rpki-client.org