Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/3bae86-a8fc-43e6-801a-bca80e47c573/1/IQ3yqPJ3ZmJHPPaJHJA-kOkP-Zk.roa
File: IQ3yqPJ3ZmJHPPaJHJA-kOkP-Zk.roa (raw, json)
Hash identifier: jqT6zYoxys08rXcDz+QDsCRmOiQ4wjelYxFpS+dSf1I=
Subject key identifier: 21:0D:F2:A8:F2:77:66:62:47:3C:F6:89:1C:90:3E:90:E9:0F:F9:99
Certificate issuer: /CN=8d281989c3b6e58fdc9534ee7eb3e260d1d87749
Certificate serial: 03DE850F
Authority key identifier: 8D:28:19:89:C3:B6:E5:8F:DC:95:34:EE:7E:B3:E2:60:D1:D8:77:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jSgZicO25Y_clTTufrPiYNHYd0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/3bae86-a8fc-43e6-801a-bca80e47c573/1/IQ3yqPJ3ZmJHPPaJHJA-kOkP-Zk.roa
Signing time: Sat 01 Jan 2022 09:57:59 +0000
ROA not before: Sat 01 Jan 2022 09:57:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64414
IP address blocks: 185.166.112.0/24 maxlen: 24
185.166.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64914703 (0x3de850f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d281989c3b6e58fdc9534ee7eb3e260d1d87749
Validity
Not Before: Jan 1 09:57:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=210df2a8f2776662473cf6891c903e90e90ff999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4a:de:06:ae:1a:62:13:a0:4a:da:1d:88:4e:
47:47:ea:47:bb:7f:df:41:8a:06:5f:3b:8a:9b:f6:
8f:41:b1:16:07:75:4c:4f:5f:7a:83:63:ce:fc:46:
0c:2d:92:e5:37:77:8f:84:18:71:c7:d1:b6:f2:e4:
02:b0:74:76:d3:1b:f5:aa:58:36:c2:d6:38:87:8a:
87:d5:22:17:69:ef:fa:9d:49:de:b1:67:4f:ac:eb:
be:a5:86:90:52:ca:45:01:3b:ab:68:1c:19:1c:4d:
90:01:bd:f3:b9:9d:80:03:c9:4a:40:c2:89:56:96:
be:fb:1b:2e:02:8d:cf:7d:41:db:8d:c3:64:7f:41:
49:2c:ea:d0:62:12:76:ce:2a:be:45:e0:f0:d1:f0:
ba:b9:f5:21:e2:48:b5:78:12:f0:bd:c1:78:6e:d6:
73:bb:58:41:bb:66:ed:6f:2b:48:32:87:fa:07:e9:
05:cd:78:e4:95:a7:55:a1:df:a4:bd:60:aa:5c:59:
b7:64:38:a8:d3:ee:37:9e:be:ad:9d:66:8b:34:de:
d8:12:08:a3:7d:2a:10:04:6c:e9:9b:9f:b7:16:93:
19:3a:9b:da:60:27:d8:60:99:e8:9f:78:65:10:bb:
7b:c6:94:c3:c1:9a:c6:fc:2e:31:b0:c7:18:18:9c:
ba:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:0D:F2:A8:F2:77:66:62:47:3C:F6:89:1C:90:3E:90:E9:0F:F9:99
X509v3 Authority Key Identifier:
keyid:8D:28:19:89:C3:B6:E5:8F:DC:95:34:EE:7E:B3:E2:60:D1:D8:77:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jSgZicO25Y_clTTufrPiYNHYd0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3bae86-a8fc-43e6-801a-bca80e47c573/1/IQ3yqPJ3ZmJHPPaJHJA-kOkP-Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3bae86-a8fc-43e6-801a-bca80e47c573/1/jSgZicO25Y_clTTufrPiYNHYd0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.112.0/24
185.166.114.0/24
Signature Algorithm: sha256WithRSAEncryption
99:07:57:b7:3f:d3:13:63:cf:27:0b:93:d9:8a:12:69:ee:f4:
ff:25:07:7e:16:81:2a:2f:e9:28:04:f7:3f:10:e2:ca:fc:4e:
9c:a9:5a:c4:ef:d3:d7:67:6a:ff:b3:de:00:10:b0:77:b6:b6:
4a:ed:32:d7:e7:d9:fd:92:9c:3d:ce:17:d9:a9:ae:da:c3:d5:
d5:30:9d:c6:36:10:09:18:5e:cd:84:f5:54:e3:1c:7b:36:da:
2d:5f:09:3e:f0:90:e7:71:b5:1c:ee:06:c9:6f:db:7c:0a:7f:
46:c7:87:9d:be:ae:4d:89:58:51:71:60:5f:6b:04:2f:d3:01:
07:2d:4d:43:b4:34:bb:9c:22:9f:16:15:ba:38:f5:e8:05:d1:
62:55:6c:fa:26:15:28:78:5d:21:2e:8a:bc:78:be:f1:f7:7d:
a1:f1:75:0d:01:c4:b5:66:cb:62:6d:47:d2:e4:76:7f:91:51:
4b:bb:4b:c3:e8:7c:51:2f:d1:af:97:28:ad:ef:17:82:0c:77:
29:6e:79:22:47:ff:b7:05:de:3a:55:39:12:39:f3:65:5d:10:
ed:1d:9c:49:fd:2e:8f:bd:6d:19:f2:73:42:fc:58:68:91:78:
2b:75:5c:87:de:7b:59:ef:f4:7d:79:1c:8e:e3:2f:41:24:a8:
2f:e6:0d:99
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA96FDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDI4MTk4OWMzYjZlNThmZGM5NTM0ZWU3ZWIzZTI2MGQxZDg3NzQ5MB4XDTIyMDEw
MTA5NTc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjEwZGYyYThmMjc3
NjY2MjQ3M2NmNjg5MWM5MDNlOTBlOTBmZjk5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBK3gauGmIToEraHYhOR0fqR7t/30GKBl87ipv2j0GxFgd1
TE9feoNjzvxGDC2S5Td3j4QYccfRtvLkArB0dtMb9apYNsLWOIeKh9UiF2nv+p1J
3rFnT6zrvqWGkFLKRQE7q2gcGRxNkAG987mdgAPJSkDCiVaWvvsbLgKNz31B243D
ZH9BSSzq0GISds4qvkXg8NHwurn1IeJItXgS8L3BeG7Wc7tYQbtm7W8rSDKH+gfp
Bc145JWnVaHfpL1gqlxZt2Q4qNPuN56+rZ1mizTe2BIIo30qEARs6ZuftxaTGTqb
2mAn2GCZ6J94ZRC7e8aUw8GaxvwuMbDHGBicuj0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQhDfKo8ndmYkc89okckD6Q6Q/5mTAfBgNVHSMEGDAWgBSNKBmJw7blj9yV
NO5+s+Jg0dh3STAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pTZ1ppY08yNVlfY2xUVHVmclBpWU5IWWQway5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvM2JhZTg2LWE4ZmMtNDNlNi04MDFhLWJjYTgwZTQ3YzU3My8x
L0lRM3lxUEozWm1KSFBQYUpISkEta09rUC1aay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
M2JhZTg2LWE4ZmMtNDNlNi04MDFhLWJjYTgwZTQ3YzU3My8xL2pTZ1ppY08yNVlf
Y2xUVHVmclBpWU5IWWQway5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALmmcAMEALmmcjANBgkqhkiG9w0B
AQsFAAOCAQEAmQdXtz/TE2PPJwuT2YoSae70/yUHfhaBKi/pKAT3PxDiyvxOnKla
xO/T12dq/7PeABCwd7a2Su0y1+fZ/ZKcPc4X2amu2sPV1TCdxjYQCRhezYT1VOMc
ezbaLV8JPvCQ53G1HO4GyW/bfAp/RseHnb6uTYlYUXFgX2sEL9MBBy1NQ7Q0u5wi
nxYVujj16AXRYlVs+iYVKHhdIS6KvHi+8fd9ofF1DQHEtWbLYm1H0uR2f5FRS7tL
w+h8US/Rr5core8Xggx3KW55Ikf/twXeOlU5EjnzZV0Q7R2cSf0uj71tGfJzQvxY
aJF4K3Vch957We/0fXkcjuMvQSSoL+YNmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:05 2024 by rpki-client on console-fra.rpki-client.org