Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/3KzlBoTbsK4oNeyI2FzFdLgV2nk.roa
File: 3KzlBoTbsK4oNeyI2FzFdLgV2nk.roa (raw, json)
Hash identifier: 6cHRlZEn57Hp6KsRLFk5d6QHS6uxcSw5nY2HQaywz0s=
Subject key identifier: DC:AC:E5:06:84:DB:B0:AE:28:35:EC:88:D8:5C:C5:74:B8:15:DA:79
Certificate issuer: /CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Certificate serial: 271C7578
Authority key identifier: 1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/3KzlBoTbsK4oNeyI2FzFdLgV2nk.roa
Signing time: Tue 08 Mar 2022 15:48:23 +0000
ROA not before: Tue 08 Mar 2022 15:48:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 130.255.16.0/22 maxlen: 22
185.17.44.0/22 maxlen: 22
130.255.20.0/24 maxlen: 24
130.255.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 656176504 (0x271c7578)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Validity
Not Before: Mar 8 15:48:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcace50684dbb0ae2835ec88d85cc574b815da79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ef:45:35:b2:be:0a:8b:50:5c:e3:3a:a2:00:
5e:6b:ee:09:d6:0f:7d:71:9c:bc:89:12:85:10:c1:
86:76:eb:6c:fc:26:62:54:3d:55:ff:ba:22:2f:d0:
39:a3:4f:5b:24:c7:cc:c6:9e:9d:bb:9b:39:45:48:
14:e1:f4:bc:5d:37:4a:d2:bb:66:2f:fe:7b:47:69:
82:f3:78:51:d5:a8:d2:37:e6:82:be:4b:8f:d6:54:
6a:47:22:3a:65:ff:aa:f2:44:5e:7c:b3:81:79:37:
f1:7f:dc:e7:dd:42:af:8b:b4:c6:4e:8e:3b:87:ed:
88:3a:38:20:1b:cc:fe:7f:0d:07:c4:e7:5c:fb:79:
ef:8a:07:af:2c:11:2d:08:47:8d:87:4f:6a:35:f9:
c8:70:a3:d5:13:e6:42:74:ab:ff:39:f7:3e:5a:48:
52:2f:d1:bc:98:01:ae:e0:4d:e7:b5:9f:f7:3a:fd:
fa:49:e5:a4:0b:9d:dd:c2:6b:94:8e:8d:64:ce:6b:
40:69:ae:df:b1:8a:39:b0:a6:3b:79:a3:00:83:e4:
f7:38:4b:d1:1a:00:b3:a4:0a:74:f8:4d:ad:bd:d1:
b6:bf:0a:e1:d5:dd:6b:59:d8:dd:b1:4a:f3:9f:20:
bb:f9:34:f0:1b:75:02:9c:7a:a7:0a:94:d4:fc:c5:
43:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AC:E5:06:84:DB:B0:AE:28:35:EC:88:D8:5C:C5:74:B8:15:DA:79
X509v3 Authority Key Identifier:
keyid:1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/3KzlBoTbsK4oNeyI2FzFdLgV2nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/G9Id-yT32M4jEbpAdndUdL1QvmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.16.0-130.255.20.255
130.255.27.0/24
185.17.44.0/22
Signature Algorithm: sha256WithRSAEncryption
81:cf:e0:51:50:a0:51:7e:51:71:66:cf:3a:c4:c8:4e:53:99:
29:c2:dd:8b:cc:f6:a9:5d:09:bd:26:19:25:00:4b:98:50:5f:
a1:ab:77:27:23:64:22:18:3a:ab:e6:88:42:8d:e9:e6:b4:a8:
ff:e7:10:e7:6d:8f:a7:e6:cc:26:e9:2d:0a:b2:68:db:f0:97:
48:18:74:ca:5d:ac:70:2b:83:05:ac:d4:f9:de:cc:72:6f:c4:
ca:4f:23:34:dd:92:5d:94:bc:d3:95:f1:09:29:4d:f3:38:6f:
49:fc:83:1a:b0:f0:d4:2c:1a:f1:a9:27:03:e1:89:5a:c9:1b:
56:41:42:34:8b:0c:6e:de:b6:3d:bf:7c:d4:80:e9:54:94:cd:
bc:a9:62:0c:4c:08:0b:27:2c:d8:b4:62:d1:81:1f:11:a7:9a:
ea:1e:8e:d1:53:33:8a:07:f3:d7:44:88:66:83:5a:45:47:e5:
82:47:19:fd:de:18:67:96:74:75:91:c2:5c:84:dc:c4:85:00:
de:b2:50:d5:3b:c9:e0:02:ca:ef:f1:16:77:bd:ed:bf:a5:33:
37:ec:30:3e:f4:45:c9:2b:1d:bd:d7:31:9c:ae:7a:13:d2:76:
ab:3d:29:43:0d:1d:f3:06:b0:97:c5:43:a3:03:20:ac:09:bc:
68:c6:77:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEJxx1eDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YmQyMWRmYjI0ZjdkOGNlMjMxMWJhNDA3Njc3NTQ3NGJkNTBiZTY0MB4XDTIyMDMw
ODE1NDgyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNhY2U1MDY4NGRi
YjBhZTI4MzVlYzg4ZDg1Y2M1NzRiODE1ZGE3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrvRTWyvgqLUFzjOqIAXmvuCdYPfXGcvIkShRDBhnbrbPwm
YlQ9Vf+6Ii/QOaNPWyTHzMaenbubOUVIFOH0vF03StK7Zi/+e0dpgvN4UdWo0jfm
gr5Lj9ZUakciOmX/qvJEXnyzgXk38X/c591Cr4u0xk6OO4ftiDo4IBvM/n8NB8Tn
XPt574oHrywRLQhHjYdPajX5yHCj1RPmQnSr/zn3PlpIUi/RvJgBruBN57Wf9zr9
+knlpAud3cJrlI6NZM5rQGmu37GKObCmO3mjAIPk9zhL0RoAs6QKdPhNrb3Rtr8K
4dXda1nY3bFK858gu/k08Bt1Apx6pwqU1PzFQ2UCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBTcrOUGhNuwrig17IjYXMV0uBXaeTAfBgNVHSMEGDAWgBQb0h37JPfYziMR
ukB2d1R0vVC+ZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0c5SWQteVQzMk00akVicEFkbmRVZEwxUXZtUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvMDhlMTViLTRhMjQtNGNlMC05NDU0LWY4N2EzMjJhNzc3Ni8x
LzNLemxCb1Ric0s0b05leUkyRnpGZExnVjJuay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
MDhlMTViLTRhMjQtNGNlMC05NDU0LWY4N2EzMjJhNzc3Ni8xL0c5SWQteVQzMk00
akVicEFkbmRVZEwxUXZtUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQEgv8QAwQAgv8UAwQAgv8bAwQC
uREsMA0GCSqGSIb3DQEBCwUAA4IBAQCBz+BRUKBRflFxZs86xMhOU5kpwt2LzPap
XQm9JhklAEuYUF+hq3cnI2QiGDqr5ohCjenmtKj/5xDnbY+n5swm6S0Ksmjb8JdI
GHTKXaxwK4MFrNT53sxyb8TKTyM03ZJdlLzTlfEJKU3zOG9J/IMasPDULBrxqScD
4YlayRtWQUI0iwxu3rY9v3zUgOlUlM28qWIMTAgLJyzYtGLRgR8Rp5rqHo7RUzOK
B/PXRIhmg1pFR+WCRxn93hhnlnR1kcJchNzEhQDeslDVO8ngAsrv8RZ3ve2/pTM3
7DA+9EXJKx291zGcrnoT0narPSlDDR3zBrCXxUOjAyCsCbxoxneu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:02 2023 by rpki-client on console-ams.rpki-client.org