Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/19c164-eae7-46bd-a1de-bf29c4188d7e/1/BP3yIMct176PdNZFSqn6RAy5w4k.roa
File: BP3yIMct176PdNZFSqn6RAy5w4k.roa (raw, json)
Hash identifier: inUTueOnPDdxCzSgbfTFpklaQR53qtjb7HPKQE3QoY0=
Subject key identifier: 04:FD:F2:20:C7:2D:D7:BE:8F:74:D6:45:4A:A9:FA:44:0C:B9:C3:89
Certificate issuer: /CN=01e7c30459356a900dc63369764a754c5c1f3319
Certificate serial: 03CD3B22
Authority key identifier: 01:E7:C3:04:59:35:6A:90:0D:C6:33:69:76:4A:75:4C:5C:1F:33:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AefDBFk1apANxjNpdkp1TFwfMxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/19c164-eae7-46bd-a1de-bf29c4188d7e/1/BP3yIMct176PdNZFSqn6RAy5w4k.roa
Signing time: Sun 03 Apr 2022 17:05:53 +0000
ROA not before: Sun 03 Apr 2022 17:05:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48213
IP address blocks: 185.135.236.0/22 maxlen: 22
2a07:980::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63781666 (0x3cd3b22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01e7c30459356a900dc63369764a754c5c1f3319
Validity
Not Before: Apr 3 17:05:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04fdf220c72dd7be8f74d6454aa9fa440cb9c389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a8:f6:84:cf:8c:37:4c:63:ff:c8:cc:af:1b:
5c:a2:e5:31:6c:af:0a:81:e8:78:ee:cc:2d:ff:71:
a0:7e:e3:e0:d8:9e:80:fd:4a:5a:f3:f5:5a:63:f0:
60:d1:4e:b0:fa:8d:48:31:f0:23:d1:b7:d4:b0:f2:
ad:b0:aa:fa:50:1f:10:ae:db:ec:4f:b0:c2:13:7d:
52:6a:43:0b:ec:f4:a5:48:3d:81:1f:4b:81:2b:1c:
06:82:dd:bf:fa:e9:11:fb:fb:c6:59:4a:00:e5:ea:
95:a9:6f:af:d8:69:54:88:df:bc:3e:ea:4f:fe:00:
8a:e1:d3:20:12:ef:c5:83:a1:72:e3:1e:2e:91:9d:
58:27:91:4c:07:8b:2c:dc:86:50:20:7c:21:69:2d:
f8:16:51:94:ee:62:90:3e:e9:72:16:71:81:39:62:
82:ec:b2:3b:d9:ad:e2:57:d4:6f:45:75:a2:8b:08:
e7:5b:b8:02:4b:7c:97:47:22:04:b0:c3:e2:b3:86:
bf:94:8f:3f:1b:f9:0e:a1:7a:21:28:b9:59:6c:1c:
8b:d5:15:3f:6d:59:d0:fb:3c:62:81:dc:42:e2:bf:
6b:7d:71:a2:24:4c:07:94:51:8b:70:34:99:0c:30:
ab:12:a3:22:c3:82:00:0e:ba:5c:25:d3:32:f3:85:
f6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:FD:F2:20:C7:2D:D7:BE:8F:74:D6:45:4A:A9:FA:44:0C:B9:C3:89
X509v3 Authority Key Identifier:
keyid:01:E7:C3:04:59:35:6A:90:0D:C6:33:69:76:4A:75:4C:5C:1F:33:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AefDBFk1apANxjNpdkp1TFwfMxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/19c164-eae7-46bd-a1de-bf29c4188d7e/1/BP3yIMct176PdNZFSqn6RAy5w4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/19c164-eae7-46bd-a1de-bf29c4188d7e/1/AefDBFk1apANxjNpdkp1TFwfMxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.236.0/22
IPv6:
2a07:980::/29
Signature Algorithm: sha256WithRSAEncryption
5d:33:5b:d1:20:e1:2d:5c:db:c8:34:05:b9:2a:99:3b:0d:f8:
17:a9:89:01:03:48:37:1e:3f:5d:66:02:20:86:9b:c8:cf:1b:
a9:7d:ca:4b:b8:54:ab:a4:a2:ec:84:36:fb:4a:8b:12:42:88:
69:0c:48:0e:24:34:d5:3a:1f:65:10:b9:d3:0c:1c:8c:30:4c:
e6:20:30:77:c2:4e:f8:09:49:c0:cb:8f:40:ef:6d:73:ea:ef:
68:08:f2:91:da:25:60:e5:ba:cd:b6:dd:89:e5:90:86:41:2e:
f0:75:a5:a2:8f:d2:ad:e5:df:68:6c:15:8e:9f:7a:fe:99:e1:
b8:64:d5:2d:64:4e:62:2b:04:89:b8:93:d9:d1:c0:c9:3d:9f:
a9:dc:1d:49:01:13:c9:9d:53:99:c7:ff:4a:36:e5:e1:c0:ab:
fe:8a:bc:56:6c:71:d1:aa:56:74:a2:e8:80:bb:bf:80:2f:4b:
5c:64:44:91:c1:8f:0b:7f:6f:f2:7f:0a:95:17:88:8d:63:ec:
69:10:64:d2:c5:fb:f8:66:55:56:df:36:8e:fb:b1:c1:b2:40:
bf:82:02:14:85:a9:a3:5a:f3:02:40:56:f3:bc:bb:01:2b:7e:
6f:86:6c:f8:85:7d:d4:06:b0:b1:98:f7:f3:2b:77:d5:10:bc:
a9:e8:3b:f3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA807IjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWU3YzMwNDU5MzU2YTkwMGRjNjMzNjk3NjRhNzU0YzVjMWYzMzE5MB4XDTIyMDQw
MzE3MDU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDRmZGYyMjBjNzJk
ZDdiZThmNzRkNjQ1NGFhOWZhNDQwY2I5YzM4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJCo9oTPjDdMY//IzK8bXKLlMWyvCoHoeO7MLf9xoH7j4Nie
gP1KWvP1WmPwYNFOsPqNSDHwI9G31LDyrbCq+lAfEK7b7E+wwhN9UmpDC+z0pUg9
gR9LgSscBoLdv/rpEfv7xllKAOXqlalvr9hpVIjfvD7qT/4AiuHTIBLvxYOhcuMe
LpGdWCeRTAeLLNyGUCB8IWkt+BZRlO5ikD7pchZxgTliguyyO9mt4lfUb0V1oosI
51u4Akt8l0ciBLDD4rOGv5SPPxv5DqF6ISi5WWwci9UVP21Z0Ps8YoHcQuK/a31x
oiRMB5RRi3A0mQwwqxKjIsOCAA66XCXTMvOF9l0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQE/fIgxy3Xvo901kVKqfpEDLnDiTAfBgNVHSMEGDAWgBQB58MEWTVqkA3G
M2l2SnVMXB8zGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FlZkRCRmsxYXBBTnhqTnBka3AxVEZ3Zk14ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvMTljMTY0LWVhZTctNDZiZC1hMWRlLWJmMjljNDE4OGQ3ZS8x
L0JQM3lJTWN0MTc2UGROWkZTcW42UkF5NXc0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
MTljMTY0LWVhZTctNDZiZC1hMWRlLWJmMjljNDE4OGQ3ZS8xL0FlZkRCRmsxYXBB
TnhqTnBka3AxVEZ3Zk14ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmH7DANBAIAAjAHAwUDKgcJgDAN
BgkqhkiG9w0BAQsFAAOCAQEAXTNb0SDhLVzbyDQFuSqZOw34F6mJAQNINx4/XWYC
IIabyM8bqX3KS7hUq6Si7IQ2+0qLEkKIaQxIDiQ01TofZRC50wwcjDBM5iAwd8JO
+AlJwMuPQO9tc+rvaAjykdolYOW6zbbdieWQhkEu8HWloo/SreXfaGwVjp96/pnh
uGTVLWROYisEibiT2dHAyT2fqdwdSQETyZ1Tmcf/Sjbl4cCr/oq8Vmxx0apWdKLo
gLu/gC9LXGREkcGPC39v8n8KlReIjWPsaRBk0sX7+GZVVt82jvuxwbJAv4ICFIWp
o1rzAkBW87y7ASt+b4Zs+IV91AawsZj38yt31RC8qeg78w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:11 2024 by rpki-client on console-ams.rpki-client.org