Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3f7da4-3631-4b03-ba84-6cb2d3b4437c/1/1l_dORwPM2aubPghVmlopiSDVXA.roa
File: 1l_dORwPM2aubPghVmlopiSDVXA.roa (raw, json)
Hash identifier: BGN0h7MHWFwkPBRuzAQbcuPh1qp9awl3aS0EBGQ0ydU=
Subject key identifier: D6:5F:DD:39:1C:0F:33:66:AE:6C:F8:21:56:69:68:A6:24:83:55:70
Certificate issuer: /CN=e9c4cd4118ddffee56e885663795547a1de3f98a
Certificate serial: 09533C31
Authority key identifier: E9:C4:CD:41:18:DD:FF:EE:56:E8:85:66:37:95:54:7A:1D:E3:F9:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6cTNQRjd_-5W6IVmN5VUeh3j-Yo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/3f7da4-3631-4b03-ba84-6cb2d3b4437c/1/1l_dORwPM2aubPghVmlopiSDVXA.roa
Signing time: Sat 01 Jan 2022 03:51:59 +0000
ROA not before: Sat 01 Jan 2022 03:51:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35426
IP address blocks: 85.208.144.0/22 maxlen: 24
2a09:8740::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156449841 (0x9533c31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9c4cd4118ddffee56e885663795547a1de3f98a
Validity
Not Before: Jan 1 03:51:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d65fdd391c0f3366ae6cf821566968a624835570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6c:fe:62:7e:30:5a:26:f8:8e:f3:f6:25:17:
3e:08:99:dc:01:b4:82:30:b6:d9:aa:c3:91:dc:db:
85:ab:4f:f0:ae:ea:92:36:86:70:c0:a6:5e:d5:a2:
b8:4a:19:d1:ac:77:cb:d4:a0:30:13:c4:56:c8:f9:
cd:0f:f1:aa:ce:05:c0:89:61:63:2a:47:98:fd:fb:
04:08:c5:be:1e:76:7e:94:ec:6b:dc:c7:40:29:86:
3e:b3:c9:97:5c:1f:31:4f:25:82:67:47:d8:d4:f2:
67:c8:58:fa:d5:22:2f:17:7d:91:e6:6b:48:94:37:
6b:2a:90:a0:ec:4f:1b:50:1a:09:63:3c:28:b2:16:
67:31:1b:73:8f:06:2e:de:5b:3b:64:6d:81:33:8b:
39:4a:23:70:0d:ac:59:91:3d:c2:d9:94:dc:99:1f:
fa:c0:ab:3d:d7:69:8a:64:b9:f9:0a:34:c1:60:7c:
1f:fb:c3:27:f8:aa:ec:ac:75:97:92:09:8d:21:52:
04:cf:1a:80:99:da:ba:14:b8:d8:4e:2c:47:2b:97:
58:f8:bb:a2:57:fd:ca:e6:a1:24:5c:30:c5:f4:5b:
57:30:db:2d:9e:3f:a3:c0:ff:43:b2:6c:c1:50:d3:
8c:c2:a0:1f:77:cc:cf:54:ee:27:74:c0:23:6f:72:
10:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:5F:DD:39:1C:0F:33:66:AE:6C:F8:21:56:69:68:A6:24:83:55:70
X509v3 Authority Key Identifier:
keyid:E9:C4:CD:41:18:DD:FF:EE:56:E8:85:66:37:95:54:7A:1D:E3:F9:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6cTNQRjd_-5W6IVmN5VUeh3j-Yo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3f7da4-3631-4b03-ba84-6cb2d3b4437c/1/1l_dORwPM2aubPghVmlopiSDVXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3f7da4-3631-4b03-ba84-6cb2d3b4437c/1/6cTNQRjd_-5W6IVmN5VUeh3j-Yo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.144.0/22
IPv6:
2a09:8740::/29
Signature Algorithm: sha256WithRSAEncryption
7d:56:24:a6:4b:b3:92:51:5a:be:a4:15:17:c8:22:3e:5d:0b:
c7:4b:22:10:93:77:b1:3f:19:4e:25:0d:6f:37:dc:c6:10:d9:
9a:0f:04:ae:af:2d:73:3f:8b:5c:70:1e:96:65:22:65:00:14:
9d:83:a4:4b:8d:2a:9b:78:b8:83:de:2d:70:0e:be:4b:00:a3:
8e:7f:1e:76:3f:c0:3c:54:1b:99:2d:83:31:d7:79:d4:cb:f3:
b0:7a:c4:ab:5c:14:e5:31:63:07:f5:0f:aa:46:d7:34:fe:fa:
28:b7:bf:8b:5c:93:4f:a6:02:ca:be:30:33:56:e6:09:48:a1:
1d:31:e7:88:6b:b4:d0:5c:ed:8f:75:20:7b:d3:4d:ae:0c:24:
fa:3c:b4:0e:2e:de:1c:b8:92:70:a6:37:f8:68:e1:f1:f1:dc:
f5:ff:38:14:84:4c:72:e1:52:77:87:51:34:6b:d7:59:f9:1a:
4e:d1:15:ab:6c:fd:60:cc:5f:c9:d0:e6:cf:3a:f3:2f:08:53:
d7:4c:b5:1f:ae:3e:de:42:cc:9c:f8:19:d4:6e:0f:ce:3a:81:
63:cb:88:a7:d3:51:41:07:80:86:c4:63:16:c5:ca:37:25:f1:
5a:41:e4:e4:8e:58:df:f4:01:68:b5:97:0a:ae:f1:f5:9d:54:
d5:7f:e6:d9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECVM8MTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OWM0Y2Q0MTE4ZGRmZmVlNTZlODg1NjYzNzk1NTQ3YTFkZTNmOThhMB4XDTIyMDEw
MTAzNTE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDY1ZmRkMzkxYzBm
MzM2NmFlNmNmODIxNTY2OTY4YTYyNDgzNTU3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBs/mJ+MFom+I7z9iUXPgiZ3AG0gjC22arDkdzbhatP8K7q
kjaGcMCmXtWiuEoZ0ax3y9SgMBPEVsj5zQ/xqs4FwIlhYypHmP37BAjFvh52fpTs
a9zHQCmGPrPJl1wfMU8lgmdH2NTyZ8hY+tUiLxd9keZrSJQ3ayqQoOxPG1AaCWM8
KLIWZzEbc48GLt5bO2RtgTOLOUojcA2sWZE9wtmU3Jkf+sCrPddpimS5+Qo0wWB8
H/vDJ/iq7Kx1l5IJjSFSBM8agJnauhS42E4sRyuXWPi7olf9yuahJFwwxfRbVzDb
LZ4/o8D/Q7JswVDTjMKgH3fMz1TuJ3TAI29yEIUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTWX905HA8zZq5s+CFWaWimJINVcDAfBgNVHSMEGDAWgBTpxM1BGN3/7lbo
hWY3lVR6HeP5ijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZjVE5RUmpkXy01VzZJVm1ONVZVZWgzai1Zby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvM2Y3ZGE0LTM2MzEtNGIwMy1iYTg0LTZjYjJkM2I0NDM3Yy8x
LzFsX2RPUndQTTJhdWJQZ2hWbWxvcGlTRFZYQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
M2Y3ZGE0LTM2MzEtNGIwMy1iYTg0LTZjYjJkM2I0NDM3Yy8xLzZjVE5RUmpkXy01
VzZJVm1ONVZVZWgzai1Zby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAlXQkDANBAIAAjAHAwUDKgmHQDAN
BgkqhkiG9w0BAQsFAAOCAQEAfVYkpkuzklFavqQVF8giPl0Lx0siEJN3sT8ZTiUN
bzfcxhDZmg8Erq8tcz+LXHAelmUiZQAUnYOkS40qm3i4g94tcA6+SwCjjn8edj/A
PFQbmS2DMdd51MvzsHrEq1wU5TFjB/UPqkbXNP76KLe/i1yTT6YCyr4wM1bmCUih
HTHniGu00Fztj3Uge9NNrgwk+jy0Di7eHLiScKY3+Gjh8fHc9f84FIRMcuFSd4dR
NGvXWfkaTtEVq2z9YMxfydDmzzrzLwhT10y1H64+3kLMnPgZ1G4PzjqBY8uIp9NR
QQeAhsRjFsXKNyXxWkHk5I5Y3/QBaLWXCq7x9Z1U1X/m2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:13 2024 by rpki-client on console-ams.rpki-client.org