Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/3E-TKmqP_SfM-hCee6Nee87jX6A.roa
File: 3E-TKmqP_SfM-hCee6Nee87jX6A.roa (raw, json)
Hash identifier: 5yEEXttcdPKdIKYzSwRv3HkwItC4LFPgDAkyu7CTZng=
Subject key identifier: DC:4F:93:2A:6A:8F:FD:27:CC:FA:10:9E:7B:A3:5E:7B:CE:E3:5F:A0
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 0183132398E2F1A81A9444455CAD3AF04BDD
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/3E-TKmqP_SfM-hCee6Nee87jX6A.roa
Signing time: Tue 06 Sep 2022 14:10:43 +0000
ROA not before: Tue 06 Sep 2022 14:10:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 185.146.154.0/24 maxlen: 24
185.146.155.0/24 maxlen: 24
2a07:4f80::/44 maxlen: 44
2a07:4f80:10::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:13:23:98:e2:f1:a8:1a:94:44:45:5c:ad:3a:f0:4b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Sep 6 14:10:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc4f932a6a8ffd27ccfa109e7ba35e7bcee35fa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f6:a7:f3:00:d0:b2:e2:19:70:cb:6f:48:c1:
76:7a:1f:6a:60:cb:3c:37:28:03:92:24:90:32:e4:
6a:93:9e:d9:60:77:58:d3:a3:77:d8:c6:50:6a:f0:
4a:51:4c:46:6b:90:91:97:de:40:bd:12:bd:96:db:
66:4d:dd:4c:b3:43:1f:58:25:e8:0d:8e:9d:05:49:
a6:a1:a8:a4:37:7a:2b:f4:ba:00:63:4e:de:40:ad:
c4:e1:0a:18:45:fc:07:7a:fe:f6:50:80:2f:f8:1d:
74:bb:f9:2b:d5:40:ba:e3:06:54:98:32:b8:1d:79:
a2:75:cc:62:88:ca:4a:99:98:3a:13:67:be:3a:02:
6f:e0:41:4a:75:cb:d3:5b:af:aa:cc:cf:c3:02:f4:
2d:19:3d:7c:42:ac:d9:63:76:50:14:6d:2d:70:7c:
cd:43:b4:e2:bf:f6:a6:29:79:3b:62:b3:b9:27:ce:
5a:bf:f9:36:32:71:cb:bc:8c:b6:61:2e:54:32:da:
67:68:e8:b7:47:4b:1b:67:b1:8d:2d:37:33:cb:cc:
94:2a:04:d5:43:98:64:11:16:bb:97:c1:be:72:01:
bf:b4:b6:7c:13:6e:5d:8e:8d:43:eb:a3:34:8e:35:
c4:8f:42:05:ff:3f:bb:fd:e1:c3:68:a3:e5:19:b9:
43:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:4F:93:2A:6A:8F:FD:27:CC:FA:10:9E:7B:A3:5E:7B:CE:E3:5F:A0
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/3E-TKmqP_SfM-hCee6Nee87jX6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.154.0/23
IPv6:
2a07:4f80::/43
Signature Algorithm: sha256WithRSAEncryption
85:74:06:d8:cd:c5:d5:81:12:28:43:8c:28:f7:81:6d:f2:4f:
f6:9c:5d:ff:9f:df:71:a3:bf:ad:68:23:0f:5b:52:7c:36:1c:
5d:d2:25:06:fa:4e:5d:b1:55:81:1d:97:31:6f:56:e0:18:58:
ec:65:59:1f:65:1d:33:45:00:47:5a:a1:df:1e:c3:f6:26:d6:
da:ad:b5:f9:b8:84:e3:4e:4b:fd:ca:7a:d1:7a:dc:f0:8e:b7:
0c:4a:14:0b:c6:70:68:60:f6:ae:8f:a0:6b:5c:46:00:3d:bb:
07:b5:b3:d5:53:cb:1d:1d:75:d3:d3:ae:86:7d:ac:d1:a6:54:
34:ec:78:33:23:3c:62:59:12:b4:83:63:0b:f2:69:3c:cc:68:
02:db:ce:7a:ea:0c:e3:77:71:86:2f:4b:3a:99:d5:c7:c4:c8:
84:ee:ee:43:73:00:e6:0f:52:ba:13:cc:38:b4:35:14:65:8a:
59:8e:24:2a:3d:e3:a6:a8:60:f0:a2:fc:3b:2e:65:aa:cb:ed:
d9:8a:aa:3c:db:62:d5:c4:ea:33:04:6a:63:4b:4e:67:83:99:
c1:53:e1:32:08:17:47:da:66:9d:2d:3f:0b:21:a2:52:34:59:
e7:52:9b:2e:d6:30:45:7d:53:59:93:d3:12:5a:38:b0:5c:e6:
da:91:37:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMTI5ji8agalERFXK068EvdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjIwOTA2MTQxMDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzRmOTMyYTZhOGZmZDI3Y2NmYTEwOWU3YmEzNWU3YmNlZTM1ZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvan8wDQsuIZcMtvSMF2eh9qYMs8
NygDkiSQMuRqk57ZYHdY06N32MZQavBKUUxGa5CRl95AvRK9lttmTd1Ms0MfWCXo
DY6dBUmmoaikN3or9LoAY07eQK3E4QoYRfwHev72UIAv+B10u/kr1UC64wZUmDK4
HXmidcxiiMpKmZg6E2e+OgJv4EFKdcvTW6+qzM/DAvQtGT18QqzZY3ZQFG0tcHzN
Q7Tiv/amKXk7YrO5J85av/k2MnHLvIy2YS5UMtpnaOi3R0sbZ7GNLTczy8yUKgTV
Q5hkERa7l8G+cgG/tLZ8E25djo1D66M0jjXEj0IF/z+7/eHDaKPlGblDDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNxPkypqj/0nzPoQnnujXnvO41+gMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvM0UtVEttcVBfU2ZNLWhDZWU2TmVlODdqWDZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuZKaMA8E
AgACMAkDBwUqB0+AAAAwDQYJKoZIhvcNAQELBQADggEBAIV0BtjNxdWBEihDjCj3
gW3yT/acXf+f33Gjv61oIw9bUnw2HF3SJQb6Tl2xVYEdlzFvVuAYWOxlWR9lHTNF
AEdaod8ew/Ym1tqttfm4hONOS/3KetF63PCOtwxKFAvGcGhg9q6PoGtcRgA9uwe1
s9VTyx0dddPTroZ9rNGmVDTseDMjPGJZErSDYwvyaTzMaALbznrqDON3cYYvSzqZ
1cfEyITu7kNzAOYPUroTzDi0NRRlilmOJCo946aoYPCi/DsuZarL7dmKqjzbYtXE
6jMEamNLTmeDmcFT4TIIF0faZp0tPwsholI0WedSmy7WMEV9U1mT0xJaOLBc5tqR
N4Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:09 2024 by rpki-client on console-fra.rpki-client.org