Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/3mZ4GGt1A7mki4vbnMxV-3G4o8o.roa
File: 3mZ4GGt1A7mki4vbnMxV-3G4o8o.roa (raw, json)
Hash identifier: uvhEaM1lmhV2j+2t99k6nMs0qdUbnJg+tKM7h6teAOk=
Subject key identifier: DE:66:78:18:6B:75:03:B9:A4:8B:8B:DB:9C:CC:55:FB:71:B8:A3:CA
Certificate issuer: /CN=56e3353d5f423ad4271c3261caa543140530bddb
Certificate serial: 018262A518B96EA0897257776D038605BD05
Authority key identifier: 56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/3mZ4GGt1A7mki4vbnMxV-3G4o8o.roa
Signing time: Wed 03 Aug 2022 07:39:23 +0000
ROA not before: Wed 03 Aug 2022 07:39:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34757
IP address blocks: 5.44.168.0/23 maxlen: 24
109.111.176.0/20 maxlen: 24
193.238.128.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:62:a5:18:b9:6e:a0:89:72:57:77:6d:03:86:05:bd:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56e3353d5f423ad4271c3261caa543140530bddb
Validity
Not Before: Aug 3 07:39:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de6678186b7503b9a48b8bdb9ccc55fb71b8a3ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9a:26:57:e9:c2:53:ee:a1:4b:d6:78:2f:86:
45:30:38:1c:e7:2c:6d:f0:38:10:de:e9:a5:a5:0d:
7b:85:83:33:da:06:cb:66:8e:95:f2:3e:cf:5d:93:
7b:17:8b:30:22:9b:e2:7f:c5:88:94:17:a7:2e:88:
ed:65:30:d4:9f:e4:8f:e2:5a:ac:15:2f:91:1d:66:
5e:a6:e7:e1:c2:2b:ec:7e:2e:2c:bc:56:83:64:6e:
6c:f1:83:da:af:35:f4:20:21:68:90:4e:40:e0:7c:
5b:d2:34:79:dc:9c:6d:e3:8d:a3:8b:d5:3c:42:06:
d4:74:9f:40:e9:16:66:ae:76:16:65:80:78:31:ab:
dd:4d:87:1d:74:0d:73:41:70:05:74:ca:b6:0b:97:
e4:f1:71:48:f9:8e:b8:fb:ae:c1:87:98:ef:db:ca:
fd:40:1c:25:8d:b4:eb:a5:ac:c0:b6:52:f0:ce:ef:
59:ca:29:6d:fb:e4:03:41:be:6c:2b:f1:49:12:08:
cb:1c:44:39:c3:76:3b:22:92:d1:cf:6c:35:67:ca:
e3:e3:b8:f5:b5:12:ee:2c:49:60:be:ac:f6:30:1b:
ed:ce:79:7a:10:98:f9:cd:f2:85:31:29:e7:93:e5:
46:81:09:ff:31:8a:79:b5:cb:3b:42:31:3c:41:53:
ab:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:66:78:18:6B:75:03:B9:A4:8B:8B:DB:9C:CC:55:FB:71:B8:A3:CA
X509v3 Authority Key Identifier:
keyid:56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/3mZ4GGt1A7mki4vbnMxV-3G4o8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VuM1PV9COtQnHDJhyqVDFAUwvds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.168.0/23
109.111.176.0/20
193.238.128.0/22
Signature Algorithm: sha256WithRSAEncryption
36:01:3d:1c:07:39:80:b8:fb:f9:55:3a:e9:94:86:81:e3:a8:
8d:3f:af:31:85:2d:15:42:79:3e:61:40:02:b8:3c:2f:f2:a0:
51:a6:d6:37:ed:c9:94:be:0e:15:d1:e2:59:3f:1e:ba:7f:27:
15:9a:43:f8:c1:8b:c8:ed:d0:05:3f:1c:75:4a:7f:d3:48:e2:
a5:8c:e9:31:bc:98:1e:86:60:3b:bb:ab:50:81:68:81:fb:68:
18:e0:f7:26:3e:40:66:25:fb:89:f1:a7:3a:37:09:d5:c7:43:
b6:86:7e:e2:94:6c:44:f0:3b:c8:b5:18:9e:09:1f:bb:04:ad:
c1:3f:9d:e2:32:76:a5:a1:8c:de:bc:62:c1:fd:b9:c4:1f:03:
06:0e:7d:bd:51:24:be:c5:8b:b1:e8:d1:f4:ce:1f:da:11:c4:
f9:69:15:40:9a:a2:f8:13:54:ff:bc:86:aa:d9:9a:91:1d:52:
2a:75:99:78:57:60:aa:ca:42:0c:a3:47:89:3c:37:43:3f:40:
9b:5d:c2:2a:94:7d:9a:b4:b7:51:03:ec:eb:a5:7f:41:00:b8:
41:36:70:ae:26:c4:0f:13:ba:68:7e:36:e4:c4:1e:32:aa:96:
fd:d2:a4:92:cc:bb:d1:1d:fb:4e:22:ad:c8:d0:45:2c:34:82:
8e:5e:c3:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYJipRi5bqCJcld3bQOGBb0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZTMzNTNkNWY0MjNhZDQyNzFjMzI2MWNhYTU0MzE0MDUz
MGJkZGIwHhcNMjIwODAzMDczOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTY2NzgxODZiNzUwM2I5YTQ4YjhiZGI5Y2NjNTVmYjcxYjhhM2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpomV+nCU+6hS9Z4L4ZFMDgc5yxt
8DgQ3umlpQ17hYMz2gbLZo6V8j7PXZN7F4swIpvif8WIlBenLojtZTDUn+SP4lqs
FS+RHWZepufhwivsfi4svFaDZG5s8YParzX0ICFokE5A4Hxb0jR53Jxt442ji9U8
QgbUdJ9A6RZmrnYWZYB4MavdTYcddA1zQXAFdMq2C5fk8XFI+Y64+67Bh5jv28r9
QBwljbTrpazAtlLwzu9Zyilt++QDQb5sK/FJEgjLHEQ5w3Y7IpLRz2w1Z8rj47j1
tRLuLElgvqz2MBvtznl6EJj5zfKFMSnnk+VGgQn/MYp5tcs7QjE8QVOrMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN5meBhrdQO5pIuL25zMVftxuKPKMB8GA1UdIwQY
MBaAFFbjNT1fQjrUJxwyYcqlQxQFML3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTIt
ZTUyZGEzYjg2NzU0LzEvM21aNEdHdDFBN21raTR2Ym5NeFYtM0c0bzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTItZTUyZGEzYjg2NzU0
LzEvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBSyoAwQE
bW+wAwQCwe6AMA0GCSqGSIb3DQEBCwUAA4IBAQA2AT0cBzmAuPv5VTrplIaB46iN
P68xhS0VQnk+YUACuDwv8qBRptY37cmUvg4V0eJZPx66fycVmkP4wYvI7dAFPxx1
Sn/TSOKljOkxvJgehmA7u6tQgWiB+2gY4PcmPkBmJfuJ8ac6NwnVx0O2hn7ilGxE
8DvItRieCR+7BK3BP53iMnaloYzevGLB/bnEHwMGDn29USS+xYux6NH0zh/aEcT5
aRVAmqL4E1T/vIaq2ZqRHVIqdZl4V2CqykIMo0eJPDdDP0CbXcIqlH2atLdRA+zr
pX9BALhBNnCuJsQPE7pofjbkxB4yqpb90qSSzLvRHftOIq3I0EUsNIKOXsMx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:11 2024 by rpki-client on console-fra.rpki-client.org