Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/3YAidakbkjPFouFFU3mlz2N-jXg.roa
File: 3YAidakbkjPFouFFU3mlz2N-jXg.roa (raw, json)
Hash identifier: xRpLuLoMcKljb6NmDW1T5HdplgNtrpHE+BhN2iNV/pM=
Subject key identifier: DD:80:22:75:A9:1B:92:33:C5:A2:E1:45:53:79:A5:CF:63:7E:8D:78
Certificate issuer: /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Certificate serial: 0183C592D06E1CB6ABBD7F9D2C814F1F2A16
Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/3YAidakbkjPFouFFU3mlz2N-jXg.roa
Signing time: Tue 11 Oct 2022 05:44:36 +0000
ROA not before: Tue 11 Oct 2022 05:44:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35280
IP address blocks: 185.94.142.0/23 maxlen: 24
185.94.141.0/24 maxlen: 24
185.94.140.0/22 maxlen: 22
185.94.140.0/23 maxlen: 24
185.94.140.0/24 maxlen: 24
84.54.60.0/22 maxlen: 24
185.160.10.0/23 maxlen: 24
185.160.9.0/24 maxlen: 24
185.160.8.0/23 maxlen: 24
193.16.221.0/24 maxlen: 24
5.182.212.0/22 maxlen: 24
193.16.236.0/24 maxlen: 24
185.56.152.0/24 maxlen: 24
185.56.154.0/23 maxlen: 24
193.16.213.0/24 maxlen: 24
2a05:f440::/29 maxlen: 48
2a07:b7c0::/29 maxlen: 29
2a02:53a0::/32 maxlen: 32
2a09:4b00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c5:92:d0:6e:1c:b6:ab:bd:7f:9d:2c:81:4f:1f:2a:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Validity
Not Before: Oct 11 05:44:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd802275a91b9233c5a2e1455379a5cf637e8d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b0:d9:5a:e7:0b:75:44:9f:8d:b0:a6:e4:4e:
ec:32:3a:71:d7:a9:20:04:fb:06:09:9a:25:40:3e:
27:cf:2a:e0:fc:21:27:3a:8b:8a:87:3c:16:c8:c3:
ab:7e:6e:b8:5f:cb:8a:1a:ef:7f:19:e6:ba:48:0a:
fa:96:73:9b:08:37:4b:f7:64:76:d3:5d:03:5b:9c:
ac:02:d4:6d:63:8a:ec:ca:a8:f8:85:1a:fe:d8:47:
ea:cf:85:f5:12:c9:be:c5:93:af:d0:45:52:8f:df:
21:75:aa:25:ec:8a:12:73:ed:b9:25:d4:92:3f:d0:
3f:16:18:82:34:36:fb:1b:de:46:31:99:66:83:52:
70:08:72:7f:c1:a4:c5:3f:d8:e8:65:14:72:ac:1e:
c8:3c:b4:6d:b5:60:4e:f6:67:f3:55:f8:91:81:1c:
ff:65:95:73:b3:23:a8:47:1a:00:69:1e:3c:0e:a4:
68:f2:ee:0d:84:3b:09:3f:ea:bc:9c:5c:49:13:f7:
f7:41:e7:5e:27:76:fe:24:35:4b:96:77:60:42:e5:
e5:11:67:38:18:99:28:4c:2f:23:d0:f4:d3:4d:2b:
30:f0:fe:3c:48:bd:58:26:22:a0:6f:4c:a5:e2:dd:
77:9a:5f:54:10:5f:47:e9:15:e9:9a:f5:a3:4f:d6:
57:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:80:22:75:A9:1B:92:33:C5:A2:E1:45:53:79:A5:CF:63:7E:8D:78
X509v3 Authority Key Identifier:
keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/3YAidakbkjPFouFFU3mlz2N-jXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.212.0/22
84.54.60.0/22
185.56.152.0/24
185.56.154.0/23
185.94.140.0/22
185.160.8.0/22
193.16.213.0/24
193.16.221.0/24
193.16.236.0/24
IPv6:
2a02:53a0::/32
2a05:f440::/29
2a07:b7c0::/29
2a09:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
1b:f5:0d:c0:72:41:62:c0:cb:4b:19:9b:9d:d7:e2:a2:1a:6a:
e4:2f:3b:62:6a:a4:4f:d7:20:fa:2c:17:56:fa:6f:96:08:aa:
ba:55:a0:33:2f:ac:fe:c5:52:f5:78:8c:fd:b9:fb:30:b1:d3:
01:63:19:d7:e5:f5:ba:50:df:14:da:dd:c7:be:5b:fa:c1:74:
cf:da:ef:e2:f8:60:2f:bc:81:c4:53:47:66:0d:d8:82:e3:c8:
cc:68:c5:53:d2:41:8c:f7:dc:2e:03:8d:d1:0e:55:c6:05:04:
8a:e0:35:d6:b9:11:95:b6:7c:9c:6a:ce:8c:83:a2:69:32:0b:
3a:71:23:8c:35:d9:9e:91:29:e8:8f:b8:a1:68:bb:3d:45:55:
8a:f0:44:aa:60:10:44:a7:a4:e5:d7:ef:32:24:54:96:f1:2c:
54:2c:cf:a0:bb:11:fd:74:b5:f8:00:33:bc:dd:30:78:ea:fc:
5a:66:31:52:39:95:82:06:4b:2e:ce:ac:56:72:de:0d:3f:c7:
62:47:f6:11:70:b5:f9:ae:d7:26:c9:59:c0:0e:28:0e:dd:21:
ad:d1:7c:25:8e:45:37:a5:65:7d:33:a1:50:db:bb:36:d3:2b:
cd:74:2d:f0:d7:c1:59:3d:dd:45:92:1e:33:69:9f:ef:50:b5:
eb:42:c8:27
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYPFktBuHLarvX+dLIFPHyoWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOWM2NzI5ZTFlODk4OTk4NGRkODAyZDFhOTBlODljZTJm
ZTM3M2MwHhcNMjIxMDExMDU0NDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDgwMjI3NWE5MWI5MjMzYzVhMmUxNDU1Mzc5YTVjZjYzN2U4ZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbDZWucLdUSfjbCm5E7sMjpx16kg
BPsGCZolQD4nzyrg/CEnOouKhzwWyMOrfm64X8uKGu9/Gea6SAr6lnObCDdL92R2
010DW5ysAtRtY4rsyqj4hRr+2Efqz4X1Esm+xZOv0EVSj98hdaol7IoSc+25JdSS
P9A/FhiCNDb7G95GMZlmg1JwCHJ/waTFP9joZRRyrB7IPLRttWBO9mfzVfiRgRz/
ZZVzsyOoRxoAaR48DqRo8u4NhDsJP+q8nFxJE/f3QedeJ3b+JDVLlndgQuXlEWc4
GJkoTC8j0PTTTSsw8P48SL1YJiKgb0yl4t13ml9UEF9H6RXpmvWjT9ZXTQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFN2AInWpG5IzxaLhRVN5pc9jfo14MB8GA1UdIwQY
MBaAFNqcZynh6JiZhN2ALRqQ6Jzi/jc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQt
NjljNjhlMmVmMjdkLzEvM1lBaWRha2JralBGb3VGRlUzbWx6Mk4talhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQtNjljNjhlMmVmMjdk
LzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjA8BAIAATA2AwQCBbbUAwQC
VDY8AwQAuTiYAwQBuTiaAwQCuV6MAwQCuaAIAwQAwRDVAwQAwRDdAwQAwRDsMCIE
AgACMBwDBQAqAlOgAwUDKgX0QAMFAyoHt8ADBQAqCUsAMA0GCSqGSIb3DQEBCwUA
A4IBAQAb9Q3AckFiwMtLGZud1+KiGmrkLztiaqRP1yD6LBdW+m+WCKq6VaAzL6z+
xVL1eIz9ufswsdMBYxnX5fW6UN8U2t3Hvlv6wXTP2u/i+GAvvIHEU0dmDdiC48jM
aMVT0kGM99wuA43RDlXGBQSK4DXWuRGVtnycas6Mg6JpMgs6cSOMNdmekSnoj7ih
aLs9RVWK8ESqYBBEp6Tl1+8yJFSW8SxULM+guxH9dLX4ADO83TB46vxaZjFSOZWC
BksuzqxWct4NP8diR/YRcLX5rtcmyVnADigO3SGt0XwljkU3pWV9M6FQ27s20yvN
dC3w18FZPd1Fkh4zaZ/vULXrQsgn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:34 2023 by rpki-client on console-fra.rpki-client.org