Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/31e0d4-35ce-4d02-9734-d78fb97f9828/1/3H9F8DQHMEXqB-UuL2RwBQI3X_0.roa
File: 3H9F8DQHMEXqB-UuL2RwBQI3X_0.roa (raw, json)
Hash identifier: KyGYtgd3R52N+mSTcNMbaEvf33vaEErfsLGN6o1o4qI=
Subject key identifier: DC:7F:45:F0:34:07:30:45:EA:07:E5:2E:2F:64:70:05:02:37:5F:FD
Certificate issuer: /CN=4ee52752a81bdfe0a401f9a261d79fee4b617115
Certificate serial: 01EB0671
Authority key identifier: 4E:E5:27:52:A8:1B:DF:E0:A4:01:F9:A2:61:D7:9F:EE:4B:61:71:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuUnUqgb3-CkAfmiYdef7kthcRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/31e0d4-35ce-4d02-9734-d78fb97f9828/1/3H9F8DQHMEXqB-UuL2RwBQI3X_0.roa
Signing time: Tue 12 Apr 2022 14:07:08 +0000
ROA not before: Tue 12 Apr 2022 14:07:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8303
IP address blocks: 149.219.0.0/16 maxlen: 16
149.219.249.0/24 maxlen: 24
149.219.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32179825 (0x1eb0671)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee52752a81bdfe0a401f9a261d79fee4b617115
Validity
Not Before: Apr 12 14:07:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc7f45f034073045ea07e52e2f64700502375ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:a6:41:9e:59:82:48:32:0f:37:5f:20:3f:3d:
1b:72:f7:de:11:2d:fe:fa:2d:1b:7d:cd:43:20:28:
11:b6:4d:5f:5e:3f:2e:1b:e7:12:0e:11:5c:ec:06:
63:29:ef:88:47:93:2b:b1:3a:a6:e1:5b:58:20:d8:
ce:0c:bf:d2:a6:3d:3e:db:d5:f7:ca:8a:db:f7:02:
ef:39:6f:7a:e6:41:ea:df:92:6d:57:af:24:7e:d8:
b5:80:3e:2d:0a:6e:68:6c:be:a7:68:16:a4:4e:56:
91:db:4e:3b:6d:d2:bd:82:84:7c:e0:e5:d4:2d:90:
92:57:48:dd:ed:fe:73:b8:60:be:bf:e0:d0:28:21:
a2:6a:83:6b:bd:b3:8d:3b:44:cb:36:a8:57:22:86:
0f:76:ac:b5:2b:6b:55:e3:da:e0:21:7b:ae:ad:e6:
cd:43:d7:36:b4:2d:20:f3:0e:7b:dc:ca:35:59:a0:
e9:a3:00:d2:30:7e:db:ae:53:6b:f0:bb:07:7f:12:
c9:87:bb:cf:0e:f4:c8:9b:63:c6:ba:3e:16:0b:b1:
a9:64:f8:35:a0:47:db:bf:58:ae:cd:7d:e8:68:44:
4d:6c:f5:39:b9:f5:de:34:06:b6:19:9d:bf:52:22:
e1:78:74:ef:66:4a:8e:12:b7:da:a8:90:e0:ab:dc:
69:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:7F:45:F0:34:07:30:45:EA:07:E5:2E:2F:64:70:05:02:37:5F:FD
X509v3 Authority Key Identifier:
keyid:4E:E5:27:52:A8:1B:DF:E0:A4:01:F9:A2:61:D7:9F:EE:4B:61:71:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuUnUqgb3-CkAfmiYdef7kthcRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/31e0d4-35ce-4d02-9734-d78fb97f9828/1/3H9F8DQHMEXqB-UuL2RwBQI3X_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/31e0d4-35ce-4d02-9734-d78fb97f9828/1/TuUnUqgb3-CkAfmiYdef7kthcRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.219.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:e1:a0:d6:63:eb:d2:6b:8f:c4:b6:3b:55:5f:93:63:36:ee:
a3:a3:92:66:4c:f5:48:f1:7c:33:11:b1:8d:a7:ed:bb:05:94:
35:49:c9:01:48:58:e5:61:a5:9f:c6:8b:3d:84:bb:08:72:22:
62:e1:08:1f:1d:3d:62:a3:5f:8d:89:51:ea:3a:f0:2c:d9:35:
8d:00:a0:bc:5f:10:5c:11:37:c5:75:c7:16:24:f5:26:66:5d:
92:63:0a:fb:f1:b0:67:1a:93:b5:a7:3e:65:82:06:ef:bd:1e:
ab:7e:fb:4f:67:70:59:84:20:f9:86:1b:db:57:87:e9:3c:fa:
a6:50:fb:30:87:74:7a:58:84:5d:f2:bf:6e:69:11:32:b6:73:
9c:af:b5:64:69:04:3e:41:48:32:58:9b:e6:59:30:7a:d6:8c:
44:c7:d4:da:24:a9:73:12:9d:65:26:58:8c:85:5d:f0:09:a6:
20:8e:95:c5:21:bc:fb:17:b6:65:d9:33:8b:44:17:c9:5d:bb:
ac:30:54:15:a3:55:f8:9d:89:83:7b:b2:ca:22:0c:b6:b8:e3:
f0:67:01:75:5d:f9:d6:b1:fb:34:e4:8e:44:a3:80:3e:28:02:
eb:69:ae:ff:60:9b:b3:7b:e5:08:ca:a5:d8:3a:df:71:29:fc:
4e:45:88:c2
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEAesGcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZWU1Mjc1MmE4MWJkZmUwYTQwMWY5YTI2MWQ3OWZlZTRiNjE3MTE1MB4XDTIyMDQx
MjE0MDcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGM3ZjQ1ZjAzNDA3
MzA0NWVhMDdlNTJlMmY2NDcwMDUwMjM3NWZmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOqmQZ5ZgkgyDzdfID89G3L33hEt/votG33NQyAoEbZNX14/
LhvnEg4RXOwGYynviEeTK7E6puFbWCDYzgy/0qY9PtvV98qK2/cC7zlveuZB6t+S
bVevJH7YtYA+LQpuaGy+p2gWpE5WkdtOO23SvYKEfODl1C2QkldI3e3+c7hgvr/g
0CghomqDa72zjTtEyzaoVyKGD3astStrVePa4CF7rq3mzUPXNrQtIPMOe9zKNVmg
6aMA0jB+265Ta/C7B38SyYe7zw70yJtjxro+FguxqWT4NaBH279Yrs196GhETWz1
Obn13jQGthmdv1Ii4Xh072ZKjhK32qiQ4KvcaTcCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBTcf0XwNAcwReoH5S4vZHAFAjdf/TAfBgNVHSMEGDAWgBRO5SdSqBvf4KQB
+aJh15/uS2FxFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R1VW5VcWdiMy1Da0FmbWlZZGVmN2t0aGNSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvMzFlMGQ0LTM1Y2UtNGQwMi05NzM0LWQ3OGZiOTdmOTgyOC8x
LzNIOUY4RFFITUVYcUItVXVMMlJ3QlFJM1hfMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
MzFlMGQ0LTM1Y2UtNGQwMi05NzM0LWQ3OGZiOTdmOTgyOC8xL1R1VW5VcWdiMy1D
a0FmbWlZZGVmN2t0aGNSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJXbMA0GCSqGSIb3DQEBCwUAA4IB
AQAq4aDWY+vSa4/EtjtVX5NjNu6jo5JmTPVI8XwzEbGNp+27BZQ1SckBSFjlYaWf
xos9hLsIciJi4QgfHT1io1+NiVHqOvAs2TWNAKC8XxBcETfFdccWJPUmZl2SYwr7
8bBnGpO1pz5lggbvvR6rfvtPZ3BZhCD5hhvbV4fpPPqmUPswh3R6WIRd8r9uaREy
tnOcr7VkaQQ+QUgyWJvmWTB61oxEx9TaJKlzEp1lJliMhV3wCaYgjpXFIbz7F7Zl
2TOLRBfJXbusMFQVo1X4nYmDe7LKIgy2uOPwZwF1XfnWsfs05I5Eo4A+KALraa7/
YJuze+UIyqXYOt9xKfxORYjC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-fra.rpki-client.org