Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/3XAhsTtSXF0zCcKx_fFJk6MMg-E.roa
File: 3XAhsTtSXF0zCcKx_fFJk6MMg-E.roa (raw, json)
Hash identifier: QoU73dNqY/eLhzwKmb3srEkNGM6R8dvk8bp9or2gdmU=
Subject key identifier: DD:70:21:B1:3B:52:5C:5D:33:09:C2:B1:FD:F1:49:93:A3:0C:83:E1
Certificate issuer: /CN=335ca521362226d03c1829003d81d498aa838f33
Certificate serial: 0185525296F10626477476D70BA783FDB70A
Authority key identifier: 33:5C:A5:21:36:22:26:D0:3C:18:29:00:3D:81:D4:98:AA:83:8F:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M1ylITYiJtA8GCkAPYHUmKqDjzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/3XAhsTtSXF0zCcKx_fFJk6MMg-E.roa
Signing time: Tue 27 Dec 2022 06:43:42 +0000
ROA not before: Tue 27 Dec 2022 06:43:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209257
IP address blocks: 185.186.221.0/24 maxlen: 24
2a11:1e40:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:52:52:96:f1:06:26:47:74:76:d7:0b:a7:83:fd:b7:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=335ca521362226d03c1829003d81d498aa838f33
Validity
Not Before: Dec 27 06:43:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd7021b13b525c5d3309c2b1fdf14993a30c83e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:cc:54:03:f4:7e:d8:8c:f4:30:ff:7b:ac:04:
b9:28:62:56:49:32:d7:34:cc:d8:cb:bb:2a:24:c5:
76:99:57:fc:c1:5d:66:f5:68:73:89:eb:bb:3e:96:
c6:4d:8f:69:1e:4b:0c:9c:0d:61:7d:f3:69:fa:70:
58:0d:0f:06:63:28:a4:69:24:a0:f0:56:de:47:29:
3f:f9:16:88:0b:c4:67:f3:a7:2c:62:67:a5:3d:e1:
fd:c7:f3:89:55:ef:7d:92:8a:1d:74:3f:b3:86:b4:
0d:cc:5a:fc:30:db:07:91:e4:2c:cd:36:af:d3:4b:
5b:b6:dd:ef:03:65:f4:09:71:73:5e:60:11:05:d7:
34:d1:79:ee:e3:b5:0f:a9:c4:ec:9b:a2:89:09:00:
7a:8c:68:35:7a:ad:e9:42:88:3b:57:78:94:49:06:
13:47:99:55:01:35:15:da:53:c6:fb:39:18:e3:55:
3b:f6:95:09:55:18:e1:e2:89:e0:5a:6b:f5:08:44:
f1:b1:8d:68:b9:d9:07:88:f5:77:00:05:21:a4:33:
6e:f5:84:2c:90:ab:1e:13:33:db:df:41:a0:fc:53:
fa:1d:a5:c9:52:a8:e0:46:aa:1a:a3:54:8e:97:75:
9d:6f:46:2e:56:7c:93:e8:86:78:c0:ad:ef:17:e6:
89:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:70:21:B1:3B:52:5C:5D:33:09:C2:B1:FD:F1:49:93:A3:0C:83:E1
X509v3 Authority Key Identifier:
keyid:33:5C:A5:21:36:22:26:D0:3C:18:29:00:3D:81:D4:98:AA:83:8F:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1ylITYiJtA8GCkAPYHUmKqDjzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/3XAhsTtSXF0zCcKx_fFJk6MMg-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/M1ylITYiJtA8GCkAPYHUmKqDjzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.221.0/24
IPv6:
2a11:1e40:1::/48
Signature Algorithm: sha256WithRSAEncryption
6c:47:09:b6:63:09:a4:22:e7:b0:20:a9:50:74:94:85:3a:99:
c0:84:9a:55:b6:5b:fd:f5:84:24:bb:d2:ca:08:81:e3:67:ea:
d8:ff:88:c1:57:fc:d5:0c:15:a1:85:77:c1:d0:f1:e8:3a:01:
a3:97:8f:bc:16:c3:7f:9a:65:b9:4e:99:d2:8b:14:83:49:38:
0a:64:ad:39:39:a8:87:d0:a1:03:cd:5b:6f:09:79:36:b5:14:
05:10:ab:98:1e:dd:2e:be:30:2a:70:c5:72:d0:06:70:c2:1e:
88:49:a5:3b:47:6b:ee:a4:eb:f3:0b:3d:18:59:33:99:09:1b:
07:bf:4f:1d:9d:ef:3e:eb:27:23:d4:9f:95:5b:70:aa:57:7d:
0e:b2:4f:c0:e7:0a:84:7c:37:f0:30:3e:9c:81:3f:6c:f0:5e:
6a:cd:8f:58:45:9b:f1:9b:88:a9:f9:be:58:7a:a8:3d:3d:ec:
7e:db:d8:51:3f:1d:b2:a1:d8:7b:5e:e4:27:54:a8:84:66:54:
7b:9c:ed:08:87:3e:29:07:20:c6:2d:b3:f7:fe:bf:ca:c2:68:
72:6e:bf:a3:ef:ed:51:a4:3e:95:57:f6:04:a8:2e:39:b1:da:
50:4d:a5:71:60:e4:5e:79:d0:df:76:90:87:69:85:55:b2:9a:
36:da:cb:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVSUpbxBiZHdHbXC6eD/bcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNWNhNTIxMzYyMjI2ZDAzYzE4MjkwMDNkODFkNDk4YWE4
MzhmMzMwHhcNMjIxMjI3MDY0MzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDcwMjFiMTNiNTI1YzVkMzMwOWMyYjFmZGYxNDk5M2EzMGM4M2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsxUA/R+2Iz0MP97rAS5KGJWSTLX
NMzYy7sqJMV2mVf8wV1m9Whzieu7PpbGTY9pHksMnA1hffNp+nBYDQ8GYyikaSSg
8FbeRyk/+RaIC8Rn86csYmelPeH9x/OJVe99kooddD+zhrQNzFr8MNsHkeQszTav
00tbtt3vA2X0CXFzXmARBdc00Xnu47UPqcTsm6KJCQB6jGg1eq3pQog7V3iUSQYT
R5lVATUV2lPG+zkY41U79pUJVRjh4ongWmv1CETxsY1oudkHiPV3AAUhpDNu9YQs
kKseEzPb30Gg/FP6HaXJUqjgRqoao1SOl3Wdb0YuVnyT6IZ4wK3vF+aJ4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN1wIbE7UlxdMwnCsf3xSZOjDIPhMB8GA1UdIwQY
MBaAFDNcpSE2IibQPBgpAD2B1Jiqg48zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTF5bElUWWlKdEE4R0NrQVBZSFVtS3FEanpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9kYzYwOGEtMTc1ZS00MmQzLTkzZDgt
OTc0YzQ0YWI5Y2ZiLzEvM1hBaHNUdFNYRjB6Q2NLeF9mRkprNk1NZy1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9kYzYwOGEtMTc1ZS00MmQzLTkzZDgtOTc0YzQ0YWI5Y2Zi
LzEvTTF5bElUWWlKdEE4R0NrQVBZSFVtS3FEanpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAubrdMA8E
AgACMAkDBwAqER5AAAEwDQYJKoZIhvcNAQELBQADggEBAGxHCbZjCaQi57AgqVB0
lIU6mcCEmlW2W/31hCS70soIgeNn6tj/iMFX/NUMFaGFd8HQ8eg6AaOXj7wWw3+a
ZblOmdKLFINJOApkrTk5qIfQoQPNW28JeTa1FAUQq5ge3S6+MCpwxXLQBnDCHohJ
pTtHa+6k6/MLPRhZM5kJGwe/Tx2d7z7rJyPUn5VbcKpXfQ6yT8DnCoR8N/AwPpyB
P2zwXmrNj1hFm/GbiKn5vlh6qD097H7b2FE/HbKh2Hte5CdUqIRmVHuc7QiHPikH
IMYts/f+v8rCaHJuv6Pv7VGkPpVX9gSoLjmx2lBNpXFg5F550N92kIdphVWymjba
y4o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org