Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/3ehh2IZaKssZKHwa8jjj6Zw2Dz4.roa
File: 3ehh2IZaKssZKHwa8jjj6Zw2Dz4.roa (raw, json)
Hash identifier: Gvxg7NMVYDBbUbT8zQX4g0oGiEPtxk2ZoSB4rdvH1sI=
Subject key identifier: DD:E8:61:D8:86:5A:2A:CB:19:28:7C:1A:F2:38:E3:E9:9C:36:0F:3E
Certificate issuer: /CN=d18c2030a5971c4a54096a8edbb21211e54216a7
Certificate serial: 020A4B44
Authority key identifier: D1:8C:20:30:A5:97:1C:4A:54:09:6A:8E:DB:B2:12:11:E5:42:16:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YwgMKWXHEpUCWqO27ISEeVCFqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/3ehh2IZaKssZKHwa8jjj6Zw2Dz4.roa
Signing time: Sat 01 Jan 2022 08:04:46 +0000
ROA not before: Sat 01 Jan 2022 08:04:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42994
IP address blocks: 185.191.204.0/24 maxlen: 24
185.191.205.0/24 maxlen: 24
2a0a:1dc0::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34229060 (0x20a4b44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d18c2030a5971c4a54096a8edbb21211e54216a7
Validity
Not Before: Jan 1 08:04:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dde861d8865a2acb19287c1af238e3e99c360f3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8a:43:cf:db:b5:15:e1:75:c3:2c:55:e1:27:
2e:f3:71:d7:16:b0:84:8d:61:b7:c6:14:cf:5c:43:
dd:39:d3:57:fc:34:f6:ea:7d:2c:73:4c:eb:b8:a0:
fa:e2:8c:1d:f6:a0:e5:37:e1:1e:55:24:53:08:ab:
1c:2c:67:ef:2d:26:63:24:90:a6:83:3e:e3:43:42:
ac:e0:3d:47:e5:ad:a8:6e:09:57:a5:f8:c2:5f:fc:
a9:c0:34:6e:26:07:b2:d8:7d:00:95:cf:6c:48:2e:
a2:7b:bb:1d:31:55:2d:9d:24:44:e1:bb:43:ec:e2:
16:63:c7:ca:49:45:04:b3:b5:c2:bd:7d:d1:d5:04:
0b:83:0a:c1:03:dd:53:70:37:a0:b4:3d:14:1a:90:
38:bb:28:ca:58:4c:4e:f5:58:c0:f2:0e:1b:b3:3d:
ad:78:73:a1:88:7a:f0:44:64:95:3f:71:b4:6a:6f:
5c:c4:24:36:73:73:5c:29:31:cb:69:1b:53:e4:3a:
c8:f8:79:8a:6c:55:b3:c2:ce:0e:a9:c2:36:e1:98:
ba:4b:1a:4d:a1:e2:79:84:65:ab:27:d4:1a:74:97:
41:59:9d:e4:90:c2:3a:49:09:39:dd:42:c5:d9:1f:
4a:44:b0:dc:d9:c9:59:52:27:c3:f1:83:9b:32:3d:
d5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E8:61:D8:86:5A:2A:CB:19:28:7C:1A:F2:38:E3:E9:9C:36:0F:3E
X509v3 Authority Key Identifier:
keyid:D1:8C:20:30:A5:97:1C:4A:54:09:6A:8E:DB:B2:12:11:E5:42:16:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YwgMKWXHEpUCWqO27ISEeVCFqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/3ehh2IZaKssZKHwa8jjj6Zw2Dz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/0YwgMKWXHEpUCWqO27ISEeVCFqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.204.0/23
IPv6:
2a0a:1dc0::/30
Signature Algorithm: sha256WithRSAEncryption
75:ea:8a:ff:de:fe:7a:65:ab:f1:0b:14:27:bd:c5:f4:61:80:
7d:d3:05:a1:e0:66:08:5a:54:48:55:33:30:35:b9:4f:94:01:
e3:bf:c5:be:96:a5:a8:de:ca:e5:98:89:c6:6d:94:0b:ee:18:
f4:d2:bc:b3:5f:f0:12:1d:97:14:14:a9:55:a1:ee:4a:f1:6e:
1c:33:1a:c7:41:a9:7c:9a:c5:58:ae:40:f1:eb:15:99:56:14:
7c:ed:cc:ff:bb:74:db:84:09:8f:53:7a:9b:e6:21:42:9c:1d:
52:d2:71:bf:1a:8d:f0:3f:e6:66:37:5a:8e:f4:40:d4:20:d1:
42:a6:9c:b3:96:c1:f5:79:aa:9e:af:d4:20:83:4f:ae:58:d9:
ba:6d:60:22:ab:af:c3:f9:50:58:0a:32:48:eb:a2:00:b9:0b:
c1:74:ce:83:2c:b7:ac:6a:bd:56:09:2b:79:af:0f:9f:37:5e:
2f:a8:56:5f:7c:42:a0:40:96:d2:d2:0a:8d:57:4b:f7:ff:1e:
9f:e6:6f:6d:27:13:e0:2d:11:95:86:85:09:f8:56:01:99:47:
d7:23:db:17:9d:e8:c3:ed:47:0d:43:af:18:f1:99:77:aa:74:
89:88:5b:ea:06:9c:e1:f1:6c:d8:d3:8c:c7:80:f6:ed:24:64:
2c:00:dc:1b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAgpLRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MThjMjAzMGE1OTcxYzRhNTQwOTZhOGVkYmIyMTIxMWU1NDIxNmE3MB4XDTIyMDEw
MTA4MDQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRlODYxZDg4NjVh
MmFjYjE5Mjg3YzFhZjIzOGUzZTk5YzM2MGYzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOKQ8/btRXhdcMsVeEnLvNx1xawhI1ht8YUz1xD3TnTV/w0
9up9LHNM67ig+uKMHfag5TfhHlUkUwirHCxn7y0mYySQpoM+40NCrOA9R+WtqG4J
V6X4wl/8qcA0biYHsth9AJXPbEguonu7HTFVLZ0kROG7Q+ziFmPHyklFBLO1wr19
0dUEC4MKwQPdU3A3oLQ9FBqQOLsoylhMTvVYwPIOG7M9rXhzoYh68ERklT9xtGpv
XMQkNnNzXCkxy2kbU+Q6yPh5imxVs8LODqnCNuGYuksaTaHieYRlqyfUGnSXQVmd
5JDCOkkJOd1CxdkfSkSw3NnJWVInw/GDmzI91U0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTd6GHYhloqyxkofBryOOPpnDYPPjAfBgNVHSMEGDAWgBTRjCAwpZccSlQJ
ao7bshIR5UIWpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBZd2dNS1dYSEVwVUNXcU8yN0lTRWVWQ0ZxYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvYzRmMTQ0LTZlNjgtNDZiOC04NThkLTUzYTY3MmQxNGI3YS8x
LzNlaGgySVphS3NzWktId2E4ampqNlp3MkR6NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
YzRmMTQ0LTZlNjgtNDZiOC04NThkLTUzYTY3MmQxNGI3YS8xLzBZd2dNS1dYSEVw
VUNXcU8yN0lTRWVWQ0ZxYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAbm/zDANBAIAAjAHAwUCKgodwDAN
BgkqhkiG9w0BAQsFAAOCAQEAdeqK/97+emWr8QsUJ73F9GGAfdMFoeBmCFpUSFUz
MDW5T5QB47/FvpalqN7K5ZiJxm2UC+4Y9NK8s1/wEh2XFBSpVaHuSvFuHDMax0Gp
fJrFWK5A8esVmVYUfO3M/7t024QJj1N6m+YhQpwdUtJxvxqN8D/mZjdajvRA1CDR
Qqacs5bB9Xmqnq/UIINPrljZum1gIquvw/lQWAoySOuiALkLwXTOgyy3rGq9Vgkr
ea8PnzdeL6hWX3xCoECW0tIKjVdL9/8en+ZvbScT4C0RlYaFCfhWAZlH1yPbF53o
w+1HDUOvGPGZd6p0iYhb6gac4fFs2NOMx4D27SRkLADcGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:58 2024 by rpki-client on console-ams.rpki-client.org