Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/3IyzrUoEmP1I5CEbw3QTIQVcVWI.roa
File: 3IyzrUoEmP1I5CEbw3QTIQVcVWI.roa (raw, json)
Hash identifier: Lt2XcYaXcCsvM9UKQZWQv09RkOWo8UJFyWiDaw2se04=
Subject key identifier: DC:8C:B3:AD:4A:04:98:FD:48:E4:21:1B:C3:74:13:21:05:5C:55:62
Certificate issuer: /CN=1e47e2bf3974721eafbfb8c31fc5273039d505f3
Certificate serial: DA06
Authority key identifier: 1E:47:E2:BF:39:74:72:1E:AF:BF:B8:C3:1F:C5:27:30:39:D5:05:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/3IyzrUoEmP1I5CEbw3QTIQVcVWI.roa
Signing time: Tue 28 Jun 2022 18:20:01 +0000
ROA not before: Tue 28 Jun 2022 18:20:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29031
IP address blocks: 195.69.200.0/22 maxlen: 22
193.239.24.0/24 maxlen: 24
193.239.26.0/24 maxlen: 24
195.3.132.0/23 maxlen: 23
91.201.108.0/22 maxlen: 22
195.3.134.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55814 (0xda06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e47e2bf3974721eafbfb8c31fc5273039d505f3
Validity
Not Before: Jun 28 18:20:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc8cb3ad4a0498fd48e4211bc3741321055c5562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:36:88:1d:da:f9:51:ed:68:38:ce:96:35:29:
ca:5c:01:a6:d9:2f:4b:6b:57:ae:31:c6:bd:7b:0a:
c9:61:0a:9a:b3:71:ac:30:dd:5d:68:7f:ed:74:6b:
59:ec:5e:4f:fd:4a:58:95:35:ac:3b:49:d5:6c:8f:
16:43:d7:bb:5d:24:39:90:4f:c7:ca:5b:bf:23:6a:
80:cf:ae:a9:fd:58:97:54:71:91:a8:cc:81:87:6d:
70:2b:1d:a9:6f:10:0a:1d:e5:32:5d:46:57:e1:33:
dc:4a:17:42:a9:6d:6f:dd:d6:a0:4c:a3:1d:eb:5e:
7f:ab:6f:0f:b3:66:a6:1a:53:d6:5a:c1:79:88:38:
27:49:61:87:a0:7e:72:b6:10:33:15:4d:15:c5:f0:
be:9e:07:d5:79:a1:35:7a:34:7e:86:86:12:74:ad:
03:7d:e4:51:23:6a:9f:1c:8d:51:14:4e:04:2b:c3:
bf:9f:d9:45:fb:9b:52:de:25:85:d8:30:78:44:db:
80:ac:d8:3b:8f:00:63:03:86:39:70:2e:9f:ec:d0:
44:b6:a0:72:03:5e:da:ce:bf:b0:9a:d7:e3:65:17:
4b:ad:92:53:ac:b9:1a:54:8b:af:76:27:14:5d:bd:
32:ed:35:13:43:08:ce:23:bf:81:26:82:15:06:b8:
52:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:8C:B3:AD:4A:04:98:FD:48:E4:21:1B:C3:74:13:21:05:5C:55:62
X509v3 Authority Key Identifier:
keyid:1E:47:E2:BF:39:74:72:1E:AF:BF:B8:C3:1F:C5:27:30:39:D5:05:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/3IyzrUoEmP1I5CEbw3QTIQVcVWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Hkfivzl0ch6vv7jDH8UnMDnVBfM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.108.0/22
193.239.24.0/24
193.239.26.0/24
195.3.132.0/22
195.69.200.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:33:a2:77:53:49:5b:e5:6c:a4:26:3c:dc:e8:c0:34:f2:b4:
61:42:a2:cc:15:3b:ff:e5:34:34:82:5b:c0:5c:94:ab:1d:18:
72:f0:bb:b5:34:fa:1d:4f:f9:6c:c7:06:ac:4f:84:2c:cd:38:
8f:49:26:ad:d3:55:5f:2e:63:ea:c7:fd:92:be:d9:f0:bd:8b:
70:64:86:60:d3:8c:99:8f:9f:3e:c1:48:f6:75:b9:8c:24:12:
d7:49:ad:41:45:91:25:26:17:f0:32:9a:31:69:cc:0a:d4:e4:
d5:7d:a8:c9:df:28:03:60:61:e5:1a:c0:80:ad:da:b6:53:e5:
44:cb:14:8f:f3:2a:92:9c:74:ae:b4:e9:e4:7d:92:95:e5:58:
4e:91:d9:8e:ea:55:b5:a1:e8:70:8d:47:36:26:d7:42:d5:4e:
8d:68:39:75:ae:38:26:d8:b6:ee:8c:11:9c:07:86:58:bb:1e:
57:63:2b:e4:f5:f8:f0:bd:22:85:02:72:b0:a7:a4:5d:88:84:
28:83:24:f5:0c:fe:01:95:50:30:aa:af:6b:83:fb:39:3a:a3:
eb:30:e7:1f:34:2a:05:be:92:50:fd:94:ae:26:7b:cc:8e:d3:
85:6d:c2:cc:d8:a2:42:d8:6f:69:a2:6a:1b:96:25:64:68:70:
bc:72:53:f3
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIDANoGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFl
NDdlMmJmMzk3NDcyMWVhZmJmYjhjMzFmYzUyNzMwMzlkNTA1ZjMwHhcNMjIwNjI4
MTgyMDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkYzhjYjNhZDRhMDQ5
OGZkNDhlNDIxMWJjMzc0MTMyMTA1NWM1NTYyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA7DaIHdr5Ue1oOM6WNSnKXAGm2S9La1euMca9ewrJYQqas3Gs
MN1daH/tdGtZ7F5P/UpYlTWsO0nVbI8WQ9e7XSQ5kE/Hylu/I2qAz66p/ViXVHGR
qMyBh21wKx2pbxAKHeUyXUZX4TPcShdCqW1v3dagTKMd615/q28Ps2amGlPWWsF5
iDgnSWGHoH5ythAzFU0VxfC+ngfVeaE1ejR+hoYSdK0DfeRRI2qfHI1RFE4EK8O/
n9lF+5tS3iWF2DB4RNuArNg7jwBjA4Y5cC6f7NBEtqByA17azr+wmtfjZRdLrZJT
rLkaVIuvdicUXb0y7TUTQwjOI7+BJoIVBrhS9QIDAQABo4ICITCCAh0wHQYDVR0O
BBYEFNyMs61KBJj9SOQhG8N0EyEFXFViMB8GA1UdIwQYMBaAFB5H4r85dHIer7+4
wx/FJzA51QXzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SGtmaXZ6bDBjaDZ2djdqREg4VW5NRG5WQmZNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yZi9hZmExMDYtNmFmOC00MzEwLWI0ZDQtZTM2OWQ2NjAyZTZmLzEv
M0l5enJVb0VtUDFJNUNFYnczUVRJUVZjVldJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9h
ZmExMDYtNmFmOC00MzEwLWI0ZDQtZTM2OWQ2NjAyZTZmLzEvSGtmaXZ6bDBjaDZ2
djdqREg4VW5NRG5WQmZNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcG
CCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW8lsAwQAwe8YAwQAwe8aAwQCwwOE
AwQCw0XIMA0GCSqGSIb3DQEBCwUAA4IBAQA+M6J3U0lb5WykJjzc6MA08rRhQqLM
FTv/5TQ0glvAXJSrHRhy8Lu1NPodT/lsxwasT4QszTiPSSat01VfLmPqx/2Svtnw
vYtwZIZg04yZj58+wUj2dbmMJBLXSa1BRZElJhfwMpoxacwK1OTVfajJ3ygDYGHl
GsCArdq2U+VEyxSP8yqSnHSutOnkfZKV5VhOkdmO6lW1oehwjUc2JtdC1U6NaDl1
rjgm2LbujBGcB4ZYux5XYyvk9fjwvSKFAnKwp6RdiIQogyT1DP4BlVAwqq9rg/s5
OqPrMOcfNCoFvpJQ/ZSuJnvMjtOFbcLM2KJC2G9pomobliVkaHC8clPz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:49 2023 by rpki-client on console-ams.rpki-client.org