Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3ZpzgnWABVPOhgWvUaYVRPD98Pg.roa
File: 3ZpzgnWABVPOhgWvUaYVRPD98Pg.roa (raw, json)
Hash identifier: 0AM7gnENkW0AfnaE2dCE9Q+Ak9a1y7ozy3Y143c6LvA=
Subject key identifier: DD:9A:73:82:75:80:05:53:CE:86:05:AF:51:A6:15:44:F0:FD:F0:F8
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01838525D83C9A75EA687822AD8CB5C2747B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3ZpzgnWABVPOhgWvUaYVRPD98Pg.roa
Signing time: Wed 28 Sep 2022 17:29:53 +0000
ROA not before: Wed 28 Sep 2022 17:29:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 213.209.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:85:25:d8:3c:9a:75:ea:68:78:22:ad:8c:b5:c2:74:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 28 17:29:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd9a738275800553ce8605af51a61544f0fdf0f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:31:d7:ca:4f:e1:ce:64:bd:ce:ee:87:59:d4:
ec:6e:90:c1:2b:fb:05:2a:a0:06:c8:8f:a3:64:d1:
6b:21:85:8a:a3:39:7e:82:c2:fb:01:86:dc:17:86:
bb:cc:73:c2:1a:e8:54:c2:15:10:a0:58:5c:13:41:
aa:a9:f4:31:bc:22:46:59:a0:25:ba:14:92:34:ce:
8c:8f:da:63:06:0e:e3:dd:4b:0d:2e:73:d9:d4:b1:
45:98:84:91:af:2c:c1:69:51:76:1d:f5:9f:fd:0f:
7e:1d:0f:89:11:30:52:be:12:a2:6c:bc:04:59:6b:
2b:21:f8:ee:52:87:9d:29:36:ab:65:af:0b:02:61:
00:17:23:72:db:64:4f:ca:14:c9:c9:a1:0c:99:af:
8d:7c:e1:05:0a:f3:d4:dc:1f:6e:d1:dd:c8:54:b1:
5a:ec:6e:29:88:84:57:f0:17:b3:37:12:3c:02:27:
dd:ee:e8:dc:b8:d3:fe:6d:6c:68:0c:46:28:c7:7f:
13:72:a1:d6:68:ca:d4:67:0f:fb:a7:5c:32:1d:df:
c7:10:61:1e:a6:2e:46:cc:b6:25:8b:65:41:0a:0d:
e0:c7:25:0c:c6:aa:5c:8b:fd:59:71:a8:09:90:b9:
d0:b2:c2:a3:78:b5:7e:c9:fc:f0:e8:88:af:44:85:
7e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9A:73:82:75:80:05:53:CE:86:05:AF:51:A6:15:44:F0:FD:F0:F8
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3ZpzgnWABVPOhgWvUaYVRPD98Pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.130.0/24
Signature Algorithm: sha256WithRSAEncryption
58:88:d4:de:7c:8d:5a:1f:91:09:b3:fe:b5:33:3c:65:5c:57:
bd:4a:40:ca:32:00:3c:92:14:8f:f9:cd:bf:a5:7b:6c:1f:e9:
1e:63:d8:94:06:03:7e:08:d9:1d:7a:a7:40:ac:4f:63:bc:cb:
d2:0a:f9:d6:ac:cf:7c:7b:aa:23:3c:fc:87:cd:d5:33:9c:24:
55:13:47:ae:9c:43:1c:7c:09:cd:6e:3c:cb:98:f0:52:db:31:
41:fb:83:d9:07:10:50:24:75:bf:2a:b5:5a:1e:15:53:f5:ad:
85:e1:8b:27:e5:f2:d5:bc:d9:b9:3a:26:a7:bc:a7:ba:a4:aa:
24:1a:58:59:f8:13:f6:b0:ea:92:20:46:55:53:07:53:1a:b4:
3e:a1:57:96:c9:b7:60:4c:a0:15:78:f4:5d:91:bb:4e:53:df:
55:2e:e9:4a:42:07:32:9a:55:4c:55:cb:90:9f:62:f4:46:a9:
a7:4f:bf:ac:ea:cb:24:3d:a1:86:10:ec:85:b5:af:16:8d:03:
0f:45:26:8d:b4:a1:45:9e:15:ed:06:c4:27:d0:5c:55:b5:c7:
79:d0:1f:3d:05:27:0b:e4:78:e4:43:26:2a:b0:bc:4a:26:cc:
e0:97:e2:42:99:a1:57:da:e4:5f:ed:25:78:c1:ff:23:05:2a:
57:fc:3a:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOFJdg8mnXqaHgirYy1wnR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwOTI4MTcyOTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDlhNzM4Mjc1ODAwNTUzY2U4NjA1YWY1MWE2MTU0NGYwZmRmMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDHXyk/hzmS9zu6HWdTsbpDBK/sF
KqAGyI+jZNFrIYWKozl+gsL7AYbcF4a7zHPCGuhUwhUQoFhcE0GqqfQxvCJGWaAl
uhSSNM6Mj9pjBg7j3UsNLnPZ1LFFmISRryzBaVF2HfWf/Q9+HQ+JETBSvhKibLwE
WWsrIfjuUoedKTarZa8LAmEAFyNy22RPyhTJyaEMma+NfOEFCvPU3B9u0d3IVLFa
7G4piIRX8BezNxI8Aifd7ujcuNP+bWxoDEYox38TcqHWaMrUZw/7p1wyHd/HEGEe
pi5GzLYli2VBCg3gxyUMxqpci/1ZcagJkLnQssKjeLV+yfzw6IivRIV+lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2ac4J1gAVTzoYFr1GmFUTw/fD4MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvM1pwemduV0FCVlBPaGdXdlVhWVZSUEQ5OFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dGCMA0G
CSqGSIb3DQEBCwUAA4IBAQBYiNTefI1aH5EJs/61MzxlXFe9SkDKMgA8khSP+c2/
pXtsH+keY9iUBgN+CNkdeqdArE9jvMvSCvnWrM98e6ojPPyHzdUznCRVE0eunEMc
fAnNbjzLmPBS2zFB+4PZBxBQJHW/KrVaHhVT9a2F4Ysn5fLVvNm5OianvKe6pKok
GlhZ+BP2sOqSIEZVUwdTGrQ+oVeWybdgTKAVePRdkbtOU99VLulKQgcymlVMVcuQ
n2L0RqmnT7+s6sskPaGGEOyFta8WjQMPRSaNtKFFnhXtBsQn0FxVtcd50B89BScL
5HjkQyYqsLxKJszgl+JCmaFX2uRf7SV4wf8jBSpX/DpK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:02 2024 by rpki-client on console-fra.rpki-client.org