Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3ciGEj90TaU55bhtDHjPjN61Gr8.roa
File: 3ciGEj90TaU55bhtDHjPjN61Gr8.roa (raw, json)
Hash identifier: gbdp/1gqAD/TbGgVMWLKgh7ivUEMWVHeaC/kYTDeQ3o=
Subject key identifier: DD:C8:86:12:3F:74:4D:A5:39:E5:B8:6D:0C:78:CF:8C:DE:B5:1A:BF
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 084345D5
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3ciGEj90TaU55bhtDHjPjN61Gr8.roa
Signing time: Wed 23 Mar 2022 17:25:18 +0000
ROA not before: Wed 23 Mar 2022 17:25:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208911
IP address blocks: 213.209.151.0/24 maxlen: 24
185.230.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138626517 (0x84345d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 23 17:25:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddc886123f744da539e5b86d0c78cf8cdeb51abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:07:d1:5c:1b:f7:6c:30:95:14:22:52:11:c8:
cc:e1:c8:85:ae:f3:98:e1:e3:c7:93:75:77:4c:1e:
ee:11:f8:59:32:5d:af:34:e7:4f:70:ca:cf:77:43:
59:7a:ed:d5:a5:f2:ef:ef:a1:70:ac:2d:4f:14:8d:
5b:b7:28:6a:37:92:4d:a4:a6:bf:24:d0:56:fb:ae:
9d:e4:7d:a8:b0:ab:74:c8:21:a2:41:75:1c:a6:d3:
ce:77:79:18:0b:6e:77:1e:c8:9a:b8:fe:cc:9c:1d:
b2:64:72:cf:16:91:e4:24:2d:cd:46:62:44:3b:52:
b1:86:70:9e:13:bd:75:bf:4f:e4:99:f4:fe:c1:dc:
e2:a7:a2:d4:4b:db:40:a2:f1:8c:32:71:f8:7b:b1:
ec:e3:98:f0:d3:93:9e:c1:31:e8:88:f5:be:0e:76:
78:e8:ce:d5:bf:63:89:4b:4e:9c:8f:67:31:f0:c9:
f5:e5:7b:0d:3f:f3:7f:1f:b7:63:0d:c2:d4:89:b0:
a5:b7:3b:0f:24:8a:32:c1:8e:b0:dd:17:9b:2f:6e:
75:a7:53:4c:73:95:ff:b2:c3:bf:25:11:6c:ea:5c:
a2:05:08:db:9c:cf:61:e2:9f:4b:5f:ec:9c:31:82:
ec:20:5f:58:7f:18:14:9e:5b:4f:ed:2c:98:94:e0:
6b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C8:86:12:3F:74:4D:A5:39:E5:B8:6D:0C:78:CF:8C:DE:B5:1A:BF
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3ciGEj90TaU55bhtDHjPjN61Gr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.12.0/24
213.209.151.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:64:ae:58:00:03:1a:bd:4c:8b:29:4b:e8:aa:93:34:51:86:
88:12:2e:0d:2b:4a:14:9d:62:08:0a:be:c2:f5:20:50:2b:a7:
f3:a8:13:d1:b7:ac:6c:e1:e1:05:b3:31:8e:c6:15:b6:9d:bf:
ac:21:df:06:92:db:c8:04:86:aa:2e:0e:45:ce:d0:71:72:9a:
a7:9e:da:a8:0d:6f:2b:7e:39:85:c3:9b:c8:88:86:3b:4f:bb:
76:41:91:92:fc:52:ca:28:13:f9:42:cd:37:d0:c1:ce:14:54:
01:ab:59:f6:05:d0:ea:34:3b:b4:2d:62:b2:2f:db:bf:d8:c5:
54:80:5b:ce:2c:60:00:f5:21:9a:d5:93:88:89:61:5a:86:90:
8b:07:4f:ce:47:0a:02:f2:4b:a7:60:08:72:7a:8f:55:c4:bc:
cb:7a:3f:98:9f:5f:d8:17:35:ac:87:c0:8d:22:09:50:5c:ec:
0b:85:db:3a:16:a6:c5:06:02:62:1f:59:45:e3:8f:5e:1d:c9:
ca:bc:49:34:65:cf:ce:00:e5:55:87:74:d1:3a:1d:15:e7:18:
38:ad:0f:9c:33:d3:c5:98:02:6a:98:b5:87:1b:95:cc:3f:09:
a3:ec:77:24:9f:6f:98:96:6d:e7:44:6c:e6:28:b6:ea:1c:6a:
aa:4a:36:88
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECENF1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMy
MzE3MjUxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRjODg2MTIzZjc0
NGRhNTM5ZTViODZkMGM3OGNmOGNkZWI1MWFiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkH0Vwb92wwlRQiUhHIzOHIha7zmOHjx5N1d0we7hH4WTJd
rzTnT3DKz3dDWXrt1aXy7++hcKwtTxSNW7coajeSTaSmvyTQVvuuneR9qLCrdMgh
okF1HKbTznd5GAtudx7Imrj+zJwdsmRyzxaR5CQtzUZiRDtSsYZwnhO9db9P5Jn0
/sHc4qei1EvbQKLxjDJx+Hux7OOY8NOTnsEx6Ij1vg52eOjO1b9jiUtOnI9nMfDJ
9eV7DT/zfx+3Yw3C1Imwpbc7DySKMsGOsN0Xmy9udadTTHOV/7LDvyURbOpcogUI
25zPYeKfS1/snDGC7CBfWH8YFJ5bT+0smJTga38CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTdyIYSP3RNpTnluG0MeM+M3rUavzAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
LzNjaUdFajkwVGFVNTViaHRESGpQak42MUdyOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALnmDAMEANXRlzANBgkqhkiG9w0B
AQsFAAOCAQEALmSuWAADGr1MiylL6KqTNFGGiBIuDStKFJ1iCAq+wvUgUCun86gT
0besbOHhBbMxjsYVtp2/rCHfBpLbyASGqi4ORc7QcXKap57aqA1vK345hcObyIiG
O0+7dkGRkvxSyigT+ULNN9DBzhRUAatZ9gXQ6jQ7tC1isi/bv9jFVIBbzixgAPUh
mtWTiIlhWoaQiwdPzkcKAvJLp2AIcnqPVcS8y3o/mJ9f2Bc1rIfAjSIJUFzsC4Xb
OhamxQYCYh9ZReOPXh3JyrxJNGXPzgDlVYd00TodFecYOK0PnDPTxZgCapi1hxuV
zD8Jo+x3JJ9vmJZt50Rs5ii26hxqqko2iA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:22 2023 by rpki-client on console-fra.rpki-client.org