Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/3ExYTBMGHhkT1lwfxbm5JydKS14.roa
File: 3ExYTBMGHhkT1lwfxbm5JydKS14.roa (raw, json)
Hash identifier: tFxdbR7ceNEEY4DhQ2pSFk5M6PUS8xVhek1NkTh9C1Y=
Subject key identifier: DC:4C:58:4C:13:06:1E:19:13:D6:5C:1F:C5:B9:B9:27:27:4A:4B:5E
Certificate issuer: /CN=b2ed1d6066f4e4654ef5f3cc70a5d905a9af8290
Certificate serial: 085D5DFE
Authority key identifier: B2:ED:1D:60:66:F4:E4:65:4E:F5:F3:CC:70:A5:D9:05:A9:AF:82:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/su0dYGb05GVO9fPMcKXZBamvgpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/3ExYTBMGHhkT1lwfxbm5JydKS14.roa
Signing time: Sat 01 Jan 2022 05:05:22 +0000
ROA not before: Sat 01 Jan 2022 05:05:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16344
IP address blocks: 217.145.160.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140336638 (0x85d5dfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2ed1d6066f4e4654ef5f3cc70a5d905a9af8290
Validity
Not Before: Jan 1 05:05:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc4c584c13061e1913d65c1fc5b9b927274a4b5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e7:4a:d6:8a:3e:85:8f:ac:0f:04:76:cb:b2:
b6:55:32:26:b1:5b:8b:53:ff:85:f6:65:4a:cd:1f:
da:17:86:b8:06:75:c0:47:84:5d:2c:ad:cb:2f:16:
55:1d:72:24:3a:93:da:91:ed:10:75:a1:d9:05:8e:
92:36:0b:d4:ab:25:4e:69:aa:6e:ff:ad:35:93:50:
b6:57:18:3e:08:6f:2b:32:da:77:84:af:de:10:63:
31:d2:aa:79:9e:ce:ef:d3:fa:0e:81:db:20:46:c0:
f0:8d:72:ea:46:fa:b4:5f:89:30:5c:af:cb:55:17:
4f:0e:e3:13:60:16:e5:ff:39:44:b0:66:4f:c5:d7:
11:04:71:73:8c:25:dd:c2:a2:5e:35:e6:97:ba:bb:
79:e8:68:30:0e:41:03:83:fd:a8:78:a8:9d:2d:0a:
e1:1b:64:c8:47:1a:3e:36:07:01:ca:cf:52:bc:e8:
ed:6d:a1:41:ed:28:a1:57:b4:f9:b3:d3:db:7c:b5:
39:38:04:8f:66:23:7b:b8:f1:0b:80:6a:b9:e4:c8:
99:a5:ec:d4:9f:13:3c:a0:c8:3c:f4:bb:2c:a0:f8:
a1:cd:2f:85:ca:3b:4f:5b:fe:3f:04:82:66:9c:0a:
07:07:5a:2d:f5:d8:a7:02:12:47:3c:69:da:2e:02:
fe:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:4C:58:4C:13:06:1E:19:13:D6:5C:1F:C5:B9:B9:27:27:4A:4B:5E
X509v3 Authority Key Identifier:
keyid:B2:ED:1D:60:66:F4:E4:65:4E:F5:F3:CC:70:A5:D9:05:A9:AF:82:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/su0dYGb05GVO9fPMcKXZBamvgpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/3ExYTBMGHhkT1lwfxbm5JydKS14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/su0dYGb05GVO9fPMcKXZBamvgpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.145.160.0/20
Signature Algorithm: sha256WithRSAEncryption
25:48:62:13:3b:e2:d0:a9:3b:01:3c:06:c6:bd:c3:6c:b4:77:
01:03:fb:33:1b:d2:96:33:6d:c2:cd:db:ed:a5:24:df:5e:b6:
ab:61:6b:05:63:b2:1c:2b:0c:91:79:25:1c:60:cb:97:56:18:
f5:7b:fe:49:b5:c5:43:7a:1c:d1:88:6c:f8:b7:e0:14:da:6f:
b4:dd:f4:8c:e2:e6:38:d7:ff:63:39:74:d0:78:18:dd:8b:9a:
ea:e6:e7:c4:41:3d:29:a5:57:8a:21:f4:c8:c9:37:67:b8:1d:
1e:2b:02:87:51:47:e5:64:a9:ae:d9:11:09:bb:13:03:ed:0b:
a8:e3:62:2c:24:13:25:5d:7d:2e:53:8b:9b:02:cd:74:4f:39:
94:93:d1:f1:01:c6:c3:83:ab:7c:57:7d:33:37:2e:b6:70:84:
bc:bf:8b:13:60:6e:40:ee:90:e8:fc:f3:b0:01:f8:39:5d:14:
6c:83:30:63:f8:84:44:20:d7:d0:a5:68:30:ff:73:75:8f:21:
e8:3a:a4:78:2c:96:07:fd:f0:e8:66:b2:c8:bd:34:87:a9:ba:
4b:05:9a:2a:9e:91:17:99:1f:12:a1:f4:6f:e7:c7:e0:d8:20:
68:88:91:fa:0b:97:2d:c2:d2:30:60:cc:9d:1e:d9:b3:ad:2c:
d5:b3:84:2f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECF1d/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MmVkMWQ2MDY2ZjRlNDY1NGVmNWYzY2M3MGE1ZDkwNWE5YWY4MjkwMB4XDTIyMDEw
MTA1MDUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGM0YzU4NGMxMzA2
MWUxOTEzZDY1YzFmYzViOWI5MjcyNzRhNGI1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMznStaKPoWPrA8EdsuytlUyJrFbi1P/hfZlSs0f2heGuAZ1
wEeEXSytyy8WVR1yJDqT2pHtEHWh2QWOkjYL1KslTmmqbv+tNZNQtlcYPghvKzLa
d4Sv3hBjMdKqeZ7O79P6DoHbIEbA8I1y6kb6tF+JMFyvy1UXTw7jE2AW5f85RLBm
T8XXEQRxc4wl3cKiXjXml7q7eehoMA5BA4P9qHionS0K4RtkyEcaPjYHAcrPUrzo
7W2hQe0ooVe0+bPT23y1OTgEj2Yje7jxC4BqueTImaXs1J8TPKDIPPS7LKD4oc0v
hco7T1v+PwSCZpwKBwdaLfXYpwISRzxp2i4C/gUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTcTFhMEwYeGRPWXB/FubknJ0pLXjAfBgNVHSMEGDAWgBSy7R1gZvTkZU71
88xwpdkFqa+CkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3N1MGRZR2IwNUdWTzlmUE1jS1haQmFtdmdwQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvMTE4MmNiLTVmOTUtNGNkNC1iNzJmLTQ2YjQ2ZmMwZTQ5Ni8x
LzNFeFlUQk1HSGhrVDFsd2Z4Ym01SnlkS1MxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
MTE4MmNiLTVmOTUtNGNkNC1iNzJmLTQ2YjQ2ZmMwZTQ5Ni8xL3N1MGRZR2IwNUdW
TzlmUE1jS1haQmFtdmdwQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNmRoDANBgkqhkiG9w0BAQsFAAOC
AQEAJUhiEzvi0Kk7ATwGxr3DbLR3AQP7MxvSljNtws3b7aUk3162q2FrBWOyHCsM
kXklHGDLl1YY9Xv+SbXFQ3oc0Yhs+LfgFNpvtN30jOLmONf/Yzl00HgY3Yua6ubn
xEE9KaVXiiH0yMk3Z7gdHisCh1FH5WSprtkRCbsTA+0LqONiLCQTJV19LlOLmwLN
dE85lJPR8QHGw4OrfFd9MzcutnCEvL+LE2BuQO6Q6PzzsAH4OV0UbIMwY/iERCDX
0KVoMP9zdY8h6DqkeCyWB/3w6GayyL00h6m6SwWaKp6RF5kfEqH0b+fH4NggaIiR
+guXLcLSMGDMnR7Zs60s1bOELw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:24 2023 by rpki-client on console-fra.rpki-client.org