Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/ddIAbZUpCia7xuVGO22seGte8Mw.roa
File: ddIAbZUpCia7xuVGO22seGte8Mw.roa (raw, json)
Hash identifier: BXr4G6hWCGsQs4ohc+iBJ3TK2K01oKiN7HjulnKthPM=
Subject key identifier: 75:D2:00:6D:95:29:0A:26:BB:C6:E5:46:3B:6D:AC:78:6B:5E:F0:CC
Certificate issuer: /CN=535761913f575c411c992322ebb06cd2f37f02a2
Certificate serial: 3F9A28FE
Authority key identifier: 53:57:61:91:3F:57:5C:41:1C:99:23:22:EB:B0:6C:D2:F3:7F:02:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1dhkT9XXEEcmSMi67Bs0vN_AqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/ddIAbZUpCia7xuVGO22seGte8Mw.roa
Signing time: Sat 01 Jan 2022 02:52:14 +0000
ROA not before: Sat 01 Jan 2022 02:52:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5520
IP address blocks: 134.95.0.0/16 maxlen: 16
185.240.116.0/22 maxlen: 22
2a00:a200::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1067067646 (0x3f9a28fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535761913f575c411c992322ebb06cd2f37f02a2
Validity
Not Before: Jan 1 02:52:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75d2006d95290a26bbc6e5463b6dac786b5ef0cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:82:e8:98:b4:c3:2d:2d:c2:ea:3c:53:cc:2c:
3b:fb:68:13:07:b5:e3:ff:b6:4c:5e:1e:72:19:3f:
f6:67:02:c4:6d:9c:43:8c:37:1a:79:01:f4:c0:55:
4b:27:f7:95:56:f4:ab:8d:55:cf:ef:cc:22:a9:c8:
c3:16:50:13:63:e4:70:e3:a2:03:26:97:35:48:b6:
65:6b:d1:db:96:51:a0:83:56:21:2a:06:ba:35:d7:
d1:86:71:78:6e:12:48:bb:ed:b6:71:92:0a:e0:bc:
6e:c6:c0:00:a3:36:e4:d2:9b:a7:64:61:5f:d7:56:
6f:9f:ef:58:57:76:72:59:f8:e1:ff:ab:91:fa:c5:
bc:32:90:19:97:73:4b:98:b2:aa:75:97:53:4a:0d:
64:f4:3d:87:ce:24:84:e1:e1:22:e5:06:67:0c:a5:
33:12:78:c7:86:b7:27:57:f1:d4:76:87:68:0c:39:
8f:b4:24:fb:73:78:60:6f:3d:c2:75:25:c7:e9:a0:
7c:a0:50:2e:22:0e:de:4e:06:e1:59:4c:30:9f:2a:
ba:4e:14:35:d5:6e:6d:9a:17:92:c8:79:6e:de:2a:
ce:7d:f2:df:12:62:05:42:21:8a:40:92:e4:4e:40:
ac:9f:0a:f7:ee:4d:09:5f:51:df:78:75:dc:5d:2f:
b6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D2:00:6D:95:29:0A:26:BB:C6:E5:46:3B:6D:AC:78:6B:5E:F0:CC
X509v3 Authority Key Identifier:
keyid:53:57:61:91:3F:57:5C:41:1C:99:23:22:EB:B0:6C:D2:F3:7F:02:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1dhkT9XXEEcmSMi67Bs0vN_AqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/ddIAbZUpCia7xuVGO22seGte8Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/U1dhkT9XXEEcmSMi67Bs0vN_AqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.95.0.0/16
185.240.116.0/22
IPv6:
2a00:a200::/32
Signature Algorithm: sha256WithRSAEncryption
63:49:dd:cb:09:90:65:61:2c:47:a1:5d:f3:8b:16:0c:78:e4:
1c:0d:03:ed:08:9b:2d:88:4f:a5:a2:c7:73:b1:78:72:bc:1c:
30:21:5a:3a:e6:9a:bf:20:a3:38:50:99:61:2a:a0:6b:14:31:
6e:ce:59:5e:41:3c:2a:84:df:7f:16:83:21:44:63:f4:21:1f:
bd:83:18:66:0c:cc:30:63:65:c6:5b:3d:ec:29:68:7c:76:ee:
58:fc:14:04:9e:b3:c3:d6:02:c1:5a:60:74:8d:e3:90:5f:35:
36:44:d6:2d:db:d3:10:f1:d2:cb:2a:2b:5c:94:d1:30:38:fe:
96:53:70:ec:cd:89:07:8a:f6:1a:de:e0:50:95:4e:7b:72:08:
64:3f:9d:b8:e9:5f:bd:3c:54:5e:6e:6d:7e:05:53:60:06:aa:
73:cf:ad:d0:99:1a:25:93:6a:87:f0:73:eb:3c:71:18:d3:50:
bc:98:97:8a:04:8e:0b:41:bc:c4:c8:45:0c:5d:84:d2:a9:1a:
36:4a:f4:06:c1:cd:2d:3a:de:49:ba:c3:93:95:9c:55:3e:32:
93:67:41:e5:51:51:0d:26:3f:ee:5c:31:d0:01:d0:5d:a3:61:
73:0e:d3:b6:3d:5d:b8:37:b1:eb:6a:9f:08:e5:88:ca:3f:b7:
cc:f6:ad:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEP5oo/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MzU3NjE5MTNmNTc1YzQxMWM5OTIzMjJlYmIwNmNkMmYzN2YwMmEyMB4XDTIyMDEw
MTAyNTIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzVkMjAwNmQ5NTI5
MGEyNmJiYzZlNTQ2M2I2ZGFjNzg2YjVlZjBjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuC6Ji0wy0twuo8U8wsO/toEwe14/+2TF4echk/9mcCxG2c
Q4w3GnkB9MBVSyf3lVb0q41Vz+/MIqnIwxZQE2PkcOOiAyaXNUi2ZWvR25ZRoINW
ISoGujXX0YZxeG4SSLvttnGSCuC8bsbAAKM25NKbp2RhX9dWb5/vWFd2cln44f+r
kfrFvDKQGZdzS5iyqnWXU0oNZPQ9h84khOHhIuUGZwylMxJ4x4a3J1fx1HaHaAw5
j7Qk+3N4YG89wnUlx+mgfKBQLiIO3k4G4VlMMJ8quk4UNdVubZoXksh5bt4qzn3y
3xJiBUIhikCS5E5ArJ8K9+5NCV9R33h13F0vtl8CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBR10gBtlSkKJrvG5UY7bax4a17wzDAfBgNVHSMEGDAWgBRTV2GRP1dcQRyZ
IyLrsGzS838CojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1UxZGhrVDlYWEVFY21TTWk2N0JzMHZOX0FxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvOWYwMGE5LWI2MGYtNGUzMi05MDM3LTA0ZGZjMzY2M2UzNS8x
L2RkSUFiWlVwQ2lhN3h1VkdPMjJzZUd0ZThNdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
OWYwMGE5LWI2MGYtNGUzMi05MDM3LTA0ZGZjMzY2M2UzNS8xL1UxZGhrVDlYWEVF
Y21TTWk2N0JzMHZOX0FxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwEQQCAAEwCwMDAIZfAwQCufB0MA0EAgACMAcDBQAq
AKIAMA0GCSqGSIb3DQEBCwUAA4IBAQBjSd3LCZBlYSxHoV3zixYMeOQcDQPtCJst
iE+losdzsXhyvBwwIVo65pq/IKM4UJlhKqBrFDFuzlleQTwqhN9/FoMhRGP0IR+9
gxhmDMwwY2XGWz3sKWh8du5Y/BQEnrPD1gLBWmB0jeOQXzU2RNYt29MQ8dLLKitc
lNEwOP6WU3DszYkHivYa3uBQlU57cghkP5246V+9PFRebm1+BVNgBqpzz63QmRol
k2qH8HPrPHEY01C8mJeKBI4LQbzEyEUMXYTSqRo2SvQGwc0tOt5JusOTlZxVPjKT
Z0HlUVENJj/uXDHQAdBdo2FzDtO2PV24N7Hrap8I5YjKP7fM9q3T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:57 2024 by rpki-client on console-ams.rpki-client.org