Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/d018c4-e8ed-4e72-adff-28f26e6ef86d/1/3ej5uyZRlngdsk7PPHcRm41lSWc.roa
File: 3ej5uyZRlngdsk7PPHcRm41lSWc.roa (raw, json)
Hash identifier: 7otOb5yQA7WZl7Qt7qiJaFP4gq7Aeepg0+XvAd2xWlc=
Subject key identifier: DD:E8:F9:BB:26:51:96:78:1D:B2:4E:CF:3C:77:11:9B:8D:65:49:67
Certificate issuer: /CN=179066c03fc32c846fc9be9aac25abce9a4c8515
Certificate serial: 05C72065
Authority key identifier: 17:90:66:C0:3F:C3:2C:84:6F:C9:BE:9A:AC:25:AB:CE:9A:4C:85:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5BmwD_DLIRvyb6arCWrzppMhRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/d018c4-e8ed-4e72-adff-28f26e6ef86d/1/3ej5uyZRlngdsk7PPHcRm41lSWc.roa
Signing time: Sat 01 Jan 2022 02:58:29 +0000
ROA not before: Sat 01 Jan 2022 02:58:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203187
IP address blocks: 185.238.124.0/22 maxlen: 22
185.238.124.0/24 maxlen: 24
185.238.125.0/24 maxlen: 24
185.238.127.0/24 maxlen: 24
185.238.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96936037 (0x5c72065)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=179066c03fc32c846fc9be9aac25abce9a4c8515
Validity
Not Before: Jan 1 02:58:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dde8f9bb265196781db24ecf3c77119b8d654967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:52:40:f6:41:c9:e7:3b:8b:b4:36:0c:47:6b:
94:74:56:51:f7:e5:35:c3:29:d4:1a:cc:33:bf:1d:
ce:c6:b7:16:d0:9f:19:94:5a:f0:c6:88:09:b8:91:
5f:88:71:d1:13:dc:df:95:7c:26:f8:e5:e7:59:bd:
d5:39:d5:be:98:cd:93:e0:b8:ac:38:ba:04:a3:de:
96:22:ec:07:80:de:a6:c1:f7:f7:ab:2d:39:28:00:
c2:74:8f:5b:b2:e9:a0:c9:6f:af:6e:3b:71:8f:9c:
0a:c3:ee:05:2d:e0:32:d2:f1:0d:bd:36:e4:ed:85:
96:90:e8:14:4d:43:88:38:57:9b:85:23:c2:84:9b:
12:a0:4d:7e:00:0e:58:15:76:c9:97:3e:83:22:df:
c2:8c:ba:a3:84:23:c7:e2:1c:75:f0:6c:76:c8:ce:
96:17:bb:5c:96:0e:90:bd:36:dd:9a:3b:d7:41:aa:
64:b9:fe:ea:a1:37:61:09:f8:43:80:d4:25:22:d2:
1a:cb:51:74:80:4a:ff:fc:1f:80:4a:e4:01:ec:67:
fe:bf:c1:b2:d6:32:73:ff:29:c7:4b:14:76:87:e0:
5b:20:51:e6:6a:52:79:9b:42:40:59:ab:2e:bd:55:
45:2e:2f:1d:58:ee:f8:cd:d6:fc:16:98:99:2e:56:
42:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E8:F9:BB:26:51:96:78:1D:B2:4E:CF:3C:77:11:9B:8D:65:49:67
X509v3 Authority Key Identifier:
keyid:17:90:66:C0:3F:C3:2C:84:6F:C9:BE:9A:AC:25:AB:CE:9A:4C:85:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5BmwD_DLIRvyb6arCWrzppMhRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/d018c4-e8ed-4e72-adff-28f26e6ef86d/1/3ej5uyZRlngdsk7PPHcRm41lSWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/d018c4-e8ed-4e72-adff-28f26e6ef86d/1/F5BmwD_DLIRvyb6arCWrzppMhRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.124.0/22
Signature Algorithm: sha256WithRSAEncryption
11:b1:82:70:7d:f0:90:ba:04:25:c9:d7:9f:42:a3:a4:26:91:
0c:a8:15:28:b5:f0:47:6e:0b:21:55:f3:b6:0a:2f:1b:73:af:
9d:3b:6c:08:3b:b7:8c:b0:d6:1b:da:aa:0b:b9:c8:93:8f:1d:
c3:5d:b0:07:a6:9a:25:49:4f:11:95:67:d3:ba:6f:5d:ef:3e:
d9:d9:e1:50:5d:8a:23:9c:4e:0f:da:12:99:33:be:ef:2b:45:
19:b8:12:dd:a3:dd:a7:ef:8a:0a:82:b5:1c:70:0d:a1:dd:b9:
ce:fd:cf:f3:d1:e7:cf:57:e6:9b:e3:66:74:7d:65:dc:dd:c4:
65:ee:74:28:1a:df:76:87:7f:e5:9c:0f:ad:34:e1:a9:ae:27:
29:5b:10:89:dd:a3:c0:bf:e2:8d:60:1a:33:26:96:89:20:5e:
06:0f:1d:f6:57:13:27:70:1c:ca:a6:1c:98:66:3c:2b:ae:01:
5d:43:81:2d:0f:c0:b7:f7:1f:e5:d2:bd:91:eb:df:c0:6b:1d:
79:83:8a:20:7d:a7:2e:c5:aa:c7:d2:da:cc:ce:05:e3:15:c6:
ac:d0:82:de:38:15:67:93:00:d4:e6:ad:7f:6b:97:b5:d4:02:
77:dc:be:33:d8:ba:29:55:72:4e:98:7c:65:1b:cd:93:23:7e:
99:07:76:df
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBccgZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzkwNjZjMDNmYzMyYzg0NmZjOWJlOWFhYzI1YWJjZTlhNGM4NTE1MB4XDTIyMDEw
MTAyNTgyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRlOGY5YmIyNjUx
OTY3ODFkYjI0ZWNmM2M3NzExOWI4ZDY1NDk2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANFSQPZByec7i7Q2DEdrlHRWUfflNcMp1BrMM78dzsa3FtCf
GZRa8MaICbiRX4hx0RPc35V8Jvjl51m91TnVvpjNk+C4rDi6BKPeliLsB4DepsH3
96stOSgAwnSPW7LpoMlvr247cY+cCsPuBS3gMtLxDb025O2FlpDoFE1DiDhXm4Uj
woSbEqBNfgAOWBV2yZc+gyLfwoy6o4Qjx+IcdfBsdsjOlhe7XJYOkL023Zo710Gq
ZLn+6qE3YQn4Q4DUJSLSGstRdIBK//wfgErkAexn/r/BstYyc/8px0sUdofgWyBR
5mpSeZtCQFmrLr1VRS4vHVju+M3W/BaYmS5WQq8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTd6Pm7JlGWeB2yTs88dxGbjWVJZzAfBgNVHSMEGDAWgBQXkGbAP8MshG/J
vpqsJavOmkyFFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Y1Qm13RF9ETElSdnliNmFyQ1dyenBwTWhSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvZDAxOGM0LWU4ZWQtNGU3Mi1hZGZmLTI4ZjI2ZTZlZjg2ZC8x
LzNlajV1eVpSbG5nZHNrN1BQSGNSbTQxbFNXYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
ZDAxOGM0LWU4ZWQtNGU3Mi1hZGZmLTI4ZjI2ZTZlZjg2ZC8xL0Y1Qm13RF9ETElS
dnliNmFyQ1dyenBwTWhSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnufDANBgkqhkiG9w0BAQsFAAOC
AQEAEbGCcH3wkLoEJcnXn0KjpCaRDKgVKLXwR24LIVXztgovG3OvnTtsCDu3jLDW
G9qqC7nIk48dw12wB6aaJUlPEZVn07pvXe8+2dnhUF2KI5xOD9oSmTO+7ytFGbgS
3aPdp++KCoK1HHANod25zv3P89Hnz1fmm+NmdH1l3N3EZe50KBrfdod/5ZwPrTTh
qa4nKVsQid2jwL/ijWAaMyaWiSBeBg8d9lcTJ3AcyqYcmGY8K64BXUOBLQ/At/cf
5dK9kevfwGsdeYOKIH2nLsWqx9LazM4F4xXGrNCC3jgVZ5MA1Oatf2uXtdQCd9y+
M9i6KVVyTph8ZRvNkyN+mQd23w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:53 2023 by rpki-client on console-fra.rpki-client.org