Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/9327a7-81bf-4f7d-9f5c-1e18f5b4905d/1/Y7dbNghkT3pSBcgf749GTBZfWK4.roa
File: Y7dbNghkT3pSBcgf749GTBZfWK4.roa (raw, json)
Hash identifier: cAenHa3jwBM8WCbBxrSOug6pEVXR+ibVM5Fk/vDxwRU=
Subject key identifier: 63:B7:5B:36:08:64:4F:7A:52:05:C8:1F:EF:8F:46:4C:16:5F:58:AE
Certificate issuer: /CN=de63eb6319ba454d397645945ce5439576fac741
Certificate serial: 063CA88A
Authority key identifier: DE:63:EB:63:19:BA:45:4D:39:76:45:94:5C:E5:43:95:76:FA:C7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3mPrYxm6RU05dkWUXOVDlXb6x0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/9327a7-81bf-4f7d-9f5c-1e18f5b4905d/1/Y7dbNghkT3pSBcgf749GTBZfWK4.roa
Signing time: Sat 01 Jan 2022 04:51:17 +0000
ROA not before: Sat 01 Jan 2022 04:51:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8540
IP address blocks: 185.211.216.0/22 maxlen: 22
2a0b:6c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104638602 (0x63ca88a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de63eb6319ba454d397645945ce5439576fac741
Validity
Not Before: Jan 1 04:51:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63b75b3608644f7a5205c81fef8f464c165f58ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fa:42:dc:74:1c:cf:cc:32:4b:1b:4e:01:b4:
6b:93:61:32:91:e9:b9:d7:f7:6f:cc:a5:29:e0:50:
b2:48:ff:aa:c4:f3:aa:e7:87:a7:3d:eb:f9:98:9e:
d4:51:61:29:40:77:6f:7f:9d:29:d0:b9:ea:e4:38:
3d:83:f4:68:37:ca:4b:01:5a:cb:2f:26:b3:79:de:
a8:19:ed:63:19:97:44:29:39:f0:47:9c:32:2a:75:
cb:4a:78:22:29:a2:a6:5c:02:55:15:59:60:25:ce:
f9:6f:4e:73:31:58:7c:3a:41:16:c6:42:d7:e5:c9:
fb:ca:d8:66:1d:41:3b:f3:9b:d9:d2:7a:6d:91:ff:
df:55:36:1f:f8:62:0f:ac:4c:50:bd:73:d8:44:43:
35:3a:81:75:e3:ce:8e:30:a5:53:c6:98:7d:aa:2d:
f0:33:8f:27:b2:e9:86:db:f4:fc:c5:c9:5f:29:e7:
1b:44:89:0c:f2:c9:43:4f:f7:7c:e0:1d:a3:52:f1:
36:85:a1:58:c0:ba:2f:c5:c7:b1:86:bd:cf:fb:ab:
35:be:63:40:ca:f0:c0:38:82:ca:ee:1a:cb:1f:f0:
1a:2b:b2:cb:d0:a2:02:09:ae:2e:34:70:dd:08:bb:
0a:1b:da:18:ca:bf:54:15:f1:a2:94:dd:30:0e:f0:
ac:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B7:5B:36:08:64:4F:7A:52:05:C8:1F:EF:8F:46:4C:16:5F:58:AE
X509v3 Authority Key Identifier:
keyid:DE:63:EB:63:19:BA:45:4D:39:76:45:94:5C:E5:43:95:76:FA:C7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mPrYxm6RU05dkWUXOVDlXb6x0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/9327a7-81bf-4f7d-9f5c-1e18f5b4905d/1/Y7dbNghkT3pSBcgf749GTBZfWK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/9327a7-81bf-4f7d-9f5c-1e18f5b4905d/1/3mPrYxm6RU05dkWUXOVDlXb6x0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.216.0/22
IPv6:
2a0b:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
4f:ec:c0:f1:eb:08:39:2f:da:ab:55:cd:f9:87:d4:0b:f0:84:
de:87:e4:ac:d5:98:91:52:17:79:b1:07:7d:1b:24:22:31:df:
00:e2:cc:46:2a:94:d4:60:da:b1:2a:de:dd:10:df:f4:22:ac:
76:60:6e:f7:df:71:fe:11:75:64:bd:47:3a:36:b6:a6:8c:b2:
cc:f6:0e:de:af:7d:eb:97:6d:b0:0a:b9:7f:66:9e:1e:b2:9b:
9c:7e:4a:ac:3a:70:e0:7b:c0:80:94:19:e8:0d:b0:8d:99:17:
cc:48:25:22:e4:fe:ce:f0:17:b8:4c:2a:1c:c2:6b:0b:ef:e8:
f9:f7:c3:2e:d8:45:16:40:78:4e:c6:ea:df:05:52:73:06:91:
52:b9:53:52:14:96:4d:e0:2e:ca:cc:fe:ef:aa:1e:a9:af:35:
94:56:44:ca:94:9d:3d:ed:b9:ab:a5:d7:a2:2a:34:6a:80:a4:
a7:5d:f0:01:cb:9c:4e:cd:fc:91:cf:55:d5:4d:07:85:ca:df:
67:d0:8f:06:25:77:6b:94:4d:6b:cb:4c:5e:34:db:0f:46:22:
b8:d7:56:6a:37:88:2e:68:0e:25:31:6a:63:21:9a:45:13:8e:
07:32:2a:19:8f:3c:1d:8c:35:1b:2a:fd:f9:9f:a0:87:f5:27:
c8:60:9a:18
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBjyoijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTYzZWI2MzE5YmE0NTRkMzk3NjQ1OTQ1Y2U1NDM5NTc2ZmFjNzQxMB4XDTIyMDEw
MTA0NTExN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjNiNzViMzYwODY0
NGY3YTUyMDVjODFmZWY4ZjQ2NGMxNjVmNThhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL36Qtx0HM/MMksbTgG0a5NhMpHpudf3b8ylKeBQskj/qsTz
queHpz3r+Zie1FFhKUB3b3+dKdC56uQ4PYP0aDfKSwFayy8ms3neqBntYxmXRCk5
8EecMip1y0p4IimiplwCVRVZYCXO+W9OczFYfDpBFsZC1+XJ+8rYZh1BO/Ob2dJ6
bZH/31U2H/hiD6xMUL1z2ERDNTqBdePOjjClU8aYfaot8DOPJ7Lphtv0/MXJXynn
G0SJDPLJQ0/3fOAdo1LxNoWhWMC6L8XHsYa9z/urNb5jQMrwwDiCyu4ayx/wGiuy
y9CiAgmuLjRw3Qi7ChvaGMq/VBXxopTdMA7wrOsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRjt1s2CGRPelIFyB/vj0ZMFl9YrjAfBgNVHSMEGDAWgBTeY+tjGbpFTTl2
RZRc5UOVdvrHQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNtUHJZeG02UlUwNWRrV1VYT1ZEbFhiNngwRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2UvOTMyN2E3LTgxYmYtNGY3ZC05ZjVjLTFlMThmNWI0OTA1ZC8x
L1k3ZGJOZ2hrVDNwU0JjZ2Y3NDlHVEJaZldLNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Uv
OTMyN2E3LTgxYmYtNGY3ZC05ZjVjLTFlMThmNWI0OTA1ZC8xLzNtUHJZeG02UlUw
NWRrV1VYT1ZEbFhiNngwRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnT2DANBAIAAjAHAwUDKgtsQDAN
BgkqhkiG9w0BAQsFAAOCAQEAT+zA8esIOS/aq1XN+YfUC/CE3ofkrNWYkVIXebEH
fRskIjHfAOLMRiqU1GDasSre3RDf9CKsdmBu999x/hF1ZL1HOja2poyyzPYO3q99
65dtsAq5f2aeHrKbnH5KrDpw4HvAgJQZ6A2wjZkXzEglIuT+zvAXuEwqHMJrC+/o
+ffDLthFFkB4Tsbq3wVScwaRUrlTUhSWTeAuysz+76oeqa81lFZEypSdPe25q6XX
oio0aoCkp13wAcucTs38kc9V1U0HhcrfZ9CPBiV3a5RNa8tMXjTbD0YiuNdWajeI
LmgOJTFqYyGaRROOBzIqGY88HYw1Gyr9+Z+gh/UnyGCaGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:32 2024 by rpki-client on console-fra.rpki-client.org