Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/9327a7-81bf-4f7d-9f5c-1e18f5b4905d/1/r-e03qajXaiQF_fYY7XP-ZUY3VM.roa
File: r-e03qajXaiQF_fYY7XP-ZUY3VM.roa (raw, json)
Hash identifier: VHHq05bz+dxCEWyEc5LBt+3HEYgz6rJIkAHq89PjPjU=
Subject key identifier: AF:E7:B4:DE:A6:A3:5D:A8:90:17:F7:D8:63:B5:CF:F9:95:18:DD:53
Certificate issuer: /CN=de63eb6319ba454d397645945ce5439576fac741
Certificate serial: 01856FC299DE835F5CB22CE1194DC300D2B1
Authority key identifier: DE:63:EB:63:19:BA:45:4D:39:76:45:94:5C:E5:43:95:76:FA:C7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3mPrYxm6RU05dkWUXOVDlXb6x0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/9327a7-81bf-4f7d-9f5c-1e18f5b4905d/1/r-e03qajXaiQF_fYY7XP-ZUY3VM.roa
Signing time: Sun 01 Jan 2023 23:55:02 +0000
ROA not before: Sun 01 Jan 2023 23:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8540
IP address blocks: 185.228.32.0/22 maxlen: 24
185.211.216.0/22 maxlen: 24
2a0b:6c40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:99:de:83:5f:5c:b2:2c:e1:19:4d:c3:00:d2:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de63eb6319ba454d397645945ce5439576fac741
Validity
Not Before: Jan 1 23:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afe7b4dea6a35da89017f7d863b5cff99518dd53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:99:ee:7e:b3:0d:4a:91:73:01:0c:f0:24:51:
c5:20:74:0e:5a:be:cf:d3:50:b0:01:e2:42:b6:43:
f0:31:e1:16:3b:55:15:4b:2a:d9:42:1c:75:03:e8:
b5:ab:22:8e:7d:67:e8:1a:e1:f5:2e:d8:8b:0f:79:
b1:3d:e9:37:91:c1:79:be:4e:70:25:46:9f:43:7f:
f5:74:81:b5:eb:ba:c4:d5:2d:9a:0b:a2:92:15:2a:
db:9e:9b:e6:24:36:01:60:23:17:d3:48:6d:c9:6f:
2a:7c:05:fb:0b:31:cc:f0:d6:12:ea:5b:2e:19:e3:
b8:67:0f:ad:e6:22:52:b0:61:d5:3d:e3:8b:40:6a:
b4:61:a4:26:1a:50:27:07:44:39:a4:eb:74:29:8f:
e3:3b:47:a8:ed:29:70:e7:99:fc:ee:65:3d:3c:39:
69:b1:eb:da:f8:b1:6e:f6:ae:2c:b6:e9:8e:04:3e:
49:0b:1a:29:94:d3:ca:af:a6:89:cf:c0:c0:a6:11:
e0:17:ca:15:94:0a:aa:4d:96:1a:11:81:8b:8c:6c:
47:51:7e:27:0a:ff:ce:3f:2d:65:ee:d5:4a:68:ea:
10:42:d7:68:cd:52:bc:d5:8a:51:33:64:07:8d:2f:
eb:3d:7b:18:4c:d1:f4:51:9f:f0:f9:00:8b:64:9f:
22:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E7:B4:DE:A6:A3:5D:A8:90:17:F7:D8:63:B5:CF:F9:95:18:DD:53
X509v3 Authority Key Identifier:
keyid:DE:63:EB:63:19:BA:45:4D:39:76:45:94:5C:E5:43:95:76:FA:C7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mPrYxm6RU05dkWUXOVDlXb6x0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/9327a7-81bf-4f7d-9f5c-1e18f5b4905d/1/r-e03qajXaiQF_fYY7XP-ZUY3VM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/9327a7-81bf-4f7d-9f5c-1e18f5b4905d/1/3mPrYxm6RU05dkWUXOVDlXb6x0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.216.0/22
185.228.32.0/22
IPv6:
2a0b:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
7e:a7:cc:c1:9d:a5:fb:f4:3d:ca:a6:68:e6:55:e0:90:8d:10:
7e:2f:0a:a2:d5:05:00:ae:76:07:97:72:4c:32:05:81:72:bd:
a2:d7:19:86:42:c9:5f:91:54:b2:ba:f2:22:f6:b6:ad:ba:28:
f7:8f:64:ce:59:0d:22:a8:6f:c0:6f:c9:d8:09:8b:cb:c8:d0:
fe:3a:71:da:58:39:6a:b6:98:60:e5:c0:a5:eb:7f:c6:78:71:
24:12:6d:ef:82:1d:d4:1c:52:15:b5:f2:0b:e5:48:d1:9b:b9:
9b:97:52:71:76:b5:ae:e2:f3:17:1f:64:d8:71:ce:0e:48:14:
b4:ad:3d:56:80:1c:17:60:e6:68:a0:73:f0:8c:94:8a:d6:36:
47:ad:fd:b9:81:cb:6f:75:d4:3c:ea:15:17:b5:e0:b6:47:18:
73:52:d7:c4:8b:8e:f6:40:40:b1:c6:dd:1c:2c:4c:6d:46:71:
a7:22:e1:6a:c1:10:bf:04:54:fc:e4:3c:a9:c4:21:e0:78:6d:
96:a7:31:a2:8f:9f:0e:0c:d8:e2:cd:b2:f3:98:ff:07:33:bf:
f9:29:51:13:4e:6d:1b:e3:e4:ca:23:37:8e:3b:a1:c0:4b:22:
a1:37:20:cf:45:1c:96:c7:bb:ca:76:2c:5c:57:36:98:27:40:
fa:cb:cc:83
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvwpneg19csizhGU3DANKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNjNlYjYzMTliYTQ1NGQzOTc2NDU5NDVjZTU0Mzk1NzZm
YWM3NDEwHhcNMjMwMTAxMjM1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmU3YjRkZWE2YTM1ZGE4OTAxN2Y3ZDg2M2I1Y2ZmOTk1MThkZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZnufrMNSpFzAQzwJFHFIHQOWr7P
01CwAeJCtkPwMeEWO1UVSyrZQhx1A+i1qyKOfWfoGuH1LtiLD3mxPek3kcF5vk5w
JUafQ3/1dIG167rE1S2aC6KSFSrbnpvmJDYBYCMX00htyW8qfAX7CzHM8NYS6lsu
GeO4Zw+t5iJSsGHVPeOLQGq0YaQmGlAnB0Q5pOt0KY/jO0eo7Slw55n87mU9PDlp
seva+LFu9q4stumOBD5JCxoplNPKr6aJz8DAphHgF8oVlAqqTZYaEYGLjGxHUX4n
Cv/OPy1l7tVKaOoQQtdozVK81YpRM2QHjS/rPXsYTNH0UZ/w+QCLZJ8ipwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK/ntN6mo12okBf32GO1z/mVGN1TMB8GA1UdIwQY
MBaAFN5j62MZukVNOXZFlFzlQ5V2+sdBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM21Qcll4bTZSVTA1ZGtXVVhPVkRsWGI2eDBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS85MzI3YTctODFiZi00ZjdkLTlmNWMt
MWUxOGY1YjQ5MDVkLzEvci1lMDNxYWpYYWlRRl9mWVk3WFAtWlVZM1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS85MzI3YTctODFiZi00ZjdkLTlmNWMtMWUxOGY1YjQ5MDVk
LzEvM21Qcll4bTZSVTA1ZGtXVVhPVkRsWGI2eDBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudPYAwQC
ueQgMA0EAgACMAcDBQMqC2xAMA0GCSqGSIb3DQEBCwUAA4IBAQB+p8zBnaX79D3K
pmjmVeCQjRB+Lwqi1QUArnYHl3JMMgWBcr2i1xmGQslfkVSyuvIi9ratuij3j2TO
WQ0iqG/Ab8nYCYvLyND+OnHaWDlqtphg5cCl63/GeHEkEm3vgh3UHFIVtfIL5UjR
m7mbl1JxdrWu4vMXH2TYcc4OSBS0rT1WgBwXYOZooHPwjJSK1jZHrf25gctvddQ8
6hUXteC2RxhzUtfEi472QECxxt0cLExtRnGnIuFqwRC/BFT85DypxCHgeG2WpzGi
j58ODNjizbLzmP8HM7/5KVETTm0b4+TKIzeOO6HASyKhNyDPRRyWx7vKdixcVzaY
J0D6y8yD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:00 2025 by rpki-client