Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/de7ef6-bdae-4717-b061-6f207951c4b2/1/3pg7Eh67VhZ5jisZLnGAHfIcwLA.roa
File: 3pg7Eh67VhZ5jisZLnGAHfIcwLA.roa (raw, json)
Hash identifier: HrB41zCj7Zp+ktYr4ueh//h4FdZCDhqpbmMjD29uM9w=
Subject key identifier: DE:98:3B:12:1E:BB:56:16:79:8E:2B:19:2E:71:80:1D:F2:1C:C0:B0
Certificate issuer: /CN=f90379f3afd94c0f26b67fffa34d6e946c29d624
Certificate serial: 03CEF852
Authority key identifier: F9:03:79:F3:AF:D9:4C:0F:26:B6:7F:FF:A3:4D:6E:94:6C:29:D6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-QN586_ZTA8mtn__o01ulGwp1iQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/de7ef6-bdae-4717-b061-6f207951c4b2/1/3pg7Eh67VhZ5jisZLnGAHfIcwLA.roa
Signing time: Sat 01 Jan 2022 07:01:09 +0000
ROA not before: Sat 01 Jan 2022 07:01:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204834
IP address blocks: 185.237.84.0/24 maxlen: 24
185.237.86.0/24 maxlen: 24
185.237.86.0/23 maxlen: 23
185.237.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63895634 (0x3cef852)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f90379f3afd94c0f26b67fffa34d6e946c29d624
Validity
Not Before: Jan 1 07:01:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de983b121ebb5616798e2b192e71801df21cc0b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b1:ce:fc:6f:5b:0d:b4:62:c6:6c:74:b4:ac:
58:14:00:55:34:b0:0c:10:0a:4e:d7:0d:3a:c7:62:
53:12:7b:14:49:71:43:d6:e7:7a:12:48:50:36:3b:
ad:e3:a7:8c:1f:8c:e6:6c:fb:2a:54:65:10:79:b0:
b2:80:db:36:21:f6:e0:5d:0c:26:ea:24:72:d2:f8:
21:b3:e9:e7:fb:cd:22:a1:f3:81:b6:24:ba:9e:e5:
32:f5:25:3d:c8:7c:1f:30:1b:bf:e4:28:57:59:3c:
a3:21:01:40:93:8b:5a:ca:18:45:ee:b5:06:60:7f:
43:08:86:a0:bb:24:34:d2:1c:80:dd:cf:af:80:83:
09:3a:20:a1:fc:c6:0c:eb:2a:c8:4c:ea:22:1e:91:
d4:46:54:3e:4f:33:80:4a:2d:9a:f1:71:16:1b:84:
37:35:c9:cb:24:f4:61:95:55:62:ca:33:bf:a3:98:
48:61:df:d4:0c:62:a6:77:79:44:49:22:07:e9:ee:
d7:93:3f:9f:8f:47:b2:a2:da:46:ed:12:f0:ec:77:
dc:64:6f:25:5c:ca:a9:c0:d1:0a:b9:dc:85:f0:9a:
e6:1b:00:aa:fb:a3:f6:22:69:54:f6:ec:cd:92:f4:
48:a5:c6:df:22:2d:dd:45:2f:f5:d6:23:82:65:f9:
fb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:98:3B:12:1E:BB:56:16:79:8E:2B:19:2E:71:80:1D:F2:1C:C0:B0
X509v3 Authority Key Identifier:
keyid:F9:03:79:F3:AF:D9:4C:0F:26:B6:7F:FF:A3:4D:6E:94:6C:29:D6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-QN586_ZTA8mtn__o01ulGwp1iQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/de7ef6-bdae-4717-b061-6f207951c4b2/1/3pg7Eh67VhZ5jisZLnGAHfIcwLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/de7ef6-bdae-4717-b061-6f207951c4b2/1/1-QN586_ZTA8mtn__o01ulGwp1iQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.84.0/24
185.237.86.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:fc:7e:15:99:68:d5:11:39:8a:58:7e:cb:5a:bc:10:90:15:
ef:8b:ae:c3:b2:4e:45:fa:50:41:4e:50:e5:7e:44:e5:c0:18:
0c:10:46:d9:17:aa:e6:d0:87:42:18:3c:e5:24:7f:a8:59:d1:
c5:8f:dd:9e:ae:12:15:07:85:e4:36:f9:d9:96:df:87:5f:f1:
8a:a0:92:52:4c:8c:a6:8b:8b:a2:b4:66:7f:23:40:f6:b2:e8:
eb:ca:f3:9d:fb:08:ea:e0:70:04:eb:74:ce:e6:52:4b:c3:80:
8c:ac:d1:c0:3c:d0:c6:3c:b5:4f:46:87:9f:3b:a7:c4:9a:a6:
fa:37:f2:b6:a2:8a:4b:f1:87:5d:65:15:e9:7c:d7:a7:68:ff:
52:29:2f:4b:c3:b8:8a:d7:7b:8e:2a:57:10:26:9f:7f:2b:b8:
7e:5d:13:95:23:a9:9e:7e:ac:c4:8d:e8:73:98:e9:88:0b:af:
40:60:71:87:b8:9b:9e:78:8d:e6:e5:78:36:d9:93:dc:aa:fe:
e5:27:dd:ad:07:08:32:ea:a5:e8:c2:90:f5:de:32:5b:a3:1f:
ba:5a:94:19:84:ea:67:50:6e:02:49:34:84:c2:0d:69:92:8e:
3e:19:94:36:34:de:08:8a:4f:02:74:58:ca:11:1b:e4:3b:24:
97:ee:2c:a3
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEA874UjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OTAzNzlmM2FmZDk0YzBmMjZiNjdmZmZhMzRkNmU5NDZjMjlkNjI0MB4XDTIyMDEw
MTA3MDEwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGU5ODNiMTIxZWJi
NTYxNjc5OGUyYjE5MmU3MTgwMWRmMjFjYzBiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGxzvxvWw20YsZsdLSsWBQAVTSwDBAKTtcNOsdiUxJ7FElx
Q9bnehJIUDY7reOnjB+M5mz7KlRlEHmwsoDbNiH24F0MJuokctL4IbPp5/vNIqHz
gbYkup7lMvUlPch8HzAbv+QoV1k8oyEBQJOLWsoYRe61BmB/QwiGoLskNNIcgN3P
r4CDCTogofzGDOsqyEzqIh6R1EZUPk8zgEotmvFxFhuENzXJyyT0YZVVYsozv6OY
SGHf1Axipnd5REkiB+nu15M/n49HsqLaRu0S8Ox33GRvJVzKqcDRCrnchfCa5hsA
qvuj9iJpVPbszZL0SKXG3yIt3UUv9dYjgmX5+zkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTemDsSHrtWFnmOKxkucYAd8hzAsDAfBgNVHSMEGDAWgBT5A3nzr9lMDya2
f/+jTW6UbCnWJDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtUU41ODZfWlRBOG10bl9fbzAxdWxHd3AxaVEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzQ2L2RlN2VmNi1iZGFlLTQ3MTctYjA2MS02ZjIwNzk1MWM0YjIv
MS8zcGc3RWg2N1ZoWjVqaXNaTG5HQUhmSWN3TEEucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ2
L2RlN2VmNi1iZGFlLTQ3MTctYjA2MS02ZjIwNzk1MWM0YjIvMS8xLVFONTg2X1pU
QThtdG5fX28wMXVsR3dwMWlRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAue1UAwQBue1WMA0GCSqGSIb3
DQEBCwUAA4IBAQBe/H4VmWjVETmKWH7LWrwQkBXvi67Dsk5F+lBBTlDlfkTlwBgM
EEbZF6rm0IdCGDzlJH+oWdHFj92erhIVB4XkNvnZlt+HX/GKoJJSTIymi4uitGZ/
I0D2sujryvOd+wjq4HAE63TO5lJLw4CMrNHAPNDGPLVPRoefO6fEmqb6N/K2oopL
8YddZRXpfNenaP9SKS9Lw7iK13uOKlcQJp9/K7h+XROVI6mefqzEjehzmOmIC69A
YHGHuJueeI3m5Xg22ZPcqv7lJ92tBwgy6qXowpD13jJbox+6WpQZhOpnUG4CSTSE
wg1pko4+GZQ2NN4Iik8CdFjKERvkOySX7iyj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:15 2024 by rpki-client on console-ams.rpki-client.org