Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/3etyS6xxA_1k_Pp11PVV0fVYGig.roa
File: 3etyS6xxA_1k_Pp11PVV0fVYGig.roa (raw, json)
Hash identifier: 0CgtoVByX6Id0FT1wRlNdsIAlxuAOtB4022kliRnd20=
Subject key identifier: DD:EB:72:4B:AC:71:03:FD:64:FC:FA:75:D4:F5:55:D1:F5:58:1A:28
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0184857E17C6F03A2495B6CE57E63681D670
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/3etyS6xxA_1k_Pp11PVV0fVYGig.roa
Signing time: Thu 17 Nov 2022 12:09:04 +0000
ROA not before: Thu 17 Nov 2022 12:09:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61135
IP address blocks: 212.68.35.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
188.132.155.0/24 maxlen: 24
188.132.154.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
78.135.73.0/24 maxlen: 24
188.132.193.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:7e:17:c6:f0:3a:24:95:b6:ce:57:e6:36:81:d6:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Nov 17 12:09:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddeb724bac7103fd64fcfa75d4f555d1f5581a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5d:b1:56:b0:d7:44:0e:50:75:75:8d:af:ed:
e3:08:51:c4:c5:f3:30:0c:3b:ac:a6:60:08:61:f4:
cb:bb:5d:99:a0:54:ad:9c:8b:d8:fb:ce:4f:f0:c2:
82:16:f6:a3:a0:19:54:e4:c5:6d:05:22:09:3d:26:
2b:2a:33:c7:ce:2b:c9:68:f5:bf:64:6b:59:93:e8:
83:13:12:86:7a:be:64:6e:d7:1d:c0:73:a1:f9:89:
54:97:39:a7:2f:aa:00:97:bf:94:3e:68:32:5b:e3:
eb:23:f7:e3:b5:4c:54:69:df:da:1d:23:df:d8:1f:
68:7c:1b:7e:27:a2:9a:e8:3e:6e:7c:96:5b:79:c9:
f6:a2:c3:72:e1:6e:32:b5:47:68:67:11:c9:79:5d:
d0:d1:5f:13:23:31:85:fa:66:ec:ac:55:78:88:65:
63:41:5c:da:c1:b7:34:44:0c:28:0c:0b:72:ae:b6:
5e:dc:29:17:b4:20:55:f2:88:a9:25:42:ec:4e:7e:
c9:4b:7b:d8:69:1b:06:be:e3:45:31:14:a8:ab:0a:
cb:2a:70:f5:8b:f8:93:6a:8b:4a:8b:cb:7c:c7:0c:
89:ef:a9:c5:91:09:75:d3:48:c1:fa:a3:b9:59:cb:
5d:b7:95:11:84:94:77:06:0d:a3:7e:47:05:cb:4c:
f0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:EB:72:4B:AC:71:03:FD:64:FC:FA:75:D4:F5:55:D1:F5:58:1A:28
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/3etyS6xxA_1k_Pp11PVV0fVYGig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.73.0/24
78.135.86.0/24
188.132.154.0/23
188.132.189.0/24
188.132.191.0/24
188.132.193.0/24
188.132.249.0/24
212.68.35.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:2f:bc:90:f2:45:25:51:7e:db:1d:c5:44:1e:f6:b7:d4:5a:
3d:5e:07:4b:60:00:20:70:98:61:af:e2:9d:60:19:01:aa:c0:
53:ac:02:97:4d:fb:69:11:e5:ff:d5:92:9c:f1:bf:4f:89:00:
a6:84:42:73:fe:09:52:16:fd:92:e7:01:c5:c3:c5:4d:8a:ef:
43:15:2f:d2:8b:82:ab:29:de:a8:0b:38:af:15:7a:68:b9:b7:
74:57:c1:af:b2:af:d6:2e:bd:62:17:18:01:7b:ca:80:98:74:
b1:73:4f:ba:cd:58:54:86:45:54:70:8f:fd:88:36:f6:21:56:
b3:ce:ab:62:5b:f6:af:f3:89:88:d4:79:76:41:f7:e6:6a:71:
10:ce:c6:e2:1b:64:03:f9:85:57:92:d5:c2:a4:1c:45:aa:cb:
c1:ba:49:6f:09:9e:82:58:e4:ba:2f:2c:82:56:0f:f5:18:98:
31:9c:46:d8:73:8c:e6:73:39:ae:3e:46:87:1b:d7:76:b4:44:
d7:0e:38:4e:d8:33:f9:59:17:9c:14:e9:ad:d0:2d:4a:e5:82:
3b:c0:f4:66:95:0a:1e:e9:00:0e:8a:b7:f8:ed:7e:b2:6e:b0:
85:14:86:ec:75:4d:0a:1d:3a:b3:c3:b0:59:d1:fc:28:b1:4e:
14:80:96:99
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYSFfhfG8DoklbbOV+Y2gdZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjIxMTE3MTIwOTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGViNzI0YmFjNzEwM2ZkNjRmY2ZhNzVkNGY1NTVkMWY1NTgxYTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV2xVrDXRA5QdXWNr+3jCFHExfMw
DDuspmAIYfTLu12ZoFStnIvY+85P8MKCFvajoBlU5MVtBSIJPSYrKjPHzivJaPW/
ZGtZk+iDExKGer5kbtcdwHOh+YlUlzmnL6oAl7+UPmgyW+PrI/fjtUxUad/aHSPf
2B9ofBt+J6Ka6D5ufJZbecn2osNy4W4ytUdoZxHJeV3Q0V8TIzGF+mbsrFV4iGVj
QVzawbc0RAwoDAtyrrZe3CkXtCBV8oipJULsTn7JS3vYaRsGvuNFMRSoqwrLKnD1
i/iTaotKi8t8xwyJ76nFkQl100jB+qO5Wctdt5URhJR3Bg2jfkcFy0zwxwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFN3rckuscQP9ZPz6ddT1VdH1WBooMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvM2V0eVM2eHhBXzFrX1BwMTFQVlYwZlZZR2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATodJAwQA
TodWAwQBvISaAwQAvIS9AwQAvIS/AwQAvITBAwQAvIT5AwQA1EQjMA0GCSqGSIb3
DQEBCwUAA4IBAQAtL7yQ8kUlUX7bHcVEHva31Fo9XgdLYAAgcJhhr+KdYBkBqsBT
rAKXTftpEeX/1ZKc8b9PiQCmhEJz/glSFv2S5wHFw8VNiu9DFS/Si4KrKd6oCziv
FXpoubd0V8Gvsq/WLr1iFxgBe8qAmHSxc0+6zVhUhkVUcI/9iDb2IVazzqtiW/av
84mI1Hl2QffmanEQzsbiG2QD+YVXktXCpBxFqsvBuklvCZ6CWOS6LyyCVg/1GJgx
nEbYc4zmczmuPkaHG9d2tETXDjhO2DP5WRecFOmt0C1K5YI7wPRmlQoe6QAOirf4
7X6ybrCFFIbsdU0KHTqzw7BZ0fwosU4UgJaZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:58 2024 by rpki-client on console-ams.rpki-client.org