Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/5ca48b-c966-4e63-868d-a85c1b2ec1ce/1/ND39QL5eHODTTGGm9-QlFBkV3AM.roa
File: ND39QL5eHODTTGGm9-QlFBkV3AM.roa (raw, json)
Hash identifier: m3joDQzi5yOd8wajPvQ1VIUI+9HTrn8Gh8OHgoAU9I8=
Subject key identifier: 34:3D:FD:40:BE:5E:1C:E0:D3:4C:61:A6:F7:E4:25:14:19:15:DC:03
Certificate issuer: /CN=a81558853febc79d813eb2c0ce5cb736fb73c0df
Certificate serial: 041AF561
Authority key identifier: A8:15:58:85:3F:EB:C7:9D:81:3E:B2:C0:CE:5C:B7:36:FB:73:C0:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBVYhT_rx52BPrLAzly3NvtzwN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/5ca48b-c966-4e63-868d-a85c1b2ec1ce/1/ND39QL5eHODTTGGm9-QlFBkV3AM.roa
Signing time: Sat 01 Jan 2022 05:55:34 +0000
ROA not before: Sat 01 Jan 2022 05:55:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50599
IP address blocks: 185.221.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68875617 (0x41af561)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81558853febc79d813eb2c0ce5cb736fb73c0df
Validity
Not Before: Jan 1 05:55:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=343dfd40be5e1ce0d34c61a6f7e425141915dc03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:99:8a:0b:11:03:c5:61:a5:76:4f:34:55:bd:
78:0c:0b:04:8c:d1:bd:be:66:0d:46:65:17:ac:92:
d4:b6:b7:97:08:19:a9:df:6f:1e:41:30:17:3a:db:
7c:f5:8b:ab:2d:cb:c3:79:b8:d4:db:03:9f:0d:a0:
56:fb:46:af:a4:51:52:5c:fb:f5:09:b9:6d:53:c2:
df:32:12:96:bd:c5:86:eb:eb:51:ab:d3:83:44:6b:
dc:35:ec:2c:03:c2:c4:2a:2e:6e:1e:c4:8a:b6:30:
aa:36:2e:75:7d:2d:1c:05:0c:4a:4a:8a:e1:99:f6:
0f:a5:15:e2:d0:61:11:c4:7d:ca:9d:3e:c7:d2:8b:
7c:a2:67:ba:ff:09:b7:97:f3:74:3a:71:c3:20:53:
c9:86:a8:c0:ce:12:30:f2:65:0f:02:3d:3b:20:19:
89:ed:2f:96:61:5a:db:4a:43:1d:ab:2c:c2:be:5a:
b1:61:36:44:d9:9b:d3:83:34:21:d3:af:82:00:25:
98:79:03:6e:32:53:29:74:be:da:dc:a3:ea:50:dc:
04:0f:87:ad:cb:9b:35:0e:29:20:31:1d:86:0e:08:
3a:ed:c6:25:9b:61:3d:08:4e:da:35:0c:97:c4:d6:
a4:ad:5a:35:9d:b5:54:cd:1a:a4:d8:e6:3c:7b:33:
e2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3D:FD:40:BE:5E:1C:E0:D3:4C:61:A6:F7:E4:25:14:19:15:DC:03
X509v3 Authority Key Identifier:
keyid:A8:15:58:85:3F:EB:C7:9D:81:3E:B2:C0:CE:5C:B7:36:FB:73:C0:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBVYhT_rx52BPrLAzly3NvtzwN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/5ca48b-c966-4e63-868d-a85c1b2ec1ce/1/ND39QL5eHODTTGGm9-QlFBkV3AM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/5ca48b-c966-4e63-868d-a85c1b2ec1ce/1/qBVYhT_rx52BPrLAzly3NvtzwN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.110.0/24
Signature Algorithm: sha256WithRSAEncryption
31:5c:2d:2a:50:8e:56:19:e2:79:ae:62:09:96:0e:78:75:e0:
bc:e2:02:0a:89:4e:d2:cf:9a:d9:08:fb:55:b4:3b:39:be:7c:
71:eb:0c:81:7a:1f:db:d1:7d:42:a7:ed:52:a3:1b:f8:2b:6c:
16:b8:bb:b0:68:a7:7e:58:8f:a8:ec:2d:44:22:9a:a3:53:96:
37:ee:18:11:23:fd:e0:32:a8:41:18:18:19:4a:1c:2b:2d:9e:
5f:cc:7a:75:70:32:31:8a:c0:af:b7:d8:58:74:82:d4:a3:33:
42:e4:46:33:f2:72:5d:5f:b4:4f:47:55:b0:cc:24:a3:27:9a:
60:3c:cc:83:7d:dc:09:87:35:1d:07:5b:8a:25:6f:3a:da:c9:
91:89:41:9e:ed:c5:7b:e4:3c:4d:10:04:2b:9f:1f:6d:82:ab:
98:63:8e:b8:e4:1b:84:86:3f:77:97:7d:51:aa:5e:5c:e0:d2:
ce:68:d7:70:5e:85:08:41:2a:0b:08:dc:d9:60:b3:6a:ba:8a:
9e:0d:4f:a1:49:b3:30:c8:bd:7b:53:54:cb:53:c0:75:61:1e:
12:d4:ae:47:18:e6:e6:d2:d6:2c:f2:53:a6:e2:9a:bc:af:1d:
d5:b6:f8:5f:61:7d:a3:28:4c:3d:8c:75:5e:06:c3:b7:47:18:
68:80:ba:27
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBBr1YTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODE1NTg4NTNmZWJjNzlkODEzZWIyYzBjZTVjYjczNmZiNzNjMGRmMB4XDTIyMDEw
MTA1NTUzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQzZGZkNDBiZTVl
MWNlMGQzNGM2MWE2ZjdlNDI1MTQxOTE1ZGMwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANyZigsRA8VhpXZPNFW9eAwLBIzRvb5mDUZlF6yS1La3lwgZ
qd9vHkEwFzrbfPWLqy3Lw3m41NsDnw2gVvtGr6RRUlz79Qm5bVPC3zISlr3Fhuvr
UavTg0Rr3DXsLAPCxCoubh7EirYwqjYudX0tHAUMSkqK4Zn2D6UV4tBhEcR9yp0+
x9KLfKJnuv8Jt5fzdDpxwyBTyYaowM4SMPJlDwI9OyAZie0vlmFa20pDHasswr5a
sWE2RNmb04M0IdOvggAlmHkDbjJTKXS+2tyj6lDcBA+HrcubNQ4pIDEdhg4IOu3G
JZthPQhO2jUMl8TWpK1aNZ21VM0apNjmPHsz4jUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ0Pf1Avl4c4NNMYab35CUUGRXcAzAfBgNVHSMEGDAWgBSoFViFP+vHnYE+
ssDOXLc2+3PA3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FCVlloVF9yeDUyQlByTEF6bHkzTnZ0endOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvNWNhNDhiLWM5NjYtNGU2My04NjhkLWE4NWMxYjJlYzFjZS8x
L05EMzlRTDVlSE9EVFRHR205LVFsRkJrVjNBTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
NWNhNDhiLWM5NjYtNGU2My04NjhkLWE4NWMxYjJlYzFjZS8xL3FCVlloVF9yeDUy
QlByTEF6bHkzTnZ0endOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALndbjANBgkqhkiG9w0BAQsFAAOC
AQEAMVwtKlCOVhniea5iCZYOeHXgvOICColO0s+a2Qj7VbQ7Ob58cesMgXof29F9
QqftUqMb+CtsFri7sGinfliPqOwtRCKao1OWN+4YESP94DKoQRgYGUocKy2eX8x6
dXAyMYrAr7fYWHSC1KMzQuRGM/JyXV+0T0dVsMwkoyeaYDzMg33cCYc1HQdbiiVv
OtrJkYlBnu3Fe+Q8TRAEK58fbYKrmGOOuOQbhIY/d5d9UapeXODSzmjXcF6FCEEq
Cwjc2WCzarqKng1PoUmzMMi9e1NUy1PAdWEeEtSuRxjm5tLWLPJTpuKavK8d1bb4
X2F9oyhMPYx1XgbDt0cYaIC6Jw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:54 2024 by rpki-client on console-fra.rpki-client.org