Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/333ea6-584a-4749-83c7-03d7461eb58a/1/35k9qKz64RjmdC3OPSYiP4p8FBM.roa
File: 35k9qKz64RjmdC3OPSYiP4p8FBM.roa (raw, json)
Hash identifier: YTdufy6DlbvpsS2iU0dOa0Fb6+vSTgvNQYlRr+RaVyY=
Subject key identifier: DF:99:3D:A8:AC:FA:E1:18:E6:74:2D:CE:3D:26:22:3F:8A:7C:14:13
Certificate issuer: /CN=75e6e212c63741b85b957c7c97f7c58f5b5e1335
Certificate serial: 0F858C07
Authority key identifier: 75:E6:E2:12:C6:37:41:B8:5B:95:7C:7C:97:F7:C5:8F:5B:5E:13:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/debiEsY3QbhblXx8l_fFj1teEzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/333ea6-584a-4749-83c7-03d7461eb58a/1/35k9qKz64RjmdC3OPSYiP4p8FBM.roa
Signing time: Sat 01 Jan 2022 15:56:29 +0000
ROA not before: Sat 01 Jan 2022 15:56:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35383
IP address blocks: 84.39.120.0/21 maxlen: 21
84.39.122.0/24 maxlen: 24
84.39.127.0/24 maxlen: 24
2a01:7a20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 260410375 (0xf858c07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75e6e212c63741b85b957c7c97f7c58f5b5e1335
Validity
Not Before: Jan 1 15:56:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df993da8acfae118e6742dce3d26223f8a7c1413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4e:11:c2:71:75:83:21:25:db:85:c9:ac:97:
9d:db:e5:46:41:00:c7:85:1e:81:20:8a:af:a7:80:
66:37:4a:ed:4b:48:ee:b3:0c:d6:45:14:65:e9:b9:
7c:19:b5:68:b9:f1:dd:68:88:80:a5:cc:71:86:a0:
4e:bc:8e:b9:fb:96:0e:fa:c9:2a:56:26:64:de:22:
5e:ff:30:46:72:e7:cf:d3:57:64:b3:50:e2:e0:69:
1b:be:f2:84:a8:d4:af:17:d2:86:7c:be:24:df:70:
75:48:34:83:43:68:00:f4:06:da:1e:47:69:ad:3c:
f8:c1:72:28:7b:c6:9b:13:b5:58:eb:f2:66:89:bd:
99:50:07:1f:04:03:04:02:c2:33:38:03:c0:e3:b4:
0c:71:1e:6e:9a:68:65:f7:a3:d7:32:8a:92:c4:fb:
62:b8:8b:23:26:05:61:92:35:63:d3:d7:f5:ea:6c:
43:13:84:5d:1b:58:ed:eb:23:b1:85:be:bd:9c:44:
53:d4:3e:e1:75:44:f1:34:cc:58:96:6d:bc:11:6a:
07:3e:af:69:7e:09:a8:da:68:87:dd:e0:b3:c3:1f:
87:16:0e:8c:5d:5f:e3:1f:85:39:a4:7e:da:4a:9c:
60:5d:fb:0a:95:c9:9c:9b:ff:e7:40:31:88:91:74:
49:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:99:3D:A8:AC:FA:E1:18:E6:74:2D:CE:3D:26:22:3F:8A:7C:14:13
X509v3 Authority Key Identifier:
keyid:75:E6:E2:12:C6:37:41:B8:5B:95:7C:7C:97:F7:C5:8F:5B:5E:13:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/debiEsY3QbhblXx8l_fFj1teEzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/333ea6-584a-4749-83c7-03d7461eb58a/1/35k9qKz64RjmdC3OPSYiP4p8FBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/333ea6-584a-4749-83c7-03d7461eb58a/1/debiEsY3QbhblXx8l_fFj1teEzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.120.0/21
IPv6:
2a01:7a20::/32
Signature Algorithm: sha256WithRSAEncryption
73:34:67:62:17:b2:78:64:cc:3d:ba:60:3f:1c:dd:10:b2:40:
ec:36:69:95:52:9d:0f:1a:a0:d7:ca:0a:0e:a4:fd:8b:f5:d9:
78:2a:f2:92:74:7e:6e:eb:1b:f7:08:ba:00:ce:81:68:0a:dd:
6b:ee:36:ab:2c:ee:fa:de:78:15:61:7f:0f:61:bf:20:d3:be:
4f:6a:01:a2:c6:77:f1:7e:2c:73:e0:8a:cb:45:08:fa:93:3b:
a1:7c:67:7c:d8:5f:57:fe:54:62:89:7e:f2:a8:65:85:01:6e:
d8:42:45:81:b4:50:bd:db:0f:9c:9a:3d:29:50:c5:5d:90:b5:
59:64:37:16:e6:ae:d7:97:1d:c9:e8:c8:4d:f3:85:26:2a:8f:
e3:88:35:c9:f6:8c:51:a6:8b:3a:9d:e5:8d:1f:12:37:ef:6f:
fb:e9:ff:d1:9a:42:9d:a2:cc:ef:5f:23:60:ff:ad:d4:96:c4:
dd:e1:65:dd:bc:93:6c:d6:3b:11:c0:77:b0:2e:53:c1:82:10:
ec:7a:c6:bd:0a:a8:69:f8:8e:56:bf:1a:0f:9e:90:6b:ea:63:
ff:3e:c5:b7:e8:ad:af:3a:c5:cf:c5:e2:4f:7e:cf:eb:d3:b0:
d3:25:32:ed:ba:2d:a1:33:e7:df:cd:14:d0:cf:76:b9:8b:69:
b2:1c:dc:6c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIED4WMBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NWU2ZTIxMmM2Mzc0MWI4NWI5NTdjN2M5N2Y3YzU4ZjViNWUxMzM1MB4XDTIyMDEw
MTE1NTYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGY5OTNkYThhY2Zh
ZTExOGU2NzQyZGNlM2QyNjIyM2Y4YTdjMTQxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVOEcJxdYMhJduFyayXndvlRkEAx4UegSCKr6eAZjdK7UtI
7rMM1kUUZem5fBm1aLnx3WiIgKXMcYagTryOufuWDvrJKlYmZN4iXv8wRnLnz9NX
ZLNQ4uBpG77yhKjUrxfShny+JN9wdUg0g0NoAPQG2h5Haa08+MFyKHvGmxO1WOvy
Zom9mVAHHwQDBALCMzgDwOO0DHEebppoZfej1zKKksT7YriLIyYFYZI1Y9PX9eps
QxOEXRtY7esjsYW+vZxEU9Q+4XVE8TTMWJZtvBFqBz6vaX4JqNpoh93gs8MfhxYO
jF1f4x+FOaR+2kqcYF37CpXJnJv/50AxiJF0SWMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTfmT2orPrhGOZ0Lc49JiI/inwUEzAfBgNVHSMEGDAWgBR15uISxjdBuFuV
fHyX98WPW14TNTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RlYmlFc1kzUWJoYmxYeDhsX2ZGajF0ZUV6VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvMzMzZWE2LTU4NGEtNDc0OS04M2M3LTAzZDc0NjFlYjU4YS8x
LzM1azlxS3o2NFJqbWRDM09QU1lpUDRwOEZCTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
MzMzZWE2LTU4NGEtNDc0OS04M2M3LTAzZDc0NjFlYjU4YS8xL2RlYmlFc1kzUWJo
YmxYeDhsX2ZGajF0ZUV6VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA1QneDANBAIAAjAHAwUAKgF6IDAN
BgkqhkiG9w0BAQsFAAOCAQEAczRnYheyeGTMPbpgPxzdELJA7DZplVKdDxqg18oK
DqT9i/XZeCryknR+busb9wi6AM6BaArda+42qyzu+t54FWF/D2G/INO+T2oBosZ3
8X4sc+CKy0UI+pM7oXxnfNhfV/5UYol+8qhlhQFu2EJFgbRQvdsPnJo9KVDFXZC1
WWQ3Fuau15cdyejITfOFJiqP44g1yfaMUaaLOp3ljR8SN+9v++n/0ZpCnaLM718j
YP+t1JbE3eFl3byTbNY7EcB3sC5TwYIQ7HrGvQqoafiOVr8aD56Qa+pj/z7Ft+it
rzrFz8XiT37P69Ow0yUy7botoTPn380U0M92uYtpshzcbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:09 2024 by rpki-client on console-fra.rpki-client.org