Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/o-DX_3BcEeFImJ0LYulABmHZeao.roa
File: o-DX_3BcEeFImJ0LYulABmHZeao.roa (raw, json)
Hash identifier: cPV95t/NTufKzTMl2jg5Nb0V7Mu0IU6+hWd7TsjQ9FA=
Subject key identifier: A3:E0:D7:FF:70:5C:11:E1:48:98:9D:0B:62:E9:40:06:61:D9:79:AA
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 285BADE3
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/o-DX_3BcEeFImJ0LYulABmHZeao.roa
Signing time: Sat 01 Jan 2022 16:10:19 +0000
ROA not before: Sat 01 Jan 2022 16:10:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211687
IP address blocks: 92.38.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 677096931 (0x285bade3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:10:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3e0d7ff705c11e148989d0b62e9400661d979aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:09:73:a8:7f:bb:cd:93:df:30:d4:53:d7:7f:
31:97:4e:38:71:94:10:cd:86:5d:f8:3a:27:f1:8c:
09:21:09:97:6e:83:53:1a:43:c2:b8:5f:ff:65:a4:
91:0b:8a:44:8d:f4:da:3b:54:a3:f9:ad:ed:05:8f:
0c:83:6d:91:a2:87:4a:2c:28:10:a6:21:95:c0:90:
0b:1b:fa:f8:0a:1f:ef:ae:95:f2:99:c8:67:3c:6b:
7d:4a:0f:47:8e:20:3f:1c:e1:86:9a:7a:99:27:52:
35:41:ad:8f:33:4b:68:67:a6:e6:78:e9:10:36:60:
bf:2d:92:3f:a3:fa:18:06:f1:2a:ae:c7:18:25:bf:
75:a0:d5:69:3d:d7:8e:49:da:78:98:61:88:cb:77:
70:53:e1:b1:bf:aa:3c:58:db:03:20:0f:78:e1:ca:
b2:0a:32:d6:51:23:78:e4:2a:ae:9c:c1:a7:47:f5:
b2:f8:07:10:d7:83:13:1d:db:f1:96:c8:54:85:5b:
f9:89:b7:16:4a:86:b3:8e:94:07:16:a2:7f:5c:43:
b7:f0:13:9d:c7:05:be:81:04:ab:f0:41:fc:bd:b8:
ff:1a:72:a7:65:2c:3b:0d:c0:73:89:e8:a6:d2:0d:
8e:52:e0:4b:38:8d:77:cf:25:ee:49:8d:63:4b:01:
bb:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E0:D7:FF:70:5C:11:E1:48:98:9D:0B:62:E9:40:06:61:D9:79:AA
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/o-DX_3BcEeFImJ0LYulABmHZeao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.35.0/24
Signature Algorithm: sha256WithRSAEncryption
63:f4:40:4d:90:73:d8:07:25:8b:3a:32:60:4e:be:73:73:ab:
f3:50:35:dc:94:fb:ff:a5:03:c5:18:f9:0b:fc:38:fe:b2:00:
a1:c1:67:71:1b:fe:f5:49:b3:2c:1f:99:07:a2:97:25:b8:ee:
24:74:b8:10:8e:dc:45:05:5e:8a:be:c9:d2:a3:c6:df:f1:1a:
91:e3:a6:49:72:d4:f6:8c:49:11:ac:5e:70:59:04:3f:d1:3e:
6e:d1:ee:dd:ee:8d:11:44:2b:32:38:aa:d9:40:9f:b0:11:b3:
22:46:f7:7e:e1:fb:be:3f:71:fd:c9:01:31:c6:1b:3f:ab:4e:
22:e5:89:e3:48:6c:27:03:2f:2d:15:31:0c:db:ac:41:4f:66:
2b:2a:65:ab:d0:e0:82:89:bf:ef:34:d4:b4:49:46:e3:c6:fa:
ab:5a:b9:c4:3a:75:bc:3c:07:cb:ff:97:2c:fb:2a:21:a8:8e:
69:ba:aa:14:27:de:35:12:f5:b0:a3:dc:cc:65:04:40:24:f4:
66:c7:29:17:31:fb:dd:e0:65:51:6b:aa:d3:7c:e3:75:da:5e:
f0:ba:ae:70:58:da:58:b5:60:3e:9e:2b:5f:d7:9c:07:35:26:
6a:a0:7d:1c:7c:3e:42:12:84:11:71:dd:c3:0e:33:5b:07:81:
95:fb:ef:4e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKFut4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MTAxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNlMGQ3ZmY3MDVj
MTFlMTQ4OTg5ZDBiNjJlOTQwMDY2MWQ5NzlhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQJc6h/u82T3zDUU9d/MZdOOHGUEM2GXfg6J/GMCSEJl26D
UxpDwrhf/2WkkQuKRI302jtUo/mt7QWPDINtkaKHSiwoEKYhlcCQCxv6+Aof766V
8pnIZzxrfUoPR44gPxzhhpp6mSdSNUGtjzNLaGem5njpEDZgvy2SP6P6GAbxKq7H
GCW/daDVaT3XjknaeJhhiMt3cFPhsb+qPFjbAyAPeOHKsgoy1lEjeOQqrpzBp0f1
svgHENeDEx3b8ZbIVIVb+Ym3FkqGs46UBxaif1xDt/ATnccFvoEEq/BB/L24/xpy
p2UsOw3Ac4noptINjlLgSziNd88l7kmNY0sBu8UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSj4Nf/cFwR4UiYnQti6UAGYdl5qjAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L28tRFhfM0JjRWVGSW1KMExZdWxBQm1IWmVhby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFwmIzANBgkqhkiG9w0BAQsFAAOC
AQEAY/RATZBz2AclizoyYE6+c3Or81A13JT7/6UDxRj5C/w4/rIAocFncRv+9Umz
LB+ZB6KXJbjuJHS4EI7cRQVeir7J0qPG3/EakeOmSXLU9oxJEaxecFkEP9E+btHu
3e6NEUQrMjiq2UCfsBGzIkb3fuH7vj9x/ckBMcYbP6tOIuWJ40hsJwMvLRUxDNus
QU9mKyplq9Dggom/7zTUtElG48b6q1q5xDp1vDwHy/+XLPsqIaiOabqqFCfeNRL1
sKPczGUEQCT0ZscpFzH73eBlUWuq03zjddpe8LqucFjaWLVgPp4rX9ecBzUmaqB9
HHw+QhKEEXHdww4zWweBlfvvTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:51 2024 by rpki-client on console-ams.rpki-client.org