Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/DbPxJTl_PGiSBs1u6EE1Vo2SR9I.roa
File: DbPxJTl_PGiSBs1u6EE1Vo2SR9I.roa (raw, json)
Hash identifier: 6rIP+00rzANeHbKrMMtIFIJvW275rcaJtzcQhsbM+sc=
Subject key identifier: 0D:B3:F1:25:39:7F:3C:68:92:06:CD:6E:E8:41:35:56:8D:92:47:D2
Certificate issuer: /CN=053360c6e3e892db66b1df6ad47f7818e9deeb8c
Certificate serial: 0184C431AE00E14085AE328F4EF6D90E2A23
Authority key identifier: 05:33:60:C6:E3:E8:92:DB:66:B1:DF:6A:D4:7F:78:18:E9:DE:EB:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTNgxuPokttmsd9q1H94GOne64w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/DbPxJTl_PGiSBs1u6EE1Vo2SR9I.roa
Signing time: Tue 29 Nov 2022 16:21:40 +0000
ROA not before: Tue 29 Nov 2022 16:21:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8922
IP address blocks: 185.34.36.0/23 maxlen: 23
185.34.38.0/23 maxlen: 23
2a03:e700::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c4:31:ae:00:e1:40:85:ae:32:8f:4e:f6:d9:0e:2a:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053360c6e3e892db66b1df6ad47f7818e9deeb8c
Validity
Not Before: Nov 29 16:21:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0db3f125397f3c689206cd6ee84135568d9247d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:5f:28:01:e6:42:11:5c:fe:6f:a8:79:52:98:
7d:4c:b9:d6:c2:31:d1:58:f6:3a:f3:1e:57:ba:db:
a3:c8:9d:98:8e:f3:4b:33:93:1f:cf:56:06:6b:c4:
39:4e:e8:b0:03:75:91:22:0e:1f:14:eb:6e:78:6d:
4c:c0:04:d6:61:38:fa:92:24:b9:3b:44:4a:7e:9f:
22:37:db:13:d0:6c:d6:93:47:bb:03:40:92:b0:32:
5f:46:65:f7:11:d0:36:8d:36:b8:ca:13:56:e3:82:
af:1f:9f:41:fd:4f:56:5a:0b:d7:50:d7:35:99:70:
e4:74:b7:bb:0d:67:10:a0:3b:38:7f:e2:75:e0:9c:
c6:fa:3a:b8:cc:d3:56:3e:25:37:44:1e:f5:a9:c3:
b0:75:bb:8a:9e:a0:8e:63:df:a6:8e:8a:fe:51:ca:
2e:c7:d4:b9:5e:8e:b1:d3:ad:cf:59:45:11:a1:25:
04:dd:1d:d3:47:ce:84:47:dd:22:97:ac:36:6a:30:
38:7a:3b:14:70:07:73:74:14:be:6f:c5:f9:61:71:
2b:c5:a1:d1:da:10:38:fc:c6:6d:b3:7b:60:59:6b:
45:2a:33:02:33:bf:9e:9a:53:f4:88:96:5c:8e:59:
57:e7:89:72:21:35:d3:b2:3a:ec:11:54:4c:68:73:
a7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B3:F1:25:39:7F:3C:68:92:06:CD:6E:E8:41:35:56:8D:92:47:D2
X509v3 Authority Key Identifier:
keyid:05:33:60:C6:E3:E8:92:DB:66:B1:DF:6A:D4:7F:78:18:E9:DE:EB:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTNgxuPokttmsd9q1H94GOne64w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/DbPxJTl_PGiSBs1u6EE1Vo2SR9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/BTNgxuPokttmsd9q1H94GOne64w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.36.0/22
IPv6:
2a03:e700::/32
Signature Algorithm: sha256WithRSAEncryption
0d:9e:b2:e9:74:f9:34:8b:49:6f:2d:52:c0:e1:b8:a5:44:90:
1e:d0:1f:0a:37:d7:da:a1:79:72:a4:5a:bb:23:85:32:e3:57:
a9:61:bf:a4:e8:a1:03:a1:e9:30:50:ac:f6:69:28:4b:5d:82:
b2:00:a9:cd:31:37:a9:d5:76:b2:3a:03:a7:7f:8b:12:10:20:
28:55:4b:15:f4:e2:60:f1:39:dc:19:46:3f:0f:a8:78:b4:ac:
5e:af:29:97:54:26:f8:f4:0a:6d:a6:df:02:79:b5:f9:db:51:
81:c5:ca:5a:dd:ed:1d:37:15:ac:1d:a1:32:f9:b3:84:d0:fd:
03:98:6f:c1:d1:8f:c4:92:e6:80:0b:18:9e:11:3e:79:61:3b:
14:4d:cd:50:cc:e4:ce:b9:3f:14:73:41:dc:50:b6:7b:2c:37:
d5:ec:29:7b:4f:53:5b:41:d5:5f:dd:31:a1:57:80:17:1d:49:
c0:a9:7b:20:90:62:ff:98:30:1b:0f:55:4d:a3:6e:72:a4:46:
0a:3e:95:da:97:22:62:79:27:b8:a8:c0:0e:d5:c3:f7:24:ef:
f2:6c:6e:7d:13:6c:d2:65:4a:5f:88:16:c2:a8:62:2c:3b:9a:
e6:45:45:f6:0c:5a:e9:59:3f:b5:25:03:b9:9b:1b:63:a0:bd:
e4:4f:79:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTEMa4A4UCFrjKPTvbZDiojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzM2MGM2ZTNlODkyZGI2NmIxZGY2YWQ0N2Y3ODE4ZTlk
ZWViOGMwHhcNMjIxMTI5MTYyMTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGIzZjEyNTM5N2YzYzY4OTIwNmNkNmVlODQxMzU1NjhkOTI0N2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3l8oAeZCEVz+b6h5Uph9TLnWwjHR
WPY68x5XutujyJ2YjvNLM5Mfz1YGa8Q5TuiwA3WRIg4fFOtueG1MwATWYTj6kiS5
O0RKfp8iN9sT0GzWk0e7A0CSsDJfRmX3EdA2jTa4yhNW44KvH59B/U9WWgvXUNc1
mXDkdLe7DWcQoDs4f+J14JzG+jq4zNNWPiU3RB71qcOwdbuKnqCOY9+mjor+Ucou
x9S5Xo6x063PWUURoSUE3R3TR86ER90il6w2ajA4ejsUcAdzdBS+b8X5YXErxaHR
2hA4/MZts3tgWWtFKjMCM7+emlP0iJZcjllX54lyITXTsjrsEVRMaHOn0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA2z8SU5fzxokgbNbuhBNVaNkkfSMB8GA1UdIwQY
MBaAFAUzYMbj6JLbZrHfatR/eBjp3uuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlROZ3h1UG9rdHRtc2Q5cTFIOTRHT25lNjR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8wNmRkODMtMDdkYy00MGZiLTkyM2Yt
ZDkxZGNlNWRiOTNhLzEvRGJQeEpUbF9QR2lTQnMxdTZFRTFWbzJTUjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8wNmRkODMtMDdkYy00MGZiLTkyM2YtZDkxZGNlNWRiOTNh
LzEvQlROZ3h1UG9rdHRtc2Q5cTFIOTRHT25lNjR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSIkMA0E
AgACMAcDBQAqA+cAMA0GCSqGSIb3DQEBCwUAA4IBAQANnrLpdPk0i0lvLVLA4bil
RJAe0B8KN9faoXlypFq7I4Uy41epYb+k6KEDoekwUKz2aShLXYKyAKnNMTep1Xay
OgOnf4sSECAoVUsV9OJg8TncGUY/D6h4tKxerymXVCb49Aptpt8CebX521GBxcpa
3e0dNxWsHaEy+bOE0P0DmG/B0Y/EkuaACxieET55YTsUTc1QzOTOuT8Uc0HcULZ7
LDfV7Cl7T1NbQdVf3TGhV4AXHUnAqXsgkGL/mDAbD1VNo25ypEYKPpXalyJieSe4
qMAO1cP3JO/ybG59E2zSZUpfiBbCqGIsO5rmRUX2DFrpWT+1JQO5mxtjoL3kT3lv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:49 2023 by rpki-client on console-fra.rpki-client.org