Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/3GYn0S_mSg7mGBLQo2jOk3xlLPQ.roa
File: 3GYn0S_mSg7mGBLQo2jOk3xlLPQ.roa (raw, json)
Hash identifier: Zx26dqZK9fS2ctxAgpQcOwodqJANpw13s0eY932jcVQ=
Subject key identifier: DC:66:27:D1:2F:E6:4A:0E:E6:18:12:D0:A3:68:CE:93:7C:65:2C:F4
Certificate issuer: /CN=3b5c2467546f4b078a0224da1ccac5c287e93453
Certificate serial: 03E0939F
Authority key identifier: 3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/3GYn0S_mSg7mGBLQo2jOk3xlLPQ.roa
Signing time: Sat 01 Jan 2022 05:02:15 +0000
ROA not before: Sat 01 Jan 2022 05:02:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34078
IP address blocks: 88.135.33.0/24 maxlen: 24
88.135.35.0/24 maxlen: 24
88.135.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65049503 (0x3e0939f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b5c2467546f4b078a0224da1ccac5c287e93453
Validity
Not Before: Jan 1 05:02:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc6627d12fe64a0ee61812d0a368ce937c652cf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:21:d8:29:81:8c:d4:a7:ca:43:46:7e:26:72:
4b:2d:e1:58:90:81:b6:a3:9c:76:16:2c:82:9b:e5:
5e:fa:b3:42:15:35:60:f5:3d:9e:04:03:e9:74:e9:
e7:56:e3:7e:35:fa:37:af:30:29:60:b8:8b:ce:20:
d9:7a:3c:6b:bb:4b:69:3b:7e:1b:61:35:f1:e1:19:
f5:f8:ba:ca:eb:f3:8b:18:9b:a8:a0:d3:4a:8c:dc:
63:8e:90:88:2b:41:10:68:dd:d9:35:69:24:80:41:
1d:be:dc:58:ad:f9:1d:24:1c:d7:21:90:92:ba:2c:
53:6f:d5:8c:26:4f:bb:4f:f0:53:c2:0b:ff:7f:20:
18:6e:ba:c0:18:77:88:9b:98:e8:64:08:9c:8c:88:
08:6c:76:21:78:db:12:53:4c:4b:8e:51:54:0a:a7:
46:b5:e4:85:c5:d3:8a:31:d4:44:70:9b:2a:1e:79:
1a:8a:fe:e7:8c:42:ae:02:9b:00:c8:df:ca:ed:e3:
72:b6:96:05:3d:66:87:93:b0:26:af:c5:bb:c8:f9:
3e:da:af:75:4d:3e:5e:5f:aa:ea:54:6a:75:cd:ed:
34:0d:72:c1:72:f2:c7:fc:b0:b0:45:4e:be:eb:62:
3b:94:df:c4:51:55:9c:36:3b:02:ca:8c:f4:52:e6:
b5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:66:27:D1:2F:E6:4A:0E:E6:18:12:D0:A3:68:CE:93:7C:65:2C:F4
X509v3 Authority Key Identifier:
keyid:3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/3GYn0S_mSg7mGBLQo2jOk3xlLPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/O1wkZ1RvSweKAiTaHMrFwofpNFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.33.0-88.135.35.255
Signature Algorithm: sha256WithRSAEncryption
2a:d6:27:d5:fe:20:77:3a:28:66:17:5f:b9:9b:20:03:8c:dd:
09:40:4f:72:34:8f:f1:dc:aa:15:04:48:47:f6:2d:42:aa:f4:
5c:9c:3a:43:c2:cd:1e:73:d2:1d:41:52:d9:b2:c1:bb:ee:50:
89:24:aa:06:cf:16:ac:b8:e3:81:0d:df:a6:1a:d6:85:b7:21:
67:5b:96:fc:e8:57:7b:e8:fe:b3:aa:7b:fa:4e:65:3d:d9:14:
be:3d:6b:10:c5:57:f4:ba:58:b9:57:48:37:da:7b:97:3d:9c:
df:33:2d:ad:41:23:ce:87:34:73:f5:98:f4:4c:4d:f6:53:f3:
ab:68:bd:07:22:00:27:35:47:58:26:2c:10:c8:7d:3d:e3:ab:
9b:de:d2:49:12:02:53:e3:9c:cf:66:79:00:0a:81:8d:60:4c:
fa:b8:fd:9a:00:2d:d6:9b:29:0e:26:0f:47:11:5d:43:bc:1a:
5d:85:5e:7c:ce:64:71:07:b1:14:1d:d5:5f:d5:a0:c2:dd:d1:
dc:7c:4e:c8:b0:0a:e7:72:01:ba:a2:86:b6:a0:5e:ee:b1:7f:
fd:0e:43:fc:87:41:9c:0a:e1:87:cf:c2:2b:83:99:b8:84:1c:
83:1e:ac:af:d2:ec:c3:68:0a:ec:c3:c4:4f:3a:3f:cc:ac:f5:
74:e1:47:21
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEA+CTnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjVjMjQ2NzU0NmY0YjA3OGEwMjI0ZGExY2NhYzVjMjg3ZTkzNDUzMB4XDTIyMDEw
MTA1MDIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGM2NjI3ZDEyZmU2
NGEwZWU2MTgxMmQwYTM2OGNlOTM3YzY1MmNmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwh2CmBjNSnykNGfiZySy3hWJCBtqOcdhYsgpvlXvqzQhU1
YPU9ngQD6XTp51bjfjX6N68wKWC4i84g2Xo8a7tLaTt+G2E18eEZ9fi6yuvzixib
qKDTSozcY46QiCtBEGjd2TVpJIBBHb7cWK35HSQc1yGQkrosU2/VjCZPu0/wU8IL
/38gGG66wBh3iJuY6GQInIyICGx2IXjbElNMS45RVAqnRrXkhcXTijHURHCbKh55
Gor+54xCrgKbAMjfyu3jcraWBT1mh5OwJq/Fu8j5PtqvdU0+Xl+q6lRqdc3tNA1y
wXLyx/ywsEVOvutiO5TfxFFVnDY7AsqM9FLmtSkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTcZifRL+ZKDuYYEtCjaM6TfGUs9DAfBgNVHSMEGDAWgBQ7XCRnVG9LB4oC
JNocysXCh+k0UzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08xd2taMVJ2U3dlS0FpVGFITXJGd29mcE5GTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvYjU4ZDk0LWI1NjQtNGQ0OS1hOGZkLTVjMDk2YTg3YmIwNy8x
LzNHWW4wU19tU2c3bUdCTFFvMmpPazN4bExQUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
YjU4ZDk0LWI1NjQtNGQ0OS1hOGZkLTVjMDk2YTg3YmIwNy8xL08xd2taMVJ2U3dl
S0FpVGFITXJGd29mcE5GTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAWIchAwQCWIcgMA0GCSqGSIb3
DQEBCwUAA4IBAQAq1ifV/iB3OihmF1+5myADjN0JQE9yNI/x3KoVBEhH9i1CqvRc
nDpDws0ec9IdQVLZssG77lCJJKoGzxasuOOBDd+mGtaFtyFnW5b86Fd76P6zqnv6
TmU92RS+PWsQxVf0uli5V0g32nuXPZzfMy2tQSPOhzRz9Zj0TE32U/OraL0HIgAn
NUdYJiwQyH0946ub3tJJEgJT45zPZnkACoGNYEz6uP2aAC3WmykOJg9HEV1DvBpd
hV58zmRxB7EUHdVf1aDC3dHcfE7IsArncgG6ooa2oF7usX/9DkP8h0GcCuGHz8Ir
g5m4hByDHqyv0uzDaArsw8RPOj/MrPV04Uch
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:56 2023 by rpki-client on console-ams.rpki-client.org