Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/3vINCFLHJQ_24LUiaeahc_oQF5g.roa
File: 3vINCFLHJQ_24LUiaeahc_oQF5g.roa (raw, json)
Hash identifier: FLDG5HQ86mWS5oFzVE18mfJiid9xy/Y8SuiefJN1UX4=
Subject key identifier: DE:F2:0D:08:52:C7:25:0F:F6:E0:B5:22:69:E6:A1:73:FA:10:17:98
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 0184679585CD23B489856970A72FE5E2F446
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/3vINCFLHJQ_24LUiaeahc_oQF5g.roa
Signing time: Fri 11 Nov 2022 16:46:03 +0000
ROA not before: Fri 11 Nov 2022 16:46:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40980
IP address blocks: 144.208.192.0/21 maxlen: 22
144.208.200.0/22 maxlen: 22
185.50.234.0/24 maxlen: 24
2a01:aea0:dd5::/48 maxlen: 48
2a01:aea0:df5::/48 maxlen: 48
2a01:aea0:df3::/48 maxlen: 48
2a01:aea0:dd3::/48 maxlen: 48
2a01:aea0:df4::/48 maxlen: 48
2a01:aea0:dd4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:67:95:85:cd:23:b4:89:85:69:70:a7:2f:e5:e2:f4:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Nov 11 16:46:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=def20d0852c7250ff6e0b52269e6a173fa101798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8f:ea:e3:9f:ff:06:56:8c:92:7d:cf:9c:51:
ae:cd:5b:c8:91:0b:34:32:e2:66:77:98:f0:01:14:
19:7d:e9:3a:d4:96:1e:da:07:7d:1e:b2:8b:77:64:
e8:c8:e5:c1:c7:d9:eb:84:10:db:3a:75:37:55:45:
2c:ac:a2:d6:be:8b:34:8e:b4:72:51:11:62:f1:82:
06:69:e5:91:75:47:c8:ec:c5:14:e1:5a:cc:92:b6:
5e:82:e4:8b:ab:69:5d:3b:5d:76:0a:e1:ef:f5:6c:
75:21:a6:58:9b:28:0b:20:6b:09:6e:74:94:a6:c8:
e4:b4:3b:be:25:93:f5:78:85:1c:4b:7c:29:75:f3:
b5:46:f2:0f:48:45:64:fb:ac:3b:10:7c:82:b0:ad:
c6:53:be:2f:13:09:cd:13:e5:c0:e3:de:70:7a:d7:
ee:6e:82:95:1c:89:10:26:a5:4c:c3:a7:d7:85:51:
fc:85:27:8b:7b:dc:8e:4b:34:82:c8:96:dc:ed:27:
58:88:0c:1c:6b:79:47:99:71:dc:2a:61:dd:ff:54:
32:01:04:f1:47:e3:41:c8:c9:55:37:07:c6:2a:a8:
47:fc:43:75:5c:3d:86:a2:8c:0a:2e:47:b6:26:f3:
45:ca:1e:f1:75:3e:83:70:32:05:bd:b4:e7:2c:26:
79:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F2:0D:08:52:C7:25:0F:F6:E0:B5:22:69:E6:A1:73:FA:10:17:98
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/3vINCFLHJQ_24LUiaeahc_oQF5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.192.0-144.208.203.255
185.50.234.0/24
IPv6:
2a01:aea0:dd3::-2a01:aea0:dd5:ffff:ffff:ffff:ffff:ffff
2a01:aea0:df3::-2a01:aea0:df5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6f:dd:f7:f2:e3:81:d8:2f:83:21:2f:45:60:dd:96:e9:b3:e0:
f4:3a:02:84:3b:50:32:a5:a6:c4:3a:46:a0:db:ce:13:69:bc:
69:e3:66:6f:f5:04:51:ae:af:67:83:eb:6d:ce:d6:a7:8f:aa:
eb:bf:cc:d8:60:92:05:7b:7a:4f:d1:5e:20:11:7f:6d:01:24:
55:f5:4f:a9:e2:c1:09:8d:d1:e6:91:d0:15:7d:6c:79:15:2a:
31:51:24:13:01:e5:9e:af:9b:39:0d:0b:ea:f9:b2:e7:eb:9b:
b4:75:2d:48:60:cf:b3:2c:71:05:1a:93:6f:13:b8:d5:24:14:
39:95:d3:cc:32:84:df:af:1e:59:e4:cb:57:06:da:0c:b7:2f:
05:b8:29:b2:b2:1d:19:bb:c5:fb:8a:01:13:20:8e:4e:09:80:
7f:8f:4f:59:50:3f:59:45:86:db:25:7c:d6:73:79:49:1c:e8:
33:ed:b0:09:9e:0c:f9:e3:e1:20:98:6d:6f:59:c9:8f:56:a6:
c0:af:29:4f:ce:3a:97:87:8b:48:24:4c:b9:6c:a2:87:cd:6c:
c2:8f:fb:35:a9:63:af:0a:d5:93:27:29:ff:73:78:dd:75:e2:
60:fb:50:cc:17:ba:33:5d:07:40:e3:07:03:38:9f:31:1b:60:
bf:6e:20:79
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYRnlYXNI7SJhWlwpy/l4vRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjIxMTExMTY0NjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWYyMGQwODUyYzcyNTBmZjZlMGI1MjI2OWU2YTE3M2ZhMTAxNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4/q45//BlaMkn3PnFGuzVvIkQs0
MuJmd5jwARQZfek61JYe2gd9HrKLd2ToyOXBx9nrhBDbOnU3VUUsrKLWvos0jrRy
URFi8YIGaeWRdUfI7MUU4VrMkrZeguSLq2ldO112CuHv9Wx1IaZYmygLIGsJbnSU
psjktDu+JZP1eIUcS3wpdfO1RvIPSEVk+6w7EHyCsK3GU74vEwnNE+XA495wetfu
boKVHIkQJqVMw6fXhVH8hSeLe9yOSzSCyJbc7SdYiAwca3lHmXHcKmHd/1QyAQTx
R+NByMlVNwfGKqhH/EN1XD2GoowKLke2JvNFyh7xdT6DcDIFvbTnLCZ5wwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFN7yDQhSxyUP9uC1ImnmoXP6EBeYMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvM3ZJTkNGTEhKUV8yNExVaWFlYWhjX29RRjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAaBAIAATAUMAwDBAaQ0MAD
BAKQ0MgDBAC5MuowLgQCAAIwKDASAwcAKgGuoA3TAwcBKgGuoA3UMBIDBwAqAa6g
DfMDBwEqAa6gDfQwDQYJKoZIhvcNAQELBQADggEBAG/d9/LjgdgvgyEvRWDdlumz
4PQ6AoQ7UDKlpsQ6RqDbzhNpvGnjZm/1BFGur2eD623O1qePquu/zNhgkgV7ek/R
XiARf20BJFX1T6niwQmN0eaR0BV9bHkVKjFRJBMB5Z6vmzkNC+r5sufrm7R1LUhg
z7MscQUak28TuNUkFDmV08wyhN+vHlnky1cG2gy3LwW4KbKyHRm7xfuKARMgjk4J
gH+PT1lQP1lFhtslfNZzeUkc6DPtsAmeDPnj4SCYbW9ZyY9WpsCvKU/OOpeHi0gk
TLlsoofNbMKP+zWpY68K1ZMnKf9zeN114mD7UMwXujNdB0DjBwM4nzEbYL9uIHk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:14 2024 by rpki-client on console-fra.rpki-client.org