Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/P1H8WM8kEcjzbZ_TlN_TrmZSac4.roa
File: P1H8WM8kEcjzbZ_TlN_TrmZSac4.roa (raw, json)
Hash identifier: qlkyLeSBtN4Ht04jmhP9bOwMRM9lbfNd+w9fw/b78IQ=
Subject key identifier: 3F:51:FC:58:CF:24:11:C8:F3:6D:9F:D3:94:DF:D3:AE:66:52:69:CE
Certificate issuer: /CN=dfc0b1df0e7bd00045ebe10302c320ffbdba0716
Certificate serial: 17AA2C5C
Authority key identifier: DF:C0:B1:DF:0E:7B:D0:00:45:EB:E1:03:02:C3:20:FF:BD:BA:07:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/P1H8WM8kEcjzbZ_TlN_TrmZSac4.roa
Signing time: Tue 26 Apr 2022 09:56:45 +0000
ROA not before: Tue 26 Apr 2022 09:56:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62290
IP address blocks: 185.24.116.0/23 maxlen: 24
212.102.109.0/24 maxlen: 24
2a00:72a0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 397028444 (0x17aa2c5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfc0b1df0e7bd00045ebe10302c320ffbdba0716
Validity
Not Before: Apr 26 09:56:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f51fc58cf2411c8f36d9fd394dfd3ae665269ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f5:bd:73:75:dd:0e:78:9d:96:92:fc:d6:8c:
15:45:a0:63:f1:04:32:22:ec:77:17:51:07:b5:47:
4d:15:2d:1b:0b:50:a6:bd:65:b9:96:93:0c:52:48:
bc:56:86:9b:3d:69:d3:34:c0:70:bd:14:9a:d9:44:
09:e5:19:f8:c8:99:29:8f:ce:33:ca:7a:8a:f1:3e:
f2:45:a5:5e:b3:bc:0d:52:7c:c3:93:dc:8a:5c:d6:
36:ab:b3:f2:ff:af:32:91:05:dc:21:60:19:df:3e:
9f:6f:3f:5a:f7:34:6e:1d:5b:aa:bc:78:4b:a8:d6:
df:c9:c0:ab:1e:ef:cb:36:7f:6a:04:6c:1c:8d:42:
b3:d2:df:58:51:9a:d8:35:9f:c3:01:db:a5:ce:85:
c0:4a:e5:3f:38:2b:a4:82:e8:3c:14:87:4e:b9:a5:
04:cf:0a:38:fc:85:94:d7:d6:b8:c5:b0:8d:19:11:
ef:aa:6b:cc:b6:75:a0:b1:54:b3:65:2f:a6:77:9e:
fc:e5:60:59:32:32:66:5a:1d:fa:e4:81:21:e2:5b:
11:1c:0c:a4:5a:fb:8c:9e:67:bc:c1:8d:1c:4a:82:
68:0a:66:32:a9:23:a0:9c:04:39:3b:49:5e:c0:c2:
19:30:65:61:a7:a9:93:03:02:eb:06:98:1d:5a:68:
26:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:51:FC:58:CF:24:11:C8:F3:6D:9F:D3:94:DF:D3:AE:66:52:69:CE
X509v3 Authority Key Identifier:
keyid:DF:C0:B1:DF:0E:7B:D0:00:45:EB:E1:03:02:C3:20:FF:BD:BA:07:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/P1H8WM8kEcjzbZ_TlN_TrmZSac4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/38Cx3w570ABF6-EDAsMg_726BxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.116.0/23
212.102.109.0/24
IPv6:
2a00:72a0::/32
Signature Algorithm: sha256WithRSAEncryption
9f:2f:4b:c8:c5:b9:bc:6b:a5:1e:be:2c:4b:e7:62:d5:35:61:
64:75:85:6c:96:a1:c4:08:e5:f8:6d:f1:13:c0:71:78:86:3d:
96:8b:91:7e:a0:bd:9d:d8:18:90:83:ac:23:ae:5d:de:61:c0:
07:51:2d:78:30:ed:60:1f:fb:a1:fd:7b:58:af:1b:d7:5c:1f:
a1:99:c7:9d:31:9e:d3:92:75:b0:3a:07:3c:fb:8e:16:7d:a7:
f1:31:d3:f5:ed:c1:18:b9:31:7a:ec:e6:42:dd:74:1b:6f:90:
6b:ad:a6:d2:57:ab:65:86:34:5a:11:f3:61:46:63:9b:cf:0e:
fb:5b:3d:bf:f5:ba:32:50:e2:90:a4:84:ab:5b:ba:6b:3f:fe:
91:ce:90:55:92:d1:d4:d2:89:cd:5e:ff:f6:56:59:b2:2c:1e:
96:cd:81:e7:e8:06:f0:6c:3d:0a:a3:11:bb:eb:10:2f:48:3d:
61:3c:8d:61:67:d2:f8:33:82:18:af:97:aa:c1:87:c2:91:31:
28:1c:b5:0a:22:73:67:08:12:ee:1b:a5:48:9d:41:35:66:d8:
13:ed:08:50:b0:04:57:1d:4e:c9:45:e1:57:c7:44:11:79:c0:
5b:a0:06:f7:0d:23:7a:4d:50:2e:5c:60:ba:0f:c9:64:19:aa:
2a:49:a1:d5
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEF6osXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmMwYjFkZjBlN2JkMDAwNDVlYmUxMDMwMmMzMjBmZmJkYmEwNzE2MB4XDTIyMDQy
NjA5NTY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Y1MWZjNThjZjI0
MTFjOGYzNmQ5ZmQzOTRkZmQzYWU2NjUyNjljZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANX1vXN13Q54nZaS/NaMFUWgY/EEMiLsdxdRB7VHTRUtGwtQ
pr1luZaTDFJIvFaGmz1p0zTAcL0UmtlECeUZ+MiZKY/OM8p6ivE+8kWlXrO8DVJ8
w5PcilzWNquz8v+vMpEF3CFgGd8+n28/Wvc0bh1bqrx4S6jW38nAqx7vyzZ/agRs
HI1Cs9LfWFGa2DWfwwHbpc6FwErlPzgrpILoPBSHTrmlBM8KOPyFlNfWuMWwjRkR
76przLZ1oLFUs2Uvpnee/OVgWTIyZlod+uSBIeJbERwMpFr7jJ5nvMGNHEqCaApm
MqkjoJwEOTtJXsDCGTBlYaepkwMC6waYHVpoJjMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQ/UfxYzyQRyPNtn9OU39OuZlJpzjAfBgNVHSMEGDAWgBTfwLHfDnvQAEXr
4QMCwyD/vboHFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzM4Q3gzdzU3MEFCRjYtRURBc01nXzcyNkJ4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvYTNjNzc1LTM5YzUtNGJiYi1iMzNlLWQ5MjllMmI3NmQ2OC8x
L1AxSDhXTThrRWNqemJaX1RsTl9Ucm1aU2FjNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
YTNjNzc1LTM5YzUtNGJiYi1iMzNlLWQ5MjllMmI3NmQ2OC8xLzM4Q3gzdzU3MEFC
RjYtRURBc01nXzcyNkJ4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAbkYdAMEANRmbTANBAIAAjAHAwUA
KgByoDANBgkqhkiG9w0BAQsFAAOCAQEAny9LyMW5vGulHr4sS+di1TVhZHWFbJah
xAjl+G3xE8BxeIY9louRfqC9ndgYkIOsI65d3mHAB1EteDDtYB/7of17WK8b11wf
oZnHnTGe05J1sDoHPPuOFn2n8THT9e3BGLkxeuzmQt10G2+Qa62m0lerZYY0WhHz
YUZjm88O+1s9v/W6MlDikKSEq1u6az/+kc6QVZLR1NKJzV7/9lZZsiwels2B5+gG
8Gw9CqMRu+sQL0g9YTyNYWfS+DOCGK+XqsGHwpExKBy1CiJzZwgS7hulSJ1BNWbY
E+0IULAEVx1OyUXhV8dEEXnAW6AG9w0jek1QLlxgug/JZBmqKkmh1Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:14 2023 by rpki-client on console-ams.rpki-client.org