Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/7TTJDg68TuFN9bEgjSJNbLd2V5Q.roa
File: 7TTJDg68TuFN9bEgjSJNbLd2V5Q.roa (raw, json)
Hash identifier: BczqyyqPZV+gq5PcgtfWNBZHiCpWnOT1hbhY7kw8UDA=
Subject key identifier: ED:34:C9:0E:0E:BC:4E:E1:4D:F5:B1:20:8D:22:4D:6C:B7:76:57:94
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 109E5E53
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/7TTJDg68TuFN9bEgjSJNbLd2V5Q.roa
Signing time: Sat 01 Jan 2022 13:59:25 +0000
ROA not before: Sat 01 Jan 2022 13:59:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42615
IP address blocks: 185.186.11.0/24 maxlen: 24
2a0b:6b81:3::/48 maxlen: 48
2a0b:6b81:1::/48 maxlen: 48
2a0b:6b81:4::/48 maxlen: 48
2a0b:6b82::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278814291 (0x109e5e53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 1 13:59:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed34c90e0ebc4ee14df5b1208d224d6cb7765794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f7:20:5f:06:4e:3b:d0:ed:07:63:98:60:63:
f3:a9:b4:67:2d:b9:73:76:a2:0e:79:d1:21:c8:3f:
9b:c4:36:1e:da:b5:f9:ac:db:36:e5:1b:e6:d7:cf:
44:89:a5:29:19:f0:2a:68:2d:01:5c:b5:95:b9:03:
68:92:bc:8f:ee:0a:46:7f:f0:af:31:80:f9:62:10:
23:ec:64:a6:98:1c:e3:16:b6:59:77:ec:ce:c4:42:
32:82:79:4e:86:4d:06:05:92:75:c4:66:f0:18:45:
09:cb:60:ef:0a:e5:3a:ed:20:76:f0:19:43:2b:f1:
14:29:55:db:ad:33:1a:fe:9f:4f:df:f9:05:ea:e8:
0c:52:65:d1:5e:5b:4e:49:4f:f0:72:2c:16:f7:f8:
c4:13:8c:78:83:7f:db:e7:66:41:bd:7b:f0:98:4a:
44:0b:1a:84:34:96:e6:a8:47:0a:7f:1c:13:4b:75:
86:15:92:03:2e:0d:8d:ee:34:af:e4:2a:5e:69:84:
71:09:c4:df:27:55:38:34:2f:b5:13:09:28:24:15:
dd:80:ee:32:c4:4a:fe:a4:a1:13:ba:31:84:b1:e7:
09:d5:d9:f4:59:74:c2:77:36:01:7f:ec:10:ed:b6:
ac:e5:07:c2:3d:86:c3:f8:8c:0b:4f:a1:6f:99:07:
e3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:34:C9:0E:0E:BC:4E:E1:4D:F5:B1:20:8D:22:4D:6C:B7:76:57:94
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/7TTJDg68TuFN9bEgjSJNbLd2V5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.11.0/24
IPv6:
2a0b:6b81:1::/48
2a0b:6b81:3::-2a0b:6b81:4:ffff:ffff:ffff:ffff:ffff
2a0b:6b82::/32
Signature Algorithm: sha256WithRSAEncryption
7b:42:d9:f6:4b:b0:f3:5a:f7:4e:ed:dd:4a:22:1d:3b:5a:44:
9c:be:ea:b4:89:34:08:12:e4:1e:7d:60:9a:c6:2a:4c:4e:f4:
cd:81:0b:d3:b5:1a:f6:43:1b:ec:20:22:97:40:a9:2f:1b:05:
c3:a2:70:54:01:76:4e:ca:8f:4b:be:60:4b:d3:c4:1b:4b:0f:
cf:cf:3f:5d:49:49:4e:46:d1:2c:82:df:da:2b:9c:66:f5:f8:
93:ed:83:bb:ed:43:b6:a5:f0:ae:5d:01:cc:e5:d2:b7:3f:a6:
22:56:80:26:7f:4c:11:4d:3b:f7:36:96:34:6a:d3:5d:43:e8:
bd:44:f8:33:23:9f:4f:f6:ec:22:35:d9:b8:ed:35:b9:1d:9f:
1a:3e:86:e6:00:17:97:c0:b6:5b:7a:94:3a:5c:da:46:bf:ba:
42:f7:ad:ad:fd:b0:7c:42:ad:65:36:0e:92:2f:57:da:46:44:
d8:36:e1:03:99:17:1c:14:71:03:f8:da:8c:91:78:95:6d:06:
46:66:20:04:c3:0b:33:11:c0:27:4a:6b:8d:bf:f0:eb:b1:34:
1a:4f:8e:49:a7:4b:b6:fb:77:10:8a:df:16:a9:84:d4:14:43:
23:01:eb:78:21:85:ce:50:cc:83:19:4e:10:c9:7f:7e:1a:71:
5b:cf:18:31
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEEJ5eUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzViYzliYjU0N2UyNzc4OGQyMjFiYzhiYmQ1ZmIwMmUwMjQ0ODBmMB4XDTIyMDEw
MTEzNTkyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQzNGM5MGUwZWJj
NGVlMTRkZjViMTIwOGQyMjRkNmNiNzc2NTc5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANf3IF8GTjvQ7QdjmGBj86m0Zy25c3aiDnnRIcg/m8Q2Htq1
+azbNuUb5tfPRImlKRnwKmgtAVy1lbkDaJK8j+4KRn/wrzGA+WIQI+xkppgc4xa2
WXfszsRCMoJ5ToZNBgWSdcRm8BhFCctg7wrlOu0gdvAZQyvxFClV260zGv6fT9/5
BeroDFJl0V5bTklP8HIsFvf4xBOMeIN/2+dmQb178JhKRAsahDSW5qhHCn8cE0t1
hhWSAy4Nje40r+QqXmmEcQnE3ydVODQvtRMJKCQV3YDuMsRK/qShE7oxhLHnCdXZ
9Fl0wnc2AX/sEO22rOUHwj2Gw/iMC0+hb5kH4z0CAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBTtNMkODrxO4U31sSCNIk1st3ZXlDAfBgNVHSMEGDAWgBSDW8m7VH4neI0i
G8i71fsC4CRIDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2cxdkp1MVItSjNpTklodkl1OVg3QXVBa1NBOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvOTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8x
LzdUVEpEZzY4VHVGTjliRWdqU0pOYkxkMlY1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
OTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8xL2cxdkp1MVItSjNp
Tklodkl1OVg3QXVBa1NBOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowDAQCAAEwBgMEALm6CzAqBAIAAjAkAwcAKgtrgQAB
MBIDBwAqC2uBAAMDBwAqC2uBAAQDBQAqC2uCMA0GCSqGSIb3DQEBCwUAA4IBAQB7
Qtn2S7DzWvdO7d1KIh07WkScvuq0iTQIEuQefWCaxipMTvTNgQvTtRr2QxvsICKX
QKkvGwXDonBUAXZOyo9LvmBL08QbSw/Pzz9dSUlORtEsgt/aK5xm9fiT7YO77UO2
pfCuXQHM5dK3P6YiVoAmf0wRTTv3NpY0atNdQ+i9RPgzI59P9uwiNdm47TW5HZ8a
PobmABeXwLZbepQ6XNpGv7pC962t/bB8Qq1lNg6SL1faRkTYNuEDmRccFHED+NqM
kXiVbQZGZiAEwwszEcAnSmuNv/DrsTQaT45Jp0u2+3cQit8WqYTUFEMjAet4IYXO
UMyDGU4QyX9+GnFbzxgx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:50 2023 by rpki-client on console-fra.rpki-client.org