Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/3lDhgmOOE79ikTxlx4bJwLZ4a0c.roa
File: 3lDhgmOOE79ikTxlx4bJwLZ4a0c.roa (raw, json)
Hash identifier: ys0Cw7+dNsbp553yBLQUJK8FkT44o2S1OSLOBSi16k8=
Subject key identifier: DE:50:E1:82:63:8E:13:BF:62:91:3C:65:C7:86:C9:C0:B6:78:6B:47
Certificate issuer: /CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Certificate serial: 018331A60FFED22498BE53A19662B6FB258B
Authority key identifier: D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/3lDhgmOOE79ikTxlx4bJwLZ4a0c.roa
Signing time: Mon 12 Sep 2022 12:21:50 +0000
ROA not before: Mon 12 Sep 2022 12:21:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 185.13.208.0/22 maxlen: 24
2a03:a540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:31:a6:0f:fe:d2:24:98:be:53:a1:96:62:b6:fb:25:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Validity
Not Before: Sep 12 12:21:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de50e182638e13bf62913c65c786c9c0b6786b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1c:9c:33:1f:5d:ff:4a:f3:0a:9b:04:6b:10:
49:ef:3c:ce:67:37:8c:40:60:d4:23:ab:09:e1:68:
c2:4c:e4:6a:a7:6d:65:df:ab:bc:92:ff:3b:8d:f9:
59:e4:0d:30:5f:bf:10:5f:14:36:b4:8b:fa:fa:4f:
93:81:1c:27:3f:ce:e2:5c:97:6f:06:66:32:16:f9:
42:a1:ec:76:19:5c:39:91:74:a4:c6:ec:47:df:e2:
d1:82:78:5c:ee:79:f2:81:44:dd:cd:c3:3f:d8:2f:
ea:c6:a3:7b:56:7a:98:1c:f0:f0:e9:d6:c5:19:ce:
6a:de:cf:ac:e5:40:7f:d1:f7:24:f4:8d:ee:54:f8:
f5:d1:0e:d5:ca:c7:9f:2d:ba:96:38:95:78:83:83:
09:cb:03:4d:06:de:80:81:7e:92:b0:69:5e:67:2c:
9c:46:6f:59:2a:ca:ac:5d:7f:7a:4a:46:0c:82:09:
f7:dc:fa:b3:90:77:19:90:61:1a:4b:22:10:7d:f6:
3e:6e:f7:d4:09:0e:ad:cd:ba:aa:99:b0:b7:48:72:
7c:84:5a:f9:01:91:31:92:00:c7:42:7e:e6:6d:bd:
f9:d9:53:38:c4:d1:ea:24:b6:b0:76:74:09:71:3c:
55:9c:8a:43:9f:b2:91:91:9d:24:35:a0:fe:a3:67:
85:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:50:E1:82:63:8E:13:BF:62:91:3C:65:C7:86:C9:C0:B6:78:6B:47
X509v3 Authority Key Identifier:
keyid:D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/3lDhgmOOE79ikTxlx4bJwLZ4a0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.208.0/22
IPv6:
2a03:a540::/32
Signature Algorithm: sha256WithRSAEncryption
99:81:e7:08:72:45:18:cc:ce:b1:4e:8c:2b:ed:23:b2:c9:84:
92:72:05:c2:32:1d:2f:37:69:16:c5:80:fd:3d:24:f2:87:f8:
c0:7a:2b:0e:01:8c:17:e2:58:99:b0:07:c3:71:03:2a:cc:e9:
91:d1:7f:02:4a:72:ce:15:8f:f0:ce:fb:b3:41:71:50:16:81:
99:08:03:a8:ef:9a:41:d6:79:83:5a:4b:fc:45:a5:a3:03:73:
5d:bd:59:c5:2e:da:1b:16:52:20:a0:58:ee:d0:66:e9:40:a3:
75:c4:ae:f5:86:48:a8:70:03:5a:7f:90:b0:6a:5a:5b:2c:ce:
70:86:0b:06:5a:35:c0:66:4b:e9:1d:21:25:31:e1:a4:be:d5:
e6:33:bc:02:75:1e:25:ca:a2:f2:16:ae:03:47:af:ec:76:8c:
ed:be:a7:3a:1b:b3:40:66:eb:f4:47:fd:60:c0:56:de:e2:4b:
a7:f1:da:1b:10:02:81:27:a0:2f:70:ca:eb:ea:99:b8:f0:eb:
59:78:b6:12:7d:17:f7:da:68:c0:37:59:44:d5:6e:81:eb:2f:
f1:bb:b5:96:68:40:d2:dc:ad:b4:d7:73:6f:92:e5:b0:26:06:
02:1a:be:ce:ea:93:e3:d2:10:03:07:92:09:55:75:11:ad:f7:
03:64:ba:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYMxpg/+0iSYvlOhlmK2+yWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZmQzNDM2ZDdhMTlhNzM0M2ZhODAwZDg3YTAxYWYxODNk
YTMxOGIwHhcNMjIwOTEyMTIyMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTUwZTE4MjYzOGUxM2JmNjI5MTNjNjVjNzg2YzljMGI2Nzg2YjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhycMx9d/0rzCpsEaxBJ7zzOZzeM
QGDUI6sJ4WjCTORqp21l36u8kv87jflZ5A0wX78QXxQ2tIv6+k+TgRwnP87iXJdv
BmYyFvlCoex2GVw5kXSkxuxH3+LRgnhc7nnygUTdzcM/2C/qxqN7VnqYHPDw6dbF
Gc5q3s+s5UB/0fck9I3uVPj10Q7VysefLbqWOJV4g4MJywNNBt6AgX6SsGleZyyc
Rm9ZKsqsXX96SkYMggn33PqzkHcZkGEaSyIQffY+bvfUCQ6tzbqqmbC3SHJ8hFr5
AZExkgDHQn7mbb352VM4xNHqJLawdnQJcTxVnIpDn7KRkZ0kNaD+o2eFEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN5Q4YJjjhO/YpE8ZceGycC2eGtHMB8GA1UdIwQY
MBaAFNH9NDbXoZpzQ/qADYegGvGD2jGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMt
MzlhNjZjYmUxZTRkLzEvM2xEaGdtT09FNzlpa1R4bHg0Ykp3TFo0YTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMtMzlhNjZjYmUxZTRk
LzEvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ3QMA0E
AgACMAcDBQAqA6VAMA0GCSqGSIb3DQEBCwUAA4IBAQCZgecIckUYzM6xTowr7SOy
yYSScgXCMh0vN2kWxYD9PSTyh/jAeisOAYwX4liZsAfDcQMqzOmR0X8CSnLOFY/w
zvuzQXFQFoGZCAOo75pB1nmDWkv8RaWjA3NdvVnFLtobFlIgoFju0GbpQKN1xK71
hkiocANaf5CwalpbLM5whgsGWjXAZkvpHSElMeGkvtXmM7wCdR4lyqLyFq4DR6/s
doztvqc6G7NAZuv0R/1gwFbe4kun8dobEAKBJ6AvcMrr6pm48OtZeLYSfRf32mjA
N1lE1W6B6y/xu7WWaEDS3K2013NvkuWwJgYCGr7O6pPj0hADB5IJVXURrfcDZLqM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:02 2024 by rpki-client on console-ams.rpki-client.org