Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/3CSIvbiVepXhx5CgFysbHGW7cCE.roa
File: 3CSIvbiVepXhx5CgFysbHGW7cCE.roa (raw, json)
Hash identifier: CtdNj8xYz6FJvO6dzhCfAxlcCoLyXoXPZFDpWK/NA5U=
Subject key identifier: DC:24:88:BD:B8:95:7A:95:E1:C7:90:A0:17:2B:1B:1C:65:BB:70:21
Certificate issuer: /CN=c1db67b85104e4db598fea15678699c92473bda0
Certificate serial: 018A1EBD5AF3D6DC8B2FBD91F590B3E1BC23
Authority key identifier: C1:DB:67:B8:51:04:E4:DB:59:8F:EA:15:67:86:99:C9:24:73:BD:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdtnuFEE5NtZj-oVZ4aZySRzvaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/3CSIvbiVepXhx5CgFysbHGW7cCE.roa
Signing time: Tue 22 Aug 2023 19:34:00 +0000
ROA not before: Tue 22 Aug 2023 19:34:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208626
IP address blocks: 185.64.76.0/24 maxlen: 24
2a0c:dd80:1000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1e:bd:5a:f3:d6:dc:8b:2f:bd:91:f5:90:b3:e1:bc:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1db67b85104e4db598fea15678699c92473bda0
Validity
Not Before: Aug 22 19:34:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc2488bdb8957a95e1c790a0172b1b1c65bb7021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:b8:89:c0:0c:94:64:0c:e9:38:f1:bb:23:42:
d9:e7:cc:3f:98:af:92:94:96:d0:66:65:97:67:49:
24:67:1c:95:33:03:c7:ce:de:14:12:90:49:5a:17:
2f:55:fc:ee:7d:b8:54:a8:08:27:91:88:ef:07:b9:
46:04:ba:98:45:84:bc:db:ea:3f:24:04:3c:84:06:
ee:80:50:40:80:af:25:a9:a5:ca:ee:77:45:2b:8d:
29:cf:b7:24:73:c2:3b:a5:c9:23:fc:42:88:a3:93:
57:1f:d4:9d:2c:a6:c4:a4:f0:42:20:7c:69:b1:50:
6c:81:05:8f:92:85:ab:72:41:06:ef:dd:5b:e1:0f:
e2:6c:48:78:76:49:11:b2:05:08:21:2c:f9:06:d4:
63:2f:ec:81:27:0e:54:e3:52:5f:aa:86:78:3c:7c:
d1:2d:37:6d:06:c9:d5:ef:2a:85:f0:69:ed:79:96:
3f:6b:99:64:5c:e7:09:eb:a0:7e:6b:b7:36:f9:43:
71:5f:65:95:e0:44:1a:88:a8:70:cd:36:35:9a:a8:
7f:93:79:27:b3:2a:9a:4a:cc:dd:2d:76:e8:b4:84:
2a:fc:fd:7d:2e:26:1a:e4:3e:3a:31:2c:99:92:e0:
68:9d:0e:44:94:06:a3:13:c0:1c:ca:78:60:1f:5a:
10:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:24:88:BD:B8:95:7A:95:E1:C7:90:A0:17:2B:1B:1C:65:BB:70:21
X509v3 Authority Key Identifier:
keyid:C1:DB:67:B8:51:04:E4:DB:59:8F:EA:15:67:86:99:C9:24:73:BD:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdtnuFEE5NtZj-oVZ4aZySRzvaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/3CSIvbiVepXhx5CgFysbHGW7cCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/wdtnuFEE5NtZj-oVZ4aZySRzvaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.76.0/24
IPv6:
2a0c:dd80:1000::/48
Signature Algorithm: sha256WithRSAEncryption
a0:1f:0c:cf:42:5b:5d:23:f9:22:e8:0b:25:bf:94:e6:2a:3d:
08:12:5c:07:33:68:5f:4d:0e:e9:8c:ba:85:41:a5:0a:7a:bd:
3f:37:5b:11:9a:50:e3:b2:da:ec:30:5c:ba:f2:26:05:84:ce:
d0:15:8e:8b:2f:00:d7:26:75:19:9f:75:9d:47:15:08:f6:54:
3b:da:b1:e1:48:6c:ae:17:ad:9d:85:7d:d6:f8:13:62:e7:a9:
cf:e0:a8:47:1f:c3:1b:62:40:8d:9f:55:b6:9b:08:4c:98:21:
65:b4:7c:35:fb:bf:74:86:4e:25:fb:b0:af:e8:40:22:e1:81:
b8:0f:b4:f4:5e:97:53:1b:de:fd:f5:93:8b:12:36:48:a7:d2:
6f:df:7a:4a:16:ae:2b:20:62:3a:db:2e:7a:43:44:2d:f6:7c:
ec:bf:b7:18:49:ac:9f:98:2d:97:e3:4f:8b:4f:93:2b:cd:15:
cc:78:bb:d1:52:1d:4f:a1:e2:78:2f:23:ad:6a:9f:c5:b7:8c:
db:8e:65:70:23:6b:45:c4:37:c0:df:02:2d:f5:31:b7:01:ec:
1e:35:a1:84:d7:d3:3e:3b:da:ab:db:c7:a6:01:5b:fa:f1:44:
a2:ab:cd:9a:b1:16:f0:bc:80:99:5a:00:96:7e:90:55:33:61:
56:58:a0:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoevVrz1tyLL72R9ZCz4bwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZGI2N2I4NTEwNGU0ZGI1OThmZWExNTY3ODY5OWM5MjQ3
M2JkYTAwHhcNMjMwODIyMTkzNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzI0ODhiZGI4OTU3YTk1ZTFjNzkwYTAxNzJiMWIxYzY1YmI3MDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67iJwAyUZAzpOPG7I0LZ58w/mK+S
lJbQZmWXZ0kkZxyVMwPHzt4UEpBJWhcvVfzufbhUqAgnkYjvB7lGBLqYRYS82+o/
JAQ8hAbugFBAgK8lqaXK7ndFK40pz7ckc8I7pckj/EKIo5NXH9SdLKbEpPBCIHxp
sVBsgQWPkoWrckEG791b4Q/ibEh4dkkRsgUIISz5BtRjL+yBJw5U41JfqoZ4PHzR
LTdtBsnV7yqF8GnteZY/a5lkXOcJ66B+a7c2+UNxX2WV4EQaiKhwzTY1mqh/k3kn
syqaSszdLXbotIQq/P19LiYa5D46MSyZkuBonQ5ElAajE8AcynhgH1oQbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNwkiL24lXqV4ceQoBcrGxxlu3AhMB8GA1UdIwQY
MBaAFMHbZ7hRBOTbWY/qFWeGmckkc72gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2R0bnVGRUU1TnRaai1vVlo0YVp5U1J6dmFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82YTY1MzUtNmY0Mi00ZjJkLTllYjkt
N2Q0YzhmMzdmNWZkLzEvM0NTSXZiaVZlcFhoeDVDZ0Z5c2JIR1c3Y0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82YTY1MzUtNmY0Mi00ZjJkLTllYjktN2Q0YzhmMzdmNWZk
LzEvd2R0bnVGRUU1TnRaai1vVlo0YVp5U1J6dmFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuUBMMA8E
AgACMAkDBwAqDN2AEAAwDQYJKoZIhvcNAQELBQADggEBAKAfDM9CW10j+SLoCyW/
lOYqPQgSXAczaF9NDumMuoVBpQp6vT83WxGaUOOy2uwwXLryJgWEztAVjosvANcm
dRmfdZ1HFQj2VDvaseFIbK4XrZ2Ffdb4E2Lnqc/gqEcfwxtiQI2fVbabCEyYIWW0
fDX7v3SGTiX7sK/oQCLhgbgPtPRel1Mb3v31k4sSNkin0m/fekoWrisgYjrbLnpD
RC32fOy/txhJrJ+YLZfjT4tPkyvNFcx4u9FSHU+h4ngvI61qn8W3jNuOZXAja0XE
N8DfAi31MbcB7B41oYTX0z472qvbx6YBW/rxRKKrzZqxFvC8gJlaAJZ+kFUzYVZY
oHY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:15 2025 by rpki-client