Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/397N8A3OVL_kF8IcCroJvKdfnVM.roa
File: 397N8A3OVL_kF8IcCroJvKdfnVM.roa (raw, json)
Hash identifier: J+Gik8zK/gPxQPLtS+yTPox35DersNms6RKNSKtNrHE=
Subject key identifier: DF:DE:CD:F0:0D:CE:54:BF:E4:17:C2:1C:0A:BA:09:BC:A7:5F:9D:53
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 01828301FCFBC8F03F6CC4B5C6BB40F6AE17
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/397N8A3OVL_kF8IcCroJvKdfnVM.roa
Signing time: Tue 09 Aug 2022 14:28:41 +0000
ROA not before: Tue 09 Aug 2022 14:28:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34871
IP address blocks: 185.240.151.0/24 maxlen: 24
185.240.148.0/22 maxlen: 22
185.240.150.0/24 maxlen: 24
195.238.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:83:01:fc:fb:c8:f0:3f:6c:c4:b5:c6:bb:40:f6:ae:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Aug 9 14:28:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfdecdf00dce54bfe417c21c0aba09bca75f9d53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a6:bf:22:e1:a5:b0:fb:02:c0:0c:b1:fb:5e:
80:52:07:79:af:13:44:c5:38:a2:05:e9:5a:c0:e1:
f6:a6:d2:38:66:51:ae:8f:18:66:95:9a:b1:f7:47:
5d:3c:ff:18:d3:1f:aa:d7:e1:6d:f8:a7:8b:cb:cb:
46:88:bf:37:20:98:60:06:c9:a6:e2:a2:f2:cb:b4:
fd:32:af:d8:5a:c4:24:a6:9c:00:fc:e7:cb:19:96:
1a:f0:81:36:2b:9d:8f:27:0a:15:78:1f:7c:16:9a:
b6:12:6e:43:fc:52:bc:33:8a:bf:68:cf:aa:13:07:
6c:06:24:f6:57:53:da:51:6e:ca:e3:d8:65:3b:e3:
87:64:b3:f3:29:52:7f:93:d1:b9:0b:1e:80:20:b8:
8d:55:9e:e0:76:c2:e3:fe:7f:b1:17:1f:09:30:99:
c0:71:e5:ec:33:2d:6c:bf:5e:32:1b:f6:f5:85:1d:
c9:15:96:9f:58:34:0a:81:8c:f4:e8:21:ed:43:39:
06:6a:8a:19:e7:2a:67:a8:84:44:8f:22:38:0a:98:
35:8d:d0:79:6f:26:3a:68:e5:fd:d4:42:a0:55:77:
ae:a9:65:e6:e1:e5:04:c9:6f:05:35:33:91:3b:2d:
46:8c:df:a9:69:e2:08:1c:ba:0f:47:14:d3:63:a1:
75:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DE:CD:F0:0D:CE:54:BF:E4:17:C2:1C:0A:BA:09:BC:A7:5F:9D:53
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/397N8A3OVL_kF8IcCroJvKdfnVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.148.0/22
195.238.240.0/24
Signature Algorithm: sha256WithRSAEncryption
80:c4:b7:4e:eb:d5:55:42:65:b6:16:91:17:ad:5c:b6:21:16:
cd:30:90:f0:f4:6b:56:0c:2e:ca:3a:d1:0a:d2:4d:28:8e:b6:
4f:a4:3c:7f:e4:30:b3:c6:09:64:b4:94:71:52:01:ca:de:ff:
3d:37:e1:04:7e:0a:e1:cb:35:e3:61:56:c9:2d:d4:92:35:0d:
f6:8c:ab:fb:01:ad:18:66:75:cb:53:56:f1:62:a1:7d:6a:03:
52:ea:8f:08:7b:7f:c5:78:9b:c4:b1:fe:9a:c4:1e:86:41:f1:
52:5f:43:6d:ac:1f:66:14:4b:b5:e6:db:e9:10:9f:44:25:6d:
aa:19:b2:70:14:38:de:cd:e9:30:29:91:75:7a:1f:88:2e:91:
7e:1a:3b:5a:59:6b:5c:39:e9:16:b8:78:09:eb:f9:ab:a9:ac:
19:21:12:80:5d:cd:9d:87:39:ba:e0:27:6e:84:b2:3b:30:eb:
22:ca:2e:a8:55:8d:bc:08:48:67:38:cc:23:cc:39:c7:88:3f:
84:83:2f:29:ef:fe:8a:81:99:c7:df:87:ab:83:00:9e:b2:97:
5c:b0:17:16:fb:aa:d1:7e:62:bb:35:a6:98:5a:b9:18:9d:59:
e5:d5:5c:55:74:b3:11:65:4f:4d:96:b2:f7:fe:ac:50:0e:e3:
02:c5:d5:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKDAfz7yPA/bMS1xrtA9q4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjIwODA5MTQyODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmRlY2RmMDBkY2U1NGJmZTQxN2MyMWMwYWJhMDliY2E3NWY5ZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqa/IuGlsPsCwAyx+16AUgd5rxNE
xTiiBelawOH2ptI4ZlGujxhmlZqx90ddPP8Y0x+q1+Ft+KeLy8tGiL83IJhgBsmm
4qLyy7T9Mq/YWsQkppwA/OfLGZYa8IE2K52PJwoVeB98Fpq2Em5D/FK8M4q/aM+q
EwdsBiT2V1PaUW7K49hlO+OHZLPzKVJ/k9G5Cx6AILiNVZ7gdsLj/n+xFx8JMJnA
ceXsMy1sv14yG/b1hR3JFZafWDQKgYz06CHtQzkGaooZ5ypnqIREjyI4Cpg1jdB5
byY6aOX91EKgVXeuqWXm4eUEyW8FNTOROy1GjN+paeIIHLoPRxTTY6F1VwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN/ezfANzlS/5BfCHAq6CbynX51TMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvMzk3TjhBM09WTF9rRjhJY0Nyb0p2S2RmblZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCufCUAwQA
w+7wMA0GCSqGSIb3DQEBCwUAA4IBAQCAxLdO69VVQmW2FpEXrVy2IRbNMJDw9GtW
DC7KOtEK0k0ojrZPpDx/5DCzxglktJRxUgHK3v89N+EEfgrhyzXjYVbJLdSSNQ32
jKv7Aa0YZnXLU1bxYqF9agNS6o8Ie3/FeJvEsf6axB6GQfFSX0NtrB9mFEu15tvp
EJ9EJW2qGbJwFDjezekwKZF1eh+ILpF+GjtaWWtcOekWuHgJ6/mrqawZIRKAXc2d
hzm64CduhLI7MOsiyi6oVY28CEhnOMwjzDnHiD+Egy8p7/6KgZnH34ergwCespdc
sBcW+6rRfmK7NaaYWrkYnVnl1VxVdLMRZU9NlrL3/qxQDuMCxdVP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:05 2024 by rpki-client on console-fra.rpki-client.org