Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/3laFcmVgVzNASTpPbcsV_KCb7CQ.roa
File: 3laFcmVgVzNASTpPbcsV_KCb7CQ.roa (raw, json)
Hash identifier: iETFmMSORV9FxaMG/qRcT3y98Q9bHfHLKx+cqdtQAiE=
Subject key identifier: DE:56:85:72:65:60:57:33:40:49:3A:4F:6D:CB:15:FC:A0:9B:EC:24
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 36603F61
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/3laFcmVgVzNASTpPbcsV_KCb7CQ.roa
Signing time: Sat 01 Jan 2022 13:57:21 +0000
ROA not before: Sat 01 Jan 2022 13:57:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41537
IP address blocks: 93.115.58.0/24 maxlen: 24
85.204.123.0/24 maxlen: 24
77.81.181.0/24 maxlen: 24
31.14.221.0/24 maxlen: 24
31.14.220.0/23 maxlen: 23
31.14.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 912277345 (0x36603f61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 13:57:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de5685726560573340493a4f6dcb15fca09bec24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:da:38:49:ff:0f:19:ac:08:ca:19:22:e9:4f:
41:b6:07:9c:28:0d:c2:f0:2c:b0:d8:67:b0:31:eb:
1f:05:93:76:2f:7b:98:0c:f9:f0:0e:c5:f6:76:80:
87:e4:14:88:c8:5c:d5:87:46:93:45:20:06:3f:57:
18:ff:89:07:1b:b5:8b:e0:c8:5c:79:a3:fb:14:3d:
c0:23:1e:bb:3c:3b:32:af:b6:5f:04:b4:10:ae:e9:
6c:e0:96:ca:c6:c9:9b:2f:0f:1d:e7:bc:f5:b8:92:
d5:fc:da:aa:27:9d:bf:4e:65:92:96:ef:6c:43:01:
ff:72:32:06:27:e4:35:b6:4a:77:7a:01:20:0b:2d:
fe:7b:c7:6e:f6:85:0b:0f:00:3f:48:97:29:23:fe:
5f:a4:bf:a9:b4:11:26:08:fe:24:75:63:cc:fb:df:
c9:85:36:2a:03:da:24:5e:81:81:10:91:cf:7c:2c:
91:34:40:44:a6:63:f4:9e:03:4b:f6:ba:10:1d:ba:
0a:74:09:66:66:15:45:9b:46:cd:d7:e9:3a:ef:2a:
c3:fe:6e:b3:f7:2b:b1:0a:ad:e5:d7:13:e3:7f:35:
22:8e:b9:75:66:80:98:03:e7:64:fb:ce:0d:14:f8:
e0:a6:7e:f8:b1:af:09:f8:a9:47:c2:85:4c:c3:91:
7c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:56:85:72:65:60:57:33:40:49:3A:4F:6D:CB:15:FC:A0:9B:EC:24
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/3laFcmVgVzNASTpPbcsV_KCb7CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.220.0/23
77.81.181.0/24
85.204.123.0/24
93.115.58.0/24
Signature Algorithm: sha256WithRSAEncryption
42:e3:cb:b4:8f:36:02:8a:ca:f7:4d:fd:95:ad:d9:61:72:a3:
34:4c:a5:84:87:a1:10:b6:47:ce:47:ca:62:75:d2:b7:78:a9:
19:81:c2:a9:6e:dc:9b:8c:f4:86:81:e8:71:b5:64:98:53:4d:
7c:a9:73:64:be:c5:76:f2:61:1a:31:12:bd:ab:b6:43:5a:f3:
35:c7:ab:40:e4:c6:04:1b:4f:54:51:a3:53:49:56:23:05:ca:
2a:a4:00:c6:2a:7e:8a:73:56:34:bc:e4:dd:be:bf:5e:c6:8c:
3e:b9:e1:3f:ac:22:2f:6e:7a:47:e5:03:c1:b6:92:4c:39:23:
60:26:b3:3d:f4:12:c3:e6:b5:f6:6c:aa:9a:5d:24:59:53:67:
97:c2:47:84:d3:c9:a6:e2:73:cb:f9:2d:81:20:96:30:89:ea:
30:2c:bb:33:57:a2:0c:81:58:05:c3:d3:88:d7:0a:f8:04:cb:
fc:a4:b9:7d:c9:86:86:7b:93:dd:83:81:38:93:f1:29:76:0f:
f6:b0:12:4a:56:c7:32:1e:11:8e:10:f6:ce:3c:84:1f:1f:55:
92:7d:a8:6e:43:58:a0:d8:be:c7:c7:9d:37:0d:d8:5c:6c:91:
b1:a8:e7:f3:02:07:78:37:3b:ef:04:e7:69:2a:0d:d6:8e:11:
26:74:65:4c
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIENmA/YTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MWQ0NmUwZTNlOGNhYWFlZDRhNTI5YmQ3ZDczMDhiZDFlZjAxYzFkMB4XDTIyMDEw
MTEzNTcyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGU1Njg1NzI2NTYw
NTczMzQwNDkzYTRmNmRjYjE1ZmNhMDliZWMyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbaOEn/DxmsCMoZIulPQbYHnCgNwvAssNhnsDHrHwWTdi97
mAz58A7F9naAh+QUiMhc1YdGk0UgBj9XGP+JBxu1i+DIXHmj+xQ9wCMeuzw7Mq+2
XwS0EK7pbOCWysbJmy8PHee89biS1fzaqiedv05lkpbvbEMB/3IyBifkNbZKd3oB
IAst/nvHbvaFCw8AP0iXKSP+X6S/qbQRJgj+JHVjzPvfyYU2KgPaJF6BgRCRz3ws
kTRARKZj9J4DS/a6EB26CnQJZmYVRZtGzdfpOu8qw/5us/crsQqt5dcT4381Io65
dWaAmAPnZPvODRT44KZ++LGvCfipR8KFTMORfAECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTeVoVyZWBXM0BJOk9tyxX8oJvsJDAfBgNVHSMEGDAWgBTx1G4OPoyqrtSl
Kb19cwi9HvAcHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8x
LzNsYUZjbVZnVnpOQVNUcFBiY3NWX0tDYjdDUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
ODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8xLzhkUnVEajZNcXE3
VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAR8O3AMEAE1RtQMEAFXMewMEAF1z
OjANBgkqhkiG9w0BAQsFAAOCAQEAQuPLtI82AorK9039la3ZYXKjNEylhIehELZH
zkfKYnXSt3ipGYHCqW7cm4z0hoHocbVkmFNNfKlzZL7FdvJhGjESvau2Q1rzNcer
QOTGBBtPVFGjU0lWIwXKKqQAxip+inNWNLzk3b6/XsaMPrnhP6wiL256R+UDwbaS
TDkjYCazPfQSw+a19myqml0kWVNnl8JHhNPJpuJzy/ktgSCWMInqMCy7M1eiDIFY
BcPTiNcK+ATL/KS5fcmGhnuT3YOBOJPxKXYP9rASSlbHMh4RjhD2zjyEHx9Vkn2o
bkNYoNi+x8edNw3YXGyRsajn8wIHeDc77wTnaSoN1o4RJnRlTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org