Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/3dr4FkxM5yfPxiDRJFU610SJt00.roa
File: 3dr4FkxM5yfPxiDRJFU610SJt00.roa (raw, json)
Hash identifier: SGOpdsIwVpva69nbIemzz7i9rBpylHUs9M+sVTx5yTs=
Subject key identifier: DD:DA:F8:16:4C:4C:E7:27:CF:C6:20:D1:24:55:3A:D7:44:89:B7:4D
Certificate issuer: /CN=206f6808e0604697270faa3c3db159f7fe98ecdd
Certificate serial: 0C2899C7
Authority key identifier: 20:6F:68:08:E0:60:46:97:27:0F:AA:3C:3D:B1:59:F7:FE:98:EC:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/3dr4FkxM5yfPxiDRJFU610SJt00.roa
Signing time: Sat 01 Jan 2022 12:58:11 +0000
ROA not before: Sat 01 Jan 2022 12:58:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209888
IP address blocks: 185.180.216.0/22 maxlen: 24
2a0a:af80::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203987399 (0xc2899c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f6808e0604697270faa3c3db159f7fe98ecdd
Validity
Not Before: Jan 1 12:58:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dddaf8164c4ce727cfc620d124553ad74489b74d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b7:56:49:95:61:26:25:f4:83:96:a5:98:bb:
36:48:82:ec:b7:f5:02:1b:76:09:d7:50:f7:85:93:
ef:f3:98:d9:8e:3e:39:fb:fd:f8:65:48:4b:ee:d9:
04:65:38:a5:a4:e4:fb:da:d2:29:e3:6a:90:f7:c3:
dc:37:cb:2c:df:f3:76:7d:1f:f9:41:9f:10:90:fc:
d5:bb:85:d3:52:9b:c9:e3:5c:ab:98:fc:7e:ad:fb:
0a:a1:7d:a8:a1:c9:21:d1:83:25:9a:14:75:55:94:
20:d1:0a:a1:cb:37:4a:51:67:8d:f0:1b:03:f8:03:
04:86:82:cc:da:4f:da:84:14:61:7d:e6:47:7e:e1:
60:6b:e4:dd:16:49:e4:27:5f:4a:99:55:b7:0d:00:
cc:73:c5:aa:81:ef:08:2c:cc:4c:10:5d:35:bd:29:
a4:87:d0:93:c6:48:ad:af:d7:09:42:4b:0f:62:00:
59:74:75:e3:fd:ac:91:fd:ad:ea:84:05:74:6d:6c:
87:ca:f1:4f:8b:48:56:d5:77:8e:2c:cb:ce:50:6e:
c3:e1:0b:ba:2b:7b:46:bb:93:56:e1:aa:0a:3b:25:
56:d4:76:5e:fe:da:9b:97:da:9e:08:a0:99:f4:37:
be:67:43:75:16:57:e3:93:f1:7a:de:91:f6:5b:6e:
2f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:DA:F8:16:4C:4C:E7:27:CF:C6:20:D1:24:55:3A:D7:44:89:B7:4D
X509v3 Authority Key Identifier:
keyid:20:6F:68:08:E0:60:46:97:27:0F:AA:3C:3D:B1:59:F7:FE:98:EC:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/3dr4FkxM5yfPxiDRJFU610SJt00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.216.0/22
IPv6:
2a0a:af80::/29
Signature Algorithm: sha256WithRSAEncryption
3c:4b:13:47:57:bf:bf:20:f0:e0:f2:ef:66:61:25:a8:e3:85:
3b:55:37:a0:35:c7:f5:ae:9d:87:ab:8c:3a:a1:ae:98:b3:03:
6c:66:c3:45:6e:b6:f7:70:5c:61:22:46:1d:27:de:7c:5a:af:
7a:54:5b:ae:b9:1e:a2:54:c6:15:35:c2:3f:c0:77:bc:ea:2f:
08:b4:61:ed:0b:b6:35:10:8f:f4:71:99:2b:e3:df:29:f6:be:
fd:c0:d5:ac:7c:20:be:36:25:c6:12:b3:cc:2a:e4:90:e0:03:
e2:65:5c:c5:e3:31:ac:7e:b9:f3:d8:63:1e:a1:9e:45:4c:67:
01:47:18:6c:61:3c:14:2b:b9:bf:60:d4:70:62:ce:85:f5:09:
3f:52:7e:dc:36:46:2f:c4:18:41:d8:09:91:96:14:2e:b4:70:
c9:3d:2f:06:9a:62:f6:31:ff:dc:d2:43:b3:f7:e9:95:12:a1:
e6:f9:15:33:92:f3:58:11:7e:61:40:22:60:86:d7:c3:a0:bb:
a0:a4:fe:6e:c0:54:bd:9e:51:c5:be:4c:8e:c4:47:81:aa:07:
91:1e:0e:b6:bd:7b:bf:4f:96:4b:6c:c2:36:36:74:65:12:aa:
63:04:cd:80:d0:22:ff:55:eb:aa:0c:9c:84:c3:10:45:3d:61:
83:bb:c5:43
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDCiZxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDZmNjgwOGUwNjA0Njk3MjcwZmFhM2MzZGIxNTlmN2ZlOThlY2RkMB4XDTIyMDEw
MTEyNTgxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRkYWY4MTY0YzRj
ZTcyN2NmYzYyMGQxMjQ1NTNhZDc0NDg5Yjc0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM63VkmVYSYl9IOWpZi7NkiC7Lf1Aht2CddQ94WT7/OY2Y4+
Ofv9+GVIS+7ZBGU4paTk+9rSKeNqkPfD3DfLLN/zdn0f+UGfEJD81buF01KbyeNc
q5j8fq37CqF9qKHJIdGDJZoUdVWUINEKocs3SlFnjfAbA/gDBIaCzNpP2oQUYX3m
R37hYGvk3RZJ5CdfSplVtw0AzHPFqoHvCCzMTBBdNb0ppIfQk8ZIra/XCUJLD2IA
WXR14/2skf2t6oQFdG1sh8rxT4tIVtV3jizLzlBuw+ELuit7RruTVuGqCjslVtR2
Xv7am5fangigmfQ3vmdDdRZX45Pxet6R9ltuL4sCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTd2vgWTEznJ8/GINEkVTrXRIm3TTAfBgNVHSMEGDAWgBQgb2gI4GBGlycP
qjw9sVn3/pjs3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lHOW9DT0JnUnBjbkQ2bzhQYkZaOV82WTdOMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWQvMjY1ZDNhLWFlZDYtNGJlMi1iNDJlLWViNjJlOGM0ZGZhOS8x
LzNkcjRGa3hNNXlmUHhpRFJKRlU2MTBTSnQwMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQv
MjY1ZDNhLWFlZDYtNGJlMi1iNDJlLWViNjJlOGM0ZGZhOS8xL0lHOW9DT0JnUnBj
bkQ2bzhQYkZaOV82WTdOMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArm02DANBAIAAjAHAwUDKgqvgDAN
BgkqhkiG9w0BAQsFAAOCAQEAPEsTR1e/vyDw4PLvZmElqOOFO1U3oDXH9a6dh6uM
OqGumLMDbGbDRW6293BcYSJGHSfefFqvelRbrrkeolTGFTXCP8B3vOovCLRh7Qu2
NRCP9HGZK+PfKfa+/cDVrHwgvjYlxhKzzCrkkOAD4mVcxeMxrH6589hjHqGeRUxn
AUcYbGE8FCu5v2DUcGLOhfUJP1J+3DZGL8QYQdgJkZYULrRwyT0vBppi9jH/3NJD
s/fplRKh5vkVM5LzWBF+YUAiYIbXw6C7oKT+bsBUvZ5Rxb5MjsRHgaoHkR4Otr17
v0+WS2zCNjZ0ZRKqYwTNgNAi/1XrqgychMMQRT1hg7vFQw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:08 2023 by rpki-client on console-fra.rpki-client.org