Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/2s3u9URI0YdkzAO0d3qs9gwkB1Q.roa
File: 2s3u9URI0YdkzAO0d3qs9gwkB1Q.roa (raw, json)
Hash identifier: fdnlOW5C8qCxsPxeB4p2uE+6g/xq/U7B+NUZJgiubJE=
Subject key identifier: DA:CD:EE:F5:44:48:D1:87:64:CC:03:B4:77:7A:AC:F6:0C:24:07:54
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 01821BBC0C5F94F3AF89981B92A52F127E12
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/2s3u9URI0YdkzAO0d3qs9gwkB1Q.roa
Signing time: Wed 20 Jul 2022 13:11:24 +0000
ROA not before: Wed 20 Jul 2022 13:11:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60800
IP address blocks: 91.210.100.0/22 maxlen: 22
103.82.0.0/22 maxlen: 24
185.42.16.0/22 maxlen: 24
125.62.72.0/22 maxlen: 24
185.17.172.0/22 maxlen: 24
185.222.112.0/22 maxlen: 24
2a03:ec40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1b:bc:0c:5f:94:f3:af:89:98:1b:92:a5:2f:12:7e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Jul 20 13:11:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dacdeef54448d18764cc03b4777aacf60c240754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:da:07:54:22:1a:d8:b8:8f:b6:3c:48:d9:13:
2e:20:f9:d1:17:4b:58:e7:fa:96:1f:1b:43:ab:07:
9c:27:6e:3e:91:54:79:b0:b5:b1:55:98:fa:81:ca:
e6:48:f1:11:b8:2e:65:2b:99:4a:8f:0c:36:c9:2f:
b5:9e:13:a6:98:a2:ee:b0:36:0e:78:28:e6:db:8a:
79:09:e1:2d:fd:22:05:a8:65:40:54:a4:ed:5f:0b:
a9:02:f0:ab:40:17:09:33:90:ff:d5:48:94:a5:4f:
3e:c6:31:e6:5b:fc:28:4a:96:e1:cf:4f:2a:dd:da:
fb:6d:bd:b0:a3:ac:0a:87:9d:4f:42:78:aa:c9:56:
7f:ac:85:19:84:83:80:b6:f8:8c:48:0d:d1:29:40:
48:8f:34:86:00:97:1d:dc:f2:e4:52:b3:10:91:d0:
0e:90:6f:77:7f:b7:1b:5a:e0:53:4f:7a:07:31:a5:
e4:62:78:15:ec:2a:64:58:7e:a5:96:96:53:c3:cf:
6c:74:9f:e2:6a:20:e7:41:3f:d6:6b:66:3c:3a:aa:
6b:2a:19:c7:7a:ea:df:2c:fc:81:3b:9c:9b:9e:96:
70:63:2d:a9:53:c1:c5:f6:9a:2d:57:13:d4:74:e0:
20:c7:d7:28:20:0c:db:dc:c8:1b:08:a6:9e:be:67:
77:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:CD:EE:F5:44:48:D1:87:64:CC:03:B4:77:7A:AC:F6:0C:24:07:54
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/2s3u9URI0YdkzAO0d3qs9gwkB1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.100.0/22
103.82.0.0/22
125.62.72.0/22
185.17.172.0/22
185.42.16.0/22
185.222.112.0/22
IPv6:
2a03:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
2b:f4:25:37:eb:8d:2e:74:ec:f3:3d:6e:10:e7:33:68:bc:6b:
fe:21:96:7b:2c:61:2b:f6:a9:a5:6f:93:01:83:c1:1d:2c:2f:
74:b6:c0:65:96:8d:ec:fe:a5:58:ed:bc:47:c8:37:5d:62:0c:
71:88:34:b7:fb:2d:b3:ca:9c:54:44:48:47:89:94:dd:d5:40:
37:b1:87:3b:49:38:50:7f:ff:fc:fb:ba:74:fd:80:fe:02:83:
e5:20:95:03:c5:19:75:e7:fd:bd:46:d3:41:b4:5a:ec:e0:b4:
e1:c0:50:9e:7e:c3:b9:bf:4a:92:7e:88:d3:a7:ce:2c:e4:af:
7f:09:31:04:f1:d5:1d:96:43:85:28:7e:6a:43:b4:60:9b:c5:
0e:87:97:1b:b6:1b:a9:62:cc:67:0b:97:95:b5:33:52:da:2f:
63:ee:81:2e:0b:f7:06:77:7b:b4:25:1c:fb:14:9f:bd:c6:8b:
a7:6a:3f:da:24:87:37:f1:07:82:bf:2e:22:10:2f:25:7c:f5:
c5:61:3f:7f:59:9e:df:c5:d9:67:e3:76:5c:dd:46:86:eb:60:
13:7c:fe:73:02:f7:11:2f:f7:77:a8:ed:a4:3f:5e:6f:0b:a7:
da:d6:93:85:75:3c:c5:d5:38:b3:43:e4:e0:f3:40:0d:40:9e:
80:d9:0a:fa
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYIbvAxflPOviZgbkqUvEn4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjIwNzIwMTMxMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWNkZWVmNTQ0NDhkMTg3NjRjYzAzYjQ3NzdhYWNmNjBjMjQwNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdoHVCIa2LiPtjxI2RMuIPnRF0tY
5/qWHxtDqwecJ24+kVR5sLWxVZj6gcrmSPERuC5lK5lKjww2yS+1nhOmmKLusDYO
eCjm24p5CeEt/SIFqGVAVKTtXwupAvCrQBcJM5D/1UiUpU8+xjHmW/woSpbhz08q
3dr7bb2wo6wKh51PQniqyVZ/rIUZhIOAtviMSA3RKUBIjzSGAJcd3PLkUrMQkdAO
kG93f7cbWuBTT3oHMaXkYngV7CpkWH6llpZTw89sdJ/iaiDnQT/Wa2Y8OqprKhnH
eurfLPyBO5ybnpZwYy2pU8HF9potVxPUdOAgx9coIAzb3MgbCKaevmd3qwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNrN7vVESNGHZMwDtHd6rPYMJAdUMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvMnMzdTlVUkkwWWRrekFPMGQzcXM5Z3drQjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCW9JkAwQC
Z1IAAwQCfT5IAwQCuRGsAwQCuSoQAwQCud5wMA0EAgACMAcDBQMqA+xAMA0GCSqG
SIb3DQEBCwUAA4IBAQAr9CU3640udOzzPW4Q5zNovGv+IZZ7LGEr9qmlb5MBg8Ed
LC90tsBllo3s/qVY7bxHyDddYgxxiDS3+y2zypxUREhHiZTd1UA3sYc7SThQf//8
+7p0/YD+AoPlIJUDxRl15/29RtNBtFrs4LThwFCefsO5v0qSfojTp84s5K9/CTEE
8dUdlkOFKH5qQ7Rgm8UOh5cbthupYsxnC5eVtTNS2i9j7oEuC/cGd3u0JRz7FJ+9
xounaj/aJIc38QeCvy4iEC8lfPXFYT9/WZ7fxdln43Zc3UaG62ATfP5zAvcRL/d3
qO2kP15vC6fa1pOFdTzF1TizQ+Tg80ANQJ6A2Qr6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org