Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/O1q442wl3Ylf3Vpaw03-vYuU-rA.roa
File: O1q442wl3Ylf3Vpaw03-vYuU-rA.roa (raw, json)
Hash identifier: Vn/2WHE8yyc+74gU/IQ5JJJDXNbGHX0ciMWY9WCtvms=
Subject key identifier: 3B:5A:B8:E3:6C:25:DD:89:5F:DD:5A:5A:C3:4D:FE:BD:8B:94:FA:B0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0E7DC833
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/O1q442wl3Ylf3Vpaw03-vYuU-rA.roa
Signing time: Tue 21 Jun 2022 14:48:47 +0000
ROA not before: Tue 21 Jun 2022 14:48:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49544
IP address blocks: 185.241.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 243124275 (0xe7dc833)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 21 14:48:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b5ab8e36c25dd895fdd5a5ac34dfebd8b94fab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a9:c9:05:ec:fb:67:06:db:0e:82:58:8e:b8:
73:26:7c:8a:53:72:ac:f2:b7:45:47:ab:b9:e6:2e:
55:47:3b:36:cc:d0:5a:40:27:a3:b5:40:2c:f1:cd:
3f:f2:c2:fd:a8:ad:b5:0b:66:15:63:00:4d:dd:73:
29:45:f6:0d:8e:22:a0:26:28:70:10:df:56:56:94:
46:62:8d:94:96:de:b8:e9:84:76:b6:73:a7:4f:45:
c5:7d:a1:86:0d:df:fc:98:fb:17:a9:08:4e:13:90:
33:ec:e5:2c:b2:fd:04:c6:2d:4c:88:1a:d1:4f:ae:
13:a2:c0:71:7e:59:35:a9:7d:84:b9:63:08:fd:34:
92:5b:86:08:c7:fc:14:20:e1:a6:8a:60:03:6b:da:
d6:85:80:84:ba:0f:7d:ce:24:06:f7:cc:61:af:91:
6d:19:8a:f2:80:bf:ae:de:4c:56:c2:41:b0:3b:9d:
b6:39:c3:fd:57:a6:de:bd:3b:97:a5:55:75:65:ed:
a8:5b:0e:aa:96:7e:5e:44:2c:f2:bb:8f:72:b9:22:
a7:66:06:c1:69:10:e7:6b:f5:81:0a:74:6e:d3:d6:
35:76:9b:92:86:19:72:9e:cd:b9:d2:e7:c6:10:67:
34:6e:27:30:52:22:6e:96:8b:47:8c:0e:72:6b:24:
f3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:5A:B8:E3:6C:25:DD:89:5F:DD:5A:5A:C3:4D:FE:BD:8B:94:FA:B0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/O1q442wl3Ylf3Vpaw03-vYuU-rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.209.0/24
Signature Algorithm: sha256WithRSAEncryption
72:18:ce:91:91:9e:c4:a3:12:9a:d5:46:d0:78:44:2e:e5:cf:
9d:03:ed:9f:33:9b:8f:ef:19:e8:a5:dc:99:8e:1f:02:b2:61:
86:cd:0c:1d:54:ea:88:21:66:1f:93:c6:1c:2c:0f:b6:1b:94:
45:0e:41:88:7a:93:90:67:ae:19:c3:a1:f6:de:8c:6c:93:7b:
aa:5f:f3:65:87:12:5f:0d:9b:7b:2e:00:1d:b1:75:36:e1:98:
c7:07:91:4e:71:78:7d:34:7b:fb:85:c7:7f:0c:ce:1f:89:ba:
04:2b:e7:cd:a1:e2:7b:31:9e:1d:6c:1e:9d:1a:76:2f:67:c2:
0b:25:21:2f:df:2a:32:ac:b8:95:4e:7f:ac:55:78:91:7b:40:
41:28:a9:04:e7:32:f6:80:34:6e:5a:17:7c:9e:80:2b:e6:b1:
9b:96:92:c7:27:5f:00:62:9a:0c:57:1c:b2:e9:b2:d7:55:4f:
15:6d:0e:09:b6:6d:ae:14:14:a6:b2:cd:21:58:13:c4:72:a0:
a9:2c:01:77:34:95:65:7b:7f:97:66:79:9f:24:68:38:3f:cc:
43:b8:a2:bd:e7:a9:95:9d:87:38:e0:24:7e:a8:97:fe:8f:0f:
43:a6:41:85:aa:a7:3a:8d:c0:bb:fb:42:a9:c2:4c:d4:d9:06:
25:16:dd:73
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDn3IMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDYy
MTE0NDg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2I1YWI4ZTM2YzI1
ZGQ4OTVmZGQ1YTVhYzM0ZGZlYmQ4Yjk0ZmFiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANWpyQXs+2cG2w6CWI64cyZ8ilNyrPK3RUerueYuVUc7NszQ
WkAno7VALPHNP/LC/aittQtmFWMATd1zKUX2DY4ioCYocBDfVlaURmKNlJbeuOmE
drZzp09FxX2hhg3f/Jj7F6kIThOQM+zlLLL9BMYtTIga0U+uE6LAcX5ZNal9hLlj
CP00kluGCMf8FCDhpopgA2va1oWAhLoPfc4kBvfMYa+RbRmK8oC/rt5MVsJBsDud
tjnD/Vem3r07l6VVdWXtqFsOqpZ+XkQs8ruPcrkip2YGwWkQ52v1gQp0btPWNXab
koYZcp7NudLnxhBnNG4nMFIibpaLR4wOcmsk8/kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ7WrjjbCXdiV/dWlrDTf69i5T6sDAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L08xcTQ0MndsM1lsZjNWcGF3MDMtdll1VS1yQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnx0TANBgkqhkiG9w0BAQsFAAOC
AQEAchjOkZGexKMSmtVG0HhELuXPnQPtnzObj+8Z6KXcmY4fArJhhs0MHVTqiCFm
H5PGHCwPthuURQ5BiHqTkGeuGcOh9t6MbJN7ql/zZYcSXw2bey4AHbF1NuGYxweR
TnF4fTR7+4XHfwzOH4m6BCvnzaHiezGeHWwenRp2L2fCCyUhL98qMqy4lU5/rFV4
kXtAQSipBOcy9oA0bloXfJ6AK+axm5aSxydfAGKaDFccsumy11VPFW0OCbZtrhQU
prLNIVgTxHKgqSwBdzSVZXt/l2Z5nyRoOD/MQ7iiveeplZ2HOOAkfqiX/o8PQ6ZB
haqnOo3Au/tCqcJM1NkGJRbdcw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:54 2023 by rpki-client on console-ams.rpki-client.org