Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b21dfe-f138-406c-90ac-8823ac349b8e/1/3ayih50CKCHZdVP8dj3FvPpaLB0.roa
File: 3ayih50CKCHZdVP8dj3FvPpaLB0.roa (raw, json)
Hash identifier: pEE7si074+/Y7zTVHvIuGaB3v5AIEB8dxSv1UBjeLfI=
Subject key identifier: DD:AC:A2:87:9D:02:28:21:D9:75:53:FC:76:3D:C5:BC:FA:5A:2C:1D
Certificate issuer: /CN=dee12d8c09292452c66b3a3521095333a9ecfe95
Certificate serial: 01830027979AEFB6D95AFF95F3E4478FF9BE
Authority key identifier: DE:E1:2D:8C:09:29:24:52:C6:6B:3A:35:21:09:53:33:A9:EC:FE:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3uEtjAkpJFLGazo1IQlTM6ns_pU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b21dfe-f138-406c-90ac-8823ac349b8e/1/3ayih50CKCHZdVP8dj3FvPpaLB0.roa
Signing time: Fri 02 Sep 2022 21:42:18 +0000
ROA not before: Fri 02 Sep 2022 21:42:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211298
IP address blocks: 87.236.176.0/24 maxlen: 24
193.163.125.0/24 maxlen: 24
2a06:4880::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:00:27:97:9a:ef:b6:d9:5a:ff:95:f3:e4:47:8f:f9:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dee12d8c09292452c66b3a3521095333a9ecfe95
Validity
Not Before: Sep 2 21:42:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddaca2879d022821d97553fc763dc5bcfa5a2c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a1:ec:4b:ba:96:d8:79:68:79:bb:e5:49:c0:
ed:3c:26:aa:d5:fc:b3:2c:ae:c6:ad:da:93:a6:e3:
c2:d8:7a:46:ea:8a:7a:d6:85:0e:c3:d0:26:30:e8:
72:ba:35:d8:e0:a8:ce:a0:56:32:d0:2f:52:6c:09:
c6:37:ac:dc:f5:29:63:a9:63:ca:a3:97:27:19:15:
e7:90:93:80:07:c9:59:18:ad:53:2e:05:24:97:a2:
07:e7:35:4a:99:5e:e6:39:aa:7a:86:2a:d2:35:8c:
0b:5e:09:e8:73:77:0c:27:01:7a:64:66:15:ed:74:
e2:3b:35:44:3a:f5:b7:9b:fe:6b:60:0b:7b:f3:ef:
95:6b:b7:e3:78:86:9b:b3:85:bc:d5:db:ef:a3:27:
96:31:84:a8:c0:81:0e:96:8c:51:38:d6:b5:aa:2d:
40:3b:ad:fd:d8:6c:64:31:1e:07:b8:3a:ab:2f:c5:
3b:4e:08:bd:9e:5b:3b:91:37:57:86:3f:29:22:21:
e9:2d:52:1a:d0:52:c0:5e:f0:51:44:b7:e7:bb:a2:
57:c5:8e:3b:7c:5f:12:2d:66:de:1a:db:b4:5c:46:
a9:b5:3a:84:20:b7:28:a2:63:89:b1:c1:04:28:ae:
08:5b:69:5b:9e:e5:fd:69:aa:e4:e8:16:9a:27:b7:
62:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:AC:A2:87:9D:02:28:21:D9:75:53:FC:76:3D:C5:BC:FA:5A:2C:1D
X509v3 Authority Key Identifier:
keyid:DE:E1:2D:8C:09:29:24:52:C6:6B:3A:35:21:09:53:33:A9:EC:FE:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3uEtjAkpJFLGazo1IQlTM6ns_pU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b21dfe-f138-406c-90ac-8823ac349b8e/1/3ayih50CKCHZdVP8dj3FvPpaLB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b21dfe-f138-406c-90ac-8823ac349b8e/1/3uEtjAkpJFLGazo1IQlTM6ns_pU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.176.0/24
193.163.125.0/24
IPv6:
2a06:4880::/32
Signature Algorithm: sha256WithRSAEncryption
21:fa:90:ec:6d:65:ac:0d:79:6b:97:97:99:87:1b:d0:c9:5b:
36:a0:02:d5:38:1b:fb:fd:bd:35:a4:fd:6e:da:9a:d2:eb:df:
74:6d:ef:22:c1:a9:01:19:3d:bc:61:c2:c2:b4:30:bd:ec:94:
2c:85:8d:2b:28:c8:5f:f0:6c:91:6d:37:40:01:da:8f:5d:2e:
d4:88:de:32:f8:55:ec:76:e9:27:bd:2e:39:2a:0b:66:c3:d4:
87:4f:b9:d0:9d:59:e5:15:61:74:c3:0b:f5:41:f0:bc:03:98:
60:26:71:ea:de:04:b2:fc:8c:4e:d7:aa:6e:20:15:19:c5:8e:
cc:5b:c3:75:92:28:db:a0:50:62:ae:b9:40:3c:93:df:22:04:
29:32:00:c2:3b:0d:c6:64:d7:93:28:7e:a1:d9:71:0f:a9:cb:
17:6c:70:69:f8:97:d4:86:e4:fb:1e:e6:01:0e:3b:32:db:49:
20:86:1a:ce:96:b3:59:6b:27:24:07:0e:94:e9:11:43:eb:3c:
b1:40:73:d4:01:47:f1:47:30:73:a9:da:cd:da:0e:fa:d2:5a:
5f:87:32:74:d2:86:dc:a8:ab:25:9a:f2:d3:93:fe:45:8d:24:
13:3f:3b:4e:13:54:49:58:94:2a:c5:43:98:73:99:de:5b:6c:
b5:4a:ef:58
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYMAJ5ea77bZWv+V8+RHj/m+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTEyZDhjMDkyOTI0NTJjNjZiM2EzNTIxMDk1MzMzYTll
Y2ZlOTUwHhcNMjIwOTAyMjE0MjE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGFjYTI4NzlkMDIyODIxZDk3NTUzZmM3NjNkYzViY2ZhNWEyYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6HsS7qW2HloebvlScDtPCaq1fyz
LK7GrdqTpuPC2HpG6op61oUOw9AmMOhyujXY4KjOoFYy0C9SbAnGN6zc9SljqWPK
o5cnGRXnkJOAB8lZGK1TLgUkl6IH5zVKmV7mOap6hirSNYwLXgnoc3cMJwF6ZGYV
7XTiOzVEOvW3m/5rYAt78++Va7fjeIabs4W81dvvoyeWMYSowIEOloxRONa1qi1A
O6392GxkMR4HuDqrL8U7Tgi9nls7kTdXhj8pIiHpLVIa0FLAXvBRRLfnu6JXxY47
fF8SLWbeGtu0XEaptTqEILcoomOJscEEKK4IW2lbnuX9aark6BaaJ7dipwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN2sooedAigh2XVT/HY9xbz6WiwdMB8GA1UdIwQY
MBaAFN7hLYwJKSRSxms6NSEJUzOp7P6VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3VFdGpBa3BKRkxHYXpvMUlRbFRNNm5zX3BVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iMjFkZmUtZjEzOC00MDZjLTkwYWMt
ODgyM2FjMzQ5YjhlLzEvM2F5aWg1MENLQ0haZFZQOGRqM0Z2UHBhTEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iMjFkZmUtZjEzOC00MDZjLTkwYWMtODgyM2FjMzQ5Yjhl
LzEvM3VFdGpBa3BKRkxHYXpvMUlRbFRNNm5zX3BVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAV+ywAwQA
waN9MA0EAgACMAcDBQAqBkiAMA0GCSqGSIb3DQEBCwUAA4IBAQAh+pDsbWWsDXlr
l5eZhxvQyVs2oALVOBv7/b01pP1u2prS6990be8iwakBGT28YcLCtDC97JQshY0r
KMhf8GyRbTdAAdqPXS7UiN4y+FXsduknvS45Kgtmw9SHT7nQnVnlFWF0wwv1QfC8
A5hgJnHq3gSy/IxO16puIBUZxY7MW8N1kijboFBirrlAPJPfIgQpMgDCOw3GZNeT
KH6h2XEPqcsXbHBp+JfUhuT7HuYBDjsy20kghhrOlrNZayckBw6U6RFD6zyxQHPU
AUfxRzBzqdrN2g760lpfhzJ00obcqKslmvLTk/5FjSQTPztOE1RJWJQqxUOYc5ne
W2y1Su9Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:16 2024 by rpki-client on console-ams.rpki-client.org