Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/srDYExfDly1uYOw1votF8hCX2BQ.roa
File: srDYExfDly1uYOw1votF8hCX2BQ.roa (raw, json)
Hash identifier: 5P6s5NVtoG21WPYwFii7LU+zCcx4ylRNFw+dWuKIcPk=
Subject key identifier: B2:B0:D8:13:17:C3:97:2D:6E:60:EC:35:BE:8B:45:F2:10:97:D8:14
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0184C69ABEDC8CE56D3447CE241BB030B1F7
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/srDYExfDly1uYOw1votF8hCX2BQ.roa
Signing time: Wed 30 Nov 2022 03:35:40 +0000
ROA not before: Wed 30 Nov 2022 03:35:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46562
IP address blocks: 104.232.36.0/24 maxlen: 24
2a0c:3ac0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c6:9a:be:dc:8c:e5:6d:34:47:ce:24:1b:b0:30:b1:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Nov 30 03:35:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2b0d81317c3972d6e60ec35be8b45f21097d814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:13:26:bf:62:4b:eb:2f:fe:6f:ca:2a:e7:4c:
4f:ba:23:63:89:63:33:11:6c:86:9d:48:d9:17:11:
5f:00:22:07:c8:e8:24:0c:a5:99:b1:7a:53:f9:4c:
c2:4a:c6:fd:1d:d0:58:ed:7d:e3:76:97:f2:bd:36:
48:30:d8:ed:90:71:aa:1e:30:b4:c1:44:f2:b5:23:
56:2c:af:90:dc:36:d6:4a:a4:f2:36:d0:ec:a1:8e:
b7:82:dc:e8:c5:74:55:cc:ee:c2:44:05:93:e1:c8:
7d:d8:6b:24:da:16:cf:0b:e1:08:d5:59:89:e6:96:
a6:fe:78:23:56:7b:99:25:82:28:a3:8a:5e:3e:7d:
5a:bc:31:a6:03:51:f3:8b:bf:d4:cc:3b:3c:b7:f8:
48:09:cb:9a:0d:d6:d6:62:fd:5e:90:22:0f:6f:79:
3d:3c:dc:17:04:72:cf:ad:e0:c7:85:92:1e:3a:10:
04:47:3c:98:21:a5:c3:c0:96:21:3f:e4:a1:24:32:
2d:e9:05:c2:93:27:04:91:43:c5:5c:0b:6c:06:e5:
7c:3c:3b:d1:97:5f:e5:4c:c7:cd:ce:94:43:56:b8:
f3:fb:5e:ab:4c:fa:da:79:91:a2:df:46:8c:3d:ff:
e3:92:cb:43:76:d0:14:31:3d:07:21:9f:d7:9f:30:
a4:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:B0:D8:13:17:C3:97:2D:6E:60:EC:35:BE:8B:45:F2:10:97:D8:14
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/srDYExfDly1uYOw1votF8hCX2BQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.232.36.0/24
IPv6:
2a0c:3ac0::/48
Signature Algorithm: sha256WithRSAEncryption
73:a8:c3:cf:7b:88:d3:21:51:dc:53:58:b1:01:d0:af:28:e4:
b6:92:b9:c6:88:ba:2c:98:98:03:11:b1:69:fe:63:95:b3:c5:
45:73:6a:80:07:27:b9:93:57:c1:53:a0:c3:a0:fa:c2:9e:d1:
e1:c2:2c:b0:e4:97:ef:ca:14:5a:a2:fa:c1:76:6b:8d:20:87:
77:93:bf:a5:cd:ab:b9:c2:e3:86:69:7e:91:5a:b4:5e:c0:49:
7a:bd:42:0e:8c:11:4d:b5:65:c3:cf:d2:2b:a4:37:9c:9d:27:
5e:68:41:64:67:ef:a0:d1:e2:b5:6b:6c:92:c3:52:e4:aa:26:
e3:af:6e:78:37:ef:0e:19:6d:73:40:4d:c7:db:65:f9:0e:0c:
aa:da:40:df:f8:f7:40:4e:96:a7:17:60:68:c6:18:e4:e3:c4:
09:c7:d3:90:17:e4:d4:84:94:0f:a5:8d:4f:b0:b3:d9:fa:8c:
a9:6f:66:47:a3:60:fb:28:77:b5:0a:ef:92:f9:80:35:c8:bc:
33:bb:29:30:7f:ff:3d:1b:41:69:5d:ca:fc:a6:aa:c8:d7:99:
f5:a2:9c:f5:a3:15:fd:d2:a4:d2:8a:82:3a:04:0c:40:29:63:
21:cd:54:46:f1:25:74:05:9a:8a:dd:53:44:09:26:9c:cb:81:
9a:65:25:9f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTGmr7cjOVtNEfOJBuwMLH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjIxMTMwMDMzNTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmIwZDgxMzE3YzM5NzJkNmU2MGVjMzViZThiNDVmMjEwOTdkODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxMmv2JL6y/+b8oq50xPuiNjiWMz
EWyGnUjZFxFfACIHyOgkDKWZsXpT+UzCSsb9HdBY7X3jdpfyvTZIMNjtkHGqHjC0
wUTytSNWLK+Q3DbWSqTyNtDsoY63gtzoxXRVzO7CRAWT4ch92Gsk2hbPC+EI1VmJ
5pam/ngjVnuZJYIoo4pePn1avDGmA1Hzi7/UzDs8t/hICcuaDdbWYv1ekCIPb3k9
PNwXBHLPreDHhZIeOhAERzyYIaXDwJYhP+ShJDIt6QXCkycEkUPFXAtsBuV8PDvR
l1/lTMfNzpRDVrjz+16rTPraeZGi30aMPf/jkstDdtAUMT0HIZ/XnzCk9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLKw2BMXw5ctbmDsNb6LRfIQl9gUMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvc3JEWUV4ZkRseTF1WU93MXZvdEY4aENYMkJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAaOgkMA8E
AgACMAkDBwAqDDrAAAAwDQYJKoZIhvcNAQELBQADggEBAHOow897iNMhUdxTWLEB
0K8o5LaSucaIuiyYmAMRsWn+Y5WzxUVzaoAHJ7mTV8FToMOg+sKe0eHCLLDkl+/K
FFqi+sF2a40gh3eTv6XNq7nC44ZpfpFatF7ASXq9Qg6MEU21ZcPP0iukN5ydJ15o
QWRn76DR4rVrbJLDUuSqJuOvbng37w4ZbXNATcfbZfkODKraQN/490BOlqcXYGjG
GOTjxAnH05AX5NSElA+ljU+ws9n6jKlvZkejYPsod7UK75L5gDXIvDO7KTB//z0b
QWldyvymqsjXmfWinPWjFf3SpNKKgjoEDEApYyHNVEbxJXQFmordU0QJJpzLgZpl
JZ8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:49 2023 by rpki-client on console-ams.rpki-client.org