Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/PDQE7UpJ5fR6aLthRjotm2j8f5o.roa
File: PDQE7UpJ5fR6aLthRjotm2j8f5o.roa (raw, json)
Hash identifier: +2smP0IDLEVkNofsp3xnp0OS1Pq+7QI9tzPRrzGzWN0=
Subject key identifier: 3C:34:04:ED:4A:49:E5:F4:7A:68:BB:61:46:3A:2D:9B:68:FC:7F:9A
Certificate issuer: /CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
Certificate serial: 26BABBA7
Authority key identifier: 1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/PDQE7UpJ5fR6aLthRjotm2j8f5o.roa
Signing time: Sat 01 Jan 2022 15:02:53 +0000
ROA not before: Sat 01 Jan 2022 15:02:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39356
IP address blocks: 164.215.106.0/24 maxlen: 24
164.215.109.0/24 maxlen: 24
164.215.110.0/24 maxlen: 24
164.215.108.0/24 maxlen: 24
185.68.232.0/24 maxlen: 24
185.68.233.0/24 maxlen: 24
185.68.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 649771943 (0x26babba7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
Validity
Not Before: Jan 1 15:02:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c3404ed4a49e5f47a68bb61463a2d9b68fc7f9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e0:0f:59:0e:9d:d3:63:2b:57:24:b9:33:6b:
d2:b3:00:24:e2:72:10:a2:24:a8:94:84:c9:33:d3:
fa:95:32:93:c4:4a:67:d7:95:4d:8e:58:cb:78:f1:
6c:a2:86:4d:0e:00:94:61:8d:b3:74:03:f6:e8:19:
01:a0:79:d8:c8:42:0d:f9:c8:21:b7:e3:02:df:31:
60:00:61:cb:69:90:fa:c7:b4:4c:1c:69:f3:67:bb:
3a:60:5b:10:7a:c8:7d:53:6c:eb:b3:4f:c1:4d:98:
6d:28:02:54:3a:54:b7:a6:a5:b7:a3:bb:ad:dc:b2:
84:e5:d4:6b:99:40:04:8c:29:ae:62:c7:72:6b:78:
aa:c1:60:57:be:dd:56:18:39:a8:4b:20:2f:90:e0:
96:d6:6e:8a:34:78:43:94:0b:34:19:dc:53:d6:13:
48:b3:02:10:ed:66:da:ec:93:e2:14:ed:46:d3:30:
f3:88:44:c3:a6:0f:57:71:0b:93:17:0d:fd:de:ef:
6c:53:a0:fb:cf:05:5e:93:03:f7:c2:78:86:79:a0:
68:ba:37:69:2a:52:b1:43:d1:9b:ae:86:3c:4d:16:
54:4d:44:81:62:23:25:26:f0:17:95:a6:e3:43:c6:
45:66:4a:ec:58:e4:cd:17:91:e4:56:d0:79:bc:fd:
9b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:34:04:ED:4A:49:E5:F4:7A:68:BB:61:46:3A:2D:9B:68:FC:7F:9A
X509v3 Authority Key Identifier:
keyid:1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/PDQE7UpJ5fR6aLthRjotm2j8f5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HWW3t7iY-q7nB2fQlxXENqg_zcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.215.106.0/24
164.215.108.0-164.215.110.255
185.68.232.0/23
185.68.235.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:ae:9a:37:cc:13:58:55:32:bf:c3:57:37:57:57:e6:1b:4b:
e0:c5:71:ca:10:d8:b8:3c:bf:d7:87:60:64:61:72:2b:a8:73:
42:b9:ee:01:91:e1:b2:f1:45:f6:d7:63:aa:74:fc:7c:2a:dd:
17:ec:34:63:35:b6:05:ec:00:62:be:e9:ab:48:83:c4:11:57:
48:5c:e0:1c:ee:2f:f4:84:37:8d:01:62:b8:18:13:71:a8:83:
15:4f:08:94:6d:6b:10:81:89:43:2a:41:2f:96:b2:54:70:78:
a4:8b:d4:4b:49:be:44:e6:11:67:72:43:b2:f0:9d:ee:4c:15:
05:e4:54:c4:42:ed:f8:23:f0:fc:d2:a4:58:ed:a2:8e:1c:f7:
00:45:97:9e:cb:f3:ab:3d:55:8d:f5:27:1b:12:13:d8:10:d1:
d1:db:66:9c:79:b5:e4:a3:6f:7d:76:55:b6:3e:4e:12:e2:aa:
e9:1d:b7:22:74:cb:55:41:1b:91:8f:36:8a:54:f9:ab:02:68:
84:9d:92:b7:4f:5f:a7:0b:7d:e2:8a:5e:4e:20:81:92:38:b4:
51:8f:fc:d7:ee:e5:39:33:ea:93:c9:54:ea:e2:aa:5c:9b:7e:
d9:6b:b5:e8:09:97:56:99:6c:44:67:2b:42:eb:03:1a:6b:53:
22:04:79:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEJrq7pzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDY1YjdiN2I4OThmYWFlZTcwNzY3ZDA5NzE1YzQzNmE4M2ZjZGMyMB4XDTIyMDEw
MTE1MDI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2MzNDA0ZWQ0YTQ5
ZTVmNDdhNjhiYjYxNDYzYTJkOWI2OGZjN2Y5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTgD1kOndNjK1ckuTNr0rMAJOJyEKIkqJSEyTPT+pUyk8RK
Z9eVTY5Yy3jxbKKGTQ4AlGGNs3QD9ugZAaB52MhCDfnIIbfjAt8xYABhy2mQ+se0
TBxp82e7OmBbEHrIfVNs67NPwU2YbSgCVDpUt6alt6O7rdyyhOXUa5lABIwprmLH
cmt4qsFgV77dVhg5qEsgL5DgltZuijR4Q5QLNBncU9YTSLMCEO1m2uyT4hTtRtMw
84hEw6YPV3ELkxcN/d7vbFOg+88FXpMD98J4hnmgaLo3aSpSsUPRm66GPE0WVE1E
gWIjJSbwF5Wm40PGRWZK7FjkzReR5FbQebz9m0kCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQ8NATtSknl9Hpou2FGOi2baPx/mjAfBgNVHSMEGDAWgBQdZbe3uJj6rucH
Z9CXFcQ2qD/NwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hXVzN0N2lZLXE3bkIyZlFseFhFTnFnX3pjSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvZGVhZWYxLTYyNDEtNDlhYi05ODI1LThmYzM3Mzc1NzY4NC8x
L1BEUUU3VXBKNWZSNmFMdGhSam90bTJqOGY1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
ZGVhZWYxLTYyNDEtNDlhYi05ODI1LThmYzM3Mzc1NzY4NC8xL0hXVzN0N2lZLXE3
bkIyZlFseFhFTnFnX3pjSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAKTXajAMAwQCpNdsAwQApNduAwQB
uUToAwQAuUTrMA0GCSqGSIb3DQEBCwUAA4IBAQCgrpo3zBNYVTK/w1c3V1fmG0vg
xXHKENi4PL/Xh2BkYXIrqHNCue4BkeGy8UX212OqdPx8Kt0X7DRjNbYF7ABivumr
SIPEEVdIXOAc7i/0hDeNAWK4GBNxqIMVTwiUbWsQgYlDKkEvlrJUcHiki9RLSb5E
5hFnckOy8J3uTBUF5FTEQu34I/D80qRY7aKOHPcARZeey/OrPVWN9ScbEhPYENHR
22acebXko299dlW2Pk4S4qrpHbcidMtVQRuRjzaKVPmrAmiEnZK3T1+nC33iil5O
IIGSOLRRj/zX7uU5M+qTyVTq4qpcm37Za7XoCZdWmWxEZytC6wMaa1MiBHna
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:55 2023 by rpki-client on console-ams.rpki-client.org