Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/38T3IdfoHu6gvnQHOr2y0KGkI_Y.roa
File: 38T3IdfoHu6gvnQHOr2y0KGkI_Y.roa (raw, json)
Hash identifier: 9yxYm2H+5WgKu3L2rNAnq+UVpHIcat+apFIu/ugoGeg=
Subject key identifier: DF:C4:F7:21:D7:E8:1E:EE:A0:BE:74:07:3A:BD:B2:D0:A1:A4:23:F6
Certificate issuer: /CN=dbaef5c32bea4b54d17e241b5cccaf07bc0a8ee9
Certificate serial: F863F9
Authority key identifier: DB:AE:F5:C3:2B:EA:4B:54:D1:7E:24:1B:5C:CC:AF:07:BC:0A:8E:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/38T3IdfoHu6gvnQHOr2y0KGkI_Y.roa
Signing time: Sat 01 Jan 2022 08:55:29 +0000
ROA not before: Sat 01 Jan 2022 08:55:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203827
IP address blocks: 185.255.220.0/24 maxlen: 24
185.255.223.0/24 maxlen: 24
185.255.221.0/24 maxlen: 24
185.255.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16278521 (0xf863f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbaef5c32bea4b54d17e241b5cccaf07bc0a8ee9
Validity
Not Before: Jan 1 08:55:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfc4f721d7e81eeea0be74073abdb2d0a1a423f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:62:83:c2:b7:0d:5f:41:53:ef:91:6b:d5:72:
2c:91:ae:0e:ed:f7:15:13:72:9c:b1:68:de:85:01:
17:d2:11:89:eb:e6:db:d4:c6:a8:2e:19:c1:d8:20:
3e:b5:51:9a:64:93:fe:cb:18:5c:ff:95:46:67:c3:
12:f0:2b:bb:71:a0:2a:88:98:9e:b2:09:cd:7f:9d:
bc:b6:8b:3f:c3:6c:6f:09:9e:fb:e5:a5:9e:8d:c1:
86:a5:9d:b2:13:e4:25:ea:0c:5e:18:25:2a:d9:1a:
26:90:48:36:b7:9b:14:1a:4f:fb:59:1a:9a:93:fd:
3e:5f:ab:f7:42:df:30:fe:0e:6d:5c:ef:51:2b:8e:
f8:59:94:f2:3f:3b:1c:07:91:f8:bc:9c:fc:27:16:
3d:f1:1b:52:68:a0:02:21:64:a3:bb:1f:1a:2c:8e:
e0:e3:62:12:01:fc:4b:f7:c4:01:99:61:67:a0:b7:
9a:c4:bb:02:ad:fa:a0:1d:53:1c:ea:1b:61:3e:de:
6e:89:5b:98:c9:19:8c:1d:bd:64:8f:e5:e9:da:f1:
d8:3f:c3:6d:8b:05:f9:07:e5:a2:98:8d:66:45:e7:
7b:83:f1:7a:ed:6a:c8:fd:2b:ca:56:27:44:75:66:
bd:de:ea:fa:c7:d1:7c:9f:2b:1f:3c:29:ce:f6:e8:
46:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C4:F7:21:D7:E8:1E:EE:A0:BE:74:07:3A:BD:B2:D0:A1:A4:23:F6
X509v3 Authority Key Identifier:
keyid:DB:AE:F5:C3:2B:EA:4B:54:D1:7E:24:1B:5C:CC:AF:07:BC:0A:8E:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/38T3IdfoHu6gvnQHOr2y0KGkI_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.220.0/22
Signature Algorithm: sha256WithRSAEncryption
82:a4:74:9d:32:05:3d:58:e4:8b:17:2d:65:1f:de:6d:d4:51:
4c:a7:fa:a0:43:6d:49:b8:20:c0:1d:43:ca:3d:a3:e1:6a:5d:
59:b9:6b:a7:10:08:55:91:cb:08:3c:d9:68:0d:ac:2f:e1:e2:
cd:55:bc:f5:7b:c6:ae:e9:8f:96:53:54:6e:e6:bc:bf:d1:ed:
da:f0:9b:31:63:6d:8c:c8:da:68:29:4e:03:29:e8:61:9e:10:
1b:12:55:0a:ed:a4:16:e9:77:39:8b:da:ce:3a:9d:88:d6:cc:
b2:57:b6:81:a2:83:14:ff:7e:79:67:e1:c6:89:3f:e9:db:7b:
81:96:a6:e5:6d:8b:53:f5:ae:b8:20:48:65:33:76:ab:4d:2c:
57:3a:d0:b5:6c:fe:d0:d6:65:f4:db:f5:1d:69:3e:49:9b:e7:
cf:28:1e:ff:4a:52:5c:bc:a0:f3:a9:b0:9e:fd:8c:db:f2:90:
ec:4f:99:c0:85:c6:e8:53:8c:27:6a:4d:ab:02:0e:71:3d:b0:
71:bd:a0:70:22:d7:32:72:b4:45:ec:42:90:77:80:72:f7:b8:
1a:bd:61:fa:a3:f8:27:91:97:62:80:34:77:fa:a5:e6:cc:89:
d6:18:03:3a:30:7c:13:dc:0d:9b:11:7c:f9:a6:be:a6:49:d2:
58:e9:70:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAPhj+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmFlZjVjMzJiZWE0YjU0ZDE3ZTI0MWI1Y2NjYWYwN2JjMGE4ZWU5MB4XDTIyMDEw
MTA4NTUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZjNGY3MjFkN2U4
MWVlZWEwYmU3NDA3M2FiZGIyZDBhMWE0MjNmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJig8K3DV9BU++Ra9VyLJGuDu33FRNynLFo3oUBF9IRievm
29TGqC4ZwdggPrVRmmST/ssYXP+VRmfDEvAru3GgKoiYnrIJzX+dvLaLP8Nsbwme
++Wlno3BhqWdshPkJeoMXhglKtkaJpBINrebFBpP+1kampP9Pl+r90LfMP4ObVzv
USuO+FmU8j87HAeR+Lyc/CcWPfEbUmigAiFko7sfGiyO4ONiEgH8S/fEAZlhZ6C3
msS7Aq36oB1THOobYT7ebolbmMkZjB29ZI/l6drx2D/DbYsF+QflopiNZkXne4Px
eu1qyP0rylYnRHVmvd7q+sfRfJ8rHzwpzvboRp0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTfxPch1+ge7qC+dAc6vbLQoaQj9jAfBgNVHSMEGDAWgBTbrvXDK+pLVNF+
JBtczK8HvAqO6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzI2NzF3eXZxUzFUUmZpUWJYTXl2Qjd3S2p1ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvZGVlNjZmLTQ1Y2MtNGNiNC05ZmJiLTY0MmNlNjc0Zjk3NC8x
LzM4VDNJZGZvSHU2Z3ZuUUhPcjJ5MEtHa0lfWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
ZGVlNjZmLTQ1Y2MtNGNiNC05ZmJiLTY0MmNlNjc0Zjk3NC8xLzI2NzF3eXZxUzFU
UmZpUWJYTXl2Qjd3S2p1ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn/3DANBgkqhkiG9w0BAQsFAAOC
AQEAgqR0nTIFPVjkixctZR/ebdRRTKf6oENtSbggwB1Dyj2j4WpdWblrpxAIVZHL
CDzZaA2sL+HizVW89XvGrumPllNUbua8v9Ht2vCbMWNtjMjaaClOAynoYZ4QGxJV
Cu2kFul3OYvazjqdiNbMsle2gaKDFP9+eWfhxok/6dt7gZam5W2LU/WuuCBIZTN2
q00sVzrQtWz+0NZl9Nv1HWk+SZvnzyge/0pSXLyg86mwnv2M2/KQ7E+ZwIXG6FOM
J2pNqwIOcT2wcb2gcCLXMnK0RexCkHeAcve4Gr1h+qP4J5GXYoA0d/ql5syJ1hgD
OjB8E9wNmxF8+aa+pknSWOlwPA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:20 2023 by rpki-client on console-ams.rpki-client.org