Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/drtJvudaPCGCXsMTJOnlWHVEOdM.roa
File: drtJvudaPCGCXsMTJOnlWHVEOdM.roa (raw, json)
Hash identifier: 0iTvWzsu0c2aj5md3fRwU/FJsmEBOmqhmxo1zyo+k0M=
Subject key identifier: 76:BB:49:BE:E7:5A:3C:21:82:5E:C3:13:24:E9:E5:58:75:44:39:D3
Certificate issuer: /CN=3a685cf88a7fc43fe1c7fe34a6ff3ddbb414f0b5
Certificate serial: 053E99F2
Authority key identifier: 3A:68:5C:F8:8A:7F:C4:3F:E1:C7:FE:34:A6:FF:3D:DB:B4:14:F0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/drtJvudaPCGCXsMTJOnlWHVEOdM.roa
Signing time: Sat 01 Jan 2022 12:04:15 +0000
ROA not before: Sat 01 Jan 2022 12:04:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39839
IP address blocks: 185.153.252.0/22 maxlen: 24
95.130.208.0/21 maxlen: 24
193.163.102.0/24 maxlen: 24
2a01:630::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87988722 (0x53e99f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a685cf88a7fc43fe1c7fe34a6ff3ddbb414f0b5
Validity
Not Before: Jan 1 12:04:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76bb49bee75a3c21825ec31324e9e558754439d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0b:40:3b:06:79:72:c5:64:16:0d:51:00:a2:
81:7f:f6:23:4e:a9:ba:e6:da:5f:00:82:98:84:62:
b1:0a:25:df:ea:0f:9e:02:8f:db:ce:0f:f2:6b:2a:
b0:5e:07:14:7f:c1:0a:b2:d7:15:06:8c:2b:20:e4:
a2:ff:e6:fa:eb:03:9e:81:33:93:07:2c:89:3c:92:
67:ec:43:9d:ba:6c:4b:6f:4f:f9:c0:1f:35:67:66:
2a:57:12:32:cc:2e:62:d5:94:6e:a2:c8:bd:5e:34:
75:10:fc:b2:2d:d5:a5:24:f2:21:85:68:a2:87:8b:
f7:08:81:08:a8:6a:6d:e4:44:5e:0b:23:d7:9d:ab:
c4:94:1d:29:e9:84:bb:92:2a:a5:8a:01:e6:04:46:
5f:1a:bf:c9:f4:3e:83:a0:a4:f2:87:4c:93:99:ea:
26:dd:5b:6b:cb:b5:1a:84:ce:11:28:6a:0f:3e:2c:
b9:11:dc:60:6c:1c:39:e7:87:e2:83:d2:79:ed:3d:
e9:9e:4d:98:be:fe:a9:27:db:f6:39:93:24:b6:6c:
85:2c:ff:e3:7e:4d:e7:5e:c6:ff:5f:65:c1:18:c9:
1e:3d:5d:95:88:b9:c9:d5:bb:07:25:be:1e:3c:5d:
3a:0c:de:0f:92:9e:ea:0d:3f:97:a9:3c:6e:08:60:
b3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:BB:49:BE:E7:5A:3C:21:82:5E:C3:13:24:E9:E5:58:75:44:39:D3
X509v3 Authority Key Identifier:
keyid:3A:68:5C:F8:8A:7F:C4:3F:E1:C7:FE:34:A6:FF:3D:DB:B4:14:F0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/drtJvudaPCGCXsMTJOnlWHVEOdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Omhc-Ip_xD_hx_40pv8927QU8LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.208.0/21
185.153.252.0/22
193.163.102.0/24
IPv6:
2a01:630::/32
Signature Algorithm: sha256WithRSAEncryption
78:03:da:0b:64:bf:80:48:86:80:52:11:da:87:8b:ca:4f:64:
87:00:27:08:26:59:0e:78:30:ae:98:5b:55:2e:25:74:ed:dc:
9a:6e:81:31:78:27:63:2f:ca:17:fe:d5:94:d1:11:92:2e:24:
f7:b8:34:05:ee:73:46:fa:ed:63:2e:eb:5e:ec:40:04:80:75:
09:d2:29:5b:cf:1f:7e:85:78:63:9c:88:7a:c7:68:94:6a:39:
49:62:81:84:aa:71:8c:e4:19:6d:96:6a:7f:6b:97:f9:90:21:
c8:3f:09:0f:28:c6:66:32:83:3f:d4:4a:7f:46:f0:8a:20:6f:
31:4d:6c:a7:97:fb:6c:06:69:41:76:66:d2:5c:31:60:4a:e9:
8f:f2:08:63:98:c0:7f:4b:65:ac:66:12:65:1b:03:52:d8:2e:
7b:e6:e1:55:24:2d:ac:c2:74:c1:89:0a:71:d7:88:ed:26:a1:
da:a9:22:64:cb:85:80:f8:79:7c:89:f3:6f:48:4c:3d:d3:d3:
3e:92:5f:27:d2:13:13:60:23:ea:fd:ec:5d:57:7e:6c:f3:b1:
b0:ee:24:f6:24:6f:90:47:29:df:cd:4a:69:dd:63:8a:66:91:
a6:40:ed:f8:9e:16:c6:fb:76:c7:64:3e:95:ea:43:09:32:2f:
a1:ab:12:63
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBT6Z8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YTY4NWNmODhhN2ZjNDNmZTFjN2ZlMzRhNmZmM2RkYmI0MTRmMGI1MB4XDTIyMDEw
MTEyMDQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZiYjQ5YmVlNzVh
M2MyMTgyNWVjMzEzMjRlOWU1NTg3NTQ0MzlkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4LQDsGeXLFZBYNUQCigX/2I06puubaXwCCmIRisQol3+oP
ngKP284P8msqsF4HFH/BCrLXFQaMKyDkov/m+usDnoEzkwcsiTySZ+xDnbpsS29P
+cAfNWdmKlcSMswuYtWUbqLIvV40dRD8si3VpSTyIYVoooeL9wiBCKhqbeREXgsj
152rxJQdKemEu5IqpYoB5gRGXxq/yfQ+g6Ck8odMk5nqJt1ba8u1GoTOEShqDz4s
uRHcYGwcOeeH4oPSee096Z5NmL7+qSfb9jmTJLZshSz/435N517G/19lwRjJHj1d
lYi5ydW7ByW+HjxdOgzeD5Ke6g0/l6k8bghgs0kCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBR2u0m+51o8IYJewxMk6eVYdUQ50zAfBgNVHSMEGDAWgBQ6aFz4in/EP+HH
/jSm/z3btBTwtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09taGMtSXBfeERfaHhfNDBwdjg5MjdRVThMVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvZTY1YzI3LWFlZjUtNDg2ZC1iNWQ3LTU5ZDZjYTY1Y2NiYy8x
L2RydEp2dWRhUENHQ1hzTVRKT25sV0hWRU9kTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
ZTY1YzI3LWFlZjUtNDg2ZC1iNWQ3LTU5ZDZjYTY1Y2NiYy8xL09taGMtSXBfeERf
aHhfNDBwdjg5MjdRVThMVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1+C0AMEArmZ/AMEAMGjZjANBAIA
AjAHAwUAKgEGMDANBgkqhkiG9w0BAQsFAAOCAQEAeAPaC2S/gEiGgFIR2oeLyk9k
hwAnCCZZDngwrphbVS4ldO3cmm6BMXgnYy/KF/7VlNERki4k97g0Be5zRvrtYy7r
XuxABIB1CdIpW88ffoV4Y5yIesdolGo5SWKBhKpxjOQZbZZqf2uX+ZAhyD8JDyjG
ZjKDP9RKf0bwiiBvMU1sp5f7bAZpQXZm0lwxYErpj/IIY5jAf0tlrGYSZRsDUtgu
e+bhVSQtrMJ0wYkKcdeI7Sah2qkiZMuFgPh5fInzb0hMPdPTPpJfJ9ITE2Aj6v3s
XVd+bPOxsO4k9iRvkEcp381Kad1jimaRpkDt+J4Wxvt2x2Q+lepDCTIvoasSYw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:34 2023 by rpki-client on console-ams.rpki-client.org