Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3Sxy8VrGSiNpUyN7tHQz8GnJuT0.roa
File: 3Sxy8VrGSiNpUyN7tHQz8GnJuT0.roa (raw, json)
Hash identifier: 4tavtHusKmPUTdQaHhASGOsu1o/KvWyvWojPfzKOoFc=
Subject key identifier: DD:2C:72:F1:5A:C6:4A:23:69:53:23:7B:B4:74:33:F0:69:C9:B9:3D
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 4344A0C9
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3Sxy8VrGSiNpUyN7tHQz8GnJuT0.roa
Signing time: Fri 11 Mar 2022 09:14:46 +0000
ROA not before: Fri 11 Mar 2022 09:14:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42649
IP address blocks: 194.14.135.0/24 maxlen: 24
193.235.51.0/24 maxlen: 24
193.235.73.0/24 maxlen: 24
194.71.245.0/24 maxlen: 24
194.68.159.0/24 maxlen: 24
193.234.255.0/24 maxlen: 24
192.71.184.0/24 maxlen: 24
193.180.20.0/24 maxlen: 24
193.235.193.0/24 maxlen: 24
194.68.160.0/24 maxlen: 24
193.235.130.0/24 maxlen: 24
193.234.83.0/24 maxlen: 24
193.234.86.0/24 maxlen: 24
193.180.121.0/24 maxlen: 24
193.183.239.0/24 maxlen: 24
193.234.77.0/24 maxlen: 24
193.234.76.0/24 maxlen: 24
192.165.198.0/24 maxlen: 24
192.36.31.0/24 maxlen: 24
194.103.43.0/24 maxlen: 24
192.165.127.0/24 maxlen: 24
192.165.131.0/24 maxlen: 24
192.165.138.0/23 maxlen: 24
193.182.110.0/24 maxlen: 24
192.121.226.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1128571081 (0x4344a0c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 11 09:14:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd2c72f15ac64a236953237bb47433f069c9b93d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:28:1d:21:aa:55:1d:48:73:28:bd:3b:7a:1f:
3f:ce:50:c3:18:05:d3:18:3f:39:93:09:c2:ef:cb:
a7:73:cc:39:4c:4f:7d:33:84:5f:b6:fc:66:32:29:
5c:ec:d9:7e:0a:ed:14:94:bd:11:2e:d8:61:d5:34:
ef:55:3f:80:5b:29:7a:b2:50:20:d0:37:31:8a:75:
b5:6e:3e:a5:30:f8:01:db:ae:bb:c2:64:02:b5:bf:
c9:3a:1e:6a:a9:94:4e:70:18:ef:cf:0d:ab:9f:65:
f3:9d:a2:6c:82:e9:7b:8b:b0:3f:01:18:8e:88:89:
06:c4:49:2f:2f:a7:1d:ef:92:b6:72:fe:a5:b2:c5:
1b:14:ae:3c:3c:05:a1:8c:3e:6f:da:ef:c1:90:a6:
12:65:ac:5c:b8:ff:a0:f9:bb:23:4b:da:33:5f:fc:
52:e4:89:df:44:01:93:d4:48:5a:96:fc:78:49:4d:
1d:02:67:bb:2f:3c:1e:b3:36:0f:2e:be:75:9b:a7:
71:08:0c:e5:b6:db:a9:07:8a:a7:a3:23:3f:43:d7:
2a:82:6d:36:6a:3e:95:f9:84:b8:aa:db:19:2e:5d:
c7:15:41:53:d1:e6:a6:34:69:b6:46:c9:2f:fe:f2:
45:ac:16:34:7e:c8:65:17:c8:19:b9:cc:cd:b5:02:
cd:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2C:72:F1:5A:C6:4A:23:69:53:23:7B:B4:74:33:F0:69:C9:B9:3D
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3Sxy8VrGSiNpUyN7tHQz8GnJuT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.31.0/24
192.71.184.0/24
192.121.226.0/24
192.165.127.0/24
192.165.131.0/24
192.165.138.0/23
192.165.198.0/24
193.180.20.0/24
193.180.121.0/24
193.182.110.0/24
193.183.239.0/24
193.234.76.0/23
193.234.83.0/24
193.234.86.0/24
193.234.255.0/24
193.235.51.0/24
193.235.73.0/24
193.235.130.0/24
193.235.193.0/24
194.14.135.0/24
194.68.159.0-194.68.160.255
194.71.245.0/24
194.103.43.0/24
Signature Algorithm: sha256WithRSAEncryption
50:a7:25:c4:32:b8:1f:91:9a:7f:08:a6:ee:8f:84:2e:29:eb:
0d:52:ac:de:d9:19:f5:73:6a:5b:da:ba:5e:95:72:14:9a:ce:
c0:7e:f0:83:35:10:21:cb:fa:ca:a8:02:6e:b2:9e:12:66:df:
50:47:5d:1c:d1:12:51:e1:85:ab:b8:fd:4c:7b:55:c5:09:10:
d2:aa:ab:d4:a9:61:70:13:05:99:78:34:13:2a:fe:97:25:e4:
be:92:70:8e:e6:98:6a:c3:ab:92:0c:d3:7d:5d:ce:ba:27:21:
7a:8c:3c:ad:d4:f5:ac:d5:13:14:b6:dc:f2:83:a2:da:ac:4d:
3a:4e:f7:0f:f0:dc:77:19:80:23:ec:cb:3c:d5:18:20:e4:b6:
37:87:ed:89:f0:fe:f7:d5:1e:93:97:d9:57:fc:34:d7:3a:c2:
4d:db:4d:27:c2:84:6e:00:0f:99:d8:bc:85:06:0b:1d:9e:d0:
4d:89:f2:6a:03:f5:2f:9c:52:91:9a:80:e0:d1:64:c0:01:b2:
5e:f3:be:ed:fb:5d:0e:a3:23:ab:f3:d8:98:9b:1d:ab:b9:53:
e4:14:47:db:d5:a6:9e:fd:4c:b7:e4:a2:c6:55:24:c4:94:28:
a8:04:3a:86:f6:dc:95:95:9a:bc:b9:48:96:79:3f:53:f4:4b:
64:93:5e:0c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIEQ0SgyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDMx
MTA5MTQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQyYzcyZjE1YWM2
NGEyMzY5NTMyMzdiYjQ3NDMzZjA2OWM5YjkzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPUoHSGqVR1Icyi9O3ofP85QwxgF0xg/OZMJwu/Lp3PMOUxP
fTOEX7b8ZjIpXOzZfgrtFJS9ES7YYdU071U/gFsperJQINA3MYp1tW4+pTD4Aduu
u8JkArW/yToeaqmUTnAY788Nq59l852ibILpe4uwPwEYjoiJBsRJLy+nHe+StnL+
pbLFGxSuPDwFoYw+b9rvwZCmEmWsXLj/oPm7I0vaM1/8UuSJ30QBk9RIWpb8eElN
HQJnuy88HrM2Dy6+dZuncQgM5bbbqQeKp6MjP0PXKoJtNmo+lfmEuKrbGS5dxxVB
U9HmpjRptkbJL/7yRawWNH7IZRfIGbnMzbUCzeMCAwEAAaOCApowggKWMB0GA1Ud
DgQWBBTdLHLxWsZKI2lTI3u0dDPwacm5PTAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
LzNTeHk4VnJHU2lOcFV5Tjd0SFF6OEduSnVUMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
rwYIKwYBBQUHAQcBAf8EgZ8wgZwwgZkEAgABMIGSAwQAwCQfAwQAwEe4AwQAwHni
AwQAwKV/AwQAwKWDAwQBwKWKAwQAwKXGAwQAwbQUAwQAwbR5AwQAwbZuAwQAwbfv
AwQBwepMAwQAwepTAwQAwepWAwQAwer/AwQAweszAwQAwetJAwQAweuCAwQAwevB
AwQAwg6HMAwDBADCRJ8DBADCRKADBADCR/UDBADCZyswDQYJKoZIhvcNAQELBQAD
ggEBAFCnJcQyuB+Rmn8Ipu6PhC4p6w1SrN7ZGfVzalvaul6VchSazsB+8IM1ECHL
+sqoAm6ynhJm31BHXRzRElHhhau4/Ux7VcUJENKqq9SpYXATBZl4NBMq/pcl5L6S
cI7mmGrDq5IM031dzronIXqMPK3U9azVExS23PKDotqsTTpO9w/w3HcZgCPsyzzV
GCDktjeH7Ynw/vfVHpOX2Vf8NNc6wk3bTSfChG4AD5nYvIUGCx2e0E2J8moD9S+c
UpGagODRZMABsl7zvu37XQ6jI6vz2JibHau5U+QUR9vVpp79TLfkosZVJMSUKKgE
Oob23JWVmry5SJZ5P1P0S2STXgw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:38 2023 by rpki-client on console-ams.rpki-client.org