Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/3pw5iMYEEuYt7z-eWypaaoHYxw4.roa
File: 3pw5iMYEEuYt7z-eWypaaoHYxw4.roa (raw, json)
Hash identifier: 4KvI1w28x7sS+AxxrhD/qt7Nccu5xbKd4A9TPSpof0Q=
Subject key identifier: DE:9C:39:88:C6:04:12:E6:2D:EF:3F:9E:5B:2A:5A:6A:81:D8:C7:0E
Certificate issuer: /CN=e50c22c66b85fac98de83d761ef4243437ab0393
Certificate serial: 0353E7C4
Authority key identifier: E5:0C:22:C6:6B:85:FA:C9:8D:E8:3D:76:1E:F4:24:34:37:AB:03:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QwixmuF-smN6D12HvQkNDerA5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/3pw5iMYEEuYt7z-eWypaaoHYxw4.roa
Signing time: Sat 01 Jan 2022 00:50:56 +0000
ROA not before: Sat 01 Jan 2022 00:50:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29240
IP address blocks: 185.217.236.0/22 maxlen: 22
185.244.244.0/22 maxlen: 22
213.255.160.0/19 maxlen: 19
185.77.244.0/22 maxlen: 22
193.142.16.0/23 maxlen: 23
2a01:18::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55830468 (0x353e7c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e50c22c66b85fac98de83d761ef4243437ab0393
Validity
Not Before: Jan 1 00:50:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de9c3988c60412e62def3f9e5b2a5a6a81d8c70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d4:93:7b:aa:d0:9d:01:30:14:eb:d0:50:cd:
f2:74:ef:22:8f:c9:93:35:4c:77:41:42:55:15:61:
76:e3:90:17:99:18:12:65:5b:37:c4:8d:98:ea:8d:
b3:e8:fa:09:39:0b:3a:b3:9c:61:db:a4:af:1c:6c:
e6:92:b8:d2:39:45:80:27:62:2d:5f:7f:76:03:89:
1d:c9:ef:50:65:a6:a0:bc:8d:4c:4f:9f:07:9a:52:
0a:1a:0b:e7:af:dd:17:7a:c8:a3:0f:25:31:58:0e:
c3:25:cb:f8:f5:85:e3:c9:cd:bc:9d:ef:16:1d:92:
3d:48:f0:17:93:ee:64:a9:31:51:ad:82:fd:59:2f:
2a:d9:3e:96:0e:77:06:65:85:8a:54:5a:f2:a7:91:
3f:6a:cd:f8:67:15:a2:0e:a1:e0:58:36:87:7a:aa:
3f:f6:8b:79:05:81:6a:eb:08:d5:6b:fe:43:21:a8:
22:6e:29:54:ff:ae:d3:a8:b2:e5:83:db:ea:16:a6:
12:ac:c6:8d:71:94:6d:b1:f1:7a:6a:6b:e5:a6:0a:
d6:e8:ca:83:ca:22:f3:03:84:07:20:5e:a4:1f:e1:
61:ef:57:0f:47:73:24:cf:66:ad:5e:05:62:c5:c8:
f0:e2:86:56:9e:96:9a:6e:33:c2:d7:c1:90:34:31:
98:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9C:39:88:C6:04:12:E6:2D:EF:3F:9E:5B:2A:5A:6A:81:D8:C7:0E
X509v3 Authority Key Identifier:
keyid:E5:0C:22:C6:6B:85:FA:C9:8D:E8:3D:76:1E:F4:24:34:37:AB:03:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QwixmuF-smN6D12HvQkNDerA5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/3pw5iMYEEuYt7z-eWypaaoHYxw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/5QwixmuF-smN6D12HvQkNDerA5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.244.0/22
185.217.236.0/22
185.244.244.0/22
193.142.16.0/23
213.255.160.0/19
IPv6:
2a01:18::/32
Signature Algorithm: sha256WithRSAEncryption
5d:73:76:1f:b2:30:c3:9e:7a:9f:8a:9d:4e:f8:7e:e6:dc:9d:
33:f5:92:11:b9:b9:71:f9:ec:c7:8f:50:bb:7c:96:95:8c:46:
1c:1c:f8:b8:7d:9c:13:aa:a6:78:c7:63:9c:64:6c:a2:d2:22:
81:c7:38:5b:6a:f3:3d:00:77:85:c7:57:71:4d:9b:1d:46:35:
c5:58:69:13:cb:d9:17:52:6c:fb:cf:52:8b:59:93:9b:c3:63:
6b:5e:0b:4c:2f:67:8f:63:8c:56:2a:b9:6a:58:e0:38:77:b5:
3b:8c:79:51:d5:df:13:ed:d4:5f:5d:fc:95:5c:bb:26:a3:c4:
21:f4:34:10:17:3e:20:80:ef:6e:df:ed:ff:fe:ee:7e:cc:2b:
91:60:47:09:fa:58:73:2d:2c:18:9f:4d:c8:30:2d:bd:cb:6a:
7a:66:7a:cd:74:5b:67:35:a8:02:e4:b0:44:53:86:e8:5d:3b:
b4:5d:30:bb:75:bc:17:bc:8b:04:4a:1a:69:76:45:e3:2e:11:
c5:38:f9:4a:ca:2f:04:73:26:02:52:6e:8e:90:bb:2c:c3:81:
ee:67:b2:b0:7a:fd:ca:5f:cb:c1:83:c5:21:42:cd:62:fb:8e:
ad:69:03:52:99:f6:66:c1:e8:89:d1:66:81:e3:08:83:18:56:
cb:eb:25:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEA1PnxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTBjMjJjNjZiODVmYWM5OGRlODNkNzYxZWY0MjQzNDM3YWIwMzkzMB4XDTIyMDEw
MTAwNTA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGU5YzM5ODhjNjA0
MTJlNjJkZWYzZjllNWIyYTVhNmE4MWQ4YzcwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjUk3uq0J0BMBTr0FDN8nTvIo/JkzVMd0FCVRVhduOQF5kY
EmVbN8SNmOqNs+j6CTkLOrOcYdukrxxs5pK40jlFgCdiLV9/dgOJHcnvUGWmoLyN
TE+fB5pSChoL56/dF3rIow8lMVgOwyXL+PWF48nNvJ3vFh2SPUjwF5PuZKkxUa2C
/VkvKtk+lg53BmWFilRa8qeRP2rN+GcVog6h4Fg2h3qqP/aLeQWBausI1Wv+QyGo
Im4pVP+u06iy5YPb6hamEqzGjXGUbbHxempr5aYK1ujKg8oi8wOEByBepB/hYe9X
D0dzJM9mrV4FYsXI8OKGVp6Wmm4zwtfBkDQxmPcCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTenDmIxgQS5i3vP55bKlpqgdjHDjAfBgNVHSMEGDAWgBTlDCLGa4X6yY3o
PXYe9CQ0N6sDkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVRd2l4bXVGLXNtTjZEMTJIdlFrTkRlckE1TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvMmI3ZmU5LTJhODctNGM1Ny1iMTA4LTkyMTQyNzgxMDhhOC8x
LzNwdzVpTVlFRXVZdDd6LWVXeXBhYW9IWXh3NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
MmI3ZmU5LTJhODctNGM1Ny1iMTA4LTkyMTQyNzgxMDhhOC8xLzVRd2l4bXVGLXNt
TjZEMTJIdlFrTkRlckE1TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEArlN9AMEArnZ7AMEArn09AMEAcGO
EAMEBdX/oDANBAIAAjAHAwUAKgEAGDANBgkqhkiG9w0BAQsFAAOCAQEAXXN2H7Iw
w556n4qdTvh+5tydM/WSEbm5cfnsx49Qu3yWlYxGHBz4uH2cE6qmeMdjnGRsotIi
gcc4W2rzPQB3hcdXcU2bHUY1xVhpE8vZF1Js+89Si1mTm8Nja14LTC9nj2OMViq5
aljgOHe1O4x5UdXfE+3UX138lVy7JqPEIfQ0EBc+IIDvbt/t//7ufswrkWBHCfpY
cy0sGJ9NyDAtvctqemZ6zXRbZzWoAuSwRFOG6F07tF0wu3W8F7yLBEoaaXZF4y4R
xTj5SsovBHMmAlJujpC7LMOB7meysHr9yl/LwYPFIULNYvuOrWkDUpn2ZsHoidFm
geMIgxhWy+slPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:17 2024 by rpki-client on console-fra.rpki-client.org