Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/z0qrroQtecHhn6emyCQCHEO2hJA.roa
File: z0qrroQtecHhn6emyCQCHEO2hJA.roa (raw, json)
Hash identifier: ndw9CGvmEnIC26Wdi5XPqbf6b4SYp5FzenVw8wZgAFI=
Subject key identifier: CF:4A:AB:AE:84:2D:79:C1:E1:9F:A7:A6:C8:24:02:1C:43:B6:84:90
Certificate issuer: /CN=0c1e6d5e72daf4108cf60bd47e936df1a1e97226
Certificate serial: B4A16C
Authority key identifier: 0C:1E:6D:5E:72:DA:F4:10:8C:F6:0B:D4:7E:93:6D:F1:A1:E9:72:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DB5tXnLa9BCM9gvUfpNt8aHpciY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/z0qrroQtecHhn6emyCQCHEO2hJA.roa
Signing time: Sat 01 Jan 2022 11:01:37 +0000
ROA not before: Sat 01 Jan 2022 11:01:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206211
IP address blocks: 185.247.240.0/24 maxlen: 24
2a0d:d180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11837804 (0xb4a16c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c1e6d5e72daf4108cf60bd47e936df1a1e97226
Validity
Not Before: Jan 1 11:01:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf4aabae842d79c1e19fa7a6c824021c43b68490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b3:fc:f4:9b:02:3d:a7:d3:b1:29:81:40:1e:
35:78:1c:4b:1c:2b:9f:4d:da:85:05:d3:8e:57:7c:
a7:df:d2:31:c5:8a:80:51:b2:8d:48:96:d2:1e:9b:
a0:af:b4:e1:04:4e:56:11:d9:73:66:c4:02:c9:4e:
16:e8:f5:7b:b5:5d:fb:cc:32:c3:d4:1a:12:8f:a5:
3e:d9:d5:89:75:70:c6:a4:bc:db:cc:bd:76:40:a2:
f1:17:c3:db:c7:cf:05:93:4a:67:a8:18:1e:24:b0:
32:0a:b0:e6:98:9f:4b:ba:2c:be:37:ed:51:1f:9c:
2e:f7:1a:06:10:e8:a4:3c:2b:df:c7:c9:f4:7d:b5:
30:8b:f7:f4:51:b1:52:ab:5b:5d:6b:b0:73:ed:53:
41:f2:f8:ae:a7:d4:9c:0d:2f:0f:06:84:35:d6:db:
d0:4e:dc:e1:60:2c:34:81:0c:8b:75:9c:18:26:2e:
3c:a0:15:74:28:20:c3:9b:ba:a3:ef:79:9f:32:80:
25:55:15:10:d6:ff:57:3e:6c:32:65:c9:c6:e5:4b:
ba:b7:e0:92:76:2e:3f:55:4c:a6:47:3d:31:5c:6d:
58:d5:dc:78:06:54:7e:62:36:70:df:11:55:8f:0b:
f3:a9:fa:c1:d5:3c:ac:8a:81:25:d7:b5:f9:72:f5:
57:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4A:AB:AE:84:2D:79:C1:E1:9F:A7:A6:C8:24:02:1C:43:B6:84:90
X509v3 Authority Key Identifier:
keyid:0C:1E:6D:5E:72:DA:F4:10:8C:F6:0B:D4:7E:93:6D:F1:A1:E9:72:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DB5tXnLa9BCM9gvUfpNt8aHpciY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/z0qrroQtecHhn6emyCQCHEO2hJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/DB5tXnLa9BCM9gvUfpNt8aHpciY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.240.0/24
IPv6:
2a0d:d180::/29
Signature Algorithm: sha256WithRSAEncryption
4f:80:d2:6e:07:ad:e6:df:3d:1b:e5:d9:6b:9a:64:af:f4:0d:
ce:2c:a9:5a:5f:b3:43:aa:1c:72:fd:6c:1a:aa:cb:52:ce:c8:
1f:a5:dc:ba:c5:49:40:56:99:fe:30:69:0e:f5:48:65:97:6c:
a9:a1:91:92:6b:c8:84:c3:11:23:2a:c7:42:7e:be:49:74:dd:
1e:40:02:f0:df:6e:40:f8:dc:50:42:bb:4b:0d:c5:3d:f5:fc:
f1:0e:04:4d:db:f6:a1:97:b1:09:6d:17:8c:78:53:67:43:df:
68:78:e6:97:1f:43:4e:0a:cd:60:f7:ad:2b:13:8d:dc:ac:c8:
33:5f:8c:4c:ff:77:63:4c:50:a5:2b:a5:35:97:e7:b0:f2:b0:
af:61:b0:a5:19:c8:3c:90:30:f0:60:c8:fd:43:74:84:d3:3e:
42:2c:49:4c:e0:d1:4a:5f:1e:bb:c1:63:a2:ce:df:78:cc:6a:
68:56:d7:7b:ce:27:ce:1a:cf:72:4c:95:c0:3c:05:0d:2b:f1:
b7:bd:e2:b5:23:ea:80:4c:ea:e7:5d:3b:5c:8b:0d:14:9f:64:
dc:0c:59:e2:48:89:1e:dc:d9:96:fd:bc:3c:c8:c6:90:b3:7d:
58:4a:89:f1:1f:f2:9e:1c:bc:0c:e4:af:24:71:73:c7:a3:96:
2b:ad:b2:78
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEALShbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzFlNmQ1ZTcyZGFmNDEwOGNmNjBiZDQ3ZTkzNmRmMWExZTk3MjI2MB4XDTIyMDEw
MTExMDEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Y0YWFiYWU4NDJk
NzljMWUxOWZhN2E2YzgyNDAyMWM0M2I2ODQ5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqz/PSbAj2n07EpgUAeNXgcSxwrn03ahQXTjld8p9/SMcWK
gFGyjUiW0h6boK+04QROVhHZc2bEAslOFuj1e7Vd+8wyw9QaEo+lPtnViXVwxqS8
28y9dkCi8RfD28fPBZNKZ6gYHiSwMgqw5pifS7osvjftUR+cLvcaBhDopDwr38fJ
9H21MIv39FGxUqtbXWuwc+1TQfL4rqfUnA0vDwaENdbb0E7c4WAsNIEMi3WcGCYu
PKAVdCggw5u6o+95nzKAJVUVENb/Vz5sMmXJxuVLurfgknYuP1VMpkc9MVxtWNXc
eAZUfmI2cN8RVY8L86n6wdU8rIqBJde1+XL1V6MCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTPSquuhC15weGfp6bIJAIcQ7aEkDAfBgNVHSMEGDAWgBQMHm1ectr0EIz2
C9R+k23xoelyJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RCNXRYbkxhOUJDTTlndlVmcE50OGFIcGNpWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGUvM2RjNzJlLTA4NjEtNDMxNi1hNGJlLWEyOTU4MTNmMWY4Mi8x
L3owcXJyb1F0ZWNIaG42ZW15Q1FDSEVPMmhKQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUv
M2RjNzJlLTA4NjEtNDMxNi1hNGJlLWEyOTU4MTNmMWY4Mi8xL0RCNXRYbkxhOUJD
TTlndlVmcE50OGFIcGNpWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALn38DANBAIAAjAHAwUDKg3RgDAN
BgkqhkiG9w0BAQsFAAOCAQEAT4DSbget5t89G+XZa5pkr/QNziypWl+zQ6occv1s
GqrLUs7IH6XcusVJQFaZ/jBpDvVIZZdsqaGRkmvIhMMRIyrHQn6+SXTdHkAC8N9u
QPjcUEK7Sw3FPfX88Q4ETdv2oZexCW0XjHhTZ0PfaHjmlx9DTgrNYPetKxON3KzI
M1+MTP93Y0xQpSulNZfnsPKwr2GwpRnIPJAw8GDI/UN0hNM+QixJTODRSl8eu8Fj
os7feMxqaFbXe84nzhrPckyVwDwFDSvxt73itSPqgEzq5107XIsNFJ9k3AxZ4kiJ
HtzZlv28PMjGkLN9WEqJ8R/ynhy8DOSvJHFzx6OWK62yeA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:54 2023 by rpki-client on console-ams.rpki-client.org