Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b674bb-0447-4d72-b302-6ec40a381819/1/ISx3t6idPTrK4KbWTlphGkOfk6E.roa
File: ISx3t6idPTrK4KbWTlphGkOfk6E.roa (raw, json)
Hash identifier: pcxsGBOUHiRycJUvrvZRsVVFhZXtkUrEtZ2vL4pkZM8=
Subject key identifier: 21:2C:77:B7:A8:9D:3D:3A:CA:E0:A6:D6:4E:5A:61:1A:43:9F:93:A1
Certificate issuer: /CN=9e5d484eb6b4b5689a544cf0b13b7ef932457ef1
Certificate serial: 04C7F021
Authority key identifier: 9E:5D:48:4E:B6:B4:B5:68:9A:54:4C:F0:B1:3B:7E:F9:32:45:7E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nl1ITra0tWiaVEzwsTt--TJFfvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b674bb-0447-4d72-b302-6ec40a381819/1/ISx3t6idPTrK4KbWTlphGkOfk6E.roa
Signing time: Sat 01 Jan 2022 07:00:27 +0000
ROA not before: Sat 01 Jan 2022 07:00:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35236
IP address blocks: 185.205.136.0/22 maxlen: 24
185.205.137.0/24 maxlen: 24
2a0b:640::/30 maxlen: 30
2a0b:640:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80212001 (0x4c7f021)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e5d484eb6b4b5689a544cf0b13b7ef932457ef1
Validity
Not Before: Jan 1 07:00:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=212c77b7a89d3d3acae0a6d64e5a611a439f93a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:3a:f3:af:7f:9e:99:d3:2a:82:ea:80:4f:2c:
8b:8e:a0:2a:42:21:2a:d2:73:91:6b:03:a7:47:45:
44:aa:1b:53:d6:e2:43:36:10:ce:46:23:e1:2a:04:
7d:65:ea:53:50:da:cf:15:b9:ee:90:dc:f0:72:c6:
47:5f:a0:89:da:1e:9f:32:66:14:12:81:92:89:14:
b8:7e:03:8b:2d:97:ad:92:61:dc:ca:9c:6e:7b:8e:
4d:3f:29:f4:ac:73:d0:48:28:9d:2b:9c:ef:5e:69:
be:25:44:fd:91:8d:5a:7d:98:9d:c4:64:6e:c0:cf:
e8:18:6b:c0:2e:70:a9:34:da:5a:cc:b7:ee:f0:73:
29:34:60:81:41:e2:03:d5:a1:90:e9:ab:e7:91:19:
af:29:1a:55:e2:70:a8:c1:81:c2:17:0f:f1:0c:1b:
db:6f:51:fc:d3:6a:51:f4:64:d3:5b:fd:a6:05:55:
bd:c1:4f:e3:da:28:74:66:53:f5:05:fc:74:d5:57:
40:95:28:95:45:5a:35:55:a4:21:c1:95:43:fc:0d:
c3:0b:b5:13:2b:3f:f5:53:79:22:86:ab:f4:b9:d3:
26:ee:2c:37:73:2d:59:ac:4e:0a:a2:c1:07:e6:ca:
7c:e7:f3:cb:24:5f:82:73:53:f2:56:09:9b:ee:64:
14:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:2C:77:B7:A8:9D:3D:3A:CA:E0:A6:D6:4E:5A:61:1A:43:9F:93:A1
X509v3 Authority Key Identifier:
keyid:9E:5D:48:4E:B6:B4:B5:68:9A:54:4C:F0:B1:3B:7E:F9:32:45:7E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nl1ITra0tWiaVEzwsTt--TJFfvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b674bb-0447-4d72-b302-6ec40a381819/1/ISx3t6idPTrK4KbWTlphGkOfk6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b674bb-0447-4d72-b302-6ec40a381819/1/nl1ITra0tWiaVEzwsTt--TJFfvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.136.0/22
IPv6:
2a0b:640::/30
Signature Algorithm: sha256WithRSAEncryption
24:26:50:0d:0b:91:90:d3:df:10:60:d6:61:a0:36:fc:54:2a:
f5:78:ce:23:36:a2:a6:b6:8f:64:d9:51:99:71:64:38:df:4e:
c9:7d:f8:33:02:87:b9:ae:1c:3f:f9:f8:d9:0d:f5:5b:2d:7f:
2a:7f:51:b1:19:56:b6:51:f8:81:a1:aa:b0:7b:ba:a8:50:12:
a0:7b:11:98:ee:46:fa:97:4b:18:37:f3:b3:34:40:68:9a:6b:
83:74:c7:73:11:c8:c6:d6:a1:d1:24:63:e4:dc:8c:45:a8:9f:
11:33:ae:ff:41:2d:7b:f2:c8:77:6b:5e:af:43:06:f7:4a:7b:
cd:86:7a:b9:b3:40:59:b2:94:52:0b:31:1a:f0:d1:19:aa:3e:
35:06:9f:54:a7:33:cb:fd:4b:40:b7:34:63:b6:20:b6:94:05:
f4:94:fc:ff:9b:74:e3:b2:d9:a2:a9:6f:6d:11:ed:80:ac:31:
aa:7a:38:23:71:a9:56:75:e5:52:16:25:71:69:25:29:81:be:
56:9b:47:8c:2e:a6:5e:73:13:23:61:5a:58:57:53:74:4d:a6:
ac:3b:87:5f:2f:15:59:4d:25:68:e1:1a:f2:20:7b:fa:68:f8:
e5:19:82:9f:a0:3b:fd:48:af:e5:e0:39:67:54:5e:1d:5b:7b:
01:c7:ba:f3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBMfwITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTVkNDg0ZWI2YjRiNTY4OWE1NDRjZjBiMTNiN2VmOTMyNDU3ZWYxMB4XDTIyMDEw
MTA3MDAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjEyYzc3YjdhODlk
M2QzYWNhZTBhNmQ2NGU1YTYxMWE0MzlmOTNhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPU6869/npnTKoLqgE8si46gKkIhKtJzkWsDp0dFRKobU9bi
QzYQzkYj4SoEfWXqU1DazxW57pDc8HLGR1+gidoenzJmFBKBkokUuH4Diy2XrZJh
3MqcbnuOTT8p9Kxz0EgonSuc715pviVE/ZGNWn2YncRkbsDP6BhrwC5wqTTaWsy3
7vBzKTRggUHiA9WhkOmr55EZrykaVeJwqMGBwhcP8Qwb229R/NNqUfRk01v9pgVV
vcFP49oodGZT9QX8dNVXQJUolUVaNVWkIcGVQ/wNwwu1Eys/9VN5Ioar9LnTJu4s
N3MtWaxOCqLBB+bKfOfzyyRfgnNT8lYJm+5kFMcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQhLHe3qJ09OsrgptZOWmEaQ5+ToTAfBgNVHSMEGDAWgBSeXUhOtrS1aJpU
TPCxO375MkV+8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25sMUlUcmEwdFdpYVZFendzVHQtLVRKRmZ2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvYjY3NGJiLTA0NDctNGQ3Mi1iMzAyLTZlYzQwYTM4MTgxOS8x
L0lTeDN0NmlkUFRySzRLYldUbHBoR2tPZms2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
YjY3NGJiLTA0NDctNGQ3Mi1iMzAyLTZlYzQwYTM4MTgxOS8xL25sMUlUcmEwdFdp
YVZFendzVHQtLVRKRmZ2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnNiDANBAIAAjAHAwUCKgsGQDAN
BgkqhkiG9w0BAQsFAAOCAQEAJCZQDQuRkNPfEGDWYaA2/FQq9XjOIzaipraPZNlR
mXFkON9OyX34MwKHua4cP/n42Q31Wy1/Kn9RsRlWtlH4gaGqsHu6qFASoHsRmO5G
+pdLGDfzszRAaJprg3THcxHIxtah0SRj5NyMRaifETOu/0Ete/LId2ter0MG90p7
zYZ6ubNAWbKUUgsxGvDRGao+NQafVKczy/1LQLc0Y7YgtpQF9JT8/5t047LZoqlv
bRHtgKwxqno4I3GpVnXlUhYlcWklKYG+VptHjC6mXnMTI2FaWFdTdE2mrDuHXy8V
WU0laOEa8iB7+mj45RmCn6A7/Uiv5eA5Z1ReHVt7Ace68w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:28 2024 by rpki-client on console-fra.rpki-client.org