Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/3pucLl5BhpIQiJ4aYalLeeUS87E.roa
File: 3pucLl5BhpIQiJ4aYalLeeUS87E.roa (raw, json)
Hash identifier: 3QNz9aQ67mGVZbd45nqI4VZ/s+FdpxiVgbxNAq/482k=
Subject key identifier: DE:9B:9C:2E:5E:41:86:92:10:88:9E:1A:61:A9:4B:79:E5:12:F3:B1
Certificate issuer: /CN=2452ab1d2d29bac9d52eb479de64c0700fc6724f
Certificate serial: 03E6E77A
Authority key identifier: 24:52:AB:1D:2D:29:BA:C9:D5:2E:B4:79:DE:64:C0:70:0F:C6:72:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFKrHS0pusnVLrR53mTAcA_Gck8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/3pucLl5BhpIQiJ4aYalLeeUS87E.roa
Signing time: Sat 01 Jan 2022 16:10:33 +0000
ROA not before: Sat 01 Jan 2022 16:10:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202024
IP address blocks: 185.54.16.0/24 maxlen: 24
185.54.16.0/23 maxlen: 23
185.54.16.0/22 maxlen: 22
185.54.17.0/24 maxlen: 24
185.54.19.0/24 maxlen: 24
185.54.18.0/23 maxlen: 23
185.54.18.0/24 maxlen: 24
185.141.15.0/24 maxlen: 24
185.141.14.0/23 maxlen: 23
185.141.14.0/24 maxlen: 24
185.141.12.0/24 maxlen: 24
185.141.12.0/23 maxlen: 23
185.141.12.0/22 maxlen: 22
185.141.13.0/24 maxlen: 24
2a00:d30:16::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65464186 (0x3e6e77a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2452ab1d2d29bac9d52eb479de64c0700fc6724f
Validity
Not Before: Jan 1 16:10:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de9b9c2e5e41869210889e1a61a94b79e512f3b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:df:e5:9c:25:19:7c:0b:a4:77:2b:b0:a2:d4:
76:4f:8c:85:38:04:e1:e7:f3:db:33:d3:90:30:8c:
93:e1:33:ce:06:38:f0:9a:d5:35:18:81:9d:58:97:
ff:30:27:e9:6e:65:34:1f:d1:d1:0c:ed:69:02:cd:
5c:84:ef:9a:3f:f6:1b:7f:1b:3f:80:9f:dd:55:f5:
a9:14:68:31:1b:96:43:1f:9a:6e:56:cf:11:de:0d:
ce:21:39:17:79:18:e2:02:61:37:82:e0:47:d6:27:
3e:36:6f:49:48:39:13:23:3a:7f:fe:bd:5f:09:a7:
88:3d:ac:73:d7:b6:59:af:9c:49:f9:1c:9e:e8:7c:
0e:c4:db:7f:8e:4f:c2:15:78:67:d1:ca:e1:40:30:
57:a1:d2:80:54:80:c3:8d:38:c8:71:cf:6a:7a:3b:
08:fb:cf:92:90:5b:45:7d:86:f2:f9:2d:d1:06:68:
9d:67:88:0c:da:fd:38:c2:12:72:8d:c5:e4:8c:67:
82:be:f1:f6:31:c1:be:2c:20:73:95:0b:a0:67:08:
3f:c6:82:54:d5:3a:bf:6b:e1:a7:55:7b:8c:7c:e8:
f0:b2:c7:84:e8:f0:48:b3:90:87:6a:0d:c4:d8:83:
6b:67:08:cd:a1:70:62:30:12:23:36:df:33:b3:9f:
58:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9B:9C:2E:5E:41:86:92:10:88:9E:1A:61:A9:4B:79:E5:12:F3:B1
X509v3 Authority Key Identifier:
keyid:24:52:AB:1D:2D:29:BA:C9:D5:2E:B4:79:DE:64:C0:70:0F:C6:72:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFKrHS0pusnVLrR53mTAcA_Gck8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/3pucLl5BhpIQiJ4aYalLeeUS87E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/JFKrHS0pusnVLrR53mTAcA_Gck8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.16.0/22
185.141.12.0/22
IPv6:
2a00:d30:16::/48
Signature Algorithm: sha256WithRSAEncryption
9a:f8:3d:67:a4:52:ed:7f:e2:b0:c8:06:8f:b9:03:33:3b:1d:
e7:8e:5a:24:7a:03:94:bb:c9:3a:a4:1f:bb:59:85:89:85:6e:
6a:1e:41:40:e4:d4:33:42:5d:e6:17:8f:64:d1:7d:26:67:7f:
7b:16:eb:81:72:75:0a:da:2e:78:06:20:00:d4:42:d5:56:41:
ae:5f:e0:23:01:10:ea:6f:db:b1:76:39:0f:42:c3:83:d8:61:
be:cc:f4:4f:0c:16:42:eb:5b:82:f5:4f:49:f0:33:21:8b:41:
f4:6e:82:c7:6d:94:35:e8:99:9d:2c:56:c0:f8:1a:07:3c:86:
1e:f1:9c:4a:7b:f5:29:c3:ef:0a:1e:40:76:8b:38:64:3a:3b:
e1:fd:bf:78:d6:74:3a:fd:00:f6:df:f2:64:ca:90:6e:25:c4:
91:9f:f8:39:5e:4b:e0:a5:c7:38:07:2b:f9:7e:7a:3f:2a:f2:
42:35:a9:91:c7:26:24:b2:da:eb:91:da:c2:ce:6c:b5:35:d1:
04:a6:50:c0:5a:24:a3:de:e4:8a:be:c7:2f:6f:46:f6:6b:08:
0e:26:87:6a:ca:dd:c2:99:ab:77:14:63:88:e4:3f:af:2d:13:
f7:76:f7:50:eb:41:b4:5e:d0:00:4c:2b:5d:1a:ea:cc:3a:ff:
80:a9:be:7b
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEA+bnejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NDUyYWIxZDJkMjliYWM5ZDUyZWI0NzlkZTY0YzA3MDBmYzY3MjRmMB4XDTIyMDEw
MTE2MTAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGU5YjljMmU1ZTQx
ODY5MjEwODg5ZTFhNjFhOTRiNzllNTEyZjNiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/f5ZwlGXwLpHcrsKLUdk+MhTgE4efz2zPTkDCMk+EzzgY4
8JrVNRiBnViX/zAn6W5lNB/R0QztaQLNXITvmj/2G38bP4Cf3VX1qRRoMRuWQx+a
blbPEd4NziE5F3kY4gJhN4LgR9YnPjZvSUg5EyM6f/69XwmniD2sc9e2Wa+cSfkc
nuh8DsTbf45PwhV4Z9HK4UAwV6HSgFSAw404yHHPano7CPvPkpBbRX2G8vkt0QZo
nWeIDNr9OMISco3F5Ixngr7x9jHBviwgc5ULoGcIP8aCVNU6v2vhp1V7jHzo8LLH
hOjwSLOQh2oNxNiDa2cIzaFwYjASIzbfM7OfWBUCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBTem5wuXkGGkhCInhphqUt55RLzsTAfBgNVHSMEGDAWgBQkUqsdLSm6ydUu
tHneZMBwD8ZyTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pGS3JIUzBwdXNuVkxyUjUzbVRBY0FfR2NrOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvYmMxZDE0LTE1YzgtNDhmZC05ZWMzLTk2OWM5NGRlODlhNS8x
LzNwdWNMbDVCaHBJUWlKNGFZYWxMZWVVUzg3RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
YmMxZDE0LTE1YzgtNDhmZC05ZWMzLTk2OWM5NGRlODlhNS8xL0pGS3JIUzBwdXNu
VkxyUjUzbVRBY0FfR2NrOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEArk2EAMEArmNDDAPBAIAAjAJAwcA
KgANMAAWMA0GCSqGSIb3DQEBCwUAA4IBAQCa+D1npFLtf+KwyAaPuQMzOx3njlok
egOUu8k6pB+7WYWJhW5qHkFA5NQzQl3mF49k0X0mZ397FuuBcnUK2i54BiAA1ELV
VkGuX+AjARDqb9uxdjkPQsOD2GG+zPRPDBZC61uC9U9J8DMhi0H0boLHbZQ16Jmd
LFbA+BoHPIYe8ZxKe/Upw+8KHkB2izhkOjvh/b941nQ6/QD23/JkypBuJcSRn/g5
Xkvgpcc4Byv5fno/KvJCNamRxyYkstrrkdrCzmy1NdEEplDAWiSj3uSKvscvb0b2
awgOJodqyt3Cmat3FGOI5D+vLRP3dvdQ60G0XtAATCtdGurMOv+Aqb57
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:10 2024 by rpki-client on console-fra.rpki-client.org