Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/O8yFozpb3ARxg1hQ-Pp6ZziM2U8.roa
File: O8yFozpb3ARxg1hQ-Pp6ZziM2U8.roa (raw, json)
Hash identifier: hgeCUsEzgGrWdkGy51yoe7eqxrkzmbcAgHZw0xUf2go=
Subject key identifier: 3B:CC:85:A3:3A:5B:DC:04:71:83:58:50:F8:FA:7A:67:38:8C:D9:4F
Certificate issuer: /CN=9daa9f14f97d4dad8c004c253a5e1ce7c7dd7c4b
Certificate serial: 01C668B4
Authority key identifier: 9D:AA:9F:14:F9:7D:4D:AD:8C:00:4C:25:3A:5E:1C:E7:C7:DD:7C:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naqfFPl9Ta2MAEwlOl4c58fdfEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/O8yFozpb3ARxg1hQ-Pp6ZziM2U8.roa
Signing time: Sat 01 Jan 2022 09:02:53 +0000
ROA not before: Sat 01 Jan 2022 09:02:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211166
IP address blocks: 185.34.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29780148 (0x1c668b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9daa9f14f97d4dad8c004c253a5e1ce7c7dd7c4b
Validity
Not Before: Jan 1 09:02:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3bcc85a33a5bdc0471835850f8fa7a67388cd94f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1f:7b:88:c6:7e:a2:4b:ba:5c:d8:82:c8:05:
a2:70:bd:10:6a:6b:0f:82:70:c6:1b:91:af:5a:92:
b2:d0:80:01:16:7b:9f:4b:9e:8d:eb:7e:ac:d3:c9:
fe:76:cd:dd:8c:3e:bc:91:c7:ee:6f:d8:33:fd:8e:
08:18:a7:a7:34:fe:d2:92:fd:a2:e4:76:c3:9b:01:
a6:bf:ca:e3:62:a7:bc:1d:7e:a6:4a:51:76:fe:2c:
9d:c9:73:cc:ec:35:f8:40:e2:e7:3d:bd:c9:8b:be:
43:21:a9:a8:88:51:2a:0f:39:30:37:b8:53:da:7f:
82:14:db:3a:d1:06:ca:bd:be:82:17:f1:c8:d7:d5:
80:b5:45:8d:72:e6:dd:46:22:da:1e:3e:a7:b2:36:
bb:31:8d:eb:f5:2c:63:11:ee:9f:cc:21:9a:17:58:
06:e1:7f:bd:53:7e:93:b0:b4:fa:68:f7:e7:8c:1f:
50:af:c5:db:79:82:d5:a7:77:23:af:77:a8:56:94:
71:42:67:ba:15:9a:b2:7f:eb:8e:5c:a4:df:1a:c0:
a0:13:76:86:36:98:00:67:8d:80:e9:97:5c:09:5f:
f0:d5:79:cc:6c:93:1f:19:ce:73:41:4d:36:ef:ea:
2d:48:50:0d:8e:f6:43:a0:4f:74:43:ff:af:6a:5c:
f4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CC:85:A3:3A:5B:DC:04:71:83:58:50:F8:FA:7A:67:38:8C:D9:4F
X509v3 Authority Key Identifier:
keyid:9D:AA:9F:14:F9:7D:4D:AD:8C:00:4C:25:3A:5E:1C:E7:C7:DD:7C:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naqfFPl9Ta2MAEwlOl4c58fdfEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/O8yFozpb3ARxg1hQ-Pp6ZziM2U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/naqfFPl9Ta2MAEwlOl4c58fdfEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.101.0/24
Signature Algorithm: sha256WithRSAEncryption
57:68:51:2d:23:01:c7:04:43:d7:5d:b9:16:8e:2c:2e:ef:84:
ff:ce:d1:bc:3e:8a:4a:65:a2:a1:81:f0:33:50:69:a9:27:bb:
ca:5b:a6:41:0f:c7:6b:81:bb:5b:44:5a:ec:70:1f:a0:ff:d8:
f9:e0:47:e0:1a:3b:b0:ee:0d:c1:29:14:8e:3f:de:61:3d:f9:
97:7f:61:4c:82:5c:b4:02:4a:96:97:20:b4:da:6a:b9:73:f5:
4c:b6:ce:16:3c:12:8f:66:62:31:99:a9:78:2a:72:2d:0d:ea:
65:f6:94:66:c9:80:c6:e3:11:25:9c:66:09:7b:62:7a:a8:c4:
b5:9e:b1:3b:69:b8:33:f5:20:df:72:ff:4e:45:3e:35:bb:0e:
a5:36:7a:d4:54:e6:c1:54:55:c9:53:ef:5a:57:55:d1:cd:a0:
c4:86:ac:a5:46:ee:74:e7:ff:6a:f6:be:55:ea:76:bf:7c:d6:
97:21:a5:b8:14:e5:82:22:0c:f6:c9:48:75:12:0e:fa:63:47:
57:3b:0a:88:f1:02:d0:18:dc:13:0c:63:f5:ce:96:53:75:d3:
8c:57:62:dc:59:c4:43:14:20:88:8c:2e:bb:81:60:6f:4e:d6:
18:c3:31:b0:5d:ea:90:6c:30:5b:c4:8a:c5:1b:28:18:69:8b:
ec:2e:15:98
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAcZotDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZGFhOWYxNGY5N2Q0ZGFkOGMwMDRjMjUzYTVlMWNlN2M3ZGQ3YzRiMB4XDTIyMDEw
MTA5MDI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2JjYzg1YTMzYTVi
ZGMwNDcxODM1ODUwZjhmYTdhNjczODhjZDk0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4fe4jGfqJLulzYgsgFonC9EGprD4JwxhuRr1qSstCAARZ7
n0uejet+rNPJ/nbN3Yw+vJHH7m/YM/2OCBinpzT+0pL9ouR2w5sBpr/K42KnvB1+
pkpRdv4snclzzOw1+EDi5z29yYu+QyGpqIhRKg85MDe4U9p/ghTbOtEGyr2+ghfx
yNfVgLVFjXLm3UYi2h4+p7I2uzGN6/UsYxHun8whmhdYBuF/vVN+k7C0+mj354wf
UK/F23mC1ad3I693qFaUcUJnuhWasn/rjlyk3xrAoBN2hjaYAGeNgOmXXAlf8NV5
zGyTHxnOc0FNNu/qLUhQDY72Q6BPdEP/r2pc9JECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ7zIWjOlvcBHGDWFD4+npnOIzZTzAfBgNVHSMEGDAWgBSdqp8U+X1NrYwA
TCU6Xhznx918SzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25hcWZGUGw5VGEyTUFFd2xPbDRjNThmZGZFcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvZGZkNjA1LTEwZGEtNDZhMi05Njc3LTQxNDAxMDA4YTcwYy8x
L084eUZvenBiM0FSeGcxaFEtUHA2WnppTTJVOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
ZGZkNjA1LTEwZGEtNDZhMi05Njc3LTQxNDAxMDA4YTcwYy8xL25hcWZGUGw5VGEy
TUFFd2xPbDRjNThmZGZFcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkiZTANBgkqhkiG9w0BAQsFAAOC
AQEAV2hRLSMBxwRD1125Fo4sLu+E/87RvD6KSmWioYHwM1BpqSe7ylumQQ/Ha4G7
W0Ra7HAfoP/Y+eBH4Bo7sO4NwSkUjj/eYT35l39hTIJctAJKlpcgtNpquXP1TLbO
FjwSj2ZiMZmpeCpyLQ3qZfaUZsmAxuMRJZxmCXtieqjEtZ6xO2m4M/Ug33L/TkU+
NbsOpTZ61FTmwVRVyVPvWldV0c2gxIaspUbudOf/ava+Vep2v3zWlyGluBTlgiIM
9slIdRIO+mNHVzsKiPEC0BjcEwxj9c6WU3XTjFdi3FnEQxQgiIwuu4Fgb07WGMMx
sF3qkGwwW8SKxRsoGGmL7C4VmA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:44 2023 by rpki-client on console-ams.rpki-client.org