Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/3f9QiCn4SW5EMXun5dRqQlEMk5U.roa
File: 3f9QiCn4SW5EMXun5dRqQlEMk5U.roa (raw, json)
Hash identifier: fJDUiI9UeKxVUGJuUjRMKLPkEMxowAo6pJ+BWwFiaJ4=
Subject key identifier: DD:FF:50:88:29:F8:49:6E:44:31:7B:A7:E5:D4:6A:42:51:0C:93:95
Certificate issuer: /CN=7490ce6b6f8f750e03584ebbd7bdad0f11fbe31c
Certificate serial: E97ABF
Authority key identifier: 74:90:CE:6B:6F:8F:75:0E:03:58:4E:BB:D7:BD:AD:0F:11:FB:E3:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJDOa2-PdQ4DWE67172tDxH74xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/3f9QiCn4SW5EMXun5dRqQlEMk5U.roa
Signing time: Sat 01 Jan 2022 12:01:08 +0000
ROA not before: Sat 01 Jan 2022 12:01:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198473
IP address blocks: 2.59.184.0/22 maxlen: 22
185.149.229.0/24 maxlen: 24
185.149.230.0/24 maxlen: 24
91.235.100.0/24 maxlen: 24
2a10:b080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15301311 (0xe97abf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7490ce6b6f8f750e03584ebbd7bdad0f11fbe31c
Validity
Not Before: Jan 1 12:01:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddff508829f8496e44317ba7e5d46a42510c9395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fa:e8:21:93:ac:fc:15:94:2a:d1:8f:dc:b6:
57:89:16:73:02:73:5a:0d:35:a4:98:3a:c3:8f:8d:
0d:9d:18:1a:a5:8b:86:1d:b9:8d:96:65:a6:34:5b:
01:35:6a:01:81:c7:6a:56:20:a9:23:7d:a2:ee:00:
8d:1f:f2:24:7f:ce:99:2a:87:1e:9f:f1:92:d6:50:
d1:d2:b0:4b:8e:3f:c6:e2:0e:2d:4f:06:33:ca:aa:
0b:33:2c:8c:cb:17:ad:01:f4:05:ba:56:d4:00:44:
09:17:77:40:3a:08:6e:7d:c8:44:90:b2:3a:7d:94:
a0:8a:12:11:bc:d3:16:c7:37:70:18:f4:d7:92:ad:
a5:07:6d:d3:6e:11:3c:0b:59:d4:2d:ed:86:02:4e:
c5:6c:99:89:c8:0d:e7:64:4c:05:41:3c:ba:15:a0:
c6:89:ec:6a:79:aa:c8:e5:17:fe:08:0f:f9:d0:73:
c0:fc:06:45:eb:d8:14:b6:86:aa:8a:d8:8b:7b:04:
35:69:3f:ed:85:08:52:aa:39:bd:a7:73:40:6a:ae:
2e:e4:15:58:5a:84:ce:93:57:9c:52:14:2a:13:f5:
a5:d6:4f:36:ee:15:87:c7:a2:d2:31:2e:a9:81:ea:
8d:6b:2a:52:5a:f8:38:06:8d:a1:63:11:fe:4e:04:
0a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:FF:50:88:29:F8:49:6E:44:31:7B:A7:E5:D4:6A:42:51:0C:93:95
X509v3 Authority Key Identifier:
keyid:74:90:CE:6B:6F:8F:75:0E:03:58:4E:BB:D7:BD:AD:0F:11:FB:E3:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJDOa2-PdQ4DWE67172tDxH74xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/3f9QiCn4SW5EMXun5dRqQlEMk5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/dJDOa2-PdQ4DWE67172tDxH74xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.184.0/22
91.235.100.0/24
185.149.229.0-185.149.230.255
IPv6:
2a10:b080::/29
Signature Algorithm: sha256WithRSAEncryption
6e:0f:b1:97:6a:96:13:4d:59:66:80:7b:26:14:a0:02:ec:fe:
ba:69:13:98:16:c3:b9:23:46:3b:b6:af:34:84:c3:ef:ce:78:
05:dc:85:7f:41:81:9c:c1:57:27:1a:72:b9:4b:9b:f6:a9:2d:
a1:bd:5f:cc:a9:ab:23:7f:4b:f6:71:cd:02:d6:91:35:3b:7c:
22:df:70:a0:dd:c1:10:99:a6:5d:87:22:cf:a9:b4:22:77:0f:
13:c6:f5:71:fc:16:a2:f2:84:b2:11:ee:72:0d:6a:af:2a:54:
91:4b:f4:2c:9d:bf:f9:58:78:25:5b:f7:38:3c:cd:bd:bf:7c:
68:da:83:4d:92:eb:2c:16:0f:58:1e:af:10:6b:54:4f:08:8a:
b8:c5:45:30:de:bd:0c:9b:32:24:4d:64:fe:63:b8:ec:07:a8:
7b:87:03:25:97:3c:08:25:91:95:a4:e3:37:d4:89:54:75:49:
4d:63:bc:d6:23:74:74:a0:71:54:a4:e4:50:66:ac:16:1d:03:
fe:35:54:b0:a1:cd:7f:47:11:0d:93:7d:b3:54:a8:69:73:a8:
88:85:84:93:07:ea:fd:86:27:57:1a:73:5e:6d:5b:81:b1:c4:
78:d5:98:03:ca:37:71:75:0c:56:aa:cd:2e:be:1f:ae:23:7e:
47:e7:0c:d0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEAOl6vzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkwY2U2YjZmOGY3NTBlMDM1ODRlYmJkN2JkYWQwZjExZmJlMzFjMB4XDTIyMDEw
MTEyMDEwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRmZjUwODgyOWY4
NDk2ZTQ0MzE3YmE3ZTVkNDZhNDI1MTBjOTM5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIX66CGTrPwVlCrRj9y2V4kWcwJzWg01pJg6w4+NDZ0YGqWL
hh25jZZlpjRbATVqAYHHalYgqSN9ou4AjR/yJH/OmSqHHp/xktZQ0dKwS44/xuIO
LU8GM8qqCzMsjMsXrQH0BbpW1ABECRd3QDoIbn3IRJCyOn2UoIoSEbzTFsc3cBj0
15KtpQdt024RPAtZ1C3thgJOxWyZicgN52RMBUE8uhWgxonsanmqyOUX/ggP+dBz
wPwGRevYFLaGqorYi3sENWk/7YUIUqo5vadzQGquLuQVWFqEzpNXnFIUKhP1pdZP
Nu4Vh8ei0jEuqYHqjWsqUlr4OAaNoWMR/k4ECsUCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBTd/1CIKfhJbkQxe6fl1GpCUQyTlTAfBgNVHSMEGDAWgBR0kM5rb491DgNY
TrvXva0PEfvjHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRE9hMi1QZFE0RFdFNjcxNzJ0RHhINzR4dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjcvZWQ4ZWJhLTZiZDQtNDQzOC1iM2UwLWM0OTZmOWNhZmE4My8x
LzNmOVFpQ240U1c1RU1YdW41ZFJxUWxFTWs1VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcv
ZWQ4ZWJhLTZiZDQtNDQzOC1iM2UwLWM0OTZmOWNhZmE4My8xL2RKRE9hMi1QZFE0
RFdFNjcxNzJ0RHhINzR4dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEAgI7uAMEAFvrZDAMAwQAuZXlAwQA
uZXmMA0EAgACMAcDBQMqELCAMA0GCSqGSIb3DQEBCwUAA4IBAQBuD7GXapYTTVlm
gHsmFKAC7P66aROYFsO5I0Y7tq80hMPvzngF3IV/QYGcwVcnGnK5S5v2qS2hvV/M
qasjf0v2cc0C1pE1O3wi33Cg3cEQmaZdhyLPqbQidw8TxvVx/Bai8oSyEe5yDWqv
KlSRS/Qsnb/5WHglW/c4PM29v3xo2oNNkussFg9YHq8Qa1RPCIq4xUUw3r0MmzIk
TWT+Y7jsB6h7hwMllzwIJZGVpOM31IlUdUlNY7zWI3R0oHFUpORQZqwWHQP+NVSw
oc1/RxENk32zVKhpc6iIhYSTB+r9hidXGnNebVuBscR41ZgDyjdxdQxWqs0uvh+u
I35H5wzQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:15 2024 by rpki-client on console-ams.rpki-client.org