Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/3jmn2sRYYzkO3qqXUDVygeC5vXw.roa
File: 3jmn2sRYYzkO3qqXUDVygeC5vXw.roa (raw, json)
Hash identifier: D0NBnD9e3kXkF/wWTPcaXsBmZJdqErtg/+tDHoMp/wI=
Subject key identifier: DE:39:A7:DA:C4:58:63:39:0E:DE:AA:97:50:35:72:81:E0:B9:BD:7C
Certificate issuer: /CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Certificate serial: 047D0E8E
Authority key identifier: B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/3jmn2sRYYzkO3qqXUDVygeC5vXw.roa
Signing time: Tue 26 Apr 2022 09:19:01 +0000
ROA not before: Tue 26 Apr 2022 09:19:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212330
IP address blocks: 86.111.150.0/24 maxlen: 24
86.111.151.0/24 maxlen: 24
185.16.25.0/24 maxlen: 24
185.113.104.0/24 maxlen: 24
31.223.185.0/24 maxlen: 24
193.3.137.0/24 maxlen: 24
185.113.106.0/24 maxlen: 24
2a10:fa42::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75304590 (0x47d0e8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Validity
Not Before: Apr 26 09:19:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de39a7dac45863390edeaa9750357281e0b9bd7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2b:89:1b:f2:ca:65:29:00:03:ad:12:6c:57:
bf:ba:a5:b8:4d:54:49:97:ec:34:56:e3:05:35:6c:
02:06:b4:4e:ab:f5:c5:b4:52:b9:cb:2b:e1:f7:e3:
bb:7f:a6:e0:af:8b:4e:78:49:fc:9c:76:42:7e:a4:
1d:76:ac:e2:5e:1c:e9:81:dc:61:b5:aa:01:9f:0c:
dc:67:f2:8a:46:37:a1:77:67:35:8d:34:b3:a0:e7:
6d:2e:7a:cd:00:83:35:f8:a8:0c:8d:f5:e2:b3:76:
17:50:4d:f4:7a:dc:87:67:7a:22:13:c8:fa:d9:72:
24:9c:26:5d:47:48:d5:ec:4b:db:f3:07:44:e5:02:
07:8c:71:87:57:e5:ff:9c:4b:77:11:37:e6:45:2a:
f7:1f:cf:fe:8f:24:ae:fd:12:48:cb:20:37:f9:55:
9a:5e:d5:e0:62:a0:24:ee:87:c8:6e:59:1e:14:b6:
74:9c:1c:26:31:69:6c:08:7f:13:f7:de:c3:fd:cb:
59:29:83:57:7b:7c:ce:48:b0:93:5d:33:46:e6:bc:
5b:5e:8b:f0:33:70:f6:c3:fd:e0:d7:17:bb:8c:be:
2f:c2:fd:9a:32:9b:e0:7f:cb:3e:ec:65:27:0a:3e:
22:dc:41:e5:cb:83:c2:92:a3:c2:5a:13:f1:b4:c1:
c5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:39:A7:DA:C4:58:63:39:0E:DE:AA:97:50:35:72:81:E0:B9:BD:7C
X509v3 Authority Key Identifier:
keyid:B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/3jmn2sRYYzkO3qqXUDVygeC5vXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/swfIfntuKU8nAHkO7xnoKTnYXNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.185.0/24
86.111.150.0/23
185.16.25.0/24
185.113.104.0/24
185.113.106.0/24
193.3.137.0/24
IPv6:
2a10:fa42::/32
Signature Algorithm: sha256WithRSAEncryption
3b:a3:3b:80:63:e7:83:40:a5:e0:f3:08:50:0a:70:a0:79:f1:
1c:6d:fa:49:d3:85:5b:bf:87:bd:e9:7d:88:f3:66:3d:bd:73:
c7:9b:aa:a8:68:e2:e6:f3:68:ba:f5:33:a2:80:a0:38:8e:0f:
57:2d:70:1b:64:ad:89:df:ee:da:99:4f:c7:d0:dd:23:5c:29:
6e:ae:3d:26:8f:65:f7:29:56:df:f9:19:04:ed:7c:c0:13:5c:
55:ba:f9:ce:73:e0:e2:e6:3c:45:22:fb:2c:cb:17:d0:93:94:
1f:a5:34:ad:32:9b:c0:03:4a:fe:89:85:bc:d4:f1:4f:84:4d:
2f:f3:37:79:b3:c2:d5:3b:96:de:2a:49:d3:5b:03:8e:9f:c3:
cd:b5:9c:65:ed:ed:b0:d8:f0:ea:d9:69:7f:9f:14:f9:8c:01:
c0:4b:82:1f:33:4b:ea:11:48:70:f4:ec:b2:d8:1b:ee:3b:fd:
41:d8:9b:f8:61:49:0e:0a:aa:24:6e:02:12:18:cf:48:9f:a5:
b0:ac:65:bc:9b:e7:37:59:d9:c6:94:84:b9:b4:be:fb:1d:08:
ec:3e:96:ea:cd:c3:92:07:0f:05:86:b7:d6:3c:3f:10:15:0f:
8c:ce:9b:ef:6a:fa:c8:6d:96:a2:9a:0d:6d:bb:94:ea:3b:fb:
e0:dd:e0:79
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEBH0OjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MzA3Yzg3ZTdiNmUyOTRmMjcwMDc5MGVlZjE5ZTgyOTM5ZDg1Y2Q2MB4XDTIyMDQy
NjA5MTkwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGUzOWE3ZGFjNDU4
NjMzOTBlZGVhYTk3NTAzNTcyODFlMGI5YmQ3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYriRvyymUpAAOtEmxXv7qluE1USZfsNFbjBTVsAga0Tqv1
xbRSucsr4ffju3+m4K+LTnhJ/Jx2Qn6kHXas4l4c6YHcYbWqAZ8M3GfyikY3oXdn
NY00s6DnbS56zQCDNfioDI314rN2F1BN9Hrch2d6IhPI+tlyJJwmXUdI1exL2/MH
ROUCB4xxh1fl/5xLdxE35kUq9x/P/o8krv0SSMsgN/lVml7V4GKgJO6HyG5ZHhS2
dJwcJjFpbAh/E/few/3LWSmDV3t8zkiwk10zRua8W16L8DNw9sP94NcXu4y+L8L9
mjKb4H/LPuxlJwo+ItxB5cuDwpKjwloT8bTBxWUCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBTeOafaxFhjOQ7eqpdQNXKB4Lm9fDAfBgNVHSMEGDAWgBSzB8h+e24pTycA
eQ7vGegpOdhc1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3N3ZklmbnR1S1U4bkFIa083eG5vS1RuWVhOWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvZGE2NDJhLWE2YWItNDcwNS05NTg3LTY0OTQ1YTRmOGUxMi8x
LzNqbW4yc1JZWXprTzNxcVhVRFZ5Z2VDNXZYdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
ZGE2NDJhLWE2YWItNDcwNS05NTg3LTY0OTQ1YTRmOGUxMi8xL3N3ZklmbnR1S1U4
bkFIa083eG5vS1RuWVhOWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAB/fuQMEAVZvlgMEALkQGQMEALlx
aAMEALlxagMEAMEDiTANBAIAAjAHAwUAKhD6QjANBgkqhkiG9w0BAQsFAAOCAQEA
O6M7gGPng0Cl4PMIUApwoHnxHG36SdOFW7+Hvel9iPNmPb1zx5uqqGji5vNouvUz
ooCgOI4PVy1wG2Stid/u2plPx9DdI1wpbq49Jo9l9ylW3/kZBO18wBNcVbr5znPg
4uY8RSL7LMsX0JOUH6U0rTKbwANK/omFvNTxT4RNL/M3ebPC1TuW3ipJ01sDjp/D
zbWcZe3tsNjw6tlpf58U+YwBwEuCHzNL6hFIcPTsstgb7jv9Qdib+GFJDgqqJG4C
EhjPSJ+lsKxlvJvnN1nZxpSEubS++x0I7D6W6s3DkgcPBYa31jw/EBUPjM6b72r6
yG2WopoNbbuU6jv74N3geQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:08 2024 by rpki-client on console-fra.rpki-client.org