Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/3qfMC50ToGQUUHhTBmBZtQDOW98.roa
File: 3qfMC50ToGQUUHhTBmBZtQDOW98.roa (raw, json)
Hash identifier: RTegSSnyWgU55ARGaTdxDSPT9EQq4O+4GqhH4SUiGfI=
Subject key identifier: DE:A7:CC:0B:9D:13:A0:64:14:50:78:53:06:60:59:B5:00:CE:5B:DF
Certificate issuer: /CN=856caf1f2f0291401105ef68b25957dc555510d2
Certificate serial: 025D7CE7
Authority key identifier: 85:6C:AF:1F:2F:02:91:40:11:05:EF:68:B2:59:57:DC:55:55:10:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWyvHy8CkUARBe9osllX3FVVENI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/3qfMC50ToGQUUHhTBmBZtQDOW98.roa
Signing time: Sat 01 Jan 2022 13:57:15 +0000
ROA not before: Sat 01 Jan 2022 13:57:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50074
IP address blocks: 195.211.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39681255 (0x25d7ce7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=856caf1f2f0291401105ef68b25957dc555510d2
Validity
Not Before: Jan 1 13:57:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dea7cc0b9d13a06414507853066059b500ce5bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4a:18:e3:00:5f:68:14:74:1f:84:3a:a3:b3:
3e:6f:cb:61:59:c7:d6:a1:5a:5f:8a:49:72:ce:72:
b6:95:7d:30:36:ce:f3:d2:c5:ae:30:f4:23:6a:ab:
fc:60:a4:37:41:72:b6:48:6c:e0:1f:71:c3:b3:1f:
00:0e:23:d0:3e:fa:cc:73:13:75:8a:23:05:1b:8d:
23:39:db:7c:cd:1c:7c:99:80:ee:86:62:65:0e:92:
96:2a:99:b4:ca:a3:e7:ba:3e:00:1b:78:d7:e3:63:
5a:99:a5:0d:fe:ed:35:a6:cf:21:6a:3f:92:01:57:
33:d4:d8:35:00:26:e0:8b:da:ac:68:75:44:e3:38:
44:3e:bb:97:63:c7:af:42:aa:0f:92:7d:bb:6d:49:
bb:42:9f:d5:6a:22:62:3d:ce:38:1a:3c:43:1a:0e:
bc:20:5c:a5:77:3b:66:4e:cd:18:20:2d:77:54:f9:
31:cf:61:11:32:ac:3c:0e:a3:fe:67:e1:83:08:ee:
e9:31:ef:32:b1:6a:c6:02:65:96:16:e6:3a:6c:c0:
83:81:a2:c7:ef:00:7f:e6:51:37:ad:b3:58:34:d4:
03:5b:82:db:27:cc:f9:39:1a:88:e2:4f:40:04:be:
be:59:f0:87:22:67:50:4e:e7:fe:54:e1:17:b7:fd:
31:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A7:CC:0B:9D:13:A0:64:14:50:78:53:06:60:59:B5:00:CE:5B:DF
X509v3 Authority Key Identifier:
keyid:85:6C:AF:1F:2F:02:91:40:11:05:EF:68:B2:59:57:DC:55:55:10:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWyvHy8CkUARBe9osllX3FVVENI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/3qfMC50ToGQUUHhTBmBZtQDOW98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.208.0/22
Signature Algorithm: sha256WithRSAEncryption
57:8c:a4:37:86:8b:e8:e8:76:37:97:d1:51:4c:aa:4e:f7:7d:
87:7c:d5:3c:9e:8f:b7:36:6c:e3:9b:82:d5:c3:b7:c3:95:9d:
a5:19:5d:c6:6c:30:0e:c9:b5:09:7c:1e:b9:2f:63:59:23:1f:
2b:97:29:c9:cb:99:04:49:e8:2f:9b:bc:37:fb:84:8d:07:97:
86:28:bc:4c:51:5f:cc:7b:41:ac:c2:58:d1:a0:2c:ae:98:23:
e4:ff:bb:30:19:5c:b8:42:59:5a:e6:2a:85:ac:7e:e4:05:49:
a2:9d:b1:b3:cc:67:34:9a:2b:07:2d:8f:29:25:96:ee:c5:0c:
eb:68:d5:d5:24:01:3d:70:3e:af:ed:b1:46:0b:5d:00:9b:fe:
31:37:39:42:bc:5b:ac:9f:86:f1:9d:58:42:39:03:b0:b4:bf:
16:11:fd:83:e6:7b:72:35:21:b3:5c:d3:fa:75:8d:e3:50:cb:
ad:ba:04:98:aa:a4:7f:6e:f4:fa:64:51:8d:60:ac:4a:6d:a4:
02:1f:5a:86:c3:a3:74:3b:e9:84:a7:0c:42:6f:a8:32:f5:e4:
05:0d:17:0c:aa:05:93:41:31:e0:67:92:a3:f5:5c:a2:f6:fe:
da:d1:d1:ca:f3:b0:01:bd:df:48:1e:19:0d:94:63:a0:5f:b4:
02:2c:61:ad
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAl185zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NTZjYWYxZjJmMDI5MTQwMTEwNWVmNjhiMjU5NTdkYzU1NTUxMGQyMB4XDTIyMDEw
MTEzNTcxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGVhN2NjMGI5ZDEz
YTA2NDE0NTA3ODUzMDY2MDU5YjUwMGNlNWJkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKlKGOMAX2gUdB+EOqOzPm/LYVnH1qFaX4pJcs5ytpV9MDbO
89LFrjD0I2qr/GCkN0Fytkhs4B9xw7MfAA4j0D76zHMTdYojBRuNIznbfM0cfJmA
7oZiZQ6SliqZtMqj57o+ABt41+NjWpmlDf7tNabPIWo/kgFXM9TYNQAm4IvarGh1
ROM4RD67l2PHr0KqD5J9u21Ju0Kf1WoiYj3OOBo8QxoOvCBcpXc7Zk7NGCAtd1T5
Mc9hETKsPA6j/mfhgwju6THvMrFqxgJllhbmOmzAg4Gix+8Af+ZRN62zWDTUA1uC
2yfM+TkaiOJPQAS+vlnwhyJnUE7n/lThF7f9MV0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTep8wLnROgZBRQeFMGYFm1AM5b3zAfBgNVHSMEGDAWgBSFbK8fLwKRQBEF
72iyWVfcVVUQ0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hXeXZIeThDa1VBUkJlOW9zbGxYM0ZWVkVOSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvZDJjN2M3LTJiY2MtNDkxZS05NmE3LWIwZDBiY2Q5MGZhZS8x
LzNxZk1DNTBUb0dRVVVIaFRCbUJadFFET1c5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
ZDJjN2M3LTJiY2MtNDkxZS05NmE3LWIwZDBiY2Q5MGZhZS8xL2hXeXZIeThDa1VB
UkJlOW9zbGxYM0ZWVkVOSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsPT0DANBgkqhkiG9w0BAQsFAAOC
AQEAV4ykN4aL6Oh2N5fRUUyqTvd9h3zVPJ6PtzZs45uC1cO3w5WdpRldxmwwDsm1
CXweuS9jWSMfK5cpycuZBEnoL5u8N/uEjQeXhii8TFFfzHtBrMJY0aAsrpgj5P+7
MBlcuEJZWuYqhax+5AVJop2xs8xnNJorBy2PKSWW7sUM62jV1SQBPXA+r+2xRgtd
AJv+MTc5QrxbrJ+G8Z1YQjkDsLS/FhH9g+Z7cjUhs1zT+nWN41DLrboEmKqkf270
+mRRjWCsSm2kAh9ahsOjdDvphKcMQm+oMvXkBQ0XDKoFk0Ex4GeSo/Vcovb+2tHR
yvOwAb3fSB4ZDZRjoF+0AixhrQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org