Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/CXTMOR516onS2vKZtkWs-PQV_Ug.roa
File: CXTMOR516onS2vKZtkWs-PQV_Ug.roa (raw, json)
Hash identifier: Kz513hr1CkjCvO4/hZzKj4kkjg5eLyoy1xBHm8IH+/8=
Subject key identifier: 09:74:CC:39:1E:75:EA:89:D2:DA:F2:99:B6:45:AC:F8:F4:15:FD:48
Certificate issuer: /CN=81e34878f96b3997aa78f4c7fb695ef0dbc6d360
Certificate serial: 01843CE4B131A9D2BC470D2E312C5FF03AED
Authority key identifier: 81:E3:48:78:F9:6B:39:97:AA:78:F4:C7:FB:69:5E:F0:DB:C6:D3:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/geNIePlrOZeqePTH-2le8NvG02A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/CXTMOR516onS2vKZtkWs-PQV_Ug.roa
Signing time: Thu 03 Nov 2022 09:48:51 +0000
ROA not before: Thu 03 Nov 2022 09:48:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209281
IP address blocks: 185.20.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:e4:b1:31:a9:d2:bc:47:0d:2e:31:2c:5f:f0:3a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81e34878f96b3997aa78f4c7fb695ef0dbc6d360
Validity
Not Before: Nov 3 09:48:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0974cc391e75ea89d2daf299b645acf8f415fd48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:82:c2:40:3b:96:b5:51:76:46:76:e4:ed:7b:
b2:29:a8:07:bf:4a:f9:50:35:9f:ec:ec:44:bb:6b:
5d:7a:fc:28:1b:0e:f8:7b:aa:ba:ec:31:a1:b2:7f:
e0:da:45:e7:e6:34:a5:1b:f9:54:62:e8:b9:da:ca:
62:66:ff:8b:ac:e3:73:88:f0:46:c1:92:5e:3e:de:
42:73:7e:f8:3e:ed:ee:ca:83:79:57:48:5d:d4:9b:
d9:9f:11:51:08:73:b7:fa:d3:b5:01:19:62:79:eb:
d3:fa:c4:96:93:b6:c3:4c:e4:4c:6c:e6:0d:4d:c4:
8b:5b:64:c1:a3:41:5c:9a:eb:37:e2:09:2d:0e:a5:
ea:89:df:ab:e8:42:03:c4:e9:12:8d:a9:51:22:0d:
f9:c7:58:8e:59:14:d0:f1:0f:78:c2:31:b1:a2:65:
ae:9b:e6:93:4b:67:f1:0e:34:c9:80:5c:d8:9a:40:
5e:92:18:d4:4e:88:0f:0f:4a:9d:25:ab:27:50:1e:
bd:d9:0c:bd:6f:82:3b:4f:f9:45:d5:25:ec:3e:65:
f4:b4:09:8e:44:e1:be:be:90:3d:7d:8d:83:54:af:
af:af:5b:03:b1:a3:c6:3d:93:b0:12:ec:0a:11:1c:
7f:27:0c:40:45:47:26:11:25:4b:29:b5:7f:cb:2f:
82:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:74:CC:39:1E:75:EA:89:D2:DA:F2:99:B6:45:AC:F8:F4:15:FD:48
X509v3 Authority Key Identifier:
keyid:81:E3:48:78:F9:6B:39:97:AA:78:F4:C7:FB:69:5E:F0:DB:C6:D3:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geNIePlrOZeqePTH-2le8NvG02A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/CXTMOR516onS2vKZtkWs-PQV_Ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/geNIePlrOZeqePTH-2le8NvG02A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.108.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:0b:f6:9f:77:06:ec:b9:54:82:8e:97:7d:bf:67:58:53:f9:
2a:0f:6c:0c:3d:37:4f:de:0a:10:53:b5:e6:8c:ee:8c:e5:30:
37:02:98:d1:d2:52:47:0b:a9:d2:50:9c:51:db:4d:40:dc:8b:
ca:f5:2d:a3:fc:d0:ce:79:0a:f3:06:93:d5:9b:63:56:f5:b2:
c1:c1:59:38:8a:55:3b:40:5e:c3:4b:55:6a:2e:3c:ed:b4:75:
85:00:01:d7:41:58:46:0b:53:c1:c5:9f:17:73:5a:bc:df:d1:
2a:fc:8c:e0:66:6a:ca:19:cb:90:a1:c5:b8:be:72:7f:3f:fd:
e3:65:19:d7:5d:2d:2c:17:3e:e2:5f:9a:fd:40:a1:50:0a:e8:
14:1f:99:e9:33:5d:41:98:14:52:69:5e:e5:83:55:d8:26:ec:
2b:f3:76:3c:a4:3a:d9:92:6f:98:7d:e8:d3:75:00:c0:eb:1f:
03:4f:f2:8e:33:ab:f5:ab:9e:ca:33:28:90:fe:1d:f2:b8:e5:
83:64:0d:fb:65:3c:e4:47:10:ab:7e:30:8f:7b:89:8a:77:75:
ee:bc:0a:c4:45:4f:74:d0:56:b4:ac:b1:89:26:6f:38:2c:6e:
de:55:7b:8f:63:a9:27:22:72:ab:6c:99:ad:bb:dc:f0:6b:b3:
ff:83:52:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ85LExqdK8Rw0uMSxf8DrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTM0ODc4Zjk2YjM5OTdhYTc4ZjRjN2ZiNjk1ZWYwZGJj
NmQzNjAwHhcNMjIxMTAzMDk0ODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc0Y2MzOTFlNzVlYTg5ZDJkYWYyOTliNjQ1YWNmOGY0MTVmZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYLCQDuWtVF2Rnbk7XuyKagHv0r5
UDWf7OxEu2tdevwoGw74e6q67DGhsn/g2kXn5jSlG/lUYui52spiZv+LrONziPBG
wZJePt5Cc374Pu3uyoN5V0hd1JvZnxFRCHO3+tO1ARlieevT+sSWk7bDTORMbOYN
TcSLW2TBo0Fcmus34gktDqXqid+r6EIDxOkSjalRIg35x1iOWRTQ8Q94wjGxomWu
m+aTS2fxDjTJgFzYmkBekhjUTogPD0qdJasnUB692Qy9b4I7T/lF1SXsPmX0tAmO
ROG+vpA9fY2DVK+vr1sDsaPGPZOwEuwKERx/JwxARUcmESVLKbV/yy+CewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAl0zDkedeqJ0trymbZFrPj0Ff1IMB8GA1UdIwQY
MBaAFIHjSHj5azmXqnj0x/tpXvDbxtNgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VOSWVQbHJPWmVxZVBUSC0ybGU4TnZHMDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iZWJjMzMtZTkwMS00NTU5LWJkZDAt
YjUzMjA0ZDkzYzMzLzEvQ1hUTU9SNTE2b25TMnZLWnRrV3MtUFFWX1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iZWJjMzMtZTkwMS00NTU5LWJkZDAtYjUzMjA0ZDkzYzMz
LzEvZ2VOSWVQbHJPWmVxZVBUSC0ybGU4TnZHMDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRRsMA0G
CSqGSIb3DQEBCwUAA4IBAQBOC/afdwbsuVSCjpd9v2dYU/kqD2wMPTdP3goQU7Xm
jO6M5TA3ApjR0lJHC6nSUJxR201A3IvK9S2j/NDOeQrzBpPVm2NW9bLBwVk4ilU7
QF7DS1VqLjzttHWFAAHXQVhGC1PBxZ8Xc1q839Eq/IzgZmrKGcuQocW4vnJ/P/3j
ZRnXXS0sFz7iX5r9QKFQCugUH5npM11BmBRSaV7lg1XYJuwr83Y8pDrZkm+YfejT
dQDA6x8DT/KOM6v1q57KMyiQ/h3yuOWDZA37ZTzkRxCrfjCPe4mKd3XuvArERU90
0Fa0rLGJJm84LG7eVXuPY6knInKrbJmtu9zwa7P/g1L+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:39 2024 by rpki-client on console-ams.rpki-client.org