Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/hX3LPp_ZtOS-rW2rqMp6f5pSh_c.roa
File: hX3LPp_ZtOS-rW2rqMp6f5pSh_c.roa (raw, json)
Hash identifier: 33FVVH9nI/TKe4x2cMF0QKDrNnbsn7nJ4nkGi4NT9wY=
Subject key identifier: 85:7D:CB:3E:9F:D9:B4:E4:BE:AD:6D:AB:A8:CA:7A:7F:9A:52:87:F7
Certificate issuer: /CN=f32be982060a43734d0ad126ad46da2f395c9def
Certificate serial: 1507D6DA
Authority key identifier: F3:2B:E9:82:06:0A:43:73:4D:0A:D1:26:AD:46:DA:2F:39:5C:9D:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yvpggYKQ3NNCtEmrUbaLzlcne8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/hX3LPp_ZtOS-rW2rqMp6f5pSh_c.roa
Signing time: Sat 01 Jan 2022 07:54:48 +0000
ROA not before: Sat 01 Jan 2022 07:54:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42442
IP address blocks: 185.37.201.0/24 maxlen: 24
185.37.203.0/24 maxlen: 24
91.199.60.0/24 maxlen: 24
2a00:f020::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 352835290 (0x1507d6da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f32be982060a43734d0ad126ad46da2f395c9def
Validity
Not Before: Jan 1 07:54:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=857dcb3e9fd9b4e4bead6daba8ca7a7f9a5287f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:de:90:ae:aa:a1:66:c6:c5:a8:9a:70:48:f3:
db:02:7d:06:a6:1f:5a:41:c6:87:d5:4f:c8:fe:0b:
a0:4e:0f:9b:20:f9:2a:80:39:92:94:dd:a5:02:5e:
0b:7a:75:92:35:5c:32:18:fb:cd:f2:6f:fe:b8:38:
d0:48:9b:fb:88:0b:20:94:24:aa:07:96:12:de:95:
06:bf:5a:0a:da:0b:53:14:ac:78:9d:83:5d:dc:f5:
fe:04:08:bb:bd:e3:83:7c:fb:1f:32:df:bf:d9:c7:
e8:59:dd:e4:29:50:cc:b9:86:c7:64:1f:00:ec:e7:
f9:90:07:06:16:2c:ad:e1:9d:1a:57:df:5f:d5:87:
97:66:f6:9f:31:d5:83:75:3f:15:d8:21:6d:ae:43:
87:e1:c0:1f:3b:a2:ed:68:4c:ed:8b:f8:1e:a4:f6:
25:b9:44:a5:51:cd:6c:d7:b6:51:46:1b:9e:f5:16:
0b:fe:fe:87:16:1c:17:90:2b:59:ec:96:93:47:6b:
65:5d:da:39:22:b9:95:2d:f4:2a:52:c7:9d:5d:87:
36:48:04:ba:00:0e:8f:7c:63:31:d4:d9:1d:64:3b:
b1:e9:7d:0e:66:0f:28:01:be:9d:e5:7f:8f:37:fb:
1f:2f:ae:e3:ab:e9:86:17:75:4e:c0:e6:e1:48:8a:
6a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:7D:CB:3E:9F:D9:B4:E4:BE:AD:6D:AB:A8:CA:7A:7F:9A:52:87:F7
X509v3 Authority Key Identifier:
keyid:F3:2B:E9:82:06:0A:43:73:4D:0A:D1:26:AD:46:DA:2F:39:5C:9D:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yvpggYKQ3NNCtEmrUbaLzlcne8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/hX3LPp_ZtOS-rW2rqMp6f5pSh_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/8yvpggYKQ3NNCtEmrUbaLzlcne8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.60.0/24
185.37.201.0/24
185.37.203.0/24
IPv6:
2a00:f020::/32
Signature Algorithm: sha256WithRSAEncryption
5b:74:79:94:0c:ad:d4:0a:a9:a9:4a:25:1c:58:a3:ba:36:c6:
23:d7:eb:bc:d0:64:e2:23:dd:88:d3:2f:7b:ab:21:be:5c:88:
22:c2:64:39:e8:fc:98:75:85:4c:d3:7d:15:73:76:ed:5f:f9:
e8:d5:63:d9:c0:80:90:9e:10:bc:69:b3:53:d8:35:57:d5:b5:
72:ca:4a:a3:98:3e:1c:d7:d0:f2:43:eb:40:db:98:c0:a9:c0:
9c:ce:c2:0a:9c:43:64:c3:3f:58:d1:b7:51:5c:bf:54:3a:01:
78:52:1a:8f:ad:29:59:b1:a2:fa:81:cb:6f:2f:59:02:53:cb:
07:21:f5:74:a6:38:00:fa:24:99:ec:70:8d:a5:7a:cc:33:57:
44:5c:bd:cc:04:82:f6:a4:82:47:cf:2b:34:86:37:e5:b3:b9:
d9:0c:1c:46:b4:e6:c3:92:c9:0e:8d:ea:09:93:39:72:3f:60:
51:fe:f8:fc:7d:c8:3b:44:ff:7d:87:d8:30:7f:d8:ac:c9:38:
39:49:1f:88:08:bd:6c:94:0e:37:c5:91:29:ed:28:23:7e:7a:
0a:d3:92:d2:90:8d:64:0c:52:be:c0:d3:5e:93:ae:b7:78:fc:
9e:51:0e:0c:f1:49:e8:92:41:8d:b4:f5:ce:3d:dd:53:53:97:
c3:cc:d3:1f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEFQfW2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MzJiZTk4MjA2MGE0MzczNGQwYWQxMjZhZDQ2ZGEyZjM5NWM5ZGVmMB4XDTIyMDEw
MTA3NTQ0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU3ZGNiM2U5ZmQ5
YjRlNGJlYWQ2ZGFiYThjYTdhN2Y5YTUyODdmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOzekK6qoWbGxaiacEjz2wJ9BqYfWkHGh9VPyP4LoE4PmyD5
KoA5kpTdpQJeC3p1kjVcMhj7zfJv/rg40Eib+4gLIJQkqgeWEt6VBr9aCtoLUxSs
eJ2DXdz1/gQIu73jg3z7HzLfv9nH6Fnd5ClQzLmGx2QfAOzn+ZAHBhYsreGdGlff
X9WHl2b2nzHVg3U/Fdghba5Dh+HAHzui7WhM7Yv4HqT2JblEpVHNbNe2UUYbnvUW
C/7+hxYcF5ArWeyWk0drZV3aOSK5lS30KlLHnV2HNkgEugAOj3xjMdTZHWQ7sel9
DmYPKAG+neV/jzf7Hy+u46vphhd1TsDm4UiKapUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSFfcs+n9m05L6tbauoynp/mlKH9zAfBgNVHSMEGDAWgBTzK+mCBgpDc00K
0SatRtovOVyd7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzh5dnBnZ1lLUTNOTkN0RW1yVWJhTHpsY25lOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvZGEzYjFkLTdhY2YtNDUxZi1iNjhiLTk5YmNiZTZkN2Y2My8x
L2hYM0xQcF9adE9TLXJXMnJxTXA2ZjVwU2hfYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
ZGEzYjFkLTdhY2YtNDUxZi1iNjhiLTk5YmNiZTZkN2Y2My8xLzh5dnBnZ1lLUTNO
TkN0RW1yVWJhTHpsY25lOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAFvHPAMEALklyQMEALklyzANBAIA
AjAHAwUAKgDwIDANBgkqhkiG9w0BAQsFAAOCAQEAW3R5lAyt1AqpqUolHFijujbG
I9frvNBk4iPdiNMve6shvlyIIsJkOej8mHWFTNN9FXN27V/56NVj2cCAkJ4QvGmz
U9g1V9W1cspKo5g+HNfQ8kPrQNuYwKnAnM7CCpxDZMM/WNG3UVy/VDoBeFIaj60p
WbGi+oHLby9ZAlPLByH1dKY4APokmexwjaV6zDNXRFy9zASC9qSCR88rNIY35bO5
2QwcRrTmw5LJDo3qCZM5cj9gUf74/H3IO0T/fYfYMH/YrMk4OUkfiAi9bJQON8WR
Ke0oI356CtOS0pCNZAxSvsDTXpOut3j8nlEODPFJ6JJBjbT1zj3dU1OXw8zTHw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:10 2023 by rpki-client on console-fra.rpki-client.org