Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3GNke-88ykOz1D5n4U6_0QDPi2Q.roa
File: 3GNke-88ykOz1D5n4U6_0QDPi2Q.roa (raw, json)
Hash identifier: mXTr2+HMWThfhbJ6WGd+gV9y4v5rb0UCcZ8+i/cQ4Kk=
Subject key identifier: DC:63:64:7B:EF:3C:CA:43:B3:D4:3E:67:E1:4E:BF:D1:00:CF:8B:64
Certificate issuer: /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Certificate serial: 0A94D91C
Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3GNke-88ykOz1D5n4U6_0QDPi2Q.roa
Signing time: Sat 01 Jan 2022 13:01:14 +0000
ROA not before: Sat 01 Jan 2022 13:01:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212224
IP address blocks: 91.245.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177527068 (0xa94d91c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Validity
Not Before: Jan 1 13:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc63647bef3cca43b3d43e67e14ebfd100cf8b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:02:6f:5a:18:58:15:f8:02:fc:62:a7:9e:3e:
52:d6:0e:78:5c:15:a9:4b:7a:4e:1d:b3:d6:fb:d3:
00:92:06:d5:58:07:2e:0b:c0:21:d9:28:74:8a:e1:
a8:3b:7b:d3:e9:53:79:68:db:e1:4a:fa:09:ae:92:
d4:9a:0b:dc:d8:a1:de:76:0b:08:87:76:12:27:b5:
d9:4d:7d:da:07:70:bf:46:39:e6:1e:b4:31:da:fc:
94:8c:b0:86:e4:25:dd:ac:b4:5a:7d:ec:f1:89:5f:
d0:87:54:32:3f:24:56:c3:f9:4e:e0:93:5e:75:62:
d3:ca:e3:b3:ba:91:e6:c0:29:4d:6a:18:23:f2:48:
a8:93:5b:da:07:79:93:49:c0:ca:09:0c:ec:54:8c:
2d:99:b3:54:a3:98:4c:e6:a9:bf:37:2d:fc:18:eb:
52:49:73:bd:9e:2e:8c:39:ea:ae:21:07:56:51:a6:
a6:08:93:fe:58:7a:1f:7d:4c:81:04:7b:1c:65:d5:
16:23:71:d6:b5:5f:d1:75:27:0a:22:c5:ed:d1:f3:
ee:85:90:c7:98:da:38:9a:6f:76:5f:23:3d:a9:d0:
70:a9:23:28:9e:2d:4d:31:fc:e0:a3:f8:b7:37:46:
23:86:39:4a:ca:6b:bb:d4:96:ab:82:63:31:06:be:
cb:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:63:64:7B:EF:3C:CA:43:B3:D4:3E:67:E1:4E:BF:D1:00:CF:8B:64
X509v3 Authority Key Identifier:
keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3GNke-88ykOz1D5n4U6_0QDPi2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.20.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:8f:84:28:10:cf:87:e3:36:4a:2b:a2:4b:9e:e3:87:ab:7f:
2b:91:7e:1b:fc:77:e0:85:0c:c6:da:83:88:f5:9b:45:6a:1c:
38:98:63:89:73:95:01:7b:15:c2:8a:a1:f5:65:80:ca:ea:fb:
4f:e3:0e:44:02:26:f9:49:93:8c:b0:35:a4:a1:12:4c:33:5a:
ac:cf:d1:af:6b:d7:95:d1:1b:b7:27:aa:4f:d8:6a:3e:95:0b:
ac:41:7b:38:19:9e:be:0e:69:05:b4:5e:23:50:3f:2f:3a:da:
4c:a4:4b:07:9a:3d:ec:c6:e2:f9:48:97:b3:df:9b:fc:df:c6:
a7:e8:c4:68:36:2e:08:78:bd:b5:be:51:55:78:40:a0:ca:f4:
a0:fa:48:09:09:a6:1d:59:79:fb:5a:4b:10:c3:7f:55:86:6a:
a0:72:c3:d4:95:82:f6:f0:a5:89:2b:1e:d7:be:55:b9:bc:78:
7c:64:8e:0b:c9:1b:b5:7f:9d:21:f4:dd:a6:64:b6:0c:af:20:
27:0a:81:cb:ef:b1:26:63:6e:96:b6:c9:c8:bc:1c:b7:dc:76:
75:fd:49:b2:fa:32:84:b1:99:aa:55:e1:a4:59:6d:55:b2:e4:
b7:ef:66:1c:f7:65:3a:fd:16:f8:73:d6:e5:6e:7f:9d:27:4e:
d0:07:7f:56
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECpTZHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2NiMmQ1ZmIyNTM4NTJmMTgyM2M2NTQzNGU4ZjI3NmQwNGU0ZTBjMB4XDTIyMDEw
MTEzMDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGM2MzY0N2JlZjNj
Y2E0M2IzZDQzZTY3ZTE0ZWJmZDEwMGNmOGI2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4Cb1oYWBX4Avxip54+UtYOeFwVqUt6Th2z1vvTAJIG1VgH
LgvAIdkodIrhqDt70+lTeWjb4Ur6Ca6S1JoL3Nih3nYLCId2Eie12U192gdwv0Y5
5h60Mdr8lIywhuQl3ay0Wn3s8Ylf0IdUMj8kVsP5TuCTXnVi08rjs7qR5sApTWoY
I/JIqJNb2gd5k0nAygkM7FSMLZmzVKOYTOapvzct/BjrUklzvZ4ujDnqriEHVlGm
pgiT/lh6H31MgQR7HGXVFiNx1rVf0XUnCiLF7dHz7oWQx5jaOJpvdl8jPanQcKkj
KJ4tTTH84KP4tzdGI4Y5Sspru9SWq4JjMQa+y00CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTcY2R77zzKQ7PUPmfhTr/RAM+LZDAfBgNVHSMEGDAWgBTcyy1fslOFLxgj
xlQ06PJ20E5ODDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNNc3RYN0pUaFM4WUk4WlVOT2p5ZHRCT1Rndy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvN2MxYzI5LWNhMDItNDkwYi1hYTg0LWUxYThhNmYxZDU5YS8x
LzNHTmtlLTg4eWtPejFENW40VTZfMFFEUGkyUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
N2MxYzI5LWNhMDItNDkwYi1hYTg0LWUxYThhNmYxZDU5YS8xLzNNc3RYN0pUaFM4
WUk4WlVOT2p5ZHRCT1Rndy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlv1FDANBgkqhkiG9w0BAQsFAAOC
AQEADY+EKBDPh+M2SiuiS57jh6t/K5F+G/x34IUMxtqDiPWbRWocOJhjiXOVAXsV
woqh9WWAyur7T+MORAIm+UmTjLA1pKESTDNarM/Rr2vXldEbtyeqT9hqPpULrEF7
OBmevg5pBbReI1A/LzraTKRLB5o97Mbi+UiXs9+b/N/Gp+jEaDYuCHi9tb5RVXhA
oMr0oPpICQmmHVl5+1pLEMN/VYZqoHLD1JWC9vCliSse175Vubx4fGSOC8kbtX+d
IfTdpmS2DK8gJwqBy++xJmNulrbJyLwct9x2df1JsvoyhLGZqlXhpFltVbLkt+9m
HPdlOv0W+HPW5W5/nSdO0Ad/Vg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:11 2023 by rpki-client on console-fra.rpki-client.org