Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/3Qk8mO9p0gFZPOBHtMX60EqRtjg.roa
File: 3Qk8mO9p0gFZPOBHtMX60EqRtjg.roa (raw, json)
Hash identifier: l3DNpOc8qcdCg7m6yGFaSh61xnuLXSuJ1YFBrgK6F4g=
Subject key identifier: DD:09:3C:98:EF:69:D2:01:59:3C:E0:47:B4:C5:FA:D0:4A:91:B6:38
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 03F86783
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/3Qk8mO9p0gFZPOBHtMX60EqRtjg.roa
Signing time: Tue 26 Apr 2022 09:52:00 +0000
ROA not before: Tue 26 Apr 2022 09:52:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205981
IP address blocks: 45.9.132.0/22 maxlen: 22
212.63.104.0/22 maxlen: 22
185.194.108.0/22 maxlen: 22
45.137.72.0/22 maxlen: 22
185.248.124.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66611075 (0x3f86783)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Apr 26 09:52:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd093c98ef69d201593ce047b4c5fad04a91b638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:25:1d:77:da:b6:9a:12:6f:2b:bc:38:99:1d:
42:fe:78:8f:3f:8e:e2:4f:cb:6f:fa:2d:0c:62:6a:
65:75:07:77:31:d6:ad:35:77:56:6f:a0:2f:9b:55:
d6:82:6a:96:da:0b:d7:38:b8:60:8c:97:49:ad:d8:
8e:c6:3e:42:02:82:d8:12:38:39:b5:b9:23:a5:4a:
9a:ab:fe:04:89:40:84:2c:28:4c:d9:de:48:39:bb:
38:d9:e1:d7:99:50:ec:b2:27:f6:dc:4b:56:28:7b:
c9:90:0e:d2:81:e6:68:12:6f:89:ac:5a:a5:76:38:
e1:6a:44:6e:69:84:d4:9c:34:a9:39:47:b5:33:da:
32:4b:7f:c7:14:b8:7a:8c:4f:04:4d:a1:b3:33:0f:
eb:50:d4:b2:b3:d7:3d:a8:fc:2a:e8:0f:9d:cc:dc:
cb:d7:bd:d2:c7:cf:59:5c:45:49:d4:a9:5f:e8:9d:
78:38:76:f6:2a:89:b1:53:ff:92:f1:6a:fd:a5:2f:
43:c7:b1:32:cd:40:71:dc:db:d2:51:b7:d0:db:40:
0c:e6:0e:34:2f:9c:44:42:fb:4d:12:87:7e:d8:6c:
ab:07:25:e4:fd:a5:99:d1:b0:83:be:a4:75:14:47:
d8:35:6e:3b:45:a1:71:58:d4:04:84:3a:d3:fc:ea:
64:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:09:3C:98:EF:69:D2:01:59:3C:E0:47:B4:C5:FA:D0:4A:91:B6:38
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/3Qk8mO9p0gFZPOBHtMX60EqRtjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.132.0/22
45.137.72.0/22
185.194.108.0/22
185.248.124.0/22
212.63.104.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:53:5b:bc:69:3f:9a:7d:21:c7:21:1c:63:c1:d3:6f:76:8a:
cc:22:e7:1e:f7:e3:37:ee:ee:8a:b4:36:c2:4b:e3:83:49:4e:
0e:f1:bc:a0:87:90:3b:4d:0d:d9:d8:98:92:7b:5d:e4:46:18:
c6:72:d3:f0:68:79:cd:1b:59:55:73:7c:82:06:06:63:bd:85:
06:c3:1c:69:31:75:fc:d9:5f:cf:b6:1c:bd:d2:1c:1f:29:11:
72:6f:34:97:b6:0b:67:c4:e7:80:4c:4c:a0:de:bb:41:69:c8:
fa:b2:f2:74:88:b0:1c:d6:57:4c:f2:45:7b:72:a9:ac:0c:c0:
ab:08:31:3f:1c:3f:be:f1:f9:20:89:18:fb:02:06:3a:2d:0e:
f8:5b:98:0b:ec:a9:24:70:19:0e:e4:a0:8a:27:4d:19:04:63:
52:07:e4:04:33:5a:b9:76:ec:37:1f:f8:1f:52:0c:05:64:6d:
85:57:dc:48:3d:2b:62:44:57:73:b2:ad:72:99:d9:cc:29:ba:
8e:f0:0d:fa:fe:f7:48:34:44:7d:8f:ba:c9:61:4f:c3:74:6a:
1f:0f:e4:aa:e9:3f:d5:3c:88:38:92:6d:11:2f:1f:ee:06:a3:
81:a6:62:4b:38:85:7c:32:0b:26:b1:18:9e:2d:5a:77:f4:e5:
df:1d:73:33
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEA/hngzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDk0YTQyNTU5NWU5MjNjNGI1M2I5YzAwMGFhOGYxOWFkOTIzZjIwMB4XDTIyMDQy
NjA5NTIwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQwOTNjOThlZjY5
ZDIwMTU5M2NlMDQ3YjRjNWZhZDA0YTkxYjYzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4lHXfatpoSbyu8OJkdQv54jz+O4k/Lb/otDGJqZXUHdzHW
rTV3Vm+gL5tV1oJqltoL1zi4YIyXSa3YjsY+QgKC2BI4ObW5I6VKmqv+BIlAhCwo
TNneSDm7ONnh15lQ7LIn9txLVih7yZAO0oHmaBJviaxapXY44WpEbmmE1Jw0qTlH
tTPaMkt/xxS4eoxPBE2hszMP61DUsrPXPaj8KugPnczcy9e90sfPWVxFSdSpX+id
eDh29iqJsVP/kvFq/aUvQ8exMs1Acdzb0lG30NtADOYONC+cREL7TRKHfthsqwcl
5P2lmdGwg76kdRRH2DVuO0WhcVjUBIQ60/zqZOECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTdCTyY72nSAVk84Ee0xfrQSpG2ODAfBgNVHSMEGDAWgBRwlKQlWV6SPEtT
ucAAqo8ZrZI/IDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NKU2tKVmxla2p4TFU3bkFBS3FQR2EyU1B5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvOTYzMTcwLTU4YmUtNDZiYi1hNWRlLTc3NzM3M2U2MDU1ZS8x
LzNRazhtTzlwMGdGWlBPQkh0TVg2MEVxUnRqZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
OTYzMTcwLTU4YmUtNDZiYi1hNWRlLTc3NzM3M2U2MDU1ZS8xL2NKU2tKVmxla2p4
TFU3bkFBS3FQR2EyU1B5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAi0JhAMEAi2JSAMEArnCbAMEArn4
fAMEAtQ/aDANBgkqhkiG9w0BAQsFAAOCAQEAX1NbvGk/mn0hxyEcY8HTb3aKzCLn
HvfjN+7uirQ2wkvjg0lODvG8oIeQO00N2diYkntd5EYYxnLT8Gh5zRtZVXN8ggYG
Y72FBsMcaTF1/Nlfz7YcvdIcHykRcm80l7YLZ8TngExMoN67QWnI+rLydIiwHNZX
TPJFe3KprAzAqwgxPxw/vvH5IIkY+wIGOi0O+FuYC+ypJHAZDuSgiidNGQRjUgfk
BDNauXbsNx/4H1IMBWRthVfcSD0rYkRXc7KtcpnZzCm6jvAN+v73SDREfY+6yWFP
w3RqHw/kquk/1TyIOJJtES8f7gajgaZiSziFfDILJrEYni1ad/Tl3x1zMw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:33 2023 by rpki-client on console-ams.rpki-client.org