Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/3Qz9B6oMUtqLhwbONfv7vB5OiEg.roa
File: 3Qz9B6oMUtqLhwbONfv7vB5OiEg.roa (raw, json)
Hash identifier: R2b5+csm70Uh6SKnxZaHeU66BL4uOlVMyjGH/VcPk+w=
Subject key identifier: DD:0C:FD:07:AA:0C:52:DA:8B:87:06:CE:35:FB:FB:BC:1E:4E:88:48
Certificate issuer: /CN=6f0d7a0eb5ca549590a406bc693df1e8d2cbae04
Certificate serial: 0184376004722190A63030C4B9E7A44328E7
Authority key identifier: 6F:0D:7A:0E:B5:CA:54:95:90:A4:06:BC:69:3D:F1:E8:D2:CB:AE:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bw16DrXKVJWQpAa8aT3x6NLLrgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/3Qz9B6oMUtqLhwbONfv7vB5OiEg.roa
Signing time: Wed 02 Nov 2022 08:05:50 +0000
ROA not before: Wed 02 Nov 2022 08:05:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212953
IP address blocks: 185.99.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:60:04:72:21:90:a6:30:30:c4:b9:e7:a4:43:28:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f0d7a0eb5ca549590a406bc693df1e8d2cbae04
Validity
Not Before: Nov 2 08:05:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd0cfd07aa0c52da8b8706ce35fbfbbc1e4e8848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f2:a2:d3:14:39:bd:79:1b:48:f9:41:e9:1f:
7f:32:45:4f:8c:9f:9a:31:7b:9a:23:50:bb:b6:6a:
2d:00:7b:2e:90:23:35:77:36:ae:25:b0:d8:c4:9c:
44:68:f0:6a:e1:59:bb:af:94:ca:de:ca:a7:c0:f8:
b7:02:82:c2:a5:ad:1d:66:0e:59:a7:e0:c0:8d:cb:
c3:e9:e0:35:87:af:55:e0:fb:77:c6:6a:47:c1:54:
50:33:f8:95:75:5a:73:f8:01:85:72:39:b7:17:16:
8c:18:bd:99:4d:cf:9c:74:47:16:e2:67:74:48:8a:
ff:0e:76:b9:8c:33:10:c1:a7:10:49:d3:0b:1d:18:
5d:81:07:a3:29:f9:ea:16:ce:90:a0:99:5b:37:a1:
eb:2d:c6:ab:24:e7:ed:4f:35:b2:00:06:55:7f:f0:
56:22:b8:ee:89:1a:37:35:7a:ad:10:9a:eb:65:69:
d4:92:f1:43:5c:a5:85:0f:ff:51:af:94:11:26:c7:
18:74:9e:33:39:a6:95:25:fa:6d:38:b6:a3:51:ba:
a8:15:59:8a:e5:5d:d9:5f:91:46:5f:bb:ad:8d:ee:
37:3d:71:15:61:02:76:2c:12:ec:23:18:c5:fe:fa:
8a:35:f9:45:21:d4:83:e6:35:03:a2:f9:72:57:03:
78:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0C:FD:07:AA:0C:52:DA:8B:87:06:CE:35:FB:FB:BC:1E:4E:88:48
X509v3 Authority Key Identifier:
keyid:6F:0D:7A:0E:B5:CA:54:95:90:A4:06:BC:69:3D:F1:E8:D2:CB:AE:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bw16DrXKVJWQpAa8aT3x6NLLrgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/3Qz9B6oMUtqLhwbONfv7vB5OiEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/bw16DrXKVJWQpAa8aT3x6NLLrgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.20.0/24
Signature Algorithm: sha256WithRSAEncryption
61:02:65:b9:08:c2:4b:7f:87:3b:a7:1b:d6:b8:5c:01:35:d1:
76:35:e4:6c:77:ad:e7:37:e4:74:27:b0:96:e9:d0:5d:2e:56:
17:a7:d6:fa:a4:1d:ad:77:df:92:ff:bb:76:1d:4b:3c:b0:d5:
4e:54:09:b7:9b:63:64:19:6e:ff:c2:29:d8:d3:3f:aa:63:a8:
df:7c:77:bb:d0:77:69:48:7e:90:eb:a3:ff:95:f2:a4:1f:a7:
f3:d5:05:3c:fc:c0:c9:c4:74:86:e5:e5:5e:d4:22:41:2b:60:
60:bc:a7:e0:1d:f8:79:f3:1b:24:31:e6:1b:0f:00:9d:c3:40:
3b:23:6b:c9:be:fa:f3:36:94:df:bf:ab:76:aa:38:f7:e6:62:
f4:0a:35:ca:2b:80:42:0d:fb:67:56:5f:ae:8b:07:c6:e1:d6:
ea:ee:4a:a8:82:e7:c6:6d:fe:41:fb:2e:34:fe:9b:18:bb:7d:
19:59:96:f3:e2:de:c0:40:d0:c8:4b:60:cb:0f:73:90:30:76:
ac:69:26:fe:3d:f6:db:eb:ab:be:1a:a5:b8:fc:f8:21:e6:c7:
d6:09:82:8a:1f:17:3f:68:de:e7:12:86:36:45:0c:0e:83:44:
34:26:0c:73:e5:a3:40:42:20:fb:62:3a:6c:db:6b:31:87:2c:
81:18:23:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ3YARyIZCmMDDEueekQyjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGQ3YTBlYjVjYTU0OTU5MGE0MDZiYzY5M2RmMWU4ZDJj
YmFlMDQwHhcNMjIxMTAyMDgwNTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBjZmQwN2FhMGM1MmRhOGI4NzA2Y2UzNWZiZmJiYzFlNGU4ODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/Ki0xQ5vXkbSPlB6R9/MkVPjJ+a
MXuaI1C7tmotAHsukCM1dzauJbDYxJxEaPBq4Vm7r5TK3sqnwPi3AoLCpa0dZg5Z
p+DAjcvD6eA1h69V4Pt3xmpHwVRQM/iVdVpz+AGFcjm3FxaMGL2ZTc+cdEcW4md0
SIr/Dna5jDMQwacQSdMLHRhdgQejKfnqFs6QoJlbN6HrLcarJOftTzWyAAZVf/BW
IrjuiRo3NXqtEJrrZWnUkvFDXKWFD/9Rr5QRJscYdJ4zOaaVJfptOLajUbqoFVmK
5V3ZX5FGX7utje43PXEVYQJ2LBLsIxjF/vqKNflFIdSD5jUDovlyVwN46QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0M/QeqDFLai4cGzjX7+7weTohIMB8GA1UdIwQY
MBaAFG8Neg61ylSVkKQGvGk98ejSy64EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYncxNkRyWEtWSldRcEFhOGFUM3g2TkxMcmdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iNTVjMDItMzQ3Yi00MmE4LTk2YWUt
ZDE3OTA1M2Q4NDM0LzEvM1F6OUI2b01VdHFMaHdiT05mdjd2QjVPaUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iNTVjMDItMzQ3Yi00MmE4LTk2YWUtZDE3OTA1M2Q4NDM0
LzEvYncxNkRyWEtWSldRcEFhOGFUM3g2TkxMcmdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWMUMA0G
CSqGSIb3DQEBCwUAA4IBAQBhAmW5CMJLf4c7pxvWuFwBNdF2NeRsd63nN+R0J7CW
6dBdLlYXp9b6pB2td9+S/7t2HUs8sNVOVAm3m2NkGW7/winY0z+qY6jffHe70Hdp
SH6Q66P/lfKkH6fz1QU8/MDJxHSG5eVe1CJBK2BgvKfgHfh58xskMeYbDwCdw0A7
I2vJvvrzNpTfv6t2qjj35mL0CjXKK4BCDftnVl+uiwfG4dbq7kqogufGbf5B+y40
/psYu30ZWZbz4t7AQNDIS2DLD3OQMHasaSb+Pfbb66u+GqW4/Pgh5sfWCYKKHxc/
aN7nEoY2RQwOg0Q0Jgxz5aNAQiD7Yjps22sxhyyBGCN4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:12 2023 by rpki-client on console-fra.rpki-client.org