Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/3rjc6bqXf2imrKKaEVVyWX16_Bs.roa
File: 3rjc6bqXf2imrKKaEVVyWX16_Bs.roa (raw, json)
Hash identifier: crgqhuxQ224nAop92dNh4ygxI+aLIhVg7l2SN0KnPuc=
Subject key identifier: DE:B8:DC:E9:BA:97:7F:68:A6:AC:A2:9A:11:55:72:59:7D:7A:FC:1B
Certificate issuer: /CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Certificate serial: 375EC189
Authority key identifier: 55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/3rjc6bqXf2imrKKaEVVyWX16_Bs.roa
Signing time: Sat 01 Jan 2022 11:54:41 +0000
ROA not before: Sat 01 Jan 2022 11:54:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8763
IP address blocks: 81.91.160.0/20 maxlen: 20
81.91.172.0/24 maxlen: 24
81.91.170.0/24 maxlen: 24
81.91.173.0/24 maxlen: 24
185.151.140.0/24 maxlen: 24
2a02:568::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 928956809 (0x375ec189)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Validity
Not Before: Jan 1 11:54:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=deb8dce9ba977f68a6aca29a115572597d7afc1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5f:82:35:1f:de:79:02:f2:25:85:dc:2f:3d:
8a:2f:af:c8:ed:92:f3:52:01:cf:8e:f8:56:31:bc:
8c:45:0a:b5:30:79:b4:e1:2a:55:bc:64:68:18:cd:
21:47:69:75:eb:27:70:da:b8:58:56:bc:2a:46:27:
e4:db:84:0f:a1:7f:e6:db:67:48:ff:32:0d:45:8b:
5d:b0:89:ba:1c:c6:42:06:f6:ab:6f:25:31:dc:16:
0d:fa:6f:53:e6:af:78:d4:e3:1d:29:65:2d:94:c9:
94:71:5e:3c:e6:a7:9c:8d:01:64:2a:9b:c3:e2:7f:
02:b3:87:8c:56:35:ee:04:74:47:bf:87:52:71:cb:
ca:8f:67:a1:2c:24:6b:52:40:92:5a:37:fd:8c:b1:
52:af:5d:fd:8f:d9:40:81:b4:67:e5:9e:17:b7:fc:
17:ca:bd:08:bd:1f:68:4e:51:9e:12:f0:c3:72:06:
02:0c:ab:7f:0e:71:65:3b:91:87:9f:c8:5f:fc:8c:
a2:2e:90:2d:e8:e4:72:2f:1b:37:32:22:d0:8c:97:
65:d9:75:c8:81:24:b4:18:d2:be:d4:bb:8f:a1:23:
ac:12:31:55:83:6f:1a:b3:a5:50:2b:38:9c:50:cf:
9e:b5:27:65:f3:bb:eb:f0:7e:a5:22:23:d9:66:3f:
97:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B8:DC:E9:BA:97:7F:68:A6:AC:A2:9A:11:55:72:59:7D:7A:FC:1B
X509v3 Authority Key Identifier:
keyid:55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/3rjc6bqXf2imrKKaEVVyWX16_Bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.160.0/20
185.151.140.0/24
IPv6:
2a02:568::/32
Signature Algorithm: sha256WithRSAEncryption
69:14:fe:73:16:a1:6e:fa:cb:ca:c9:a1:78:6c:4a:de:3e:3b:
51:4c:9b:f4:ce:f1:68:ef:21:d3:eb:8d:2b:b1:69:c0:f0:f4:
fe:b5:1b:bb:aa:cf:f4:c4:e0:d6:71:a9:cc:8f:6e:a0:38:23:
a3:9a:6b:9e:e9:96:e8:3a:c9:19:cb:ff:4d:ca:31:50:b3:2b:
7f:58:aa:35:9f:b7:b5:69:67:97:41:aa:de:e6:30:ce:66:56:
d8:cd:c9:6f:1d:ab:5a:38:40:38:f2:8b:37:47:9d:a8:91:ad:
0c:7b:f6:2a:9c:84:39:fc:58:bd:68:f6:2c:4a:77:d0:57:cb:
f5:c1:d8:3c:d3:56:fd:34:e2:c4:8f:3e:bf:43:91:cc:20:c2:
b1:ea:40:a4:6f:e5:a3:6e:4a:e5:03:06:c0:85:7a:96:35:67:
f7:1e:6f:f7:db:da:aa:cd:93:01:30:30:e4:eb:2a:47:fa:11:
ca:ad:b4:01:70:e1:0c:b6:1b:8b:fc:2e:f6:87:da:a6:65:7e:
79:9e:bc:bd:73:b9:74:ff:41:16:29:f4:b6:e6:7f:31:69:ca:
c0:2f:c6:a3:3e:70:f2:fa:80:b5:9a:f2:09:66:af:1c:b8:b9:
eb:6c:63:63:87:ec:3b:2f:64:e6:5c:00:69:f6:c9:37:8c:0f:
d8:86:97:b9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEN17BiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NWIyOTZkNmI1MzRmZTNhMzJjYzFjM2E0ZTgxMzU4ZjIxNmM5M2M3MB4XDTIyMDEw
MTExNTQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGViOGRjZTliYTk3
N2Y2OGE2YWNhMjlhMTE1NTcyNTk3ZDdhZmMxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN1fgjUf3nkC8iWF3C89ii+vyO2S81IBz474VjG8jEUKtTB5
tOEqVbxkaBjNIUdpdesncNq4WFa8KkYn5NuED6F/5ttnSP8yDUWLXbCJuhzGQgb2
q28lMdwWDfpvU+aveNTjHSllLZTJlHFePOannI0BZCqbw+J/ArOHjFY17gR0R7+H
UnHLyo9noSwka1JAklo3/YyxUq9d/Y/ZQIG0Z+WeF7f8F8q9CL0faE5RnhLww3IG
Agyrfw5xZTuRh5/IX/yMoi6QLejkci8bNzIi0IyXZdl1yIEktBjSvtS7j6EjrBIx
VYNvGrOlUCs4nFDPnrUnZfO76/B+pSIj2WY/l/UCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTeuNzpupd/aKasopoRVXJZfXr8GzAfBgNVHSMEGDAWgBRVspbWtTT+OjLM
HDpOgTWPIWyTxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZiS1cxclUwX2pveXpCdzZUb0UxanlGc2s4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvZDdhYjBjLTNjMjItNGM2MS1hMjAxLWRkNmNjOTdjOWJkZC8x
LzNyamM2YnFYZjJpbXJLS2FFVlZ5V1gxNl9Ccy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
ZDdhYjBjLTNjMjItNGM2MS1hMjAxLWRkNmNjOTdjOWJkZC8xL1ZiS1cxclUwX2pv
eXpCdzZUb0UxanlGc2s4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBFFboAMEALmXjDANBAIAAjAHAwUA
KgIFaDANBgkqhkiG9w0BAQsFAAOCAQEAaRT+cxahbvrLysmheGxK3j47UUyb9M7x
aO8h0+uNK7FpwPD0/rUbu6rP9MTg1nGpzI9uoDgjo5prnumW6DrJGcv/TcoxULMr
f1iqNZ+3tWlnl0Gq3uYwzmZW2M3Jbx2rWjhAOPKLN0edqJGtDHv2KpyEOfxYvWj2
LEp30FfL9cHYPNNW/TTixI8+v0ORzCDCsepApG/lo25K5QMGwIV6ljVn9x5v99va
qs2TATAw5OsqR/oRyq20AXDhDLYbi/wu9ofapmV+eZ68vXO5dP9BFin0tuZ/MWnK
wC/Goz5w8vqAtZryCWavHLi562xjY4fsOy9k5lwAafbJN4wP2IaXuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:45 2024 by rpki-client on console-fra.rpki-client.org