Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/3e73a6-1da7-47f6-a38c-0ee847d3fb79/1/rQgOtaYmQxKz9LK2VA2YmzV61Co.roa
File: rQgOtaYmQxKz9LK2VA2YmzV61Co.roa (raw, json)
Hash identifier: xMnuvlQCtOhSxeAfZbXaS54hbonfehRDN0tgpoWjnZA=
Subject key identifier: AD:08:0E:B5:A6:26:43:12:B3:F4:B2:B6:54:0D:98:9B:35:7A:D4:2A
Certificate issuer: /CN=a065e65749caa5fbb491e906977db18d3559bf43
Certificate serial: 03F12EB2
Authority key identifier: A0:65:E6:57:49:CA:A5:FB:B4:91:E9:06:97:7D:B1:8D:35:59:BF:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oGXmV0nKpfu0kekGl32xjTVZv0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/3e73a6-1da7-47f6-a38c-0ee847d3fb79/1/rQgOtaYmQxKz9LK2VA2YmzV61Co.roa
Signing time: Sat 01 Jan 2022 03:52:19 +0000
ROA not before: Sat 01 Jan 2022 03:52:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44045
IP address blocks: 185.79.60.0/22 maxlen: 22
185.79.63.0/24 maxlen: 24
185.79.60.0/24 maxlen: 24
185.79.62.0/24 maxlen: 24
185.79.61.0/24 maxlen: 24
2a05:7200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66137778 (0x3f12eb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a065e65749caa5fbb491e906977db18d3559bf43
Validity
Not Before: Jan 1 03:52:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad080eb5a6264312b3f4b2b6540d989b357ad42a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:31:7e:55:85:7b:19:a5:a3:8e:14:e9:cc:8e:
c9:8a:dd:38:68:29:23:e9:25:49:3c:20:f8:0c:f6:
41:49:03:d4:cf:ad:ff:10:95:39:b5:a8:4f:30:c7:
bb:d9:97:0c:c0:f4:4a:e3:f6:0b:84:1a:57:ed:fd:
5c:88:e5:c5:17:d8:5d:1d:a1:76:ab:78:3a:3e:46:
2e:53:10:d1:a1:eb:41:38:e3:8e:05:ca:d8:40:cc:
4b:2e:6f:bb:57:e1:8b:49:bd:16:3c:68:5d:1c:48:
25:a2:c4:9f:89:be:38:c4:ce:5d:76:46:a7:c1:3f:
32:e2:4c:dd:c4:1b:1e:48:e6:6a:5d:c9:9c:89:7d:
7a:ec:6c:54:c8:11:07:ac:ac:ec:96:63:ee:5b:5b:
db:06:90:8c:98:25:af:2c:36:99:b9:83:23:2b:ea:
19:cf:85:f7:96:46:d4:e3:82:a5:5e:f1:5d:12:d5:
5b:d9:58:0d:cd:62:e7:fd:c2:6e:48:b0:f7:4c:e3:
3e:95:b5:72:4c:4d:a8:0b:f9:0d:18:e9:bb:aa:9e:
c7:2d:e9:52:bd:1d:58:4d:70:f6:f8:75:e4:00:58:
3d:60:33:0e:e8:61:61:44:3c:92:54:47:ae:6a:e2:
d0:ba:68:84:ae:b2:4d:78:18:6a:84:28:ea:36:08:
5d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:08:0E:B5:A6:26:43:12:B3:F4:B2:B6:54:0D:98:9B:35:7A:D4:2A
X509v3 Authority Key Identifier:
keyid:A0:65:E6:57:49:CA:A5:FB:B4:91:E9:06:97:7D:B1:8D:35:59:BF:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oGXmV0nKpfu0kekGl32xjTVZv0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/3e73a6-1da7-47f6-a38c-0ee847d3fb79/1/rQgOtaYmQxKz9LK2VA2YmzV61Co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/3e73a6-1da7-47f6-a38c-0ee847d3fb79/1/oGXmV0nKpfu0kekGl32xjTVZv0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.60.0/22
IPv6:
2a05:7200::/29
Signature Algorithm: sha256WithRSAEncryption
81:be:9b:26:fc:81:b2:17:19:3d:e0:8e:8c:0e:5d:06:76:f8:
2b:ac:0f:57:c8:8f:8e:1e:2e:21:3e:cb:6d:af:02:f6:21:0d:
97:dc:e2:46:4c:11:24:be:59:e9:89:21:22:00:81:79:30:df:
10:78:53:f9:1a:5b:48:0c:48:fa:7b:6b:67:5f:fe:4b:9e:57:
93:6e:83:22:4c:6b:e0:c0:d2:8d:86:72:10:b5:73:ae:b9:60:
db:d2:87:c9:5c:ef:df:7b:d0:8b:e2:88:36:a4:3b:6e:0e:c2:
9f:d3:96:d2:c9:03:2a:9f:24:0a:d0:f2:cc:b7:70:19:27:0d:
c8:ea:9b:1e:59:07:f3:09:92:91:17:bf:03:a0:1e:26:80:8f:
52:f7:45:fa:95:b7:cb:74:f7:79:ad:13:95:3d:48:ce:2d:92:
d7:08:67:3f:51:2e:b7:b3:82:fe:4e:37:58:c7:87:78:bc:64:
60:c4:2b:ba:fe:33:7c:8e:cd:76:23:f6:76:00:35:79:ce:4d:
21:06:06:97:1b:97:ca:08:6a:64:eb:fe:d6:42:36:3e:bf:29:
b7:79:69:da:82:01:9c:bf:ae:b1:38:eb:bc:0a:c2:26:e2:46:
47:38:d9:60:5e:03:03:15:02:9b:9a:51:be:a3:f3:95:bd:12:
2b:14:06:7a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA/EusjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MDY1ZTY1NzQ5Y2FhNWZiYjQ5MWU5MDY5NzdkYjE4ZDM1NTliZjQzMB4XDTIyMDEw
MTAzNTIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQwODBlYjVhNjI2
NDMxMmIzZjRiMmI2NTQwZDk4OWIzNTdhZDQyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKAxflWFexmlo44U6cyOyYrdOGgpI+klSTwg+Az2QUkD1M+t
/xCVObWoTzDHu9mXDMD0SuP2C4QaV+39XIjlxRfYXR2hdqt4Oj5GLlMQ0aHrQTjj
jgXK2EDMSy5vu1fhi0m9FjxoXRxIJaLEn4m+OMTOXXZGp8E/MuJM3cQbHkjmal3J
nIl9euxsVMgRB6ys7JZj7ltb2waQjJglryw2mbmDIyvqGc+F95ZG1OOCpV7xXRLV
W9lYDc1i5/3Cbkiw90zjPpW1ckxNqAv5DRjpu6qexy3pUr0dWE1w9vh15ABYPWAz
DuhhYUQ8klRHrmri0LpohK6yTXgYaoQo6jYIXfkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBStCA61piZDErP0srZUDZibNXrUKjAfBgNVHSMEGDAWgBSgZeZXScql+7SR
6QaXfbGNNVm/QzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29HWG1WMG5LcGZ1MGtla0dsMzJ4alRWWnYwTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvM2U3M2E2LTFkYTctNDdmNi1hMzhjLTBlZTg0N2QzZmI3OS8x
L3JRZ090YVltUXhLejlMSzJWQTJZbXpWNjFDby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
M2U3M2E2LTFkYTctNDdmNi1hMzhjLTBlZTg0N2QzZmI3OS8xL29HWG1WMG5LcGZ1
MGtla0dsMzJ4alRWWnYwTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlPPDANBAIAAjAHAwUDKgVyADAN
BgkqhkiG9w0BAQsFAAOCAQEAgb6bJvyBshcZPeCOjA5dBnb4K6wPV8iPjh4uIT7L
ba8C9iENl9ziRkwRJL5Z6YkhIgCBeTDfEHhT+RpbSAxI+ntrZ1/+S55Xk26DIkxr
4MDSjYZyELVzrrlg29KHyVzv33vQi+KINqQ7bg7Cn9OW0skDKp8kCtDyzLdwGScN
yOqbHlkH8wmSkRe/A6AeJoCPUvdF+pW3y3T3ea0TlT1Izi2S1whnP1Eut7OC/k43
WMeHeLxkYMQruv4zfI7NdiP2dgA1ec5NIQYGlxuXyghqZOv+1kI2Pr8pt3lp2oIB
nL+usTjrvArCJuJGRzjZYF4DAxUCm5pRvqPzlb0SKxQGeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:10 2024 by rpki-client on console-ams.rpki-client.org