Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c74dc5-f3bc-4bfb-89f7-d97bd330328c/1/20CZNxOcAxXCS8oBVPfhViWBmNw.roa
File: 20CZNxOcAxXCS8oBVPfhViWBmNw.roa (raw, json)
Hash identifier: HBvrdKuDFApkB9koylHfXMxmynt0vsUOf0qMkrA7xRo=
Subject key identifier: DB:40:99:37:13:9C:03:15:C2:4B:CA:01:54:F7:E1:56:25:81:98:DC
Certificate issuer: /CN=c3fadf44e101e165c87bb4d0efccf94bd67e2a35
Certificate serial: 0182FE97928180FFA6EF81C19E3B1E53B89F
Authority key identifier: C3:FA:DF:44:E1:01:E1:65:C8:7B:B4:D0:EF:CC:F9:4B:D6:7E:2A:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w_rfROEB4WXIe7TQ78z5S9Z-KjU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c74dc5-f3bc-4bfb-89f7-d97bd330328c/1/20CZNxOcAxXCS8oBVPfhViWBmNw.roa
Signing time: Fri 02 Sep 2022 14:25:22 +0000
ROA not before: Fri 02 Sep 2022 14:25:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43237
IP address blocks: 194.8.72.0/23 maxlen: 23
195.114.20.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fe:97:92:81:80:ff:a6:ef:81:c1:9e:3b:1e:53:b8:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3fadf44e101e165c87bb4d0efccf94bd67e2a35
Validity
Not Before: Sep 2 14:25:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db409937139c0315c24bca0154f7e156258198dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:24:a9:e8:9d:b8:77:08:cb:75:ab:55:3e:ea:
67:b0:df:d9:d4:37:13:1a:1c:70:24:6f:9f:ec:da:
62:dc:dd:1e:41:50:6c:45:b9:13:94:9c:f2:ad:09:
26:bb:79:ad:05:82:f6:44:02:0a:17:d2:32:e7:50:
c2:98:bb:06:af:fe:d3:6f:6a:b6:0a:c5:69:3b:83:
93:d6:b4:3f:e2:99:41:ce:11:4e:a1:1a:03:7c:5a:
69:b2:5c:80:b9:6d:80:ce:89:02:c4:80:32:00:51:
0d:f3:51:5e:26:36:a3:2a:4d:56:1d:9e:d2:7c:67:
28:f0:60:7e:ef:35:85:35:d6:45:2d:e5:1d:3c:87:
9d:29:91:ee:49:34:24:86:6f:12:06:a8:9c:8b:e1:
a9:33:b7:bc:3e:c8:9f:fa:2e:a6:37:dd:8e:a3:32:
6e:bf:6a:78:00:d7:e4:56:3e:dc:ea:44:6a:da:6a:
fd:82:aa:eb:a2:2f:aa:5e:d9:0a:24:25:7c:42:bc:
b8:59:68:db:a0:ae:28:82:41:53:10:38:bc:b1:1d:
76:6d:06:a3:4b:69:e0:db:f0:9d:de:76:04:ed:a2:
4d:b9:c4:fa:f0:f8:d9:f4:50:83:3b:95:00:5c:15:
a7:cf:2e:c4:9a:99:ff:54:d8:31:36:d1:43:03:a7:
0c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:40:99:37:13:9C:03:15:C2:4B:CA:01:54:F7:E1:56:25:81:98:DC
X509v3 Authority Key Identifier:
keyid:C3:FA:DF:44:E1:01:E1:65:C8:7B:B4:D0:EF:CC:F9:4B:D6:7E:2A:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w_rfROEB4WXIe7TQ78z5S9Z-KjU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c74dc5-f3bc-4bfb-89f7-d97bd330328c/1/20CZNxOcAxXCS8oBVPfhViWBmNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c74dc5-f3bc-4bfb-89f7-d97bd330328c/1/w_rfROEB4WXIe7TQ78z5S9Z-KjU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.72.0/23
195.114.20.0/23
Signature Algorithm: sha256WithRSAEncryption
80:84:f8:5c:fd:e5:9e:b8:70:16:56:4f:e4:99:26:4e:49:89:
cd:6e:7b:e7:ca:8c:dd:88:3a:18:1d:b7:23:e4:94:57:19:1e:
15:ab:42:0b:85:7c:e5:f3:f2:d5:1e:48:39:fd:c3:80:a2:9a:
d1:0a:ba:9f:91:c4:5b:e8:41:e9:95:a1:21:39:31:6c:09:5b:
3a:01:1f:c0:4e:98:88:d8:c4:e7:97:12:48:19:3b:06:00:22:
bf:b0:db:a1:cc:5a:07:8a:35:b2:20:1d:a7:69:e5:43:7f:af:
62:d8:a8:5a:19:68:47:f4:61:70:1d:cc:27:b3:fd:0c:eb:a2:
eb:de:2d:ba:6d:90:67:0f:ec:a0:2a:09:bd:d3:4e:da:83:9e:
6b:e7:e3:a4:48:e3:ec:d9:02:f6:9c:77:7b:83:92:f0:3a:24:
d1:4f:d6:2a:51:19:ec:3e:69:3c:30:c7:36:b1:a6:c4:81:c2:
65:ea:e8:87:ca:db:5b:fa:c4:8a:4e:c3:a8:e7:f8:ae:28:41:
f6:72:87:19:08:dc:70:d8:61:c0:64:98:ab:e1:f9:b0:cf:4c:
44:82:28:88:1f:28:83:30:d7:bd:65:9a:70:99:c4:bc:bb:64:
9c:a9:79:26:9c:b9:8c:99:a2:3a:5e:bd:df:e2:97:48:15:a6:
df:98:bc:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYL+l5KBgP+m74HBnjseU7ifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZmFkZjQ0ZTEwMWUxNjVjODdiYjRkMGVmY2NmOTRiZDY3
ZTJhMzUwHhcNMjIwOTAyMTQyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQwOTkzNzEzOWMwMzE1YzI0YmNhMDE1NGY3ZTE1NjI1ODE5OGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSSp6J24dwjLdatVPupnsN/Z1DcT
GhxwJG+f7Npi3N0eQVBsRbkTlJzyrQkmu3mtBYL2RAIKF9Iy51DCmLsGr/7Tb2q2
CsVpO4OT1rQ/4plBzhFOoRoDfFppslyAuW2AzokCxIAyAFEN81FeJjajKk1WHZ7S
fGco8GB+7zWFNdZFLeUdPIedKZHuSTQkhm8SBqici+GpM7e8Psif+i6mN92OozJu
v2p4ANfkVj7c6kRq2mr9gqrroi+qXtkKJCV8Qry4WWjboK4ogkFTEDi8sR12bQaj
S2ng2/Cd3nYE7aJNucT68PjZ9FCDO5UAXBWnzy7Empn/VNgxNtFDA6cMhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNtAmTcTnAMVwkvKAVT34VYlgZjcMB8GA1UdIwQY
MBaAFMP630ThAeFlyHu00O/M+UvWfio1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd19yZlJPRUI0V1hJZTdUUTc4ejVTOVotS2pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jNzRkYzUtZjNiYy00YmZiLTg5Zjct
ZDk3YmQzMzAzMjhjLzEvMjBDWk54T2NBeFhDUzhvQlZQZmhWaVdCbU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jNzRkYzUtZjNiYy00YmZiLTg5ZjctZDk3YmQzMzAzMjhj
LzEvd19yZlJPRUI0V1hJZTdUUTc4ejVTOVotS2pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwghIAwQB
w3IUMA0GCSqGSIb3DQEBCwUAA4IBAQCAhPhc/eWeuHAWVk/kmSZOSYnNbnvnyozd
iDoYHbcj5JRXGR4Vq0ILhXzl8/LVHkg5/cOAoprRCrqfkcRb6EHplaEhOTFsCVs6
AR/ATpiI2MTnlxJIGTsGACK/sNuhzFoHijWyIB2naeVDf69i2KhaGWhH9GFwHcwn
s/0M66Lr3i26bZBnD+ygKgm9007ag55r5+OkSOPs2QL2nHd7g5LwOiTRT9YqURns
Pmk8MMc2sabEgcJl6uiHyttb+sSKTsOo5/iuKEH2cocZCNxw2GHAZJir4fmwz0xE
giiIHyiDMNe9ZZpwmcS8u2ScqXkmnLmMmaI6Xr3f4pdIFabfmLxt
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:40 2023 by rpki-client on console-ams.rpki-client.org