Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/Ig6orodYnceMun4PRsBadXIN1Io.roa
File: Ig6orodYnceMun4PRsBadXIN1Io.roa (raw, json)
Hash identifier: ZWW0zPrLuKDGqP/0fRDQ9yqO340gIgzp8e03OcJbtPM=
Subject key identifier: 22:0E:A8:AE:87:58:9D:C7:8C:BA:7E:0F:46:C0:5A:75:72:0D:D4:8A
Certificate issuer: /CN=3aeeb9e692ba9e93d8b95a6488d5c875609d4aec
Certificate serial: 044A9CC9
Authority key identifier: 3A:EE:B9:E6:92:BA:9E:93:D8:B9:5A:64:88:D5:C8:75:60:9D:4A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ou655pK6npPYuVpkiNXIdWCdSuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/Ig6orodYnceMun4PRsBadXIN1Io.roa
Signing time: Sat 01 Jan 2022 11:57:35 +0000
ROA not before: Sat 01 Jan 2022 11:57:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2860
IP address blocks: 81.20.240.0/20 maxlen: 20
185.218.12.0/22 maxlen: 22
78.29.128.0/18 maxlen: 18
128.65.224.0/19 maxlen: 19
2a0b:c1c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71998665 (0x44a9cc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aeeb9e692ba9e93d8b95a6488d5c875609d4aec
Validity
Not Before: Jan 1 11:57:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=220ea8ae87589dc78cba7e0f46c05a75720dd48a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9d:9b:0f:09:28:74:0a:fd:b4:ec:96:64:f4:
d4:bf:6e:11:9a:07:21:24:13:2c:37:da:67:5d:a5:
48:0b:a4:df:4a:0f:ff:a6:43:47:e4:ce:42:97:8a:
e1:45:48:70:0c:47:7e:90:33:ce:0c:18:ef:a8:54:
76:98:59:c4:1f:ec:c8:76:8c:66:8f:e5:60:c2:29:
e2:a8:e5:32:5d:ff:af:7c:bf:65:a7:52:d4:9a:0d:
d9:16:8a:e0:2b:8f:58:0e:97:ee:54:50:89:3a:06:
d4:8d:42:ae:a1:23:20:44:a5:bc:93:78:2a:6d:bd:
4c:42:d6:99:b5:b4:55:6d:bc:ea:2d:21:58:f1:22:
7e:c8:32:e4:bc:93:34:4e:bd:35:ba:af:7d:67:9e:
66:ad:cb:c8:3d:49:f1:3c:37:ff:3c:1c:40:c0:73:
28:cc:91:33:f1:ba:6c:c4:89:eb:14:cd:b9:34:a8:
b7:9d:96:ee:47:ff:75:5d:22:31:d3:0d:5b:76:73:
39:32:4f:be:fe:97:f5:e3:c6:41:31:62:bf:4c:6e:
24:db:c1:4f:a8:50:16:12:0d:f7:37:5f:d2:a0:5a:
1e:45:44:c1:ea:4e:ee:7b:29:53:a4:4e:91:6f:3a:
dc:13:36:89:07:eb:85:a3:71:06:74:51:00:5b:f3:
f5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:0E:A8:AE:87:58:9D:C7:8C:BA:7E:0F:46:C0:5A:75:72:0D:D4:8A
X509v3 Authority Key Identifier:
keyid:3A:EE:B9:E6:92:BA:9E:93:D8:B9:5A:64:88:D5:C8:75:60:9D:4A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou655pK6npPYuVpkiNXIdWCdSuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/Ig6orodYnceMun4PRsBadXIN1Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/Ou655pK6npPYuVpkiNXIdWCdSuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.29.128.0/18
81.20.240.0/20
128.65.224.0/19
185.218.12.0/22
IPv6:
2a0b:c1c0::/29
Signature Algorithm: sha256WithRSAEncryption
d0:2d:05:04:95:c3:dc:76:a3:27:e4:b7:82:91:c8:ca:68:15:
09:77:2c:04:97:8e:44:c0:18:ad:93:69:65:33:c2:f1:e7:f3:
78:a4:52:3f:8a:1c:83:a8:67:82:a3:6f:29:bc:c8:c8:d9:b2:
f2:79:f9:3a:09:5f:ed:9c:07:6b:cd:09:b8:c6:31:c2:e2:8a:
4a:63:55:66:e4:de:4f:cc:80:d3:08:8f:09:9f:d4:5b:b6:ea:
15:ec:e1:86:33:98:6f:bb:04:e0:43:f2:cc:3a:b1:ab:59:e1:
16:e8:7b:f4:3f:c5:c2:fa:83:b9:de:0b:02:0a:85:28:bc:d0:
c6:ac:90:92:d0:a8:a9:8f:1a:80:13:33:9e:2f:a6:cd:d2:12:
0d:3d:77:ec:d2:b4:54:c3:e5:76:8e:38:fb:ec:08:6d:77:45:
bd:e4:25:b5:a7:bb:c6:65:d3:bd:27:74:f5:38:86:97:28:5b:
50:6d:94:aa:76:ab:63:8b:54:8b:38:72:68:9a:89:52:90:b6:
71:9f:63:84:5b:40:4d:7b:ae:cc:69:1f:21:7c:44:42:52:8e:
5f:49:a0:d0:dd:e7:cd:11:dc:7a:f2:1f:64:2f:9c:59:28:78:
82:44:92:cf:b9:cb:65:07:51:ad:70:af:a1:33:e9:5e:f6:e1:
e6:af:d2:ec
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBEqcyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWVlYjllNjkyYmE5ZTkzZDhiOTVhNjQ4OGQ1Yzg3NTYwOWQ0YWVjMB4XDTIyMDEw
MTExNTczNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjIwZWE4YWU4NzU4
OWRjNzhjYmE3ZTBmNDZjMDVhNzU3MjBkZDQ4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJqdmw8JKHQK/bTslmT01L9uEZoHISQTLDfaZ12lSAuk30oP
/6ZDR+TOQpeK4UVIcAxHfpAzzgwY76hUdphZxB/syHaMZo/lYMIp4qjlMl3/r3y/
ZadS1JoN2RaK4CuPWA6X7lRQiToG1I1CrqEjIESlvJN4Km29TELWmbW0VW286i0h
WPEifsgy5LyTNE69NbqvfWeeZq3LyD1J8Tw3/zwcQMBzKMyRM/G6bMSJ6xTNuTSo
t52W7kf/dV0iMdMNW3ZzOTJPvv6X9ePGQTFiv0xuJNvBT6hQFhIN9zdf0qBaHkVE
wepO7nspU6ROkW863BM2iQfrhaNxBnRRAFvz9UECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQiDqiuh1idx4y6fg9GwFp1cg3UijAfBgNVHSMEGDAWgBQ67rnmkrqek9i5
WmSI1ch1YJ1K7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L091NjU1cEs2bnBQWXVWcGtpTlhJZFdDZFN1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvM2UyNTliLWI2ZGMtNGNmNC1hYzE5LTUwMzNmOGQ3OWJlNy8x
L0lnNm9yb2RZbmNlTXVuNFBSc0JhZFhJTjFJby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
M2UyNTliLWI2ZGMtNGNmNC1hYzE5LTUwMzNmOGQ3OWJlNy8xL091NjU1cEs2bnBQ
WXVWcGtpTlhJZFdDZFN1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBk4dgAMEBFEU8AMEBYBB4AMEArna
DDANBAIAAjAHAwUDKgvBwDANBgkqhkiG9w0BAQsFAAOCAQEA0C0FBJXD3HajJ+S3
gpHIymgVCXcsBJeORMAYrZNpZTPC8efzeKRSP4ocg6hngqNvKbzIyNmy8nn5Oglf
7ZwHa80JuMYxwuKKSmNVZuTeT8yA0wiPCZ/UW7bqFezhhjOYb7sE4EPyzDqxq1nh
Fuh79D/FwvqDud4LAgqFKLzQxqyQktCoqY8agBMzni+mzdISDT137NK0VMPldo44
++wIbXdFveQltae7xmXTvSd09TiGlyhbUG2UqnarY4tUizhyaJqJUpC2cZ9jhFtA
TXuuzGkfIXxEQlKOX0mg0N3nzRHcevIfZC+cWSh4gkSSz7nLZQdRrXCvoTPpXvbh
5q/S7A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org