Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/l3NG50BZK7-w3DfppCpCyLpHnKE.roa
File: l3NG50BZK7-w3DfppCpCyLpHnKE.roa (raw, json)
Hash identifier: l+cgGAAy+9WTnney5wMQn69Wuau6RblEp2hDE07Wrz0=
Subject key identifier: 97:73:46:E7:40:59:2B:BF:B0:DC:37:E9:A4:2A:42:C8:BA:47:9C:A1
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 0EE30935
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/l3NG50BZK7-w3DfppCpCyLpHnKE.roa
Signing time: Sat 01 Jan 2022 13:56:01 +0000
ROA not before: Sat 01 Jan 2022 13:56:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 185.161.232.0/22 maxlen: 22
185.161.233.0/24 maxlen: 24
185.161.234.0/24 maxlen: 24
185.161.235.0/24 maxlen: 24
185.68.44.0/24 maxlen: 24
185.68.44.0/22 maxlen: 22
185.68.46.0/24 maxlen: 24
185.68.45.0/24 maxlen: 24
91.206.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 249760053 (0xee30935)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 13:56:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=977346e740592bbfb0dc37e9a42a42c8ba479ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:88:8d:3e:48:eb:71:f0:e5:a6:63:a5:a8:09:
23:ea:6d:c1:97:91:2b:df:eb:e2:50:6d:7c:ce:99:
35:4c:aa:a8:f2:c5:f4:13:f9:d0:d6:84:61:de:1c:
44:26:96:6e:30:2d:ee:70:fd:58:de:60:5e:3b:12:
cf:4d:8d:19:64:ac:40:c9:31:2b:5d:c8:48:c7:fc:
77:94:57:a5:33:82:50:d5:2e:ae:ea:5d:50:df:ae:
52:ea:5f:fb:3a:ab:c0:3f:3f:76:ea:83:2f:8b:f3:
1c:6d:65:dd:e3:64:dc:87:80:ab:cb:ab:0c:5e:83:
b0:52:c2:ae:7d:d6:c9:11:51:76:e3:ad:18:48:e2:
74:4a:c5:cd:4b:ef:fb:c6:68:8f:a9:e9:05:0f:64:
ce:3c:d7:08:46:c7:d8:1e:3f:2e:ff:34:9d:04:b5:
94:1f:a8:d3:78:dc:34:f4:77:81:83:76:b5:bd:d1:
7b:58:90:22:5a:ce:3a:33:ee:62:3b:08:88:b4:21:
17:10:8c:6c:1d:47:27:65:7a:55:68:43:6b:5c:4a:
45:df:d4:d0:be:a8:3e:a5:28:1d:5b:7c:70:2a:89:
b5:ee:ea:ff:12:0f:47:1f:98:1c:6b:f5:ed:b7:c4:
30:2c:26:4d:e7:34:85:8d:27:2c:31:c5:ab:90:38:
73:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:73:46:E7:40:59:2B:BF:B0:DC:37:E9:A4:2A:42:C8:BA:47:9C:A1
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/l3NG50BZK7-w3DfppCpCyLpHnKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.20.0/24
185.68.44.0/22
185.161.232.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:04:34:ef:d3:30:49:99:81:5b:04:b4:5e:22:a9:ea:9e:25:
94:ae:33:25:13:48:5d:e3:b1:4c:c3:89:47:11:aa:c0:6e:a0:
1a:4b:a8:de:d0:9b:a0:16:48:d8:5e:cc:84:04:a1:14:4e:30:
3a:18:d1:fd:9d:4c:03:df:e0:eb:2f:b5:3c:c5:01:4c:25:55:
6b:34:3e:0d:7b:04:cc:d6:e0:1d:fd:f0:85:20:7f:9b:c0:e3:
e3:3f:b4:0d:95:fe:e9:e8:de:4a:27:ca:ad:a8:1e:a0:04:e1:
e0:35:c4:a0:14:70:72:ea:61:74:6a:0b:a9:00:24:af:02:12:
d6:a0:a6:12:c9:de:c6:e1:30:01:36:48:ea:8b:87:19:69:a8:
0a:ad:76:2e:60:e1:ec:ba:b5:d7:79:b3:31:25:15:eb:49:ad:
7e:57:16:9b:2e:0f:7e:73:3d:63:b7:05:18:42:50:08:5f:28:
a7:7e:7e:de:43:84:4d:fb:ea:95:72:0e:cb:2e:77:53:ad:6f:
1b:11:9f:21:31:49:07:e7:3f:d4:60:13:75:e7:78:37:de:3a:
79:12:02:03:46:05:e4:22:8c:e5:43:59:40:f2:c3:58:6d:86:
02:f6:cb:3e:f0:f3:e4:33:e7:11:83:03:9e:3b:60:a5:7d:71:
51:96:6d:7b
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDuMJNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDc0MjEwYzI4NDEzZTI2Mjg0ODIyYWJlODNhZDZkN2MwZjc2NGZhMB4XDTIyMDEw
MTEzNTYwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc3MzQ2ZTc0MDU5
MmJiZmIwZGMzN2U5YTQyYTQyYzhiYTQ3OWNhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALCIjT5I63Hw5aZjpagJI+ptwZeRK9/r4lBtfM6ZNUyqqPLF
9BP50NaEYd4cRCaWbjAt7nD9WN5gXjsSz02NGWSsQMkxK13ISMf8d5RXpTOCUNUu
rupdUN+uUupf+zqrwD8/duqDL4vzHG1l3eNk3IeAq8urDF6DsFLCrn3WyRFRduOt
GEjidErFzUvv+8Zoj6npBQ9kzjzXCEbH2B4/Lv80nQS1lB+o03jcNPR3gYN2tb3R
e1iQIlrOOjPuYjsIiLQhFxCMbB1HJ2V6VWhDa1xKRd/U0L6oPqUoHVt8cCqJte7q
/xIPRx+YHGv17bfEMCwmTec0hY0nLDHFq5A4c3ECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSXc0bnQFkrv7DcN+mkKkLIukecoTAfBgNVHSMEGDAWgBQ0dCEMKEE+JihI
IqvoOtbXwPdk+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05IUWhEQ2hCUGlZb1NDS3I2RHJXMThEM1pQby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvM2U5OTE2LTRmOGEtNGIwOC04OWM5LWIwYzc0Yjc2ZTE4Mi8x
L2wzTkc1MEJaSzctdzNEZnBwQ3BDeUxwSG5LRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
M2U5OTE2LTRmOGEtNGIwOC04OWM5LWIwYzc0Yjc2ZTE4Mi8xL05IUWhEQ2hCUGlZ
b1NDS3I2RHJXMThEM1pQby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFvOFAMEArlELAMEArmh6DANBgkq
hkiG9w0BAQsFAAOCAQEAawQ079MwSZmBWwS0XiKp6p4llK4zJRNIXeOxTMOJRxGq
wG6gGkuo3tCboBZI2F7MhAShFE4wOhjR/Z1MA9/g6y+1PMUBTCVVazQ+DXsEzNbg
Hf3whSB/m8Dj4z+0DZX+6ejeSifKrageoATh4DXEoBRwcuphdGoLqQAkrwIS1qCm
EsnexuEwATZI6ouHGWmoCq12LmDh7Lq113mzMSUV60mtflcWmy4PfnM9Y7cFGEJQ
CF8op35+3kOETfvqlXIOyy53U61vGxGfITFJB+c/1GATded4N946eRICA0YF5CKM
5UNZQPLDWG2GAvbLPvDz5DPnEYMDnjtgpX1xUZZtew==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:45 2023 by rpki-client on console-ams.rpki-client.org