Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/s3JoazXWpNF-GiyLE3DO1zeT-Mg.roa
File: s3JoazXWpNF-GiyLE3DO1zeT-Mg.roa (raw, json)
Hash identifier: N613Jl9GhcpQ0AmMrDH31beJkDlXLpmGndtltS5qv1c=
Subject key identifier: B3:72:68:6B:35:D6:A4:D1:7E:1A:2C:8B:13:70:CE:D7:37:93:F8:C8
Certificate issuer: /CN=1c020297839c7390df20251a5c0930e6a672bee3
Certificate serial: 36684F15
Authority key identifier: 1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/s3JoazXWpNF-GiyLE3DO1zeT-Mg.roa
Signing time: Sat 01 Jan 2022 06:03:14 +0000
ROA not before: Sat 01 Jan 2022 06:03:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50558
IP address blocks: 37.32.112.0/20 maxlen: 20
185.49.96.0/23 maxlen: 23
185.49.96.0/24 maxlen: 24
185.49.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 912805653 (0x36684f15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c020297839c7390df20251a5c0930e6a672bee3
Validity
Not Before: Jan 1 06:03:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b372686b35d6a4d17e1a2c8b1370ced73793f8c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:07:9c:25:80:bb:cd:10:01:ee:46:0d:73:8b:
e3:97:aa:73:e1:80:6e:ae:36:c8:b3:06:1f:5c:75:
73:21:84:23:5c:9c:37:c3:27:11:52:03:80:25:52:
fa:9d:cd:32:c9:94:fd:c4:f9:67:34:ef:f0:4c:42:
b3:0b:37:69:a8:53:1f:83:89:f1:2b:a0:a1:62:bf:
85:ac:a4:54:be:c8:ff:d0:75:85:56:b2:dc:13:01:
35:b5:ae:65:d1:fb:ed:1f:9c:a6:19:e6:d3:ed:f6:
42:cc:84:a6:6d:d2:53:67:65:aa:4a:0a:5c:eb:85:
09:e6:b1:1b:a4:c7:74:eb:73:c2:69:68:1b:d2:f9:
d3:c9:71:54:8b:4a:6e:d1:b0:7e:9b:81:b4:e8:e1:
10:40:6d:5f:87:8a:9e:7e:5a:b9:8f:06:3d:58:3e:
9e:73:62:cc:da:a9:97:0e:af:b8:d3:00:61:d8:ea:
9a:fb:d7:c0:89:4c:cd:32:a7:d7:35:d9:57:ba:9b:
81:78:82:bb:8c:b0:e9:c3:8c:bd:91:f4:a0:f5:a3:
6f:d3:7f:4c:7a:85:d2:a2:95:3f:15:e0:b0:56:54:
c0:75:a8:5e:4b:ed:69:f8:d5:08:7f:fb:80:f6:bf:
da:46:fa:8b:89:59:22:83:27:2e:0f:61:7e:4b:85:
db:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:72:68:6B:35:D6:A4:D1:7E:1A:2C:8B:13:70:CE:D7:37:93:F8:C8
X509v3 Authority Key Identifier:
keyid:1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/s3JoazXWpNF-GiyLE3DO1zeT-Mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/HAICl4Occ5DfICUaXAkw5qZyvuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.112.0/20
185.49.96.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:64:42:71:99:96:04:61:ae:c9:c5:26:a9:c0:6a:e1:e3:92:
df:fe:5c:77:f1:28:79:22:b9:1d:24:0a:8a:d0:e7:fa:da:19:
ff:80:ff:2c:e2:c5:9f:17:ad:99:b1:0b:3d:8f:ec:ad:38:5a:
55:83:eb:fb:d8:2c:c5:38:c5:0b:dd:e5:24:42:dd:75:3c:00:
5e:e2:a2:01:b7:5c:61:1d:58:47:a7:1a:ae:3a:da:ca:f8:ea:
7f:89:33:f7:95:96:d8:7f:65:02:fc:93:ca:1b:26:ce:8d:d3:
7e:20:09:bf:bf:ab:87:8b:49:6e:b5:ed:7d:b9:e8:51:be:e3:
b3:f4:0e:cf:a7:3d:95:8e:f2:08:28:fa:a2:48:11:a7:37:94:
b9:4f:19:78:b9:a3:2d:57:09:d6:b4:9f:89:d7:07:26:26:23:
25:bf:a7:2a:a5:de:c4:34:e0:ed:e8:18:8c:04:54:a7:fe:00:
dd:a8:ed:8c:0f:e0:c8:90:c3:5f:89:14:0f:bc:10:a8:10:f8:
f7:43:ce:2b:7a:c3:45:96:82:a2:51:ac:85:91:3c:dd:36:5c:
f9:86:8e:b6:3b:95:f8:7f:93:44:fa:5a:75:0f:82:1c:28:f4:
b3:13:b7:96:29:d9:1f:22:8b:be:09:ac:6b:f8:a6:6c:95:a0:
3b:f5:95:b7
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENmhPFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YzAyMDI5NzgzOWM3MzkwZGYyMDI1MWE1YzA5MzBlNmE2NzJiZWUzMB4XDTIyMDEw
MTA2MDMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjM3MjY4NmIzNWQ2
YTRkMTdlMWEyYzhiMTM3MGNlZDczNzkzZjhjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMIHnCWAu80QAe5GDXOL45eqc+GAbq42yLMGH1x1cyGEI1yc
N8MnEVIDgCVS+p3NMsmU/cT5ZzTv8ExCsws3aahTH4OJ8SugoWK/haykVL7I/9B1
hVay3BMBNbWuZdH77R+cphnm0+32QsyEpm3SU2dlqkoKXOuFCeaxG6THdOtzwmlo
G9L508lxVItKbtGwfpuBtOjhEEBtX4eKnn5auY8GPVg+nnNizNqplw6vuNMAYdjq
mvvXwIlMzTKn1zXZV7qbgXiCu4yw6cOMvZH0oPWjb9N/THqF0qKVPxXgsFZUwHWo
XkvtafjVCH/7gPa/2kb6i4lZIoMnLg9hfkuF2/sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSzcmhrNdak0X4aLIsTcM7XN5P4yDAfBgNVHSMEGDAWgBQcAgKXg5xzkN8g
JRpcCTDmpnK+4zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hBSUNsNE9jYzVEZklDVWFYQWt3NXFaeXZ1TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmMvNzk3MzNmLTUzMzItNDUxYi04NmFmLTE0MmEyYjk4ZjRjOC8x
L3MzSm9helhXcE5GLUdpeUxFM0RPMXplVC1NZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMv
Nzk3MzNmLTUzMzItNDUxYi04NmFmLTE0MmEyYjk4ZjRjOC8xL0hBSUNsNE9jYzVE
ZklDVWFYQWt3NXFaeXZ1TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBCUgcAMEArkxYDANBgkqhkiG9w0B
AQsFAAOCAQEAL2RCcZmWBGGuycUmqcBq4eOS3/5cd/EoeSK5HSQKitDn+toZ/4D/
LOLFnxetmbELPY/srThaVYPr+9gsxTjFC93lJELddTwAXuKiAbdcYR1YR6carjra
yvjqf4kz95WW2H9lAvyTyhsmzo3TfiAJv7+rh4tJbrXtfbnoUb7js/QOz6c9lY7y
CCj6okgRpzeUuU8ZeLmjLVcJ1rSfidcHJiYjJb+nKqXexDTg7egYjARUp/4A3ajt
jA/gyJDDX4kUD7wQqBD490POK3rDRZaColGshZE83TZc+YaOtjuV+H+TRPpadQ+C
HCj0sxO3linZHyKLvgmsa/imbJWgO/WVtw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:32 2023 by rpki-client on console-fra.rpki-client.org