Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/3d6d51-3d57-43a8-b67f-b615df7fce9e/1/H3AaI3y6BInhBqwJSojtuVOpCOA.roa
File: H3AaI3y6BInhBqwJSojtuVOpCOA.roa (raw, json)
Hash identifier: uQ2VpMzKQ0icSYj1xpvw0AYCWsAJKBl4xLyVmTpA3Gc=
Subject key identifier: 1F:70:1A:23:7C:BA:04:89:E1:06:AC:09:4A:88:ED:B9:53:A9:08:E0
Certificate issuer: /CN=237b2b50bf0c18a531e6db15667be7ed76bb2821
Certificate serial: 0561831D
Authority key identifier: 23:7B:2B:50:BF:0C:18:A5:31:E6:DB:15:66:7B:E7:ED:76:BB:28:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3srUL8MGKUx5tsVZnvn7Xa7KCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/3d6d51-3d57-43a8-b67f-b615df7fce9e/1/H3AaI3y6BInhBqwJSojtuVOpCOA.roa
Signing time: Sat 01 Jan 2022 13:56:08 +0000
ROA not before: Sat 01 Jan 2022 13:56:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60169
IP address blocks: 185.39.20.0/22 maxlen: 22
2a04:6100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90276637 (0x561831d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237b2b50bf0c18a531e6db15667be7ed76bb2821
Validity
Not Before: Jan 1 13:56:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f701a237cba0489e106ac094a88edb953a908e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:92:9e:c6:29:92:09:5a:ea:d9:87:6d:f3:ab:
33:f5:d4:ba:aa:29:57:a4:44:e0:6f:d3:db:10:50:
47:73:4c:9b:34:2c:1f:f8:b2:e7:dd:d2:e1:14:79:
54:2e:57:71:f5:dc:b8:9b:07:6e:18:ae:70:38:d8:
19:69:6a:f6:62:84:ca:2e:4e:1b:50:b1:d2:bd:6e:
81:39:c7:24:48:d2:aa:f2:5b:82:37:58:e0:7e:b2:
60:2d:fe:ad:d9:c4:51:d3:dd:e1:94:ee:70:ec:4f:
c0:a9:ae:b5:87:68:99:89:6a:16:a9:89:64:c5:54:
cd:9d:cc:81:95:77:23:b3:25:75:d2:9e:c8:7b:cb:
8e:31:3d:93:c4:8d:5d:bd:82:6c:0d:2a:ef:b4:12:
cc:85:b1:9f:95:dd:68:26:b8:bc:c0:01:85:ba:7f:
94:19:fb:fb:24:1e:44:a2:4d:10:42:f2:c1:cf:9b:
5c:91:e2:d8:40:bc:6b:6a:2b:f3:12:72:72:d1:db:
18:d6:f2:57:d4:9f:58:6a:de:67:12:3b:d9:4f:aa:
29:2b:51:b9:a0:0d:a9:65:5c:47:cf:a8:07:ff:04:
e9:20:9f:4c:0a:3e:86:7e:38:ce:4d:de:6c:a4:35:
29:1b:83:98:50:f2:4e:99:10:08:17:44:f0:51:14:
4f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:70:1A:23:7C:BA:04:89:E1:06:AC:09:4A:88:ED:B9:53:A9:08:E0
X509v3 Authority Key Identifier:
keyid:23:7B:2B:50:BF:0C:18:A5:31:E6:DB:15:66:7B:E7:ED:76:BB:28:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3srUL8MGKUx5tsVZnvn7Xa7KCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3d6d51-3d57-43a8-b67f-b615df7fce9e/1/H3AaI3y6BInhBqwJSojtuVOpCOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3d6d51-3d57-43a8-b67f-b615df7fce9e/1/I3srUL8MGKUx5tsVZnvn7Xa7KCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.20.0/22
IPv6:
2a04:6100::/29
Signature Algorithm: sha256WithRSAEncryption
9c:eb:04:c7:86:a6:db:a6:ae:80:76:13:e1:40:7c:76:1b:42:
15:ba:2e:fd:c8:1b:3f:d5:8f:34:03:aa:e7:30:03:10:e3:de:
6e:c0:aa:b6:bb:18:45:a8:39:78:0d:d0:ad:0f:b5:27:ba:14:
6d:0f:d7:0e:4d:b2:3a:ef:1e:df:c9:10:02:ba:c9:7f:67:d5:
b6:a5:43:e3:0c:3d:e2:2e:ed:36:f2:02:fa:f5:09:8b:41:7c:
8f:db:b0:1c:96:16:76:2c:b9:00:ba:12:b1:34:91:84:7a:f5:
e8:ec:f0:29:28:65:aa:63:09:b7:a5:a8:e5:37:f1:fa:87:fc:
a2:72:3f:4c:74:d4:52:3a:2b:66:4e:f2:e3:1b:b0:bf:b4:2f:
24:85:d9:0b:2b:7f:72:15:74:1a:ef:32:a0:5a:1a:42:95:b9:
df:e2:bf:c7:f9:52:3a:7d:e9:3b:04:d4:76:a3:05:af:55:81:
b4:19:61:b5:c4:88:58:21:fd:a2:90:75:21:41:6d:35:20:79:
1a:8a:65:a1:29:31:74:87:c7:ab:28:f7:8f:13:17:7d:d2:17:
19:5f:83:ea:f4:1c:4d:80:23:10:c3:4c:42:aa:f7:ba:20:f9:
fd:2d:d6:e9:9c:11:ac:48:4d:50:aa:d6:01:cc:2d:27:b8:9d:
33:5b:c0:20
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBWGDHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzdiMmI1MGJmMGMxOGE1MzFlNmRiMTU2NjdiZTdlZDc2YmIyODIxMB4XDTIyMDEw
MTEzNTYwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY3MDFhMjM3Y2Jh
MDQ4OWUxMDZhYzA5NGE4OGVkYjk1M2E5MDhlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeSnsYpkgla6tmHbfOrM/XUuqopV6RE4G/T2xBQR3NMmzQs
H/iy593S4RR5VC5XcfXcuJsHbhiucDjYGWlq9mKEyi5OG1Cx0r1ugTnHJEjSqvJb
gjdY4H6yYC3+rdnEUdPd4ZTucOxPwKmutYdomYlqFqmJZMVUzZ3MgZV3I7MlddKe
yHvLjjE9k8SNXb2CbA0q77QSzIWxn5XdaCa4vMABhbp/lBn7+yQeRKJNEELywc+b
XJHi2EC8a2or8xJyctHbGNbyV9SfWGreZxI72U+qKStRuaANqWVcR8+oB/8E6SCf
TAo+hn44zk3ebKQ1KRuDmFDyTpkQCBdE8FEUTyUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQfcBojfLoEieEGrAlKiO25U6kI4DAfBgNVHSMEGDAWgBQjeytQvwwYpTHm
2xVme+ftdrsoITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kzc3JVTDhNR0tVeDV0c1ZabnZuN1hhN0tDRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvM2Q2ZDUxLTNkNTctNDNhOC1iNjdmLWI2MTVkZjdmY2U5ZS8x
L0gzQWFJM3k2QkluaEJxd0pTb2p0dVZPcENPQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
M2Q2ZDUxLTNkNTctNDNhOC1iNjdmLWI2MTVkZjdmY2U5ZS8xL0kzc3JVTDhNR0tV
eDV0c1ZabnZuN1hhN0tDRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArknFDANBAIAAjAHAwUDKgRhADAN
BgkqhkiG9w0BAQsFAAOCAQEAnOsEx4am26augHYT4UB8dhtCFbou/cgbP9WPNAOq
5zADEOPebsCqtrsYRag5eA3QrQ+1J7oUbQ/XDk2yOu8e38kQArrJf2fVtqVD4ww9
4i7tNvIC+vUJi0F8j9uwHJYWdiy5ALoSsTSRhHr16OzwKShlqmMJt6Wo5Tfx+of8
onI/THTUUjorZk7y4xuwv7QvJIXZCyt/chV0Gu8yoFoaQpW53+K/x/lSOn3pOwTU
dqMFr1WBtBlhtcSIWCH9opB1IUFtNSB5GoploSkxdIfHqyj3jxMXfdIXGV+D6vQc
TYAjEMNMQqr3uiD5/S3W6ZwRrEhNUKrWAcwtJ7idM1vAIA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:30 2023 by rpki-client on console-ams.rpki-client.org