Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/RqGbtMxWW8PVYKYxztMLB6unnnA.roa
File: RqGbtMxWW8PVYKYxztMLB6unnnA.roa (raw, json)
Hash identifier: CWPXjfBKiPCn1aF6KlDfjCiSFSs2JzEGhGeYbmTZDEA=
Subject key identifier: 46:A1:9B:B4:CC:56:5B:C3:D5:60:A6:31:CE:D3:0B:07:AB:A7:9E:70
Certificate issuer: /CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Certificate serial: 0860C9AF
Authority key identifier: F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/RqGbtMxWW8PVYKYxztMLB6unnnA.roa
Signing time: Sat 01 Jan 2022 01:59:50 +0000
ROA not before: Sat 01 Jan 2022 01:59:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60011
IP address blocks: 185.101.97.0/24 maxlen: 24
185.101.98.0/24 maxlen: 24
185.101.99.0/24 maxlen: 24
2a06:1c80::/32 maxlen: 48
2a06:1c80::/31 maxlen: 32
2a04:ad80:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140560815 (0x860c9af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Validity
Not Before: Jan 1 01:59:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46a19bb4cc565bc3d560a631ced30b07aba79e70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cf:eb:ce:17:e2:f4:75:1d:1f:5e:40:51:93:
bd:3d:77:d0:ed:b5:7e:07:db:50:87:bd:8b:c0:cc:
ea:60:2b:3d:89:d3:9a:49:30:78:9d:06:22:25:50:
92:ee:d4:ac:b2:57:af:e9:37:f7:c1:ea:1e:33:e8:
2b:21:cc:0e:e4:7b:f3:a5:45:a7:61:20:8e:5f:5d:
9d:b2:0e:31:41:04:7b:1d:03:fe:1b:0b:16:03:41:
a3:1a:fa:77:b1:5f:9c:ee:93:40:bf:12:35:41:18:
e5:b8:fc:3c:43:73:15:8f:3d:96:9f:9d:ab:e8:4e:
07:73:70:12:7d:fe:63:4f:03:19:59:2c:b3:0a:0d:
c7:45:1a:aa:ae:c0:07:48:e5:54:3e:58:99:64:e8:
5f:fd:21:81:7e:b9:0c:56:dd:f0:66:4a:9e:11:a1:
9a:08:24:45:f9:e4:51:18:e5:d6:00:96:e8:50:21:
c7:0f:7d:14:61:10:d3:22:5a:4a:b4:e7:a4:79:d8:
b1:cd:86:66:55:0c:79:5c:1d:92:67:88:74:01:05:
48:b5:1b:98:12:c9:6d:6f:b6:20:6a:a4:a6:a9:b2:
45:3b:b0:be:c6:64:f4:a4:a9:c9:b3:c7:9f:70:38:
9c:a8:9a:7b:43:32:a5:8a:17:bc:3e:8e:2c:e2:dd:
e3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A1:9B:B4:CC:56:5B:C3:D5:60:A6:31:CE:D3:0B:07:AB:A7:9E:70
X509v3 Authority Key Identifier:
keyid:F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/RqGbtMxWW8PVYKYxztMLB6unnnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/1-B_IyCmGMQxfaptW-3a2vZh3_MA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.97.0-185.101.99.255
IPv6:
2a04:ad80:2::/48
2a06:1c80::/31
Signature Algorithm: sha256WithRSAEncryption
73:90:8c:50:30:98:20:e9:6a:7e:6c:81:01:2e:9c:80:8d:e5:
c7:dd:83:0a:e8:ec:1e:e8:0a:41:50:23:d1:7e:8c:77:13:02:
24:42:23:a3:3a:cd:74:d5:00:79:2b:6b:aa:b9:a0:5e:5d:27:
23:af:ad:9f:fd:78:38:e0:95:08:e4:37:7e:60:3a:60:47:e1:
db:20:51:0c:4f:d4:8b:47:d1:07:e4:f8:8d:ee:48:b3:31:34:
59:64:e2:35:05:56:29:ab:b2:26:fc:05:6a:de:28:38:6a:36:
0d:39:12:04:da:91:b8:2b:9a:f4:e4:21:7d:88:21:20:46:07:
df:77:f2:f2:76:6d:cf:cc:c0:d0:fa:9d:81:f6:9e:81:a6:3a:
b1:73:f7:27:05:8a:0c:b1:56:cb:dd:68:5a:4a:3e:13:70:0c:
a9:93:74:12:7a:fc:09:c1:f4:67:95:de:2f:79:f3:0f:24:79:
8a:9e:d7:3c:7e:84:df:ba:21:03:77:5d:fd:9a:34:40:b6:cc:
7c:21:41:1c:36:ed:43:a6:31:88:d0:59:63:71:81:21:dc:47:
a8:de:f0:6e:7e:3b:fb:6c:1f:05:c0:db:4d:e8:df:2c:2d:f3:
b1:b4:e6:32:3f:d6:a3:f2:7d:c0:d2:ef:46:2a:3d:84:3b:8e:
c0:e0:db:a1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIECGDJrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODFmYzhjODI5ODYzMTBjNWY2YTliNTZmYjc2YjZiZDk4NzdmY2MwMB4XDTIyMDEw
MTAxNTk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDZhMTliYjRjYzU2
NWJjM2Q1NjBhNjMxY2VkMzBiMDdhYmE3OWU3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJfP684X4vR1HR9eQFGTvT130O21fgfbUIe9i8DM6mArPYnT
mkkweJ0GIiVQku7UrLJXr+k398HqHjPoKyHMDuR786VFp2Egjl9dnbIOMUEEex0D
/hsLFgNBoxr6d7FfnO6TQL8SNUEY5bj8PENzFY89lp+dq+hOB3NwEn3+Y08DGVks
swoNx0Uaqq7AB0jlVD5YmWToX/0hgX65DFbd8GZKnhGhmggkRfnkURjl1gCW6FAh
xw99FGEQ0yJaSrTnpHnYsc2GZlUMeVwdkmeIdAEFSLUbmBLJbW+2IGqkpqmyRTuw
vsZk9KSpybPHn3A4nKiae0MypYoXvD6OLOLd468CAwEAAaOCAiswggInMB0GA1Ud
DgQWBBRGoZu0zFZbw9VgpjHO0wsHq6eecDAfBgNVHSMEGDAWgBT4H8jIKYYxDF9q
m1b7dra9mHf8wDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtQl9JeUNtR01ReGZhcHRXLTNhMnZaaDNfTUEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzhmLzNlNTljOS05ZjAxLTQ1NjItOTIxZC01MTNjYThlNmNlY2Uv
MS9ScUdidE14V1c4UFZZS1l4enRNTEI2dW5ubkEucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhm
LzNlNTljOS05ZjAxLTQ1NjItOTIxZC01MTNjYThlNmNlY2UvMS8xLUJfSXlDbUdN
UXhmYXB0Vy0zYTJ2WmgzX01BLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MD8GCCsGAQUFBwEHAQH/BDAwLjAUBAIAATAOMAwDBAC5ZWEDBAK5ZWAwFgQCAAIw
EAMHACoErYAAAgMFASoGHIAwDQYJKoZIhvcNAQELBQADggEBAHOQjFAwmCDpan5s
gQEunICN5cfdgwro7B7oCkFQI9F+jHcTAiRCI6M6zXTVAHkra6q5oF5dJyOvrZ/9
eDjglQjkN35gOmBH4dsgUQxP1ItH0Qfk+I3uSLMxNFlk4jUFVimrsib8BWreKDhq
Ng05EgTakbgrmvTkIX2IISBGB9938vJ2bc/MwND6nYH2noGmOrFz9ycFigyxVsvd
aFpKPhNwDKmTdBJ6/AnB9GeV3i958w8keYqe1zx+hN+6IQN3Xf2aNEC2zHwhQRw2
7UOmMYjQWWNxgSHcR6je8G5+O/tsHwXA203o3ywt87G05jI/1qPyfcDS70YqPYQ7
jsDg26E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:21 2023 by rpki-client on console-fra.rpki-client.org