Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/7557f0-990e-4bab-b152-ceff2994c667/1/3UXJN3evmQa1iXRviUFq9i7-XYo.roa
File: 3UXJN3evmQa1iXRviUFq9i7-XYo.roa (raw, json)
Hash identifier: eN1pGQRC0jpuwYGV2RxmGwRSCFx27VgE26KCj3muTY4=
Subject key identifier: DD:45:C9:37:77:AF:99:06:B5:89:74:6F:89:41:6A:F6:2E:FE:5D:8A
Certificate issuer: /CN=3862e6de0e31e8d28a937c012b602885ac935d15
Certificate serial: 36E51616
Authority key identifier: 38:62:E6:DE:0E:31:E8:D2:8A:93:7C:01:2B:60:28:85:AC:93:5D:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OGLm3g4x6NKKk3wBK2AohayTXRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/7557f0-990e-4bab-b152-ceff2994c667/1/3UXJN3evmQa1iXRviUFq9i7-XYo.roa
Signing time: Sat 01 Jan 2022 00:54:20 +0000
ROA not before: Sat 01 Jan 2022 00:54:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29608
IP address blocks: 185.170.80.0/22 maxlen: 22
79.143.240.0/20 maxlen: 24
37.60.152.0/21 maxlen: 24
193.30.224.0/22 maxlen: 24
2a01:678::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 920983062 (0x36e51616)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3862e6de0e31e8d28a937c012b602885ac935d15
Validity
Not Before: Jan 1 00:54:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd45c93777af9906b589746f89416af62efe5d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:dd:46:66:5e:be:48:fb:a1:12:c1:71:dd:4f:
07:d4:e6:cd:97:58:08:e0:9b:a2:36:cf:fa:bd:b1:
d1:b4:f5:7b:60:ec:c9:af:40:1a:e0:13:35:09:27:
1c:8b:d7:7d:30:0e:9c:d1:29:3f:0e:98:fe:93:df:
d0:91:73:b2:c8:b4:d1:1e:0e:b8:e0:a6:4f:94:e8:
e9:66:87:ab:56:ce:b7:d5:56:ec:ba:25:d6:5b:7f:
48:d6:02:8f:a6:a7:f1:c1:e0:b4:cd:cd:8d:8f:87:
2a:87:df:c2:f2:99:a0:31:60:89:2b:e4:a9:1f:64:
49:2e:37:4b:23:99:a0:c9:c4:e2:ad:f9:de:9d:82:
16:88:88:a5:fe:c4:82:21:59:d5:39:49:8b:3c:63:
89:b3:05:4e:25:04:93:a0:a8:1d:c2:c8:f5:01:37:
1d:30:0c:10:72:5d:cd:c2:e2:6d:03:30:b3:fa:de:
7f:60:78:b4:38:c1:01:d2:2d:44:d5:e1:b3:47:35:
0b:77:eb:d1:4e:d5:41:66:18:65:b1:05:54:9a:3a:
c3:cf:9e:d6:58:8c:34:18:45:45:f0:99:38:66:fb:
fd:bb:71:75:1f:f1:6f:a1:41:25:61:75:50:7b:88:
be:fe:66:89:11:e6:84:a1:92:25:97:35:d3:ce:73:
ab:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:45:C9:37:77:AF:99:06:B5:89:74:6F:89:41:6A:F6:2E:FE:5D:8A
X509v3 Authority Key Identifier:
keyid:38:62:E6:DE:0E:31:E8:D2:8A:93:7C:01:2B:60:28:85:AC:93:5D:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGLm3g4x6NKKk3wBK2AohayTXRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/7557f0-990e-4bab-b152-ceff2994c667/1/3UXJN3evmQa1iXRviUFq9i7-XYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/7557f0-990e-4bab-b152-ceff2994c667/1/OGLm3g4x6NKKk3wBK2AohayTXRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.152.0/21
79.143.240.0/20
185.170.80.0/22
193.30.224.0/22
IPv6:
2a01:678::/29
Signature Algorithm: sha256WithRSAEncryption
9c:6a:a6:08:67:c7:9a:34:89:db:29:b1:6b:c6:3c:da:fc:f4:
af:6e:f5:ae:30:bc:a0:4a:ce:79:4d:1a:72:bd:74:08:1d:91:
bd:22:e4:04:a6:4a:44:4e:f1:b6:96:e7:01:a9:2c:e6:66:a3:
a7:2b:99:4f:56:8a:4b:3b:ce:56:2c:ef:ce:b0:8a:7b:9d:8c:
69:ed:14:88:cd:d5:80:e0:9c:ca:15:3e:b1:b4:53:5e:19:48:
5f:50:ad:44:0a:1a:48:a6:51:a2:6b:3e:74:18:17:39:0e:bf:
b1:c3:03:2a:f7:a1:d4:e7:1b:67:bb:85:0b:bf:e0:8c:84:9f:
23:21:a3:ef:c3:2b:38:32:58:b4:4b:26:90:7e:ed:c4:f2:0c:
87:50:b5:fa:95:d0:90:08:ea:e8:3d:c9:62:6d:bb:de:1e:6f:
3f:ab:61:a7:21:e2:2a:85:ce:cf:59:97:81:d8:0b:1b:2e:2d:
75:b0:51:0e:35:3d:cb:be:fb:6b:e3:7f:05:5c:c4:df:21:ba:
e3:32:30:c7:b5:d0:8e:ac:d0:cd:24:68:56:24:25:7e:2f:cf:
17:2a:f3:8e:eb:20:bf:a2:cf:c0:d0:fa:c3:cc:10:e2:95:50:
96:e8:5e:d4:66:64:8d:80:2c:0f:8c:84:4f:9e:61:ec:c0:e7:
47:1a:e7:0a
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIENuUWFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODYyZTZkZTBlMzFlOGQyOGE5MzdjMDEyYjYwMjg4NWFjOTM1ZDE1MB4XDTIyMDEw
MTAwNTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ0NWM5Mzc3N2Fm
OTkwNmI1ODk3NDZmODk0MTZhZjYyZWZlNWQ4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJndRmZevkj7oRLBcd1PB9TmzZdYCOCbojbP+r2x0bT1e2Ds
ya9AGuATNQknHIvXfTAOnNEpPw6Y/pPf0JFzssi00R4OuOCmT5To6WaHq1bOt9VW
7Lol1lt/SNYCj6an8cHgtM3NjY+HKoffwvKZoDFgiSvkqR9kSS43SyOZoMnE4q35
3p2CFoiIpf7EgiFZ1TlJizxjibMFTiUEk6CoHcLI9QE3HTAMEHJdzcLibQMws/re
f2B4tDjBAdItRNXhs0c1C3fr0U7VQWYYZbEFVJo6w8+e1liMNBhFRfCZOGb7/btx
dR/xb6FBJWF1UHuIvv5miRHmhKGSJZc1085zq6ECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTdRck3d6+ZBrWJdG+JQWr2Lv5dijAfBgNVHSMEGDAWgBQ4YubeDjHo0oqT
fAErYCiFrJNdFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09HTG0zZzR4Nk5LS2szd0JLMkFvaGF5VFhSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvNzU1N2YwLTk5MGUtNGJhYi1iMTUyLWNlZmYyOTk0YzY2Ny8x
LzNVWEpOM2V2bVFhMWlYUnZpVUZxOWk3LVhZby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
NzU1N2YwLTk5MGUtNGJhYi1iMTUyLWNlZmYyOTk0YzY2Ny8xL09HTG0zZzR4Nk5L
S2szd0JLMkFvaGF5VFhSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAyU8mAMEBE+P8AMEArmqUAMEAsEe
4DANBAIAAjAHAwUDKgEGeDANBgkqhkiG9w0BAQsFAAOCAQEAnGqmCGfHmjSJ2ymx
a8Y82vz0r271rjC8oErOeU0acr10CB2RvSLkBKZKRE7xtpbnAaks5majpyuZT1aK
SzvOVizvzrCKe52Mae0UiM3VgOCcyhU+sbRTXhlIX1CtRAoaSKZRoms+dBgXOQ6/
scMDKveh1OcbZ7uFC7/gjISfIyGj78MrODJYtEsmkH7txPIMh1C1+pXQkAjq6D3J
Ym273h5vP6thpyHiKoXOz1mXgdgLGy4tdbBRDjU9y777a+N/BVzE3yG64zIwx7XQ
jqzQzSRoViQlfi/PFyrzjusgv6LPwND6w8wQ4pVQluhe1GZkjYAsD4yET55h7MDn
RxrnCg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:27 2023 by rpki-client on console-fra.rpki-client.org