Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/SAPTpAO1HKcmUFkV3Gmm03BipLk.roa
File: SAPTpAO1HKcmUFkV3Gmm03BipLk.roa (raw, json)
Hash identifier: NcnowR2vApCUc44Iu7XqE9C8nAW868dYPRshkssmIpg=
Subject key identifier: 48:03:D3:A4:03:B5:1C:A7:26:50:59:15:DC:69:A6:D3:70:62:A4:B9
Certificate issuer: /CN=20f5307242fe3c95327b3220a1da5bffd12524fe
Certificate serial: 03EF9CAD
Authority key identifier: 20:F5:30:72:42:FE:3C:95:32:7B:32:20:A1:DA:5B:FF:D1:25:24:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPUwckL-PJUyezIgodpb_9ElJP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/SAPTpAO1HKcmUFkV3Gmm03BipLk.roa
Signing time: Sat 01 Jan 2022 00:57:18 +0000
ROA not before: Sat 01 Jan 2022 00:57:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202446
IP address blocks: 194.33.20.0/22 maxlen: 22
194.33.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66034861 (0x3ef9cad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20f5307242fe3c95327b3220a1da5bffd12524fe
Validity
Not Before: Jan 1 00:57:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4803d3a403b51ca726505915dc69a6d37062a4b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:85:0b:a2:c9:d9:82:c2:12:31:46:6e:fe:da:
18:5a:a6:6d:7a:5e:d4:85:bb:16:3e:4e:7f:61:07:
a8:5b:18:a5:85:31:4e:d9:fb:dc:e2:4b:a2:bf:02:
c4:f2:15:42:fd:d2:05:64:43:5a:39:0c:ff:02:17:
68:b5:d0:f3:8e:72:00:e6:c1:77:50:38:19:f1:e7:
01:08:bc:f5:ba:21:36:ca:0c:42:dd:4b:0e:e7:ae:
f2:09:7c:4f:52:3d:a4:f9:be:2c:a3:ac:15:0c:ef:
e0:e4:46:a9:fc:9b:d9:f6:68:cd:45:fa:97:e9:aa:
b6:bf:1a:d8:64:da:b2:ac:6d:18:46:5f:e8:3b:e5:
36:b5:69:a6:80:f8:77:f0:99:7f:bd:37:a6:b1:2f:
9f:e4:21:96:b8:40:9e:35:97:99:43:ee:db:48:cd:
32:50:36:52:27:58:d7:77:ef:88:0b:d2:be:d2:69:
8e:b8:9a:49:74:59:b9:e9:3b:f5:d8:51:fa:13:10:
ac:7a:de:ee:e8:eb:bd:1c:53:d1:bc:49:04:eb:1b:
90:11:3a:ba:eb:80:67:28:b9:cd:26:19:3a:d7:7c:
0b:1c:15:7b:7c:c9:f5:9e:96:28:6d:11:55:00:a4:
1f:a8:e1:bd:d1:ec:a6:73:c3:f6:23:fa:74:7f:d2:
c4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:03:D3:A4:03:B5:1C:A7:26:50:59:15:DC:69:A6:D3:70:62:A4:B9
X509v3 Authority Key Identifier:
keyid:20:F5:30:72:42:FE:3C:95:32:7B:32:20:A1:DA:5B:FF:D1:25:24:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPUwckL-PJUyezIgodpb_9ElJP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/SAPTpAO1HKcmUFkV3Gmm03BipLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/IPUwckL-PJUyezIgodpb_9ElJP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.20.0/22
Signature Algorithm: sha256WithRSAEncryption
66:96:05:fc:b5:8e:be:11:3d:bf:f7:c0:a1:41:7a:d6:5e:83:
c9:a1:d1:c6:4b:41:6b:4f:93:f8:f7:b2:d5:05:82:f6:64:6d:
28:cf:19:96:23:69:e9:30:27:63:7a:d6:fa:91:1c:11:ce:26:
27:0d:94:44:d2:54:ca:0a:b2:27:7e:3f:b0:42:68:6d:88:88:
d8:b5:fc:1e:b2:2c:23:60:d7:04:30:75:30:ef:35:6f:d6:81:
25:47:dd:1d:61:18:0b:f8:73:ed:87:5d:19:be:86:5b:1a:2d:
6a:b7:b9:7a:97:5a:3f:8f:5e:d4:fa:3f:27:5b:c2:e1:ff:d3:
0a:e6:3d:5a:85:0f:0a:63:b2:83:eb:b7:5a:a5:29:81:c4:a8:
1f:f1:0e:02:30:ca:ac:41:d7:41:c9:96:e6:db:f5:b7:8e:7d:
5e:ad:28:2c:45:22:a9:c2:80:a4:e0:e9:55:17:48:83:5c:27:
ce:14:07:ed:ab:99:c0:7a:91:86:97:6c:2b:38:42:00:75:0c:
1c:34:3c:52:f5:e3:24:7c:86:e7:f3:55:f4:cd:c6:0d:35:10:
bf:d0:cb:8f:ae:c4:f2:65:bb:fc:65:b8:97:eb:6f:c0:2a:cb:
b5:9a:75:30:79:97:dc:7c:e2:21:57:82:e0:88:df:7e:d2:9d:
6d:89:92:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA++crTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MGY1MzA3MjQyZmUzYzk1MzI3YjMyMjBhMWRhNWJmZmQxMjUyNGZlMB4XDTIyMDEw
MTAwNTcxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDgwM2QzYTQwM2I1
MWNhNzI2NTA1OTE1ZGM2OWE2ZDM3MDYyYTRiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ6FC6LJ2YLCEjFGbv7aGFqmbXpe1IW7Fj5Of2EHqFsYpYUx
Ttn73OJLor8CxPIVQv3SBWRDWjkM/wIXaLXQ845yAObBd1A4GfHnAQi89bohNsoM
Qt1LDueu8gl8T1I9pPm+LKOsFQzv4ORGqfyb2fZozUX6l+mqtr8a2GTasqxtGEZf
6DvlNrVppoD4d/CZf703prEvn+QhlrhAnjWXmUPu20jNMlA2UidY13fviAvSvtJp
jriaSXRZuek79dhR+hMQrHre7ujrvRxT0bxJBOsbkBE6uuuAZyi5zSYZOtd8CxwV
e3zJ9Z6WKG0RVQCkH6jhvdHspnPD9iP6dH/SxFkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRIA9OkA7UcpyZQWRXcaabTcGKkuTAfBgNVHSMEGDAWgBQg9TByQv48lTJ7
MiCh2lv/0SUk/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lQVXdja0wtUEpVeWV6SWdvZHBiXzlFbEpQNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvZTEzYTAxLWMwMGItNDk1Ni1hYjNhLTMwOWE0OTcwYmJmZC8x
L1NBUFRwQU8xSEtjbVVGa1YzR21tMDNCaXBMay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
ZTEzYTAxLWMwMGItNDk1Ni1hYjNhLTMwOWE0OTcwYmJmZC8xL0lQVXdja0wtUEpV
eWV6SWdvZHBiXzlFbEpQNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsIhFDANBgkqhkiG9w0BAQsFAAOC
AQEAZpYF/LWOvhE9v/fAoUF61l6DyaHRxktBa0+T+Pey1QWC9mRtKM8ZliNp6TAn
Y3rW+pEcEc4mJw2URNJUygqyJ34/sEJobYiI2LX8HrIsI2DXBDB1MO81b9aBJUfd
HWEYC/hz7YddGb6GWxotare5epdaP49e1Po/J1vC4f/TCuY9WoUPCmOyg+u3WqUp
gcSoH/EOAjDKrEHXQcmW5tv1t459Xq0oLEUiqcKApODpVRdIg1wnzhQH7auZwHqR
hpdsKzhCAHUMHDQ8UvXjJHyG5/NV9M3GDTUQv9DLj67E8mW7/GW4l+tvwCrLtZp1
MHmX3HziIVeC4IjfftKdbYmSRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:14 2024 by rpki-client on console-fra.rpki-client.org