Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/3QFnRhVtIs9QSL_3SGftW3uJcX0.roa
File: 3QFnRhVtIs9QSL_3SGftW3uJcX0.roa (raw, json)
Hash identifier: LpzFgMczrgCm53Rj3gWu/RO6w5jIK0orZlZ+5M5hHmI=
Subject key identifier: DD:01:67:46:15:6D:22:CF:50:48:BF:F7:48:67:ED:5B:7B:89:71:7D
Certificate issuer: /CN=cd6b9d593ac54aa6cbb83889277ba24f54067889
Certificate serial: 0586FE7B
Authority key identifier: CD:6B:9D:59:3A:C5:4A:A6:CB:B8:38:89:27:7B:A2:4F:54:06:78:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWudWTrFSqbLuDiJJ3uiT1QGeIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/3QFnRhVtIs9QSL_3SGftW3uJcX0.roa
Signing time: Sat 01 Jan 2022 12:54:40 +0000
ROA not before: Sat 01 Jan 2022 12:54:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 192.109.10.0/23 maxlen: 24
192.109.40.0/23 maxlen: 24
94.190.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92733051 (0x586fe7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd6b9d593ac54aa6cbb83889277ba24f54067889
Validity
Not Before: Jan 1 12:54:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd016746156d22cf5048bff74867ed5b7b89717d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f1:c6:4e:17:61:dd:22:35:b4:d2:96:47:a0:
df:4a:76:3c:b2:88:5b:93:5d:1f:10:00:c0:de:23:
75:7e:de:1f:65:18:37:db:23:d6:a9:77:52:ea:f2:
a6:b8:06:0c:8c:25:35:a5:2e:ef:06:07:6c:6d:14:
39:bc:25:82:8c:8e:6b:01:7a:db:fe:4e:ee:e1:5a:
47:ab:83:27:cc:d2:90:a1:2d:2d:b7:c6:e2:b6:52:
51:88:03:47:41:db:54:0f:0d:d3:d0:46:d9:de:16:
88:a2:f6:58:18:72:fe:6c:38:35:14:ab:8a:77:c3:
26:8f:eb:50:cf:81:79:0e:0e:91:10:e1:c2:18:a9:
c2:c3:f2:5f:e5:c9:c3:ae:2e:53:8c:dc:b1:72:53:
45:26:d9:f4:e4:24:7f:22:a0:44:a2:30:a7:5c:40:
96:25:ee:78:23:7b:3e:bf:9c:fa:c2:5f:2c:d7:0d:
4d:d1:cf:b1:95:6d:8b:bd:00:ec:cc:fc:7c:60:83:
3c:9c:c7:5c:e5:88:6e:f7:2e:8f:6d:20:b3:bf:bc:
36:52:27:8b:c2:b5:1e:0a:cb:62:13:40:cb:ff:a9:
15:63:96:2a:f0:d0:6d:fe:60:9b:88:e0:ab:a2:7c:
1d:ae:26:46:f9:ee:e7:19:e1:fa:64:43:d3:bf:bb:
a0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:01:67:46:15:6D:22:CF:50:48:BF:F7:48:67:ED:5B:7B:89:71:7D
X509v3 Authority Key Identifier:
keyid:CD:6B:9D:59:3A:C5:4A:A6:CB:B8:38:89:27:7B:A2:4F:54:06:78:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWudWTrFSqbLuDiJJ3uiT1QGeIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/3QFnRhVtIs9QSL_3SGftW3uJcX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/zWudWTrFSqbLuDiJJ3uiT1QGeIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.190.132.0/22
192.109.10.0/23
192.109.40.0/23
Signature Algorithm: sha256WithRSAEncryption
50:e2:1e:b5:93:d1:21:c8:c6:0f:c4:39:45:cc:00:08:b1:34:
c9:5e:c1:5d:1d:90:05:94:ca:38:8f:a9:f1:b3:02:7e:62:75:
e2:55:e9:f2:3f:e7:87:8e:73:bb:a1:4c:71:37:5b:8e:0c:4e:
1e:82:1c:ce:5e:24:fb:19:d1:69:3d:49:17:3d:5d:d2:1b:97:
e2:e2:d0:20:b6:e5:f0:e9:72:72:4a:85:63:e6:a4:93:e5:1d:
66:5e:65:ee:4b:d5:e8:3c:8c:f7:4a:05:ea:8a:ef:c5:0b:ec:
6d:ae:15:d5:69:58:3b:1e:b8:17:70:99:2c:f7:a5:f3:d3:0b:
a3:b6:bf:c1:84:1f:00:93:b4:63:12:5d:79:7f:7c:b3:4c:d9:
4b:f1:93:80:f3:59:d5:ac:e5:02:ca:8a:05:25:7c:6d:06:af:
cc:94:e6:44:6d:4e:a1:d3:79:e4:5f:bb:dc:b5:f2:17:1f:3e:
51:1f:c6:ee:e2:ef:ff:38:84:86:05:37:07:6d:a2:26:4f:c9:
22:1b:48:97:2c:69:e5:de:3f:6f:53:b1:ab:1a:e1:89:35:83:
e2:ec:2a:1c:f3:9f:6a:4b:db:d9:66:64:06:24:8a:3f:d4:2b:
13:d9:4a:b2:28:c3:2a:ed:71:f6:7c:13:8b:e7:90:9e:20:2f:
99:0b:c0:4f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBYb+ezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDZiOWQ1OTNhYzU0YWE2Y2JiODM4ODkyNzdiYTI0ZjU0MDY3ODg5MB4XDTIyMDEw
MTEyNTQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQwMTY3NDYxNTZk
MjJjZjUwNDhiZmY3NDg2N2VkNWI3Yjg5NzE3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnxxk4XYd0iNbTSlkeg30p2PLKIW5NdHxAAwN4jdX7eH2UY
N9sj1ql3UuryprgGDIwlNaUu7wYHbG0UObwlgoyOawF62/5O7uFaR6uDJ8zSkKEt
LbfG4rZSUYgDR0HbVA8N09BG2d4WiKL2WBhy/mw4NRSrinfDJo/rUM+BeQ4OkRDh
whipwsPyX+XJw64uU4zcsXJTRSbZ9OQkfyKgRKIwp1xAliXueCN7Pr+c+sJfLNcN
TdHPsZVti70A7Mz8fGCDPJzHXOWIbvcuj20gs7+8NlIni8K1HgrLYhNAy/+pFWOW
KvDQbf5gm4jgq6J8Ha4mRvnu5xnh+mRD07+7oFMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTdAWdGFW0iz1BIv/dIZ+1be4lxfTAfBgNVHSMEGDAWgBTNa51ZOsVKpsu4
OIkne6JPVAZ4iTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pXdWRXVHJGU3FiTHVEaUpKM3VpVDFRR2VJay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvZTY4ZTFiLTM1NmMtNDg2OC05MDlmLTQyNjA2ZjVhYTViOS8x
LzNRRm5SaFZ0SXM5UVNMXzNTR2Z0VzN1SmNYMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
ZTY4ZTFiLTM1NmMtNDg2OC05MDlmLTQyNjA2ZjVhYTViOS8xL3pXdWRXVHJGU3Fi
THVEaUpKM3VpVDFRR2VJay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAl6+hAMEAcBtCgMEAcBtKDANBgkq
hkiG9w0BAQsFAAOCAQEAUOIetZPRIcjGD8Q5RcwACLE0yV7BXR2QBZTKOI+p8bMC
fmJ14lXp8j/nh45zu6FMcTdbjgxOHoIczl4k+xnRaT1JFz1d0huX4uLQILbl8Oly
ckqFY+akk+UdZl5l7kvV6DyM90oF6orvxQvsba4V1WlYOx64F3CZLPel89MLo7a/
wYQfAJO0YxJdeX98s0zZS/GTgPNZ1azlAsqKBSV8bQavzJTmRG1OodN55F+73LXy
Fx8+UR/G7uLv/ziEhgU3B22iJk/JIhtIlyxp5d4/b1OxqxrhiTWD4uwqHPOfakvb
2WZkBiSKP9QrE9lKsijDKu1x9nwTi+eQniAvmQvATw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:31 2023 by rpki-client on console-ams.rpki-client.org