Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/rcg4GBRxksIYVBUPeS6sb-pqEfo.roa
File: rcg4GBRxksIYVBUPeS6sb-pqEfo.roa (raw, json)
Hash identifier: OnWuVCwQgC9cesDeZdxEfWcIoIMWbqtKjeq1rHH5qCY=
Subject key identifier: AD:C8:38:18:14:71:92:C2:18:54:15:0F:79:2E:AC:6F:EA:6A:11:FA
Certificate issuer: /CN=dc6a3742f0f0fb120922b339ef01cecf87f4d1ee
Certificate serial: 3836BA96
Authority key identifier: DC:6A:37:42:F0:F0:FB:12:09:22:B3:39:EF:01:CE:CF:87:F4:D1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/rcg4GBRxksIYVBUPeS6sb-pqEfo.roa
Signing time: Sat 01 Jan 2022 10:55:08 +0000
ROA not before: Sat 01 Jan 2022 10:55:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43284
IP address blocks: 77.73.240.0/21 maxlen: 21
194.56.219.0/24 maxlen: 24
2a02:2108::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 943110806 (0x3836ba96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc6a3742f0f0fb120922b339ef01cecf87f4d1ee
Validity
Not Before: Jan 1 10:55:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=adc83818147192c21854150f792eac6fea6a11fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:20:92:e7:62:b4:2d:55:58:7b:f1:2d:0f:e9:
a0:61:9c:05:cb:60:66:5a:f3:95:9b:11:fa:52:cb:
b6:f9:eb:13:c1:f4:bf:6d:32:68:04:fc:5f:f3:45:
40:42:9c:58:05:93:6f:cf:cb:a6:99:e9:7b:a2:49:
87:df:53:b3:33:6e:b8:16:91:78:b3:f8:82:b6:e7:
25:7e:0f:d2:e2:5e:34:97:70:13:e2:41:1e:45:c9:
d2:3c:09:9f:57:af:c0:6d:14:17:5c:bd:7e:04:b4:
37:ce:06:18:a6:3b:a6:43:07:d7:ef:02:e4:c7:a2:
c4:c4:63:7e:06:91:1e:c1:0a:66:44:15:17:8c:91:
22:ed:85:6d:8a:7e:f0:0a:ea:1f:0c:59:02:a2:12:
53:a6:b7:99:a7:06:56:88:4f:a7:ed:3b:19:df:98:
04:30:b3:4a:02:eb:f4:63:55:e7:5d:3c:c1:bd:fb:
2c:6f:fb:29:23:44:71:f8:f1:56:ca:00:81:1a:57:
ca:1f:2f:79:cc:2f:f1:4f:a5:be:ce:92:97:7f:63:
9b:53:bc:ec:bb:0a:be:96:67:56:4d:3d:2c:3a:f1:
9e:37:54:dc:4a:d5:a1:4f:ed:66:4c:d1:9e:15:3a:
a9:6c:df:5e:02:c1:22:4f:60:ad:bc:50:47:a2:f4:
c2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C8:38:18:14:71:92:C2:18:54:15:0F:79:2E:AC:6F:EA:6A:11:FA
X509v3 Authority Key Identifier:
keyid:DC:6A:37:42:F0:F0:FB:12:09:22:B3:39:EF:01:CE:CF:87:F4:D1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/rcg4GBRxksIYVBUPeS6sb-pqEfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/3Go3QvDw-xIJIrM57wHOz4f00e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.240.0/21
194.56.219.0/24
IPv6:
2a02:2108::/32
Signature Algorithm: sha256WithRSAEncryption
1c:fd:ad:5e:1f:fb:59:89:a1:53:79:ef:69:20:84:8c:81:45:
e6:79:ed:63:08:1b:6d:46:d1:5a:36:6c:35:d3:07:42:5b:e1:
88:30:83:15:9c:96:97:b1:88:cb:a5:ba:3b:b5:23:a4:7b:5e:
05:eb:f1:b2:e3:3e:bd:3e:b3:81:a7:7c:34:f3:a6:f9:e1:11:
fa:3c:4c:7a:9c:3f:ce:b5:f5:1a:b2:92:27:5c:47:63:cb:a4:
f1:a4:7b:93:39:31:43:c0:f1:d9:d2:85:d6:c6:a3:eb:a2:40:
f0:7b:e4:1a:10:ca:4e:d8:70:5b:0d:59:24:36:f4:ac:7d:5f:
af:e8:7f:16:de:7a:4e:04:66:a1:5f:51:30:71:49:02:f9:e6:
a0:bf:81:a7:de:64:95:ff:fb:8e:31:22:4f:66:61:e2:fd:71:
bd:98:8d:d3:e2:5e:18:09:77:a2:78:0f:99:9a:0a:93:7d:3d:
07:59:dd:98:b6:a6:25:b5:2d:a0:87:5c:4a:6a:e4:5f:24:a7:
60:d3:3f:ad:12:a1:c3:83:89:4d:3e:36:0f:10:50:09:18:b4:
33:ef:23:27:3b:bf:d7:3c:d3:f3:f7:7f:9a:cd:4d:4c:11:7f:
4c:ca:40:d2:ec:bb:aa:91:98:65:f9:64:e0:da:83:ea:58:c0:
d9:12:51:a0
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEODa6ljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YzZhMzc0MmYwZjBmYjEyMDkyMmIzMzllZjAxY2VjZjg3ZjRkMWVlMB4XDTIyMDEw
MTEwNTUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWRjODM4MTgxNDcx
OTJjMjE4NTQxNTBmNzkyZWFjNmZlYTZhMTFmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANEgkuditC1VWHvxLQ/poGGcBctgZlrzlZsR+lLLtvnrE8H0
v20yaAT8X/NFQEKcWAWTb8/Lppnpe6JJh99TszNuuBaReLP4grbnJX4P0uJeNJdw
E+JBHkXJ0jwJn1evwG0UF1y9fgS0N84GGKY7pkMH1+8C5MeixMRjfgaRHsEKZkQV
F4yRIu2FbYp+8ArqHwxZAqISU6a3macGVohPp+07Gd+YBDCzSgLr9GNV5108wb37
LG/7KSNEcfjxVsoAgRpXyh8vecwv8U+lvs6Sl39jm1O87LsKvpZnVk09LDrxnjdU
3ErVoU/tZkzRnhU6qWzfXgLBIk9grbxQR6L0wh8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBStyDgYFHGSwhhUFQ95Lqxv6moR+jAfBgNVHSMEGDAWgBTcajdC8PD7Egki
sznvAc7Ph/TR7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNHbzNRdkR3LXhJSklyTTU3d0hPejRmMDBlNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvNDdjOTczLTIwNWItNDE5Ny04Njk4LWNjMWQyYzVlMWIzMS8x
L3JjZzRHQlJ4a3NJWVZCVVBlUzZzYi1wcUVmby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
NDdjOTczLTIwNWItNDE5Ny04Njk4LWNjMWQyYzVlMWIzMS8xLzNHbzNRdkR3LXhJ
SklyTTU3d0hPejRmMDBlNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA01J8AMEAMI42zANBAIAAjAHAwUA
KgIhCDANBgkqhkiG9w0BAQsFAAOCAQEAHP2tXh/7WYmhU3nvaSCEjIFF5nntYwgb
bUbRWjZsNdMHQlvhiDCDFZyWl7GIy6W6O7UjpHteBevxsuM+vT6zgad8NPOm+eER
+jxMepw/zrX1GrKSJ1xHY8uk8aR7kzkxQ8Dx2dKF1saj66JA8HvkGhDKTthwWw1Z
JDb0rH1fr+h/Ft56TgRmoV9RMHFJAvnmoL+Bp95klf/7jjEiT2Zh4v1xvZiN0+Je
GAl3ongPmZoKk309B1ndmLamJbUtoIdcSmrkXySnYNM/rRKhw4OJTT42DxBQCRi0
M+8jJzu/1zzT8/d/ms1NTBF/TMpA0uy7qpGYZflk4NqD6ljA2RJRoA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:21 2023 by rpki-client on console-ams.rpki-client.org