Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/OrFsbX3tbS07QwDHQAgY0Q1f3sg.roa
File: OrFsbX3tbS07QwDHQAgY0Q1f3sg.roa (raw, json)
Hash identifier: BX5fD8ggPNwbbaor5+UvLW4wx7wfJ92egd0tjFqpwiM=
Subject key identifier: 3A:B1:6C:6D:7D:ED:6D:2D:3B:43:00:C7:40:08:18:D1:0D:5F:DE:C8
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 0184924A06EE84595F67BE577742ED3BAA79
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/OrFsbX3tbS07QwDHQAgY0Q1f3sg.roa
Signing time: Sat 19 Nov 2022 23:47:15 +0000
ROA not before: Sat 19 Nov 2022 23:47:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41736
IP address blocks: 185.47.144.0/22 maxlen: 22
91.142.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:92:4a:06:ee:84:59:5f:67:be:57:77:42:ed:3b:aa:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Nov 19 23:47:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ab16c6d7ded6d2d3b4300c7400818d10d5fdec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:03:12:d0:6a:cf:58:e7:c3:18:53:c6:48:f7:
c0:61:42:60:c3:8d:04:8a:aa:f6:6b:14:4a:f2:e4:
ca:ca:69:d1:4f:e6:ff:db:22:91:ac:07:d8:ff:29:
6d:81:12:41:6c:c4:41:60:3c:b6:e9:3a:81:43:0f:
e9:8c:90:ad:41:6d:77:d5:56:3b:8e:76:fd:32:b3:
8a:5f:9c:2e:2f:35:0f:1c:05:3b:4f:fe:18:0d:c1:
64:59:7d:8a:c0:30:e5:ec:79:a1:ae:31:71:6d:59:
34:4f:49:fa:ce:c8:59:a4:54:46:88:59:a6:cd:89:
d1:1b:3d:f2:fe:7f:bd:e6:52:03:b0:7b:70:8d:ca:
d3:e5:51:37:02:be:f7:03:48:67:61:e1:19:e0:fa:
cb:90:f4:93:b7:97:8a:5e:0e:7e:89:51:23:c2:ae:
9f:27:df:8b:aa:61:35:1e:98:fb:9e:0e:b4:15:54:
75:8c:38:08:1a:fd:c2:c1:6b:a9:5f:68:14:8f:5f:
62:92:7e:33:b8:09:a6:13:de:c1:d2:71:72:93:5e:
15:7b:dc:82:b1:4d:47:22:37:18:e7:a3:d5:60:76:
5e:a4:92:22:9d:4d:81:d6:2c:94:c1:e9:a6:0b:a3:
83:8d:f6:0c:0c:be:49:75:65:4d:b6:37:c2:19:c2:
12:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B1:6C:6D:7D:ED:6D:2D:3B:43:00:C7:40:08:18:D1:0D:5F:DE:C8
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/OrFsbX3tbS07QwDHQAgY0Q1f3sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.96.0/20
185.47.144.0/22
Signature Algorithm: sha256WithRSAEncryption
81:d3:dc:e0:fd:bb:c1:67:08:5e:e5:10:e1:60:8c:98:88:12:
b2:42:ef:3a:62:f4:40:d3:12:60:c1:97:d0:91:05:92:7d:32:
e3:24:36:e6:71:15:e1:06:69:bf:cc:fb:23:5c:42:96:2e:61:
83:ff:3b:d6:70:62:22:e3:f4:f6:3c:b5:c0:4c:6d:3e:36:a5:
d6:7e:26:75:45:77:a9:76:ec:37:62:7c:4e:65:85:57:aa:dd:
9e:a9:b5:f5:e6:29:cf:51:ba:33:3c:3a:3e:5f:2e:e7:02:7b:
a6:b6:3a:51:2f:05:68:07:0f:65:c1:fe:77:ae:4e:8b:c2:d0:
eb:6f:dd:08:06:88:e0:0a:90:56:48:4e:5e:d1:e6:3f:c8:e5:
b5:c2:10:e2:e1:c8:8e:3a:33:34:31:05:ae:36:f4:d1:78:f4:
9b:c7:5b:3c:a1:ab:f8:6d:de:3f:a4:8f:ab:b5:9a:75:f5:e7:
4a:63:fe:49:d6:7d:37:fd:68:10:f0:73:fd:f0:5d:73:18:35:
23:9f:2a:02:29:40:26:24:ab:ee:e4:64:4e:49:7e:13:80:e0:
83:38:7a:dc:81:7f:f2:44:2b:66:ee:a8:ee:3e:45:09:d0:74:
6f:9e:d4:fd:77:df:2b:ba:f2:d1:53:e3:4e:8a:9d:b1:8a:47:
91:6e:4d:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSSSgbuhFlfZ75Xd0LtO6p5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjIxMTE5MjM0NzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWIxNmM2ZDdkZWQ2ZDJkM2I0MzAwYzc0MDA4MThkMTBkNWZkZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wMS0GrPWOfDGFPGSPfAYUJgw40E
iqr2axRK8uTKymnRT+b/2yKRrAfY/yltgRJBbMRBYDy26TqBQw/pjJCtQW131VY7
jnb9MrOKX5wuLzUPHAU7T/4YDcFkWX2KwDDl7HmhrjFxbVk0T0n6zshZpFRGiFmm
zYnRGz3y/n+95lIDsHtwjcrT5VE3Ar73A0hnYeEZ4PrLkPSTt5eKXg5+iVEjwq6f
J9+LqmE1Hpj7ng60FVR1jDgIGv3CwWupX2gUj19ikn4zuAmmE97B0nFyk14Ve9yC
sU1HIjcY56PVYHZepJIinU2B1iyUwemmC6ODjfYMDL5JdWVNtjfCGcIScwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDqxbG197W0tO0MAx0AIGNENX97IMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvT3JGc2JYM3RiUzA3UXdESFFBZ1kwUTFmM3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEW45gAwQC
uS+QMA0GCSqGSIb3DQEBCwUAA4IBAQCB09zg/bvBZwhe5RDhYIyYiBKyQu86YvRA
0xJgwZfQkQWSfTLjJDbmcRXhBmm/zPsjXEKWLmGD/zvWcGIi4/T2PLXATG0+NqXW
fiZ1RXepduw3YnxOZYVXqt2eqbX15inPUbozPDo+Xy7nAnumtjpRLwVoBw9lwf53
rk6LwtDrb90IBojgCpBWSE5e0eY/yOW1whDi4ciOOjM0MQWuNvTRePSbx1s8oav4
bd4/pI+rtZp19edKY/5J1n03/WgQ8HP98F1zGDUjnyoCKUAmJKvu5GROSX4TgOCD
OHrcgX/yRCtm7qjuPkUJ0HRvntT9d98ruvLRU+NOip2xikeRbk0a
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:47 2023 by rpki-client on console-ams.rpki-client.org