Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/4ffcb0-bc57-4602-ad3d-524d144301ff/1/PuCvDKzN6Rpmmgao-aRyeE5BaZo.roa
File: PuCvDKzN6Rpmmgao-aRyeE5BaZo.roa (raw, json)
Hash identifier: mLbFL7ndRT+JqgnrHjdgg7P6tZjzYZYFjvQb95+esd0=
Subject key identifier: 3E:E0:AF:0C:AC:CD:E9:1A:66:9A:06:A8:F9:A4:72:78:4E:41:69:9A
Certificate issuer: /CN=9edc3ff166155e6988be8095fcb420001d8be21d
Certificate serial: 08EB7E5E
Authority key identifier: 9E:DC:3F:F1:66:15:5E:69:88:BE:80:95:FC:B4:20:00:1D:8B:E2:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ntw_8WYVXmmIvoCV_LQgAB2L4h0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/4ffcb0-bc57-4602-ad3d-524d144301ff/1/PuCvDKzN6Rpmmgao-aRyeE5BaZo.roa
Signing time: Sat 01 Jan 2022 11:01:23 +0000
ROA not before: Sat 01 Jan 2022 11:01:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209491
IP address blocks: 171.22.20.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149651038 (0x8eb7e5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9edc3ff166155e6988be8095fcb420001d8be21d
Validity
Not Before: Jan 1 11:01:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ee0af0caccde91a669a06a8f9a472784e41699a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:93:8c:1f:34:94:fd:28:c0:9a:e3:e1:50:67:
75:64:3d:0c:76:e4:2e:38:41:5b:d5:13:98:32:8d:
b7:1a:a3:90:1a:fb:1f:41:32:63:af:ab:15:64:b9:
e8:9a:99:fd:9c:e7:17:4d:2a:5c:6d:38:53:55:6b:
a5:d0:13:b0:27:95:16:a4:07:2c:1f:41:1f:22:48:
f5:ea:94:0b:95:b5:92:d9:38:3a:ab:66:65:7b:24:
2c:fe:d7:eb:b8:36:bc:2f:a9:4e:ea:d2:02:ae:83:
c3:fb:99:5b:97:3d:90:10:e5:b4:16:24:3d:17:3f:
44:0b:65:c5:62:94:26:6a:fd:7b:8c:af:fc:a2:28:
17:1a:a3:3b:25:45:dd:6e:08:5f:a6:51:dc:94:14:
5b:fb:fc:fb:00:45:57:33:82:a1:bb:41:99:05:64:
20:4a:23:27:55:d6:fd:ec:35:e8:c2:20:04:41:6d:
9a:6b:60:8c:4d:55:39:da:0d:e3:aa:c5:ec:13:b7:
61:70:85:ae:39:a8:c4:51:51:84:c1:ac:51:4e:72:
91:e8:e4:13:69:d0:e0:38:51:cf:ca:3f:55:6e:1d:
e8:93:63:28:5d:1a:e0:3d:68:b7:8e:8d:d9:57:22:
1f:6e:a5:e6:d4:5a:c8:e7:d5:54:26:f6:73:0b:e0:
64:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E0:AF:0C:AC:CD:E9:1A:66:9A:06:A8:F9:A4:72:78:4E:41:69:9A
X509v3 Authority Key Identifier:
keyid:9E:DC:3F:F1:66:15:5E:69:88:BE:80:95:FC:B4:20:00:1D:8B:E2:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ntw_8WYVXmmIvoCV_LQgAB2L4h0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/4ffcb0-bc57-4602-ad3d-524d144301ff/1/PuCvDKzN6Rpmmgao-aRyeE5BaZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/4ffcb0-bc57-4602-ad3d-524d144301ff/1/ntw_8WYVXmmIvoCV_LQgAB2L4h0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.20.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:ab:d5:4c:f6:f2:1b:91:b3:b5:06:cc:8f:32:78:3d:fc:e5:
ed:fb:4c:e1:2e:4f:3e:d7:47:51:db:fc:90:42:b7:35:d1:03:
ce:94:96:91:d5:fc:7a:39:29:18:0b:10:df:1b:db:9e:bf:73:
87:cc:44:d2:ee:8b:d7:0e:77:cd:a6:b5:fe:c4:f0:45:7d:a8:
20:4c:32:8d:15:ea:c0:9f:1c:81:9c:d0:b3:40:d4:89:67:41:
88:d5:5c:f2:5e:06:db:4b:35:eb:c0:58:8a:4a:56:ed:8e:f3:
f0:a6:27:73:ac:29:ed:95:d2:17:52:05:ff:db:25:69:fd:cf:
c7:2d:4e:85:e9:c6:d2:dc:6a:d2:09:5d:12:5a:d2:e0:44:18:
7a:ad:8a:09:26:7e:ce:bf:60:73:b0:8e:d2:16:47:13:d2:33:
50:f2:ed:a4:bb:e8:ff:cf:0c:46:46:a9:e3:0a:80:4c:82:72:
b5:7a:4f:a6:e5:99:eb:be:61:47:f9:99:67:04:ec:a5:6f:df:
16:0b:ae:5a:52:cd:10:20:9a:8c:2f:bf:2e:53:3b:30:5d:b4:
a9:c7:4c:fc:3f:1d:ba:ef:56:80:53:e2:22:83:0d:18:7a:3b:
97:40:ed:d8:79:b4:71:4e:ba:b3:aa:62:e8:17:9d:ff:55:bb:
17:f6:4a:5c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECOt+XjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZWRjM2ZmMTY2MTU1ZTY5ODhiZTgwOTVmY2I0MjAwMDFkOGJlMjFkMB4XDTIyMDEw
MTExMDEyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2VlMGFmMGNhY2Nk
ZTkxYTY2OWEwNmE4ZjlhNDcyNzg0ZTQxNjk5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOKTjB80lP0owJrj4VBndWQ9DHbkLjhBW9UTmDKNtxqjkBr7
H0EyY6+rFWS56JqZ/ZznF00qXG04U1VrpdATsCeVFqQHLB9BHyJI9eqUC5W1ktk4
OqtmZXskLP7X67g2vC+pTurSAq6Dw/uZW5c9kBDltBYkPRc/RAtlxWKUJmr9e4yv
/KIoFxqjOyVF3W4IX6ZR3JQUW/v8+wBFVzOCobtBmQVkIEojJ1XW/ew16MIgBEFt
mmtgjE1VOdoN46rF7BO3YXCFrjmoxFFRhMGsUU5ykejkE2nQ4DhRz8o/VW4d6JNj
KF0a4D1ot46N2VciH26l5tRayOfVVCb2cwvgZIsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ+4K8MrM3pGmaaBqj5pHJ4TkFpmjAfBgNVHSMEGDAWgBSe3D/xZhVeaYi+
gJX8tCAAHYviHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L250d184V1lWWG1tSXZvQ1ZfTFFnQUIyTDRoMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjcvNGZmY2IwLWJjNTctNDYwMi1hZDNkLTUyNGQxNDQzMDFmZi8x
L1B1Q3ZES3pONlJwbW1nYW8tYVJ5ZUU1QmFaby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcv
NGZmY2IwLWJjNTctNDYwMi1hZDNkLTUyNGQxNDQzMDFmZi8xL250d184V1lWWG1t
SXZvQ1ZfTFFnQUIyTDRoMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqsWFDANBgkqhkiG9w0BAQsFAAOC
AQEAPKvVTPbyG5GztQbMjzJ4Pfzl7ftM4S5PPtdHUdv8kEK3NdEDzpSWkdX8ejkp
GAsQ3xvbnr9zh8xE0u6L1w53zaa1/sTwRX2oIEwyjRXqwJ8cgZzQs0DUiWdBiNVc
8l4G20s168BYikpW7Y7z8KYnc6wp7ZXSF1IF/9slaf3Pxy1OhenG0txq0gldElrS
4EQYeq2KCSZ+zr9gc7CO0hZHE9IzUPLtpLvo/88MRkap4wqATIJytXpPpuWZ675h
R/mZZwTspW/fFguuWlLNECCajC+/LlM7MF20qcdM/D8duu9WgFPiIoMNGHo7l0Dt
2Hm0cU66s6pi6Bed/1W7F/ZKXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:05 2024 by rpki-client on console-fra.rpki-client.org