Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/3QZrTGfenrK_Z8cgkvpsFtqdcMo.roa
File: 3QZrTGfenrK_Z8cgkvpsFtqdcMo.roa (raw, json)
Hash identifier: p/IOWtj6v3jw4T4GHAan8Mi795fZ8V4SIvGw+xCbfHo=
Subject key identifier: DD:06:6B:4C:67:DE:9E:B2:BF:67:C7:20:92:FA:6C:16:DA:9D:70:CA
Certificate issuer: /CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Certificate serial: 0183EFF061E1D65212440E4A94CDBAC689B2
Authority key identifier: B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/3QZrTGfenrK_Z8cgkvpsFtqdcMo.roa
Signing time: Wed 19 Oct 2022 11:10:51 +0000
ROA not before: Wed 19 Oct 2022 11:10:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 45.113.239.0/24 maxlen: 24
79.132.194.0/24 maxlen: 24
31.223.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ef:f0:61:e1:d6:52:12:44:0e:4a:94:cd:ba:c6:89:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Validity
Not Before: Oct 19 11:10:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd066b4c67de9eb2bf67c72092fa6c16da9d70ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:92:70:1b:89:84:e5:ac:e6:80:93:11:3c:3b:
c5:cf:45:87:60:ca:36:17:3e:d6:e2:dc:3b:d7:e7:
59:55:42:24:c1:2b:5f:2e:25:31:6e:77:0b:5b:ee:
cd:77:4f:cb:43:5a:c2:31:a5:55:de:fc:38:fe:62:
f3:08:1f:9a:ff:a7:b0:ae:40:fd:97:3e:94:16:2d:
69:d6:bc:30:c2:07:93:6d:e2:14:b3:6e:94:12:f5:
0b:92:87:4c:9f:8b:2e:7c:bc:c7:f4:c0:47:1a:01:
83:19:49:d0:91:d5:fe:8d:6c:ad:90:77:ed:46:fd:
02:f4:18:9f:21:32:9b:a4:c0:23:93:2b:01:a8:d3:
39:9c:4d:0a:27:70:a1:c5:ed:13:c0:c1:ac:d8:97:
3b:c4:4a:f2:d0:e3:f2:f8:fe:f8:4d:9f:95:77:d5:
be:4e:79:0d:5f:5b:34:a2:4e:2d:56:92:6e:e0:86:
bc:d6:49:9c:18:da:2d:6f:f3:c0:27:73:c1:b4:8d:
a2:89:aa:09:e8:2b:3d:4c:54:e8:85:c8:88:e1:d8:
44:95:89:a0:c9:79:1b:a0:5b:d0:ad:65:97:ab:ab:
dc:0f:cc:c8:25:df:5e:02:b1:0e:fd:4b:b5:95:5e:
46:c0:1f:df:1d:ce:08:65:57:78:b4:3f:4d:e8:79:
0a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:06:6B:4C:67:DE:9E:B2:BF:67:C7:20:92:FA:6C:16:DA:9D:70:CA
X509v3 Authority Key Identifier:
keyid:B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/3QZrTGfenrK_Z8cgkvpsFtqdcMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/swfIfntuKU8nAHkO7xnoKTnYXNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.185.0/24
45.113.239.0/24
79.132.194.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:a5:c2:b1:5f:4c:5d:39:5d:61:21:d4:b4:a6:b1:ae:b5:91:
5f:08:8f:7d:ea:83:43:9b:d7:c0:bf:1a:f2:bc:09:65:96:d0:
94:ee:ae:d6:8c:5c:35:b4:83:36:90:6a:ae:af:19:29:20:85:
b4:9b:92:68:8d:4c:7d:a3:e4:54:9d:b2:0f:a1:2c:a6:19:e0:
bb:f8:cc:aa:ea:0d:cc:ad:fc:16:92:cc:84:d8:51:34:19:b9:
3d:03:9e:ae:69:9e:8e:1a:7e:26:0a:8e:3b:22:d5:f4:9f:4e:
0a:4a:59:d8:ef:52:b7:24:05:28:3c:b2:33:35:62:38:4f:6b:
7c:bd:b2:cf:a9:21:5a:e3:70:01:29:be:1d:b0:ba:14:63:bf:
ab:ee:26:9a:27:c4:8c:9e:7b:8d:15:a0:31:34:19:e0:25:cf:
1e:10:cf:f4:86:5d:ed:5d:1b:cf:23:7b:09:62:cc:95:ff:53:
2b:d6:8b:61:a5:dd:70:ea:88:1a:0e:0e:4f:11:bb:80:12:d5:
38:c3:bc:c7:4d:0f:85:0e:5d:cc:30:12:22:c5:a9:59:a7:34:
15:77:cb:64:82:a2:9b:5a:bb:b6:ea:c1:5b:8d:44:12:a5:c0:
bb:ea:52:9d:a4:26:bc:7d:7f:69:69:a0:e6:94:c7:ef:7a:9a:
f1:d8:c1:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPv8GHh1lISRA5KlM26xomyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMDdjODdlN2I2ZTI5NGYyNzAwNzkwZWVmMTllODI5Mzlk
ODVjZDYwHhcNMjIxMDE5MTExMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDA2NmI0YzY3ZGU5ZWIyYmY2N2M3MjA5MmZhNmMxNmRhOWQ3MGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppJwG4mE5azmgJMRPDvFz0WHYMo2
Fz7W4tw71+dZVUIkwStfLiUxbncLW+7Nd0/LQ1rCMaVV3vw4/mLzCB+a/6ewrkD9
lz6UFi1p1rwwwgeTbeIUs26UEvULkodMn4sufLzH9MBHGgGDGUnQkdX+jWytkHft
Rv0C9BifITKbpMAjkysBqNM5nE0KJ3Chxe0TwMGs2Jc7xEry0OPy+P74TZ+Vd9W+
TnkNX1s0ok4tVpJu4Ia81kmcGNotb/PAJ3PBtI2iiaoJ6Cs9TFTohciI4dhElYmg
yXkboFvQrWWXq6vcD8zIJd9eArEO/Uu1lV5GwB/fHc4IZVd4tD9N6HkKfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN0Ga0xn3p6yv2fHIJL6bBbanXDKMB8GA1UdIwQY
MBaAFLMHyH57bilPJwB5Du8Z6Ck52FzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3dmSWZudHVLVThuQUhrTzd4bm9LVG5ZWE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9kYTY0MmEtYTZhYi00NzA1LTk1ODct
NjQ5NDVhNGY4ZTEyLzEvM1FaclRHZmVucktfWjhjZ2t2cHNGdHFkY01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9kYTY0MmEtYTZhYi00NzA1LTk1ODctNjQ5NDVhNGY4ZTEy
LzEvc3dmSWZudHVLVThuQUhrTzd4bm9LVG5ZWE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH9+5AwQA
LXHvAwQAT4TCMA0GCSqGSIb3DQEBCwUAA4IBAQDCpcKxX0xdOV1hIdS0prGutZFf
CI996oNDm9fAvxryvAllltCU7q7WjFw1tIM2kGqurxkpIIW0m5JojUx9o+RUnbIP
oSymGeC7+Myq6g3MrfwWksyE2FE0Gbk9A56uaZ6OGn4mCo47ItX0n04KSlnY71K3
JAUoPLIzNWI4T2t8vbLPqSFa43ABKb4dsLoUY7+r7iaaJ8SMnnuNFaAxNBngJc8e
EM/0hl3tXRvPI3sJYsyV/1Mr1othpd1w6ogaDg5PEbuAEtU4w7zHTQ+FDl3MMBIi
xalZpzQVd8tkgqKbWru26sFbjUQSpcC76lKdpCa8fX9paaDmlMfveprx2MFv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:42 2024 by rpki-client on console-ams.rpki-client.org