Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e73436-2251-49b4-b357-984c957a353e/1/ZcmIgrC5dSD9YEbVwA2Mm8e_Lbk.roa
File: ZcmIgrC5dSD9YEbVwA2Mm8e_Lbk.roa (raw, json)
Hash identifier: 7DknB4PtVFKQIXhsb8eSbbxh8ccZjYdxe1BTyGoQG7Y=
Subject key identifier: 65:C9:88:82:B0:B9:75:20:FD:60:46:D5:C0:0D:8C:9B:C7:BF:2D:B9
Certificate issuer: /CN=6f4dbbc069669f2e7e8822f6398f6b36c449345c
Certificate serial: 048718A0
Authority key identifier: 6F:4D:BB:C0:69:66:9F:2E:7E:88:22:F6:39:8F:6B:36:C4:49:34:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b027wGlmny5-iCL2OY9rNsRJNFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e73436-2251-49b4-b357-984c957a353e/1/ZcmIgrC5dSD9YEbVwA2Mm8e_Lbk.roa
Signing time: Sat 01 Jan 2022 14:58:37 +0000
ROA not before: Sat 01 Jan 2022 14:58:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48390
IP address blocks: 185.20.3.0/24 maxlen: 24
2a0c:d0c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75962528 (0x48718a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f4dbbc069669f2e7e8822f6398f6b36c449345c
Validity
Not Before: Jan 1 14:58:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65c98882b0b97520fd6046d5c00d8c9bc7bf2db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:23:30:ef:a5:6c:dc:16:40:b6:71:60:77:d1:
ee:e2:9e:fd:35:9d:3c:13:7f:b0:d0:9f:ae:9c:99:
5d:34:2a:cf:be:7f:26:74:19:ae:61:47:c3:c1:71:
b5:ba:7f:ff:f2:8c:50:ef:c0:fa:7a:5b:83:d0:50:
36:19:ce:0f:b2:69:66:a8:58:e9:4c:6a:5a:a6:bc:
d5:18:c2:74:0b:da:b2:87:f9:8f:fe:ec:55:82:30:
a3:dc:bc:56:84:3b:9b:31:31:62:ed:0b:d9:30:42:
5f:30:a0:53:f5:91:d1:3d:16:6c:38:78:2b:1d:a4:
96:ae:8c:2d:8d:a4:45:7d:c0:e5:b6:34:2e:50:a6:
bd:76:ff:6f:b7:dd:ee:67:b2:ea:a0:0c:b8:0b:ad:
d0:32:45:33:c5:75:24:d5:cf:a0:5f:76:88:dc:c5:
d3:a3:5a:8e:a1:80:5f:b6:f5:ac:e5:f3:d1:79:f8:
33:bf:55:79:55:9c:62:a1:77:f4:ef:3c:60:8b:90:
66:03:5c:ab:b9:fd:3e:08:2b:af:d7:7f:9e:49:11:
a2:7c:6b:2a:72:99:02:21:a7:b1:1c:f3:01:4f:37:
49:19:50:6d:be:92:eb:65:68:ec:33:ce:ca:8e:c7:
b7:0a:17:1a:03:7e:30:ed:bd:35:c3:3a:06:c8:16:
e7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C9:88:82:B0:B9:75:20:FD:60:46:D5:C0:0D:8C:9B:C7:BF:2D:B9
X509v3 Authority Key Identifier:
keyid:6F:4D:BB:C0:69:66:9F:2E:7E:88:22:F6:39:8F:6B:36:C4:49:34:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b027wGlmny5-iCL2OY9rNsRJNFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e73436-2251-49b4-b357-984c957a353e/1/ZcmIgrC5dSD9YEbVwA2Mm8e_Lbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e73436-2251-49b4-b357-984c957a353e/1/b027wGlmny5-iCL2OY9rNsRJNFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.3.0/24
IPv6:
2a0c:d0c0::/29
Signature Algorithm: sha256WithRSAEncryption
38:d6:94:76:37:58:59:4f:7d:f7:a0:76:b8:f1:3e:fc:01:29:
e5:60:bf:08:67:f1:30:a2:5e:4b:38:25:89:4b:61:b1:bc:9a:
b5:db:87:84:43:9e:7f:39:d7:6f:75:36:ef:fa:81:8a:3b:00:
60:65:7d:a2:2d:f5:f9:fe:59:43:f8:33:bf:20:c4:e6:23:6f:
b5:bf:24:de:6c:09:8c:b6:9d:f9:41:af:ee:8d:cb:03:18:68:
56:4e:43:b5:c8:c4:aa:a9:68:c2:6c:c7:39:42:fb:2f:ad:d2:
9d:cb:d2:f7:26:d8:b5:78:af:e9:12:6e:0c:53:0f:ad:4b:3a:
2b:5d:30:c2:91:86:16:92:8f:1d:83:32:c5:4e:7c:3f:e8:3c:
62:ce:74:e3:5f:f0:8c:3a:ac:94:bb:95:78:5f:42:b8:cc:c7:
71:d5:1b:8e:30:fd:59:00:94:1e:bf:e3:ac:d4:a3:78:0e:40:
c0:34:7a:cc:75:2a:8a:10:05:4b:ec:66:3c:f8:92:02:e8:b3:
b1:80:50:04:51:35:be:aa:9f:83:f4:27:51:84:aa:6a:ea:9e:
58:be:fa:b8:2a:69:fd:e2:d0:61:5c:d4:2d:61:53:12:4c:b4:
b2:70:42:7b:f7:e7:57:04:50:e9:78:d8:db:76:d6:0d:e1:01:
09:8b:38:39
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBIcYoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZjRkYmJjMDY5NjY5ZjJlN2U4ODIyZjYzOThmNmIzNmM0NDkzNDVjMB4XDTIyMDEw
MTE0NTgzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjVjOTg4ODJiMGI5
NzUyMGZkNjA0NmQ1YzAwZDhjOWJjN2JmMmRiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4jMO+lbNwWQLZxYHfR7uKe/TWdPBN/sNCfrpyZXTQqz75/
JnQZrmFHw8Fxtbp///KMUO/A+npbg9BQNhnOD7JpZqhY6UxqWqa81RjCdAvasof5
j/7sVYIwo9y8VoQ7mzExYu0L2TBCXzCgU/WR0T0WbDh4Kx2klq6MLY2kRX3A5bY0
LlCmvXb/b7fd7mey6qAMuAut0DJFM8V1JNXPoF92iNzF06NajqGAX7b1rOXz0Xn4
M79VeVWcYqF39O88YIuQZgNcq7n9Pggrr9d/nkkRonxrKnKZAiGnsRzzAU83SRlQ
bb6S62Vo7DPOyo7HtwoXGgN+MO29NcM6BsgW5zECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRlyYiCsLl1IP1gRtXADYybx78tuTAfBgNVHSMEGDAWgBRvTbvAaWafLn6I
IvY5j2s2xEk0XDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2IwMjd3R2xtbnk1LWlDTDJPWTlyTnNSSk5Gdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvZTczNDM2LTIyNTEtNDliNC1iMzU3LTk4NGM5NTdhMzUzZS8x
L1pjbUlnckM1ZFNEOVlFYlZ3QTJNbThlX0xiay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
ZTczNDM2LTIyNTEtNDliNC1iMzU3LTk4NGM5NTdhMzUzZS8xL2IwMjd3R2xtbnk1
LWlDTDJPWTlyTnNSSk5Gdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALkUAzANBAIAAjAHAwUDKgzQwDAN
BgkqhkiG9w0BAQsFAAOCAQEAONaUdjdYWU9996B2uPE+/AEp5WC/CGfxMKJeSzgl
iUthsbyatduHhEOefznXb3U27/qBijsAYGV9oi31+f5ZQ/gzvyDE5iNvtb8k3mwJ
jLad+UGv7o3LAxhoVk5DtcjEqqlowmzHOUL7L63SncvS9ybYtXiv6RJuDFMPrUs6
K10wwpGGFpKPHYMyxU58P+g8Ys5041/wjDqslLuVeF9CuMzHcdUbjjD9WQCUHr/j
rNSjeA5AwDR6zHUqihAFS+xmPPiSAuizsYBQBFE1vqqfg/QnUYSqauqeWL76uCpp
/eLQYVzULWFTEky0snBCe/fnVwRQ6XjY23bWDeEBCYs4OQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:37 2023 by rpki-client on console.sobornost.net