Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/3QZD5tq9jXNVauPmc0z2NtoRAP4.roa
File: 3QZD5tq9jXNVauPmc0z2NtoRAP4.roa (raw, json)
Hash identifier: k76yKDQYAWKcWA9+7GFfJWgn/ss8tORf0bc8rzFTg84=
Subject key identifier: DD:06:43:E6:DA:BD:8D:73:55:6A:E3:E6:73:4C:F6:36:DA:11:00:FE
Certificate issuer: /CN=ba9efca86dea70d3ee90181678c8eb30e6916d1d
Certificate serial: 0581D19B
Authority key identifier: BA:9E:FC:A8:6D:EA:70:D3:EE:90:18:16:78:C8:EB:30:E6:91:6D:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up78qG3qcNPukBgWeMjrMOaRbR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/3QZD5tq9jXNVauPmc0z2NtoRAP4.roa
Signing time: Sat 01 Jan 2022 15:58:58 +0000
ROA not before: Sat 01 Jan 2022 15:58:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56472
IP address blocks: 185.22.36.0/22 maxlen: 24
80.86.48.0/20 maxlen: 24
2a02:29a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92393883 (0x581d19b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9efca86dea70d3ee90181678c8eb30e6916d1d
Validity
Not Before: Jan 1 15:58:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd0643e6dabd8d73556ae3e6734cf636da1100fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:49:bd:e6:b4:dd:2b:57:9e:02:04:2f:02:8f:
f9:5d:5c:62:23:af:f0:dc:89:fa:f2:ff:03:a2:4a:
b5:c8:95:bb:d2:f2:d8:dd:e3:2b:71:de:35:3a:e0:
31:5a:1f:c4:48:c9:0a:94:ee:b7:9d:28:82:bf:17:
0d:34:70:90:2b:a1:83:23:73:5a:c5:cf:43:08:75:
82:ec:ea:c5:b0:52:5c:55:0b:74:f2:54:f5:09:1a:
77:86:f3:1a:de:4c:e5:1d:28:5d:7c:a9:23:78:4e:
87:2d:09:ad:91:eb:36:f4:90:74:0a:c4:4c:17:43:
41:47:2b:38:20:de:75:8f:2a:5d:95:aa:be:0d:10:
b1:0a:a7:9b:fb:79:dd:a8:8f:99:ee:13:3e:0a:71:
5f:10:21:c6:85:6e:b3:64:9e:10:df:10:6a:a0:71:
ea:3d:a9:86:c7:2d:2e:6b:df:5c:cb:bd:8a:e4:2a:
d6:ef:fb:7c:fe:f7:0f:10:5e:c0:be:7f:29:a6:5d:
cb:a1:48:e8:67:02:e1:8a:5c:b4:76:9a:f4:36:6d:
4b:14:a3:99:c3:fd:e8:86:a6:6b:3d:6d:a6:c5:51:
97:63:4e:4f:3b:d5:fe:78:74:fa:0c:70:e6:7e:5e:
7f:de:6c:82:bc:51:e0:63:10:e0:22:8c:7c:50:af:
78:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:06:43:E6:DA:BD:8D:73:55:6A:E3:E6:73:4C:F6:36:DA:11:00:FE
X509v3 Authority Key Identifier:
keyid:BA:9E:FC:A8:6D:EA:70:D3:EE:90:18:16:78:C8:EB:30:E6:91:6D:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up78qG3qcNPukBgWeMjrMOaRbR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/3QZD5tq9jXNVauPmc0z2NtoRAP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.48.0/20
185.22.36.0/22
IPv6:
2a02:29a0::/32
Signature Algorithm: sha256WithRSAEncryption
57:f2:ca:af:d9:0f:f2:49:6e:81:70:11:7a:cc:90:bb:6b:fe:
09:9f:9e:1a:68:8a:96:4e:d1:52:e4:81:c3:a0:e2:ca:ba:10:
da:3f:74:7e:8f:76:23:1d:38:70:8c:c1:38:b6:84:5b:25:b9:
54:b2:db:07:99:c7:f4:07:56:5e:91:f5:c9:f8:c3:14:df:8f:
2f:cb:b8:44:83:8e:5b:7f:f6:89:61:de:c1:9f:a7:c3:ed:1d:
4f:cb:c2:f4:c6:f1:1c:1a:d2:de:a5:3e:57:83:65:f4:a6:35:
c5:5b:ea:06:99:e7:b3:a1:2d:4c:61:d7:90:ce:3c:03:0c:5e:
cb:17:48:2f:19:31:b0:e6:88:8d:1c:05:bc:18:c8:0a:bb:88:
86:3b:4c:a8:ed:cf:57:8b:fb:9c:e0:dd:26:bf:6e:52:9e:f7:
73:8c:08:bd:81:fb:62:59:37:7a:18:b9:66:dd:09:70:10:43:
50:42:7f:64:bc:a6:0f:2a:6e:8b:59:db:f9:c5:71:35:92:9d:
3d:4b:14:c0:c4:37:aa:be:f9:87:d3:8f:36:6c:9e:b6:9a:5f:
b8:69:18:ea:2c:ff:7e:ff:86:00:37:84:a3:f1:ec:2a:d5:36:
c6:15:9a:3e:91:80:08:cb:86:06:d1:ba:44:ab:36:e5:91:66:
0f:7f:2e:c2
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBYHRmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTllZmNhODZkZWE3MGQzZWU5MDE4MTY3OGM4ZWIzMGU2OTE2ZDFkMB4XDTIyMDEw
MTE1NTg1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQwNjQzZTZkYWJk
OGQ3MzU1NmFlM2U2NzM0Y2Y2MzZkYTExMDBmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxJvea03StXngIELwKP+V1cYiOv8NyJ+vL/A6JKtciVu9Ly
2N3jK3HeNTrgMVofxEjJCpTut50ogr8XDTRwkCuhgyNzWsXPQwh1guzqxbBSXFUL
dPJU9Qkad4bzGt5M5R0oXXypI3hOhy0JrZHrNvSQdArETBdDQUcrOCDedY8qXZWq
vg0QsQqnm/t53aiPme4TPgpxXxAhxoVus2SeEN8QaqBx6j2phsctLmvfXMu9iuQq
1u/7fP73DxBewL5/KaZdy6FI6GcC4YpctHaa9DZtSxSjmcP96Iamaz1tpsVRl2NO
TzvV/nh0+gxw5n5ef95sgrxR4GMQ4CKMfFCveC0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTdBkPm2r2Nc1Vq4+ZzTPY22hEA/jAfBgNVHSMEGDAWgBS6nvyobepw0+6Q
GBZ4yOsw5pFtHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VwNzhxRzNxY05QdWtCZ1dlTWpyTU9hUmJSMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvNzViODM4LTRlY2UtNDk5OC04YWQ4LTE3ZDMxZGVlOGUxMi8x
LzNRWkQ1dHE5alhOVmF1UG1jMHoyTnRvUkFQNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
NzViODM4LTRlY2UtNDk5OC04YWQ4LTE3ZDMxZGVlOGUxMi8xL3VwNzhxRzNxY05Q
dWtCZ1dlTWpyTU9hUmJSMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBFBWMAMEArkWJDANBAIAAjAHAwUA
KgIpoDANBgkqhkiG9w0BAQsFAAOCAQEAV/LKr9kP8klugXAResyQu2v+CZ+eGmiK
lk7RUuSBw6DiyroQ2j90fo92Ix04cIzBOLaEWyW5VLLbB5nH9AdWXpH1yfjDFN+P
L8u4RIOOW3/2iWHewZ+nw+0dT8vC9MbxHBrS3qU+V4Nl9KY1xVvqBpnns6EtTGHX
kM48AwxeyxdILxkxsOaIjRwFvBjICruIhjtMqO3PV4v7nODdJr9uUp73c4wIvYH7
Ylk3ehi5Zt0JcBBDUEJ/ZLymDypui1nb+cVxNZKdPUsUwMQ3qr75h9OPNmyetppf
uGkY6iz/fv+GADeEo/HsKtU2xhWaPpGACMuGBtG6RKs25ZFmD38uwg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:30 2023 by rpki-client on console.sobornost.net