Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3F8CNzsiEbbzTbA78X8eIoyB9AY.roa
File: 3F8CNzsiEbbzTbA78X8eIoyB9AY.roa (raw, json)
Hash identifier: TKZ72nV0figOO9TI4QW4+pm47lCMIJ7cLc3hXM18080=
Subject key identifier: DC:5F:02:37:3B:22:11:B6:F3:4D:B0:3B:F1:7F:1E:22:8C:81:F4:06
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0182D3CFEEFB159E53013D88BEB49210F5E8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3F8CNzsiEbbzTbA78X8eIoyB9AY.roa
Signing time: Thu 25 Aug 2022 07:03:15 +0000
ROA not before: Thu 25 Aug 2022 07:03:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201364
IP address blocks: 194.87.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d3:cf:ee:fb:15:9e:53:01:3d:88:be:b4:92:10:f5:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 25 07:03:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc5f02373b2211b6f34db03bf17f1e228c81f406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c6:bf:b5:bd:5c:fb:eb:c6:a5:92:8f:4c:ff:
68:76:d5:ae:94:6c:b1:13:1c:9c:1e:b8:dd:ad:7d:
a1:62:03:50:6c:c7:3e:17:19:c0:06:d6:3f:e4:38:
8a:58:6d:ad:de:5c:c4:f4:3a:7d:e6:e6:49:de:98:
8a:31:05:8e:b2:12:57:5b:0a:8b:b9:c8:4d:1e:1b:
4d:fa:88:0b:42:bb:d5:62:c0:d9:54:d5:c0:92:5c:
94:9d:50:41:e0:27:61:10:68:77:b6:33:ac:41:cf:
98:c0:e3:15:a8:eb:d0:32:75:85:e9:87:72:02:b4:
c2:95:61:ed:2e:dd:53:f7:8d:c4:88:68:bb:44:22:
3a:69:a2:25:e1:8d:df:2e:f7:12:27:21:24:a9:e6:
83:5f:15:1c:ea:93:58:db:64:70:5d:39:20:cd:c4:
20:0e:7f:27:c9:88:5e:cf:e1:e6:44:87:ce:4f:39:
a8:9a:71:d3:50:f1:93:83:83:c3:7e:dd:40:67:35:
75:52:ef:1a:8d:bf:7e:0d:ef:cb:1b:e6:ad:80:08:
3f:82:b2:a6:a8:20:d6:c7:48:58:16:d8:fa:fc:33:
61:d8:9b:09:86:56:41:44:da:17:d2:de:4a:88:de:
3b:79:b6:d0:19:58:75:d2:60:5e:04:94:35:25:f1:
c4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:5F:02:37:3B:22:11:B6:F3:4D:B0:3B:F1:7F:1E:22:8C:81:F4:06
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3F8CNzsiEbbzTbA78X8eIoyB9AY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.246.0/24
Signature Algorithm: sha256WithRSAEncryption
34:72:f4:87:ea:e7:62:97:72:c7:fa:c2:9a:e2:ee:bf:40:56:
27:06:a3:26:17:40:8a:a8:45:d8:7a:e8:f6:66:37:f8:df:cb:
6f:71:60:83:df:a8:3f:f2:25:40:ef:21:bd:89:89:9d:94:db:
4a:41:dd:27:eb:c9:42:7f:a7:3f:4b:77:e7:80:e3:ab:ef:80:
e4:59:d2:45:c1:3a:b9:d0:d4:0e:05:06:b2:25:92:ad:6a:9d:
c7:a7:25:6f:c4:a1:80:c7:25:9d:68:de:73:a6:29:60:bf:ea:
fb:71:e3:db:d6:44:73:c9:c8:e5:9c:49:c5:ed:c3:e6:06:2a:
77:17:02:95:46:4d:e4:50:ed:9f:1f:60:77:ec:91:db:b8:90:
21:37:30:6b:42:af:0f:b7:d9:36:cc:69:ae:1c:e7:12:24:30:
20:59:9b:c4:cf:f2:84:68:de:e1:c9:47:50:fe:f5:96:41:f3:
15:0a:ce:d8:34:a0:f7:9c:7b:b5:73:0e:2a:28:55:b1:0c:ca:
ce:da:b0:ab:39:ca:8b:45:21:ab:42:7c:49:de:fa:3d:a0:56:
cb:ac:1b:88:32:18:48:7f:b4:59:63:3a:56:8a:8c:76:a0:48:
90:3f:27:bb:54:6f:47:f3:74:94:b6:d9:a5:d6:e8:45:3f:8c:
9d:89:f7:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLTz+77FZ5TAT2IvrSSEPXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwODI1MDcwMzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzVmMDIzNzNiMjIxMWI2ZjM0ZGIwM2JmMTdmMWUyMjhjODFmNDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMa/tb1c++vGpZKPTP9odtWulGyx
ExycHrjdrX2hYgNQbMc+FxnABtY/5DiKWG2t3lzE9Dp95uZJ3piKMQWOshJXWwqL
uchNHhtN+ogLQrvVYsDZVNXAklyUnVBB4CdhEGh3tjOsQc+YwOMVqOvQMnWF6Ydy
ArTClWHtLt1T943EiGi7RCI6aaIl4Y3fLvcSJyEkqeaDXxUc6pNY22RwXTkgzcQg
Dn8nyYhez+HmRIfOTzmomnHTUPGTg4PDft1AZzV1Uu8ajb9+De/LG+atgAg/grKm
qCDWx0hYFtj6/DNh2JsJhlZBRNoX0t5KiN47ebbQGVh10mBeBJQ1JfHENwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxfAjc7IhG2802wO/F/HiKMgfQGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM0Y4Q056c2lFYmJ6VGJBNzhYOGVJb3lCOUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlf2MA0G
CSqGSIb3DQEBCwUAA4IBAQA0cvSH6udil3LH+sKa4u6/QFYnBqMmF0CKqEXYeuj2
Zjf438tvcWCD36g/8iVA7yG9iYmdlNtKQd0n68lCf6c/S3fngOOr74DkWdJFwTq5
0NQOBQayJZKtap3HpyVvxKGAxyWdaN5zpilgv+r7cePb1kRzycjlnEnF7cPmBip3
FwKVRk3kUO2fH2B37JHbuJAhNzBrQq8Pt9k2zGmuHOcSJDAgWZvEz/KEaN7hyUdQ
/vWWQfMVCs7YNKD3nHu1cw4qKFWxDMrO2rCrOcqLRSGrQnxJ3vo9oFbLrBuIMhhI
f7RZYzpWiox2oEiQPye7VG9H83SUttml1uhFP4ydifdF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:55 2023 by rpki-client on console-fra.rpki-client.org