Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/3bxZ0IO-2Xe7GgBqx-sA80kbPkU.roa
File: 3bxZ0IO-2Xe7GgBqx-sA80kbPkU.roa (raw, json)
Hash identifier: 4ogM2Cmhqq2DYrMaaFyOpX6jt2eboARW8mjLSO0LKvA=
Subject key identifier: DD:BC:59:D0:83:BE:D9:77:BB:1A:00:6A:C7:EB:00:F3:49:1B:3E:45
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 091DFF54
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/3bxZ0IO-2Xe7GgBqx-sA80kbPkU.roa
Signing time: Sat 01 Jan 2022 16:00:42 +0000
ROA not before: Sat 01 Jan 2022 16:00:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205212
IP address blocks: 193.34.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152960852 (0x91dff54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddbc59d083bed977bb1a006ac7eb00f3491b3e45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4d:9f:7f:60:6b:a5:86:81:3a:2e:d2:a9:70:
93:ba:03:2e:46:06:cd:55:b8:6d:ac:e8:5b:cc:e1:
4d:e5:c0:c3:e9:31:91:00:0f:f4:dc:85:26:0f:8d:
7a:42:22:06:2e:ed:39:39:44:40:1e:38:69:34:5d:
cd:18:3b:10:c3:16:be:ea:2a:df:88:ec:bc:a9:ee:
1c:a2:fb:05:66:f3:5e:53:10:21:3b:fc:7f:87:c3:
82:cb:34:ed:b8:d4:5d:3a:95:1d:24:aa:c0:4e:33:
0d:fa:58:ac:9a:08:b2:d4:e0:1e:40:bd:22:7c:07:
a4:fe:dd:75:20:55:9e:25:ff:7f:37:7a:e8:54:d2:
bf:26:9e:17:5d:8f:dc:76:ad:e3:5c:f9:24:b9:0d:
cb:c4:ca:7c:3b:f9:cf:51:a4:bb:2e:d5:10:b1:67:
15:df:9f:57:7a:3d:35:a6:5f:25:3e:9a:e1:81:f7:
42:f3:e9:7f:be:3f:a0:69:c3:bd:e8:6f:b2:78:9b:
ed:45:cb:93:72:bf:e3:7e:c2:04:f7:17:51:28:2d:
bb:34:40:71:a5:0a:0e:59:e0:af:d3:aa:df:e1:cd:
1c:90:a5:df:4d:cc:c2:b0:37:1e:e1:d4:fa:78:69:
e3:cf:c7:34:38:1e:e4:fd:44:f4:14:dc:d4:1a:f2:
98:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BC:59:D0:83:BE:D9:77:BB:1A:00:6A:C7:EB:00:F3:49:1B:3E:45
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/3bxZ0IO-2Xe7GgBqx-sA80kbPkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.76.0/24
Signature Algorithm: sha256WithRSAEncryption
dd:bb:bc:c5:e8:9c:4d:41:47:8a:21:28:21:81:32:e0:55:c9:
8e:ec:ee:69:48:48:e3:b0:12:5e:fb:8a:8b:12:84:93:65:75:
cc:56:47:f9:dc:cf:14:dc:f8:10:f1:65:ab:bf:8e:48:2d:e8:
f1:72:1e:c5:da:25:8f:04:fb:7f:0e:05:e3:2b:c2:de:cc:93:
49:e1:fa:39:70:33:6f:7a:30:7b:da:06:b7:05:17:53:c8:e7:
ea:de:39:1f:ae:21:c3:7f:0f:d8:3e:aa:e6:22:40:d9:c0:47:
75:63:f1:73:bc:4c:35:95:af:93:0a:6c:2c:72:4f:b1:8b:1e:
92:9a:0c:d6:80:96:0c:e8:2b:05:f4:4c:e6:99:2c:50:d5:a1:
14:5d:61:54:35:16:b7:cd:ac:7c:4f:c8:81:3e:79:d2:a7:4a:
30:f0:3c:20:9b:16:77:0f:db:06:bd:8c:8e:b2:19:c2:e5:5f:
2d:44:ef:a5:40:06:77:61:e4:d5:bf:db:b9:e3:48:ee:07:87:
16:0f:85:e0:60:46:e5:05:c1:04:1c:95:b6:12:5d:8a:5c:d5:
dc:2c:a2:72:eb:2d:83:9e:a2:16:b8:a3:8c:a8:3e:ad:a2:3b:
8d:c8:39:ee:a1:02:c3:e8:b8:fa:72:6a:5f:23:bc:81:30:fd:
a5:38:96:fd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECR3/VDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDA0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRiYzU5ZDA4M2Jl
ZDk3N2JiMWEwMDZhYzdlYjAwZjM0OTFiM2U0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdNn39ga6WGgTou0qlwk7oDLkYGzVW4bazoW8zhTeXAw+kx
kQAP9NyFJg+NekIiBi7tOTlEQB44aTRdzRg7EMMWvuoq34jsvKnuHKL7BWbzXlMQ
ITv8f4fDgss07bjUXTqVHSSqwE4zDfpYrJoIstTgHkC9InwHpP7ddSBVniX/fzd6
6FTSvyaeF12P3Hat41z5JLkNy8TKfDv5z1Gkuy7VELFnFd+fV3o9NaZfJT6a4YH3
QvPpf74/oGnDvehvsnib7UXLk3K/437CBPcXUSgtuzRAcaUKDlngr9Oq3+HNHJCl
303MwrA3HuHU+nhp48/HNDge5P1E9BTc1BrymL0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTdvFnQg77Zd7saAGrH6wDzSRs+RTAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
LzNieFowSU8tMlhlN0dnQnF4LXNBODBrYlBrVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEiTDANBgkqhkiG9w0BAQsFAAOC
AQEA3bu8xeicTUFHiiEoIYEy4FXJjuzuaUhI47ASXvuKixKEk2V1zFZH+dzPFNz4
EPFlq7+OSC3o8XIexdoljwT7fw4F4yvC3syTSeH6OXAzb3owe9oGtwUXU8jn6t45
H64hw38P2D6q5iJA2cBHdWPxc7xMNZWvkwpsLHJPsYsekpoM1oCWDOgrBfRM5pks
UNWhFF1hVDUWt82sfE/IgT550qdKMPA8IJsWdw/bBr2MjrIZwuVfLUTvpUAGd2Hk
1b/bueNI7geHFg+F4GBG5QXBBByVthJdilzV3Cyicustg56iFrijjKg+raI7jcg5
7qECw+i4+nJqXyO8gTD9pTiW/Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:26 2023 by rpki-client on console-ams.rpki-client.org