Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/9878bf-999b-4580-aa31-5b96133c6c2f/1/idADY2-7cehE9ekMgoLR3jS93HY.roa
File: idADY2-7cehE9ekMgoLR3jS93HY.roa (raw, json)
Hash identifier: Tk0gAHOz0Z3Z8dXddBKZ2ngH+O2Vskjys2cUMIxzy4U=
Subject key identifier: 89:D0:03:63:6F:BB:71:E8:44:F5:E9:0C:82:82:D1:DE:34:BD:DC:76
Certificate issuer: /CN=3bda90ce49ea0eae040d7588b86b22e2af3018ab
Certificate serial: 7A0738
Authority key identifier: 3B:DA:90:CE:49:EA:0E:AE:04:0D:75:88:B8:6B:22:E2:AF:30:18:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9qQzknqDq4EDXWIuGsi4q8wGKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/9878bf-999b-4580-aa31-5b96133c6c2f/1/idADY2-7cehE9ekMgoLR3jS93HY.roa
Signing time: Sat 01 Jan 2022 01:01:50 +0000
ROA not before: Sat 01 Jan 2022 01:01:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 62.3.3.0/24 maxlen: 24
2a12:da00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7997240 (0x7a0738)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bda90ce49ea0eae040d7588b86b22e2af3018ab
Validity
Not Before: Jan 1 01:01:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89d003636fbb71e844f5e90c8282d1de34bddc76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:89:01:42:bf:32:83:65:37:c9:9a:19:07:41:
20:51:d6:1b:84:a4:6f:d5:6f:43:83:7c:3f:c9:9c:
32:bf:45:a8:6b:6e:70:63:09:5f:ce:a2:98:5d:2f:
4c:6b:73:65:e4:2c:a5:a6:eb:f0:34:f7:ea:06:4f:
2b:99:50:2f:c5:c0:24:38:57:e8:6a:3c:1e:0d:a0:
37:61:b9:1e:54:d1:3c:c3:44:f3:fc:49:5f:52:91:
4f:4f:14:34:fa:4d:7a:41:38:01:a9:91:92:d0:99:
67:2a:95:ab:70:f8:db:70:c7:7c:22:87:44:f6:39:
fb:a4:a5:a9:b6:b5:6d:75:c3:f9:78:6b:0d:83:cc:
c2:e6:24:12:9e:3d:ee:12:27:dc:71:50:26:83:6d:
36:98:11:33:67:cc:c8:50:aa:dc:b4:36:4a:3e:10:
3b:9c:3a:c0:03:a6:b9:66:f6:38:53:d0:db:58:53:
b7:75:a4:93:99:d1:fd:73:da:65:0e:a3:8d:d1:c7:
b6:9d:68:2a:4f:e5:e0:49:4d:08:67:db:12:42:ed:
b4:15:a9:be:ec:af:bf:f9:57:e1:0c:76:2a:3a:fb:
dd:66:a3:ed:6f:d5:97:27:0b:d7:50:ba:bb:1c:bd:
b5:d8:64:88:da:b2:53:e0:e3:cb:e1:11:59:b0:ac:
4e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D0:03:63:6F:BB:71:E8:44:F5:E9:0C:82:82:D1:DE:34:BD:DC:76
X509v3 Authority Key Identifier:
keyid:3B:DA:90:CE:49:EA:0E:AE:04:0D:75:88:B8:6B:22:E2:AF:30:18:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9qQzknqDq4EDXWIuGsi4q8wGKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/9878bf-999b-4580-aa31-5b96133c6c2f/1/idADY2-7cehE9ekMgoLR3jS93HY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/9878bf-999b-4580-aa31-5b96133c6c2f/1/O9qQzknqDq4EDXWIuGsi4q8wGKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.3.0/24
IPv6:
2a12:da00::/29
Signature Algorithm: sha256WithRSAEncryption
27:0d:c8:01:72:98:98:62:1a:26:a8:ab:2b:02:a0:a0:cc:87:
3e:5d:33:f9:fb:8c:41:84:c4:2c:0a:b8:d4:b1:60:da:88:36:
4a:24:b2:91:07:0f:ba:ec:97:ad:2d:ee:1d:f5:7b:9f:54:5a:
84:4e:40:1e:36:52:19:c9:06:76:53:8c:22:0a:d1:d1:e1:97:
7b:99:77:e5:c0:a8:74:4d:68:37:aa:7f:94:30:a3:5c:22:d7:
d8:16:ef:dd:13:94:3a:49:d6:17:6a:3f:7e:b2:e1:d2:37:a9:
3c:e6:8f:96:96:aa:7f:93:53:45:ac:1a:11:2f:ad:77:45:9b:
10:a9:b4:ed:ec:42:93:b9:e1:9d:c8:69:91:d2:b3:ff:28:6b:
c6:24:85:b6:27:fb:ac:13:b8:2c:88:9e:93:25:81:57:31:6f:
63:0a:93:b2:03:30:22:6e:91:54:10:02:c5:d5:de:52:4e:ec:
ed:59:97:ce:3f:55:7a:86:c8:95:8b:7a:c5:f9:1d:71:cb:16:
b9:0f:ce:1b:cc:0e:98:f1:5a:fc:df:ad:65:6e:ee:d2:f9:61:
fa:72:f4:30:53:e9:81:46:c4:77:82:bb:f3:7b:9b:14:12:2b:
34:bc:f3:c1:d8:e3:f9:d2:4f:eb:3c:10:a7:8d:84:5c:19:a0:
9f:79:a7:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDegc4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNi
ZGE5MGNlNDllYTBlYWUwNDBkNzU4OGI4NmIyMmUyYWYzMDE4YWIwHhcNMjIwMTAx
MDEwMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4OWQwMDM2MzZmYmI3
MWU4NDRmNWU5MGM4MjgyZDFkZTM0YmRkYzc2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4IkBQr8yg2U3yZoZB0EgUdYbhKRv1W9Dg3w/yZwyv0Woa25w
YwlfzqKYXS9Ma3Nl5CylpuvwNPfqBk8rmVAvxcAkOFfoajweDaA3YbkeVNE8w0Tz
/ElfUpFPTxQ0+k16QTgBqZGS0JlnKpWrcPjbcMd8IodE9jn7pKWptrVtdcP5eGsN
g8zC5iQSnj3uEifccVAmg202mBEzZ8zIUKrctDZKPhA7nDrAA6a5ZvY4U9DbWFO3
daSTmdH9c9plDqON0ce2nWgqT+XgSU0IZ9sSQu20Fam+7K+/+VfhDHYqOvvdZqPt
b9WXJwvXULq7HL212GSI2rJT4OPL4RFZsKxOvwIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFInQA2Nvu3HoRPXpDIKC0d40vdx2MB8GA1UdIwQYMBaAFDvakM5J6g6uBA11
iLhrIuKvMBirMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TzlxUXprbnFEcTRFRFhXSXVHc2k0cTh3R0tzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xOC85ODc4YmYtOTk5Yi00NTgwLWFhMzEtNWI5NjEzM2M2YzJmLzEv
aWRBRFkyLTdjZWhFOWVrTWdvTFIzalM5M0hZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85
ODc4YmYtOTk5Yi00NTgwLWFhMzEtNWI5NjEzM2M2YzJmLzEvTzlxUXprbnFEcTRF
RFhXSXVHc2k0cTh3R0tzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAPgMDMA0EAgACMAcDBQMqEtoAMA0G
CSqGSIb3DQEBCwUAA4IBAQAnDcgBcpiYYhomqKsrAqCgzIc+XTP5+4xBhMQsCrjU
sWDaiDZKJLKRBw+67JetLe4d9XufVFqETkAeNlIZyQZ2U4wiCtHR4Zd7mXflwKh0
TWg3qn+UMKNcItfYFu/dE5Q6SdYXaj9+suHSN6k85o+Wlqp/k1NFrBoRL613RZsQ
qbTt7EKTueGdyGmR0rP/KGvGJIW2J/usE7gsiJ6TJYFXMW9jCpOyAzAibpFUEALF
1d5STuztWZfOP1V6hsiVi3rF+R1xyxa5D84bzA6Y8Vr8361lbu7S+WH6cvQwU+mB
RsR3grvze5sUEis0vPPB2OP50k/rPBCnjYRcGaCfeac9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:41 2023 by rpki-client on console-fra.rpki-client.org