Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/3Lhewqk2spk63W9OCHwT8vbqPO4.roa
File: 3Lhewqk2spk63W9OCHwT8vbqPO4.roa (raw, json)
Hash identifier: HuiOk4Y4lkUDeHFWmnWTzrUtMyjz1mPu+Kvn5M3+vaQ=
Subject key identifier: DC:B8:5E:C2:A9:36:B2:99:3A:DD:6F:4E:08:7C:13:F2:F6:EA:3C:EE
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 14CA4609
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/3Lhewqk2spk63W9OCHwT8vbqPO4.roa
Signing time: Sat 01 Jan 2022 05:51:55 +0000
ROA not before: Sat 01 Jan 2022 05:51:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51249
IP address blocks: 87.99.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 348800521 (0x14ca4609)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 1 05:51:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcb85ec2a936b2993add6f4e087c13f2f6ea3cee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:00:c4:7c:80:a4:8e:9c:b7:ae:8b:b1:95:a3:
cc:0f:61:ef:1a:82:5d:48:8a:9d:88:fc:93:c3:6f:
fd:c6:f0:90:22:cb:fd:09:d4:9b:68:42:2b:f9:9b:
8e:ab:50:5a:6c:46:4a:6c:c8:2b:2c:c8:01:8e:37:
ba:15:c0:9c:44:3d:9c:29:50:e6:93:fc:8b:1c:dc:
33:b6:25:1b:11:40:05:a1:16:13:94:21:0b:1d:cd:
95:dc:bd:d1:5a:e6:02:8f:7c:a3:1b:7e:d3:b9:11:
ac:3b:ca:46:62:bf:bc:96:3c:1d:5f:ec:9f:72:15:
68:4e:e0:c6:d9:9e:88:08:7f:79:79:a3:13:d4:c6:
f0:80:be:74:46:d2:cd:b2:32:cc:45:86:57:cc:dc:
e4:8b:a0:3a:5d:07:a0:d9:cd:97:5b:74:ae:ca:0d:
bc:82:36:2a:67:bb:3c:44:a8:fc:f4:a6:e9:2d:fe:
ee:09:f6:3c:24:97:f7:26:d4:c7:d8:00:d4:8b:0c:
91:ee:76:14:2a:0c:d0:85:a5:f4:b1:d2:11:c2:d3:
01:ad:ec:0e:3a:d9:05:f1:f2:8e:89:56:bc:c8:c7:
20:84:df:23:ff:72:f2:d0:c0:cd:be:ac:f1:39:ec:
f0:9a:00:d3:d7:2e:98:42:01:bf:e3:ff:41:ad:10:
5e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B8:5E:C2:A9:36:B2:99:3A:DD:6F:4E:08:7C:13:F2:F6:EA:3C:EE
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/3Lhewqk2spk63W9OCHwT8vbqPO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.99.71.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:f0:cd:78:b0:88:c9:93:89:87:0f:0e:26:c0:66:19:3f:0e:
5a:2d:d2:85:46:36:96:e2:6c:62:c9:a9:1d:d4:60:4d:14:51:
4e:12:0b:30:c8:25:3a:04:c2:c3:6a:76:ca:33:20:66:52:5a:
98:17:bf:74:32:67:fc:30:f9:fe:8a:38:c5:b2:eb:71:7c:33:
82:10:4c:61:85:b9:49:8d:b8:ac:ed:3e:5e:3c:39:e5:57:8f:
57:d8:24:9d:84:96:e8:f7:2d:7f:23:c2:dc:f6:d5:26:2a:c0:
f2:17:1c:92:09:38:a0:f2:7f:f5:dc:53:8e:74:ee:8e:aa:f3:
7e:16:11:51:17:bd:85:fe:01:7f:f1:44:b0:fd:a1:f5:a6:99:
76:6d:91:33:4f:ca:ce:04:4b:0c:d7:73:aa:b6:7f:82:7e:12:
46:25:98:52:51:8d:39:75:dc:38:dd:89:88:09:e3:6b:bc:c5:
cc:cc:a9:1e:74:23:6a:bc:82:20:e3:c4:43:bc:48:48:87:31:
bf:76:8d:e8:9c:85:df:da:8f:74:48:56:77:47:a6:f8:8b:e4:
4b:7d:b6:e3:9c:57:3c:c2:9d:32:ff:ba:7f:5f:58:a2:0c:7f:
8d:43:d4:45:37:6f:c3:18:2b:89:50:56:c1:95:d5:e8:88:99:
87:8e:05:ad
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFMpGCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OGFkZDliNjcxZjdhMzZlYjIzNjdlMzRmZWU0YmNiMTNiOGY2NmNjMB4XDTIyMDEw
MTA1NTE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNiODVlYzJhOTM2
YjI5OTNhZGQ2ZjRlMDg3YzEzZjJmNmVhM2NlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8AxHyApI6ct66LsZWjzA9h7xqCXUiKnYj8k8Nv/cbwkCLL
/QnUm2hCK/mbjqtQWmxGSmzIKyzIAY43uhXAnEQ9nClQ5pP8ixzcM7YlGxFABaEW
E5QhCx3Nldy90VrmAo98oxt+07kRrDvKRmK/vJY8HV/sn3IVaE7gxtmeiAh/eXmj
E9TG8IC+dEbSzbIyzEWGV8zc5IugOl0HoNnNl1t0rsoNvII2Kme7PESo/PSm6S3+
7gn2PCSX9ybUx9gA1IsMke52FCoM0IWl9LHSEcLTAa3sDjrZBfHyjolWvMjHIITf
I/9y8tDAzb6s8Tns8JoA09cumEIBv+P/Qa0QXqkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTcuF7CqTaymTrdb04IfBPy9uo87jAfBgNVHSMEGDAWgBSIrdm2cfejbrI2
fjT+5LyxO49mzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lLM1p0bkgzbzI2eU5uNDBfdVM4c1R1UFpzdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvM2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8x
LzNMaGV3cWsyc3BrNjNXOU9DSHdUOHZicVBPNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
M2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8xL2lLM1p0bkgzbzI2
eU5uNDBfdVM4c1R1UFpzdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFdjRzANBgkqhkiG9w0BAQsFAAOC
AQEASvDNeLCIyZOJhw8OJsBmGT8OWi3ShUY2luJsYsmpHdRgTRRRThILMMglOgTC
w2p2yjMgZlJamBe/dDJn/DD5/oo4xbLrcXwzghBMYYW5SY24rO0+Xjw55VePV9gk
nYSW6PctfyPC3PbVJirA8hcckgk4oPJ/9dxTjnTujqrzfhYRURe9hf4Bf/FEsP2h
9aaZdm2RM0/KzgRLDNdzqrZ/gn4SRiWYUlGNOXXcON2JiAnja7zFzMypHnQjaryC
IOPEQ7xISIcxv3aN6JyF39qPdEhWd0em+IvkS32245xXPMKdMv+6f19Yogx/jUPU
RTdvwxgriVBWwZXV6IiZh44FrQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:02 2023 by rpki-client on console-ams.rpki-client.org