Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/3S9UBlV_7WvXzGQRUKbe52KELa4.roa
File: 3S9UBlV_7WvXzGQRUKbe52KELa4.roa (raw, json)
Hash identifier: l28kUfRTIQ/Z4NB0vnc5qhIlH5vOBe3cMwcCgTt4V1o=
Subject key identifier: DD:2F:54:06:55:7F:ED:6B:D7:CC:64:11:50:A6:DE:E7:62:84:2D:AE
Certificate issuer: /CN=1697c46eafa10ec5d907bb05e37123b692ab494c
Certificate serial: 01856E5D71CA334146F2D0FAF1CC1AD87451
Authority key identifier: 16:97:C4:6E:AF:A1:0E:C5:D9:07:BB:05:E3:71:23:B6:92:AB:49:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/3S9UBlV_7WvXzGQRUKbe52KELa4.roa
Signing time: Sun 01 Jan 2023 17:24:55 +0000
ROA not before: Sun 01 Jan 2023 17:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201749
IP address blocks: 93.191.112.0/24 maxlen: 24
93.191.113.0/24 maxlen: 24
93.191.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:71:ca:33:41:46:f2:d0:fa:f1:cc:1a:d8:74:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1697c46eafa10ec5d907bb05e37123b692ab494c
Validity
Not Before: Jan 1 17:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd2f5406557fed6bd7cc641150a6dee762842dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:58:af:e4:d3:80:9e:0b:4b:ad:94:d1:12:d7:
f3:d2:16:14:9e:9e:06:d1:e9:dc:3c:a3:36:8d:54:
15:47:9b:91:d2:7a:de:62:7d:0b:02:a6:b2:58:85:
cd:56:88:a1:08:c3:f0:de:40:7e:a4:8b:ce:b9:ec:
0a:ef:1a:15:9b:ba:25:87:fb:85:d0:c1:57:0c:7e:
90:52:ec:c9:a3:36:eb:16:b5:69:20:cc:10:65:65:
34:8d:72:cc:41:83:1b:43:b2:67:46:50:d0:de:9b:
9e:95:db:fd:49:f3:5c:aa:f8:57:b5:14:f5:a6:d1:
34:03:e6:b7:e5:75:2e:a4:53:51:12:44:10:91:20:
ed:a3:ae:26:03:d2:18:a8:ef:3b:fa:5a:cd:0c:20:
0c:e7:88:81:3d:12:b3:80:ce:2d:1b:37:97:ed:01:
31:36:e1:6e:44:25:61:aa:6e:a8:0d:10:4d:10:1a:
e7:c1:64:dd:88:78:d7:ff:19:55:02:d1:94:b7:52:
39:00:3f:07:7f:d7:da:96:bc:0c:a0:46:15:48:04:
06:d5:89:5c:16:52:e6:97:83:7f:5a:7a:3c:ce:a4:
81:0e:f5:28:a5:da:c0:36:5e:fb:dd:1d:a0:3d:11:
eb:e9:a3:af:d1:b2:cc:d6:f1:50:cc:61:17:61:26:
fc:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2F:54:06:55:7F:ED:6B:D7:CC:64:11:50:A6:DE:E7:62:84:2D:AE
X509v3 Authority Key Identifier:
keyid:16:97:C4:6E:AF:A1:0E:C5:D9:07:BB:05:E3:71:23:B6:92:AB:49:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/3S9UBlV_7WvXzGQRUKbe52KELa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/FpfEbq-hDsXZB7sF43EjtpKrSUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.112.0/23
93.191.115.0/24
Signature Algorithm: sha256WithRSAEncryption
58:f2:bd:6a:7e:0d:d1:23:c3:31:e1:43:79:26:29:bf:7c:dc:
32:d2:36:b4:1b:44:be:d3:5a:0b:83:02:38:96:0d:db:a1:63:
c7:82:73:fb:9a:1d:ec:bc:36:78:1f:2f:b6:95:0c:69:96:ff:
9c:cf:ee:30:0b:ce:7c:ec:4e:37:fb:9b:d1:e0:c2:23:18:37:
91:36:d1:1e:e8:d0:96:63:08:7f:00:a6:de:f1:d6:b3:5a:1a:
23:1b:e8:6d:d9:5c:86:c8:a8:84:7e:7d:80:c3:4f:8f:1e:f4:
e2:60:e2:a0:ff:54:f5:50:de:03:ff:79:44:c1:04:b9:1c:a7:
d3:19:c5:5b:1f:59:af:ec:3c:a6:e9:d2:53:de:b8:7b:af:39:
56:e2:65:c4:9f:a1:60:ae:84:7c:eb:e9:a9:02:5a:9e:de:c4:
5a:e1:82:f5:56:ff:84:b2:db:14:dc:80:0e:2d:e7:ea:5f:ae:
2c:db:4a:71:91:f1:75:b7:58:cb:c3:90:5e:d6:c7:dc:e3:c0:
41:4b:63:e7:31:64:65:f9:7d:f6:2f:0c:50:1a:11:ca:eb:d4:
de:68:65:74:f9:96:c1:74:2b:57:d2:ba:2e:96:16:aa:69:eb:
0f:de:f9:10:43:2c:a5:b2:03:9c:db:14:d0:b3:d5:8a:3e:cd:
39:0b:25:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuXXHKM0FG8tD68cwa2HRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTdjNDZlYWZhMTBlYzVkOTA3YmIwNWUzNzEyM2I2OTJh
YjQ5NGMwHhcNMjMwMTAxMTcyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDJmNTQwNjU1N2ZlZDZiZDdjYzY0MTE1MGE2ZGVlNzYyODQyZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFiv5NOAngtLrZTREtfz0hYUnp4G
0encPKM2jVQVR5uR0nreYn0LAqayWIXNVoihCMPw3kB+pIvOuewK7xoVm7olh/uF
0MFXDH6QUuzJozbrFrVpIMwQZWU0jXLMQYMbQ7JnRlDQ3pueldv9SfNcqvhXtRT1
ptE0A+a35XUupFNREkQQkSDto64mA9IYqO87+lrNDCAM54iBPRKzgM4tGzeX7QEx
NuFuRCVhqm6oDRBNEBrnwWTdiHjX/xlVAtGUt1I5AD8Hf9falrwMoEYVSAQG1Ylc
FlLml4N/Wno8zqSBDvUopdrANl773R2gPRHr6aOv0bLM1vFQzGEXYSb8qwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN0vVAZVf+1r18xkEVCm3udihC2uMB8GA1UdIwQY
MBaAFBaXxG6voQ7F2Qe7BeNxI7aSq0lMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBmRWJxLWhEc1haQjdzRjQzRWp0cEtyU1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kMDk5MmQtOTNmYS00ODQ2LWE0OTUt
NzY1MjJjMjA3YzU1LzEvM1M5VUJsVl83V3ZYekdRUlVLYmU1MktFTGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kMDk5MmQtOTNmYS00ODQ2LWE0OTUtNzY1MjJjMjA3YzU1
LzEvRnBmRWJxLWhEc1haQjdzRjQzRWp0cEtyU1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXb9wAwQA
Xb9zMA0GCSqGSIb3DQEBCwUAA4IBAQBY8r1qfg3RI8Mx4UN5Jim/fNwy0ja0G0S+
01oLgwI4lg3boWPHgnP7mh3svDZ4Hy+2lQxplv+cz+4wC8587E43+5vR4MIjGDeR
NtEe6NCWYwh/AKbe8dazWhojG+ht2VyGyKiEfn2Aw0+PHvTiYOKg/1T1UN4D/3lE
wQS5HKfTGcVbH1mv7Dym6dJT3rh7rzlW4mXEn6FgroR86+mpAlqe3sRa4YL1Vv+E
stsU3IAOLefqX64s20pxkfF1t1jLw5Be1sfc48BBS2PnMWRl+X32LwxQGhHK69Te
aGV0+ZbBdCtX0roulhaqaesP3vkQQyylsgOc2xTQs9WKPs05CyXt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:04 2025 by rpki-client