Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/3Db7htHT2Or-oez7fLsQTZZvDxs.roa
File: 3Db7htHT2Or-oez7fLsQTZZvDxs.roa (raw, json)
Hash identifier: gDZjT7DCP0ZFJmxPSgHmWAlFNxTlEWWC6EDzI8yEeXw=
Subject key identifier: DC:36:FB:86:D1:D3:D8:EA:FE:A1:EC:FB:7C:BB:10:4D:96:6F:0F:1B
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 018336835F40FC3ACFE1C8EDDCB990A98133
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/3Db7htHT2Or-oez7fLsQTZZvDxs.roa
Signing time: Tue 13 Sep 2022 11:02:02 +0000
ROA not before: Tue 13 Sep 2022 11:02:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2914
IP address blocks: 94.143.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:36:83:5f:40:fc:3a:cf:e1:c8:ed:dc:b9:90:a9:81:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Sep 13 11:02:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc36fb86d1d3d8eafea1ecfb7cbb104d966f0f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8f:b2:9a:8f:bb:e3:8e:a8:fb:d3:f4:46:51:
af:ff:b3:34:50:8c:68:43:a1:68:22:a1:8b:ba:7d:
d5:77:7b:b4:97:02:0b:ac:dd:e1:31:c4:37:10:15:
63:9f:ae:a2:81:7e:27:d0:e8:77:80:1a:ce:fe:b0:
f8:b4:49:ca:9f:28:dc:82:d0:d5:09:e8:e9:47:ed:
93:96:2e:df:f5:e6:78:ad:7d:90:57:64:68:d0:40:
46:df:d6:a5:65:94:c6:22:40:17:72:01:3e:8a:b5:
28:f3:1d:02:68:45:67:36:6c:fb:14:be:ad:fe:60:
57:a7:c4:9a:32:18:0b:7e:9f:60:c9:f2:e8:31:ab:
71:69:f2:10:76:58:34:2b:86:b4:fb:ab:59:9b:62:
f6:d2:7a:24:51:82:df:83:f1:eb:08:70:0c:d0:87:
d5:c5:48:f6:ef:48:68:82:5e:82:e5:77:c8:08:16:
75:4c:95:e5:ca:b5:30:cf:05:17:37:14:6c:1e:b6:
b7:f5:38:b4:d9:55:eb:0c:4c:c9:35:b7:3a:e6:6a:
46:d8:6c:3e:85:2f:f0:b4:7a:72:97:45:4e:c3:74:
70:af:eb:fd:dc:a7:bf:73:51:ad:3e:54:fc:50:ee:
fc:c7:ce:7d:6a:ac:36:91:9a:a4:d6:a1:fe:97:a7:
c4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:36:FB:86:D1:D3:D8:EA:FE:A1:EC:FB:7C:BB:10:4D:96:6F:0F:1B
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/3Db7htHT2Or-oez7fLsQTZZvDxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.225.0/24
Signature Algorithm: sha256WithRSAEncryption
20:37:ea:bf:07:c7:5d:e6:0b:30:18:32:a5:03:64:8c:f5:2b:
06:72:52:08:31:30:4b:96:73:39:5d:31:7a:b1:4f:49:a1:ee:
d0:ac:71:aa:92:ab:44:64:fc:92:f7:c7:2e:eb:af:5b:8d:53:
7c:63:43:f2:51:e7:04:c9:f0:77:9c:18:5c:d3:6e:a8:71:e7:
3b:42:19:af:54:ec:ee:8f:da:ae:f1:27:37:4d:40:65:86:5d:
ee:08:22:5a:cb:cf:92:a9:52:aa:56:c9:3a:71:e9:7c:3d:1f:
28:ab:30:b8:f0:39:b8:de:d3:e8:74:7a:de:e7:7f:47:a2:71:
85:61:be:d1:f0:89:60:a6:ac:6d:05:05:80:4e:06:46:42:c8:
a2:24:3c:fa:2e:e0:50:5e:c1:e0:55:6d:44:a3:fe:5d:26:2a:
4a:3d:99:89:15:de:0f:f0:5e:fc:26:aa:a0:71:a4:f5:96:d7:
5f:7a:6e:bd:f5:bc:44:62:16:a6:8d:13:eb:ca:da:9e:d7:cb:
26:d1:74:67:79:9c:91:5f:b7:44:5c:37:d8:21:50:11:e4:9c:
88:44:a0:b9:8a:91:7e:ef:f2:42:d3:c6:c3:77:c0:92:7a:8a:
c6:ba:59:9f:c9:1c:60:b5:f5:ba:0f:04:dd:70:52:8b:e6:3d:
a6:8c:92:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM2g19A/DrP4cjt3LmQqYEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjIwOTEzMTEwMjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM2ZmI4NmQxZDNkOGVhZmVhMWVjZmI3Y2JiMTA0ZDk2NmYwZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI+ymo+7446o+9P0RlGv/7M0UIxo
Q6FoIqGLun3Vd3u0lwILrN3hMcQ3EBVjn66igX4n0Oh3gBrO/rD4tEnKnyjcgtDV
CejpR+2Tli7f9eZ4rX2QV2Ro0EBG39alZZTGIkAXcgE+irUo8x0CaEVnNmz7FL6t
/mBXp8SaMhgLfp9gyfLoMatxafIQdlg0K4a0+6tZm2L20nokUYLfg/HrCHAM0IfV
xUj270hogl6C5XfICBZ1TJXlyrUwzwUXNxRsHra39Ti02VXrDEzJNbc65mpG2Gw+
hS/wtHpyl0VOw3Rwr+v93Ke/c1GtPlT8UO78x859aqw2kZqk1qH+l6fE5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNw2+4bR09jq/qHs+3y7EE2Wbw8bMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvM0RiN2h0SFQyT3Itb2V6N2ZMc1FUWlp2RHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXo/hMA0G
CSqGSIb3DQEBCwUAA4IBAQAgN+q/B8dd5gswGDKlA2SM9SsGclIIMTBLlnM5XTF6
sU9Joe7QrHGqkqtEZPyS98cu669bjVN8Y0PyUecEyfB3nBhc026ocec7QhmvVOzu
j9qu8Sc3TUBlhl3uCCJay8+SqVKqVsk6cel8PR8oqzC48Dm43tPodHre539HonGF
Yb7R8IlgpqxtBQWATgZGQsiiJDz6LuBQXsHgVW1Eo/5dJipKPZmJFd4P8F78Jqqg
caT1ltdfem699bxEYhamjRPrytqe18sm0XRneZyRX7dEXDfYIVAR5JyIRKC5ipF+
7/JC08bDd8CSeorGulmfyRxgtfW6DwTdcFKL5j2mjJIo
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:47 2023 by rpki-client on console-ams.rpki-client.org