Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/3PCzj7nO2qaWTz8PemvTu0boqqI.roa
File: 3PCzj7nO2qaWTz8PemvTu0boqqI.roa (raw, json)
Hash identifier: kxh22tX5c9kndBo73eAS4mA63Mmrn2AiKxjWbfPQs+c=
Subject key identifier: DC:F0:B3:8F:B9:CE:DA:A6:96:4F:3F:0F:7A:6B:D3:BB:46:E8:AA:A2
Certificate issuer: /CN=96c0ce9f87d9d275f6cae4dc9cdfb5d4437d8ceb
Certificate serial: 0185707969B50C07187FE64436532C167FB7
Authority key identifier: 96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/3PCzj7nO2qaWTz8PemvTu0boqqI.roa
Signing time: Mon 02 Jan 2023 03:14:43 +0000
ROA not before: Mon 02 Jan 2023 03:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 91.201.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:69:b5:0c:07:18:7f:e6:44:36:53:2c:16:7f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96c0ce9f87d9d275f6cae4dc9cdfb5d4437d8ceb
Validity
Not Before: Jan 2 03:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcf0b38fb9cedaa6964f3f0f7a6bd3bb46e8aaa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:92:ed:6c:c6:a7:7d:b3:85:dd:bf:0d:ec:b1:
e6:dc:d7:3c:d6:69:47:77:cf:cb:1c:87:da:43:3f:
67:62:7a:82:44:ee:da:14:80:81:c8:88:06:48:a3:
86:e1:12:59:58:b9:90:31:98:9f:78:f4:bc:bd:08:
82:78:7d:e6:db:bc:53:a7:36:62:7e:12:ad:85:88:
85:4e:5d:79:1b:9f:3a:c2:0c:1c:04:f2:e7:71:dc:
44:54:e2:78:d9:dc:fc:9b:6a:8e:42:30:23:74:cc:
cb:28:fc:8a:ed:49:b1:7c:f0:39:1e:f1:c3:c1:b6:
89:de:f0:3c:f4:2e:52:32:c3:7d:c3:c7:9a:8e:6d:
f7:dc:10:10:ac:51:ee:71:d0:b8:49:95:76:6d:4f:
ee:be:55:7f:89:bd:53:33:e8:e3:23:c4:7d:81:a8:
f3:eb:7b:26:39:5f:fb:de:fa:50:0d:a9:22:ab:db:
ba:76:f1:f3:8c:41:f3:e5:32:aa:d5:b7:37:35:4d:
49:41:ea:85:3f:90:f4:e6:d3:17:25:a7:10:7c:f4:
00:9c:41:c7:84:0c:e6:98:49:df:e7:c2:d2:f2:72:
76:28:a8:5d:2e:39:a0:a0:ff:66:c3:ce:55:16:33:
f6:8c:43:ba:af:27:a8:1f:8f:7d:37:c8:17:63:52:
31:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F0:B3:8F:B9:CE:DA:A6:96:4F:3F:0F:7A:6B:D3:BB:46:E8:AA:A2
X509v3 Authority Key Identifier:
keyid:96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/3PCzj7nO2qaWTz8PemvTu0boqqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.199.0/24
Signature Algorithm: sha256WithRSAEncryption
20:44:84:b8:9f:96:d4:45:e4:3a:d1:33:65:ae:0e:b4:dd:47:
16:d1:52:ce:32:46:eb:64:8a:b7:f9:3e:52:6c:a9:52:53:87:
db:cd:d5:e2:25:3c:09:b4:ca:de:df:89:d3:da:55:b1:de:b5:
67:10:7c:75:4a:cb:02:05:64:56:d2:86:bd:a2:c4:03:9f:0c:
db:20:2e:b1:1b:fc:69:73:b6:8c:51:41:32:c6:35:e2:d0:73:
33:61:d1:6c:f1:06:d5:71:3e:89:3c:34:1d:21:74:98:db:74:
74:c0:d8:54:2f:c7:bc:de:85:9c:2e:21:e5:f7:aa:c5:24:57:
82:b4:1a:e4:26:80:8d:38:a5:ef:0a:eb:81:52:c8:21:f7:c8:
b0:ab:db:5d:b1:db:bf:cf:92:fb:7c:60:82:75:73:c6:90:54:
7d:b2:ef:a8:97:0b:26:95:00:17:b6:d0:ce:b4:73:f2:e0:82:
7e:bd:10:44:11:0c:33:bd:a1:0c:00:e4:6b:ab:8b:2c:3d:e4:
2b:93:42:b1:7b:6c:c8:02:52:35:1e:d5:5f:01:4b:2a:c3:f3:
c4:6b:5d:cb:99:b9:1e:d2:dd:71:54:60:be:22:b6:95:b0:47:
f2:ca:78:b1:64:8b:be:39:b9:3c:a6:69:6b:61:c9:dd:d0:91:
00:1c:6e:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweWm1DAcYf+ZENlMsFn+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YzBjZTlmODdkOWQyNzVmNmNhZTRkYzljZGZiNWQ0NDM3
ZDhjZWIwHhcNMjMwMTAyMDMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2YwYjM4ZmI5Y2VkYWE2OTY0ZjNmMGY3YTZiZDNiYjQ2ZThhYWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZLtbManfbOF3b8N7LHm3Nc81mlH
d8/LHIfaQz9nYnqCRO7aFICByIgGSKOG4RJZWLmQMZifePS8vQiCeH3m27xTpzZi
fhKthYiFTl15G586wgwcBPLncdxEVOJ42dz8m2qOQjAjdMzLKPyK7UmxfPA5HvHD
wbaJ3vA89C5SMsN9w8eajm333BAQrFHucdC4SZV2bU/uvlV/ib1TM+jjI8R9gajz
63smOV/73vpQDakiq9u6dvHzjEHz5TKq1bc3NU1JQeqFP5D05tMXJacQfPQAnEHH
hAzmmEnf58LS8nJ2KKhdLjmgoP9mw85VFjP2jEO6ryeoH499N8gXY1Ix5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNzws4+5ztqmlk8/D3pr07tG6KqiMB8GA1UdIwQY
MBaAFJbAzp+H2dJ19srk3JzftdRDfYzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zYWEzODYtOTA1Ny00OWEwLWEyMjkt
NWU3N2ZhMDMzM2EzLzEvM1BDemo3bk8ycWFXVHo4UGVtdlR1MGJvcXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zYWEzODYtOTA1Ny00OWEwLWEyMjktNWU3N2ZhMDMzM2Ez
LzEvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8nHMA0G
CSqGSIb3DQEBCwUAA4IBAQAgRIS4n5bUReQ60TNlrg603UcW0VLOMkbrZIq3+T5S
bKlSU4fbzdXiJTwJtMre34nT2lWx3rVnEHx1SssCBWRW0oa9osQDnwzbIC6xG/xp
c7aMUUEyxjXi0HMzYdFs8QbVcT6JPDQdIXSY23R0wNhUL8e83oWcLiHl96rFJFeC
tBrkJoCNOKXvCuuBUsgh98iwq9tdsdu/z5L7fGCCdXPGkFR9su+olwsmlQAXttDO
tHPy4IJ+vRBEEQwzvaEMAORrq4ssPeQrk0Kxe2zIAlI1HtVfAUsqw/PEa13Lmbke
0t1xVGC+IraVsEfyynixZIu+Obk8pmlrYcnd0JEAHG5X
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:43 2025 by rpki-client