Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/0be7f2-638d-4f45-b697-3b318e47276d/1/3ZvqgX7iYAdWOjc4MqodHulhTAs.roa
File: 3ZvqgX7iYAdWOjc4MqodHulhTAs.roa (raw, json)
Hash identifier: 67Pe33ZOMxtSPsz7BGMFUl/sHYb1TF/XKqlBrbxoaSI=
Subject key identifier: DD:9B:EA:81:7E:E2:60:07:56:3A:37:38:32:AA:1D:1E:E9:61:4C:0B
Certificate issuer: /CN=864106540f30a9dcdf8ef9be72ffef8bd8a72e5c
Certificate serial: 07C7E00A
Authority key identifier: 86:41:06:54:0F:30:A9:DC:DF:8E:F9:BE:72:FF:EF:8B:D8:A7:2E:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkEGVA8wqdzfjvm-cv_vi9inLlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/0be7f2-638d-4f45-b697-3b318e47276d/1/3ZvqgX7iYAdWOjc4MqodHulhTAs.roa
Signing time: Sat 01 Jan 2022 00:51:37 +0000
ROA not before: Sat 01 Jan 2022 00:51:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42061
IP address blocks: 195.8.212.0/23 maxlen: 23
2001:67c:1d0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130539530 (0x7c7e00a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864106540f30a9dcdf8ef9be72ffef8bd8a72e5c
Validity
Not Before: Jan 1 00:51:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd9bea817ee26007563a373832aa1d1ee9614c0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:10:32:a0:7f:5a:a2:36:36:d0:63:32:09:f4:
86:21:b7:bd:f5:e8:17:8b:9e:12:4a:f0:4f:39:28:
ba:80:a7:55:c2:5a:eb:01:03:10:f6:5e:94:aa:8f:
44:de:c9:8b:32:2e:dd:ca:8b:3e:2b:09:42:a8:71:
be:d4:ae:d1:ad:9f:03:f2:96:3f:98:0b:08:ae:47:
19:d0:4c:0d:c2:bd:4c:c2:8c:4b:c4:3a:79:e5:81:
12:a9:6f:2f:f7:12:f8:46:3c:a5:70:84:45:a9:1c:
6a:e5:76:dc:cc:13:83:6b:4e:cc:5f:96:c9:1d:70:
aa:61:f1:ed:0d:1a:a4:65:2a:d5:99:ea:3e:52:5d:
2a:8f:70:25:f7:8e:b6:4f:a7:f6:9c:c0:8d:78:c8:
97:0e:e1:03:28:81:02:76:c2:83:39:1f:74:2a:25:
35:81:61:9d:df:d8:e0:6a:fd:ff:66:1c:79:ed:b3:
69:a9:3b:cf:51:0c:e3:81:cc:9c:73:d0:08:87:b4:
c0:1a:63:e8:a5:0e:cb:5b:3f:6c:8e:a2:70:7e:2d:
1d:a7:c7:79:17:d4:45:df:a7:6a:e7:03:83:8d:b8:
1b:09:6d:d7:e6:ad:59:cc:5f:02:92:47:40:1c:39:
b3:78:57:4b:f4:5a:00:bd:d1:98:56:39:49:01:b6:
a8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9B:EA:81:7E:E2:60:07:56:3A:37:38:32:AA:1D:1E:E9:61:4C:0B
X509v3 Authority Key Identifier:
keyid:86:41:06:54:0F:30:A9:DC:DF:8E:F9:BE:72:FF:EF:8B:D8:A7:2E:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkEGVA8wqdzfjvm-cv_vi9inLlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0be7f2-638d-4f45-b697-3b318e47276d/1/3ZvqgX7iYAdWOjc4MqodHulhTAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0be7f2-638d-4f45-b697-3b318e47276d/1/hkEGVA8wqdzfjvm-cv_vi9inLlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.212.0/23
IPv6:
2001:67c:1d0::/48
Signature Algorithm: sha256WithRSAEncryption
ad:36:7c:61:61:1b:54:13:a6:ed:78:6f:d9:ec:3b:01:70:8e:
64:52:aa:eb:4b:0e:bc:c5:93:0a:24:9d:dc:bb:7b:d9:c7:7b:
c7:b6:2a:bf:c9:0c:7b:b8:33:ed:fa:97:97:8b:b3:0c:bb:2e:
1d:9e:d4:fa:46:f3:d4:0a:f3:16:f6:11:d4:d5:84:f1:03:78:
40:e5:98:cc:9c:29:e5:7d:3b:96:fd:82:94:83:8c:ca:cf:e5:
66:f8:2f:9e:9c:7b:8b:b8:6d:12:44:af:eb:e0:cc:e6:f6:b6:
84:ee:91:6f:a7:7f:09:51:11:f2:ee:a8:a7:40:d5:90:1b:28:
1e:43:cd:a7:6e:65:ff:9d:a4:e0:92:af:76:af:ab:0c:ce:7c:
ff:e3:7a:ee:9e:4f:1f:6f:de:4e:bb:33:08:40:70:6e:5c:c1:
d9:08:82:7d:b2:d5:ad:89:00:55:ac:20:35:f7:c3:ed:70:20:
aa:e1:d4:fc:5f:a5:0a:01:c8:00:14:6c:5b:46:64:ba:50:35:
30:21:80:50:22:60:19:e0:bc:27:dc:d4:d1:ce:b3:6b:26:9a:
de:9a:06:4e:31:02:d9:21:26:3c:02:99:d7:6b:f8:12:f0:a1:
2d:09:84:49:33:56:fb:93:0c:f5:64:df:dc:89:c6:6e:bd:e8:
93:f3:81:21
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEB8fgCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NjQxMDY1NDBmMzBhOWRjZGY4ZWY5YmU3MmZmZWY4YmQ4YTcyZTVjMB4XDTIyMDEw
MTAwNTEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ5YmVhODE3ZWUy
NjAwNzU2M2EzNzM4MzJhYTFkMWVlOTYxNGMwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJQQMqB/WqI2NtBjMgn0hiG3vfXoF4ueEkrwTzkouoCnVcJa
6wEDEPZelKqPRN7JizIu3cqLPisJQqhxvtSu0a2fA/KWP5gLCK5HGdBMDcK9TMKM
S8Q6eeWBEqlvL/cS+EY8pXCERakcauV23MwTg2tOzF+WyR1wqmHx7Q0apGUq1Znq
PlJdKo9wJfeOtk+n9pzAjXjIlw7hAyiBAnbCgzkfdColNYFhnd/Y4Gr9/2Ycee2z
aak7z1EM44HMnHPQCIe0wBpj6KUOy1s/bI6icH4tHafHeRfURd+naucDg424Gwlt
1+atWcxfApJHQBw5s3hXS/RaAL3RmFY5SQG2qJ0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTdm+qBfuJgB1Y6Nzgyqh0e6WFMCzAfBgNVHSMEGDAWgBSGQQZUDzCp3N+O
+b5y/++L2KcuXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hrRUdWQTh3cWR6Zmp2bS1jdl92aTlpbkxsdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvMGJlN2YyLTYzOGQtNGY0NS1iNjk3LTNiMzE4ZTQ3Mjc2ZC8x
LzNadnFnWDdpWUFkV09qYzRNcW9kSHVsaFRBcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
MGJlN2YyLTYzOGQtNGY0NS1iNjk3LTNiMzE4ZTQ3Mjc2ZC8xL2hrRUdWQTh3cWR6
Zmp2bS1jdl92aTlpbkxsdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAcMI1DAPBAIAAjAJAwcAIAEGfAHQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCtNnxhYRtUE6bteG/Z7DsBcI5kUqrrSw68xZMK
JJ3cu3vZx3vHtiq/yQx7uDPt+peXi7MMuy4dntT6RvPUCvMW9hHU1YTxA3hA5ZjM
nCnlfTuW/YKUg4zKz+Vm+C+enHuLuG0SRK/r4Mzm9raE7pFvp38JURHy7qinQNWQ
GygeQ82nbmX/naTgkq92r6sMznz/43runk8fb95OuzMIQHBuXMHZCIJ9stWtiQBV
rCA198PtcCCq4dT8X6UKAcgAFGxbRmS6UDUwIYBQImAZ4Lwn3NTRzrNrJpremgZO
MQLZISY8ApnXa/gS8KEtCYRJM1b7kwz1ZN/cicZuveiT84Eh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:43 2024 by rpki-client on console-ams.rpki-client.org