Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/3L-d6yKvPgQpfOCZUZKxRCre7zA.roa
File: 3L-d6yKvPgQpfOCZUZKxRCre7zA.roa (raw, json)
Hash identifier: zLkSpdu+LqBXtYNqDAeuGfa3wnSz3ELdazomcX/gVw4=
Subject key identifier: DC:BF:9D:EB:22:AF:3E:04:29:7C:E0:99:51:92:B1:44:2A:DE:EF:30
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 09AFAAA9
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/3L-d6yKvPgQpfOCZUZKxRCre7zA.roa
Signing time: Sat 01 Jan 2022 09:56:56 +0000
ROA not before: Sat 01 Jan 2022 09:56:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209439
IP address blocks: 171.22.144.0/24 maxlen: 24
2a09:3dc0::/29 maxlen: 29
2a00:8b80::/32 maxlen: 48
2a09:3dc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162507433 (0x9afaaa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 1 09:56:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcbf9deb22af3e04297ce0995192b1442adeef30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:37:e2:7c:74:4f:28:ae:0a:f8:80:1f:4f:8d:
25:5e:17:01:0f:5a:d9:43:4e:bf:87:4b:38:4a:04:
94:0f:93:69:ab:dd:ce:e3:f6:95:1c:8d:b3:4d:64:
b7:de:0a:94:49:14:b4:dc:ce:49:20:3a:4c:e8:e9:
12:73:25:4b:82:d8:1d:4e:ec:f5:8d:82:4c:6b:df:
c9:7e:68:09:2b:3c:e4:98:91:ee:0b:a1:c3:ec:0a:
d2:f6:54:cd:17:76:81:46:25:93:e2:d1:19:99:63:
1b:8d:69:65:1a:dd:f4:c8:db:44:dc:d6:ae:e3:a9:
cf:24:b1:70:5a:9a:49:d7:cf:b2:3e:e4:9a:b0:f1:
81:c2:c1:e5:f3:24:fc:6f:7c:f0:b9:8e:cf:a0:b1:
04:f4:38:55:29:65:ff:81:64:36:f6:3b:7c:19:20:
3c:f8:77:34:3c:f4:cf:90:df:d7:ac:2e:63:ad:7a:
85:75:4e:62:57:a3:58:ad:16:4b:ef:10:63:c7:8d:
87:9d:f4:53:af:6f:86:25:fc:ea:b3:0f:e0:b5:3f:
0d:f3:4a:64:ce:11:0d:b4:f0:7e:44:81:e7:d0:cc:
7d:89:a8:ed:b1:45:31:12:db:c4:4b:cd:6d:c5:99:
8c:71:da:6b:1a:43:00:bb:f5:47:f4:2d:16:26:f4:
da:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:BF:9D:EB:22:AF:3E:04:29:7C:E0:99:51:92:B1:44:2A:DE:EF:30
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/3L-d6yKvPgQpfOCZUZKxRCre7zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.144.0/24
IPv6:
2a00:8b80::/32
2a09:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
02:5c:35:d4:d4:18:74:ff:26:c0:35:c2:f9:98:2e:e2:93:ab:
a0:9a:79:23:30:19:ce:3e:d9:87:96:fa:cb:29:c1:dc:49:38:
1c:56:76:f8:76:4f:52:2b:66:1c:d6:a1:fa:9e:f7:ef:38:5a:
f3:d9:68:7d:cb:16:d4:d1:e7:11:61:9b:0c:8f:da:6c:ab:dc:
ee:70:d6:92:75:34:dc:a1:11:ff:6c:94:cf:2a:a7:3f:6c:6b:
9c:8a:45:c1:2e:d1:19:3a:6a:13:4d:ff:45:6f:c8:15:3e:de:
76:f7:74:9b:f9:54:a1:3c:6c:50:27:5c:91:24:fa:eb:f2:68:
c7:d2:f2:b1:4e:54:d5:e5:84:d2:56:ad:91:53:73:42:f5:50:
8e:6b:c7:8b:12:5c:0a:1b:38:96:6b:62:fb:82:18:f2:4b:df:
a4:bc:1b:e5:81:f4:fc:bb:06:b4:f9:24:65:22:15:cc:23:21:
d1:a2:68:23:06:00:7f:37:83:46:65:19:7b:3c:ec:56:e9:d8:
f8:a6:26:33:72:76:39:a0:27:36:4d:61:0c:5e:ce:92:96:19:
5c:ac:36:85:31:95:56:d4:cb:33:7e:40:f5:13:67:5f:68:44:
01:9a:0b:0c:98:58:c4:b8:9c:4a:cf:21:c2:b0:43:2a:be:a8:
42:c1:77:a9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIECa+qqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDEw
MTA5NTY1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNiZjlkZWIyMmFm
M2UwNDI5N2NlMDk5NTE5MmIxNDQyYWRlZWYzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJo34nx0TyiuCviAH0+NJV4XAQ9a2UNOv4dLOEoElA+Taavd
zuP2lRyNs01kt94KlEkUtNzOSSA6TOjpEnMlS4LYHU7s9Y2CTGvfyX5oCSs85JiR
7guhw+wK0vZUzRd2gUYlk+LRGZljG41pZRrd9MjbRNzWruOpzySxcFqaSdfPsj7k
mrDxgcLB5fMk/G988LmOz6CxBPQ4VSll/4FkNvY7fBkgPPh3NDz0z5Df16wuY616
hXVOYlejWK0WS+8QY8eNh530U69vhiX86rMP4LU/DfNKZM4RDbTwfkSB59DMfYmo
7bFFMRLbxEvNbcWZjHHaaxpDALv1R/QtFib02g8CAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBTcv53rIq8+BCl84JlRkrFEKt7vMDAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
LzNMLWQ2eUt2UGdRcGZPQ1pVWkt4UkNyZTd6QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwDAQCAAEwBgMEAKsWkDAUBAIAAjAOAwUAKgCLgAMF
AyoJPcAwDQYJKoZIhvcNAQELBQADggEBAAJcNdTUGHT/JsA1wvmYLuKTq6CaeSMw
Gc4+2YeW+sspwdxJOBxWdvh2T1IrZhzWofqe9+84WvPZaH3LFtTR5xFhmwyP2myr
3O5w1pJ1NNyhEf9slM8qpz9sa5yKRcEu0Rk6ahNN/0VvyBU+3nb3dJv5VKE8bFAn
XJEk+uvyaMfS8rFOVNXlhNJWrZFTc0L1UI5rx4sSXAobOJZrYvuCGPJL36S8G+WB
9Py7BrT5JGUiFcwjIdGiaCMGAH83g0ZlGXs87Fbp2PimJjNydjmgJzZNYQxezpKW
GVysNoUxlVbUyzN+QPUTZ19oRAGaCwyYWMS4nErPIcKwQyq+qELBd6k=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org