Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/c7f3d9-a501-46af-b9d8-72081bd4cd8d/1/3FsyAMMyeFvZ22OAXH-1Yljhero.roa
File: 3FsyAMMyeFvZ22OAXH-1Yljhero.roa (raw, json)
Hash identifier: VWKET8IJoSRqRPKidBPGD2ukY5lqUuXO3MB7je2NkiI=
Subject key identifier: DC:5B:32:00:C3:32:78:5B:D9:DB:63:80:5C:7F:B5:62:58:E1:7A:BA
Certificate issuer: /CN=dbb98010536c406ea8f3d665594c228d76eb10fd
Certificate serial: 018573313B6FFC26477E3F7DCBFD648D8193
Authority key identifier: DB:B9:80:10:53:6C:40:6E:A8:F3:D6:65:59:4C:22:8D:76:EB:10:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27mAEFNsQG6o89ZlWUwijXbrEP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/c7f3d9-a501-46af-b9d8-72081bd4cd8d/1/3FsyAMMyeFvZ22OAXH-1Yljhero.roa
Signing time: Mon 02 Jan 2023 15:54:44 +0000
ROA not before: Mon 02 Jan 2023 15:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47626
IP address blocks: 193.35.48.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:31:3b:6f:fc:26:47:7e:3f:7d:cb:fd:64:8d:81:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb98010536c406ea8f3d665594c228d76eb10fd
Validity
Not Before: Jan 2 15:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc5b3200c332785bd9db63805c7fb56258e17aba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:53:4a:d9:de:dc:17:1d:1d:4b:83:c1:37:1f:
7c:08:40:fb:99:ac:fd:05:51:e3:91:f0:8f:bf:8b:
79:7b:08:fd:64:b5:da:d1:2e:a6:55:f3:a5:fe:6a:
3d:84:8e:78:59:c6:3c:28:b5:a2:8f:d0:ab:a4:97:
bf:b3:0b:41:60:73:66:91:15:ea:d3:71:fc:1a:34:
c0:71:a1:69:39:6b:c5:f4:68:2d:6c:dd:60:df:a3:
09:9b:48:ee:74:14:aa:c4:1f:c8:de:01:f4:b5:46:
c2:ed:3c:3b:b6:11:8a:e7:6d:2a:5b:5f:a9:a5:a5:
be:c0:82:63:1e:36:a7:09:78:56:69:b3:b1:4f:74:
89:d8:f2:ba:b8:b2:fc:ad:48:d4:96:62:f2:15:dc:
74:31:8e:8b:9c:fa:76:28:1c:e1:89:d5:03:e0:5e:
3f:85:52:e5:6d:9b:c9:66:96:1a:ed:ec:d2:ce:95:
14:35:ee:3c:2b:60:db:62:67:0b:7f:b3:1b:cf:51:
41:00:19:0e:29:5a:3a:84:88:09:c7:5a:e8:0d:eb:
97:ce:dd:49:f5:f5:df:c5:ce:4a:a9:9c:12:9c:1e:
c9:be:62:a0:f1:42:d4:77:c8:2e:d7:60:d8:8f:b7:
9e:a9:0e:8e:41:bf:2c:b4:1f:0e:9e:56:f8:3b:88:
0d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:5B:32:00:C3:32:78:5B:D9:DB:63:80:5C:7F:B5:62:58:E1:7A:BA
X509v3 Authority Key Identifier:
keyid:DB:B9:80:10:53:6C:40:6E:A8:F3:D6:65:59:4C:22:8D:76:EB:10:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27mAEFNsQG6o89ZlWUwijXbrEP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/c7f3d9-a501-46af-b9d8-72081bd4cd8d/1/3FsyAMMyeFvZ22OAXH-1Yljhero.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/c7f3d9-a501-46af-b9d8-72081bd4cd8d/1/27mAEFNsQG6o89ZlWUwijXbrEP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.48.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:ef:e9:6d:ee:a4:98:41:34:bc:a2:27:ff:da:2a:77:9e:8e:
ff:3f:e1:7a:da:66:ca:86:0e:54:52:dd:9d:d5:6b:c3:16:1b:
46:1c:7b:3d:71:e8:67:80:a7:8c:52:a0:5f:64:cf:79:d7:08:
de:20:9f:61:82:4b:93:0b:7c:5c:41:80:d0:f7:9b:e2:cc:1b:
cd:e1:bd:20:51:1e:68:c8:40:27:54:13:f6:36:c5:e7:a8:0e:
12:b6:d8:32:5a:4c:ac:80:08:cf:a3:6c:ac:76:cc:aa:99:02:
ba:da:22:ea:1d:61:61:c0:fc:2f:54:3b:d7:04:60:7a:54:70:
04:5d:eb:43:36:00:09:80:04:e2:2d:ad:80:79:b5:9c:92:6e:
ee:dd:c7:81:56:b9:83:ab:f8:2c:60:0a:96:93:86:07:69:d0:
fd:c3:89:e8:85:9e:f6:e2:65:be:94:eb:b7:f3:aa:08:ea:a9:
d9:1b:57:5e:74:c6:db:ff:44:9d:07:f6:35:e6:22:1a:01:ac:
24:26:d9:f8:ca:f7:b2:26:94:5b:81:6a:68:f3:b3:61:6a:f1:
64:93:55:2f:e4:0b:26:52:e9:cf:d6:bc:24:0d:51:be:b3:3d:
2e:d8:cb:1a:d8:b6:a1:1b:04:d8:98:f3:e7:b8:1f:b5:69:05:
ed:4a:27:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzMTtv/CZHfj99y/1kjYGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjk4MDEwNTM2YzQwNmVhOGYzZDY2NTU5NGMyMjhkNzZl
YjEwZmQwHhcNMjMwMTAyMTU1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzViMzIwMGMzMzI3ODViZDlkYjYzODA1YzdmYjU2MjU4ZTE3YWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFNK2d7cFx0dS4PBNx98CED7maz9
BVHjkfCPv4t5ewj9ZLXa0S6mVfOl/mo9hI54WcY8KLWij9CrpJe/swtBYHNmkRXq
03H8GjTAcaFpOWvF9GgtbN1g36MJm0judBSqxB/I3gH0tUbC7Tw7thGK520qW1+p
paW+wIJjHjanCXhWabOxT3SJ2PK6uLL8rUjUlmLyFdx0MY6LnPp2KBzhidUD4F4/
hVLlbZvJZpYa7ezSzpUUNe48K2DbYmcLf7Mbz1FBABkOKVo6hIgJx1roDeuXzt1J
9fXfxc5KqZwSnB7JvmKg8ULUd8gu12DYj7eeqQ6OQb8stB8Onlb4O4gNVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxbMgDDMnhb2dtjgFx/tWJY4Xq6MB8GA1UdIwQY
MBaAFNu5gBBTbEBuqPPWZVlMIo126xD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdtQUVGTnNRRzZvODlabFdVd2lqWGJyRVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9jN2YzZDktYTUwMS00NmFmLWI5ZDgt
NzIwODFiZDRjZDhkLzEvM0ZzeUFNTXllRnZaMjJPQVhILTFZbGpoZXJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9jN2YzZDktYTUwMS00NmFmLWI5ZDgtNzIwODFiZDRjZDhk
LzEvMjdtQUVGTnNRRzZvODlabFdVd2lqWGJyRVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSMwMA0G
CSqGSIb3DQEBCwUAA4IBAQCh7+lt7qSYQTS8oif/2ip3no7/P+F62mbKhg5UUt2d
1WvDFhtGHHs9cehngKeMUqBfZM951wjeIJ9hgkuTC3xcQYDQ95vizBvN4b0gUR5o
yEAnVBP2NsXnqA4SttgyWkysgAjPo2ysdsyqmQK62iLqHWFhwPwvVDvXBGB6VHAE
XetDNgAJgATiLa2AebWckm7u3ceBVrmDq/gsYAqWk4YHadD9w4nohZ724mW+lOu3
86oI6qnZG1dedMbb/0SdB/Y15iIaAawkJtn4yveyJpRbgWpo87NhavFkk1Uv5Asm
UunP1rwkDVG+sz0u2Msa2LahGwTYmPPnuB+1aQXtSifV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:56 2025 by rpki-client