Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/b3oMIW1eOBvQ7WJ-wvScBJw23Nw.roa
File: b3oMIW1eOBvQ7WJ-wvScBJw23Nw.roa (raw, json)
Hash identifier: O1Qr0BZGpVUh/TI4uCDfhzAnk0kyux0Jsx+CY/G5dKw=
Subject key identifier: 6F:7A:0C:21:6D:5E:38:1B:D0:ED:62:7E:C2:F4:9C:04:9C:36:DC:DC
Certificate issuer: /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial: 049FC9E3
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/b3oMIW1eOBvQ7WJ-wvScBJw23Nw.roa
Signing time: Tue 28 Jun 2022 20:42:02 +0000
ROA not before: Tue 28 Jun 2022 20:42:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 195.8.200.0/24 maxlen: 24
152.89.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77580771 (0x49fc9e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Validity
Not Before: Jun 28 20:42:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f7a0c216d5e381bd0ed627ec2f49c049c36dcdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4a:f1:97:f5:9a:3d:cb:b8:7c:35:a1:96:22:
5f:d4:a8:9b:66:de:a7:dd:b1:4f:df:3d:b7:7b:74:
16:5d:1a:6c:d8:1c:54:32:13:ac:b0:fe:e4:4e:f7:
61:c4:43:0b:da:c3:3a:e0:e0:5e:77:36:09:7c:f4:
6e:65:d3:b9:8d:f3:80:f9:4f:11:dc:81:8f:79:3d:
b1:4c:cc:1f:55:5b:c0:d7:89:a2:16:de:91:32:24:
b2:c0:e0:7b:2b:95:0b:98:23:5d:49:7b:8a:ba:ca:
33:e4:6a:97:8b:78:8c:f5:be:0e:29:3a:e4:de:b8:
35:b4:02:9f:8d:e2:9f:88:67:26:3f:93:b9:57:3e:
28:88:ce:0e:ef:80:5c:aa:9d:00:4e:33:a5:3e:43:
1a:83:3c:71:62:d3:61:39:98:55:14:6e:7c:84:7a:
27:09:20:fa:83:74:28:1e:22:7a:fc:a6:92:81:86:
87:03:1e:62:bd:8f:bb:57:3c:38:5c:36:ea:00:9e:
bd:49:ab:cc:71:4a:c3:48:c7:55:63:32:1d:41:66:
ed:d1:4f:32:f2:e5:5f:f5:17:bc:f6:e7:14:e9:b5:
7e:91:65:d4:c2:c5:24:eb:2d:c8:cd:c1:22:46:ef:
56:18:83:6d:9c:04:79:06:72:f2:27:c8:ed:f5:dc:
b7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:7A:0C:21:6D:5E:38:1B:D0:ED:62:7E:C2:F4:9C:04:9C:36:DC:DC
X509v3 Authority Key Identifier:
keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/b3oMIW1eOBvQ7WJ-wvScBJw23Nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.195.0/24
195.8.200.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:08:0f:91:0e:90:fa:71:c9:94:22:6d:c6:e3:37:fc:95:0c:
a3:9f:4d:d9:e0:00:b9:0b:5b:58:35:d5:c0:71:c1:40:b9:ee:
e4:d2:a7:46:1d:c2:71:32:8a:6b:41:2b:ba:7e:e7:23:f6:a7:
cd:11:c8:15:7d:c4:d8:e2:29:f7:36:33:97:2a:2c:19:dd:cd:
7a:11:38:0e:a0:fc:02:75:1b:43:a1:88:29:6b:96:58:4a:52:
34:fb:d9:b5:22:fa:08:15:56:89:43:83:3e:cc:da:05:2e:27:
96:e1:ea:f3:c4:bb:15:c8:ae:b7:40:38:82:55:f6:47:3d:e3:
95:a4:94:39:64:62:68:ab:f9:f5:9e:24:e2:13:07:1f:b4:35:
b4:30:0a:f5:16:2d:5f:b5:f9:d7:9f:91:e0:e6:23:16:76:5e:
c5:d2:cb:70:a9:40:5e:65:ab:7c:d3:36:e5:8a:60:33:07:3d:
d2:3e:ae:09:97:a1:4c:4c:39:75:96:a1:b9:50:0c:5a:e4:75:
54:57:80:2e:a1:c9:36:1e:c5:11:28:d2:29:ff:5b:65:1a:99:
c2:e4:a2:fc:bd:2e:16:68:b9:b4:52:0e:22:72:ce:e1:56:d6:
d1:f3:43:e3:6b:d7:64:18:c8:f9:4d:e3:8a:8c:98:5f:96:de:
d5:f2:6e:59
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBJ/J4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Y2RjYzhiY2RiNmM3NDRhY2RmNDNkZDcyZDY4ZDIwNDUxYTE3OWY2MB4XDTIyMDYy
ODIwNDIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmY3YTBjMjE2ZDVl
MzgxYmQwZWQ2MjdlYzJmNDljMDQ5YzM2ZGNkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNK8Zf1mj3LuHw1oZYiX9Som2bep92xT989t3t0Fl0abNgc
VDITrLD+5E73YcRDC9rDOuDgXnc2CXz0bmXTuY3zgPlPEdyBj3k9sUzMH1VbwNeJ
ohbekTIkssDgeyuVC5gjXUl7irrKM+Rql4t4jPW+Dik65N64NbQCn43in4hnJj+T
uVc+KIjODu+AXKqdAE4zpT5DGoM8cWLTYTmYVRRufIR6Jwkg+oN0KB4ievymkoGG
hwMeYr2Pu1c8OFw26gCevUmrzHFKw0jHVWMyHUFm7dFPMvLlX/UXvPbnFOm1fpFl
1MLFJOstyM3BIkbvVhiDbZwEeQZy8ifI7fXctyECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRvegwhbV44G9DtYn7C9JwEnDbc3DAfBgNVHSMEGDAWgBQ83Mi822x0Ss30
PdctaNIEUaF59jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BOekl2TnRzZEVyTjlEM1hMV2pTQkZHaGVmWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvMzU2ODI2LWZjMTAtNGFhOS05NmE0LTYzN2IzNzFkYThlNi8x
L2Izb01JVzFlT0J2UTdXSi13dlNjQkp3MjNOdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
MzU2ODI2LWZjMTAtNGFhOS05NmE0LTYzN2IzNzFkYThlNi8xL1BOekl2TnRzZEVy
TjlEM1hMV2pTQkZHaGVmWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAJhZwwMEAMMIyDANBgkqhkiG9w0B
AQsFAAOCAQEAGggPkQ6Q+nHJlCJtxuM3/JUMo59N2eAAuQtbWDXVwHHBQLnu5NKn
Rh3CcTKKa0Erun7nI/anzRHIFX3E2OIp9zYzlyosGd3NehE4DqD8AnUbQ6GIKWuW
WEpSNPvZtSL6CBVWiUODPszaBS4nluHq88S7Fciut0A4glX2Rz3jlaSUOWRiaKv5
9Z4k4hMHH7Q1tDAK9RYtX7X515+R4OYjFnZexdLLcKlAXmWrfNM25YpgMwc90j6u
CZehTEw5dZahuVAMWuR1VFeALqHJNh7FESjSKf9bZRqZwuSi/L0uFmi5tFIOInLO
4VbW0fND42vXZBjI+U3jioyYX5be1fJuWQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:49 2023 by rpki-client on console-fra.rpki-client.org