Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/3hsJ7Y02OaBfb1m9M77WnER121s.roa
File: 3hsJ7Y02OaBfb1m9M77WnER121s.roa (raw, json)
Hash identifier: Ws8NWIQKKCU20F5Up7rtSr5b4af96vQXKLn7nkQMRCw=
Subject key identifier: DE:1B:09:ED:8D:36:39:A0:5F:6F:59:BD:33:BE:D6:9C:44:75:DB:5B
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 383036
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/3hsJ7Y02OaBfb1m9M77WnER121s.roa
Signing time: Thu 31 Mar 2022 20:22:02 +0000
ROA not before: Thu 31 Mar 2022 20:22:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35543
IP address blocks: 193.53.35.0/24 maxlen: 24
2a12:a4c1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3682358 (0x383036)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Mar 31 20:22:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de1b09ed8d3639a05f6f59bd33bed69c4475db5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d5:76:84:d2:b5:24:c1:39:7f:b1:41:87:df:
ed:c9:c5:74:2f:9e:fd:89:bf:fb:98:ab:dd:d6:ed:
5f:d2:89:2e:3d:b5:70:d9:c7:75:a4:41:15:48:c1:
41:bf:3a:73:99:9b:78:a8:f3:bf:e5:fa:cd:43:79:
94:92:bd:04:49:4f:97:ba:81:0c:ee:e7:f0:98:29:
a4:10:a7:89:8c:2b:66:1f:b1:94:f7:72:9b:57:0b:
73:5a:50:20:aa:0e:95:c8:67:ab:4a:c9:d2:cf:f8:
9c:e7:0c:c7:0b:42:82:a9:d5:e8:75:fb:6b:38:84:
30:22:5b:1d:50:40:24:c0:a1:4c:63:0a:ab:64:02:
2a:ea:0c:e3:9d:19:c2:a2:30:5e:ce:29:a9:2a:85:
7f:b5:ca:08:d4:83:da:d7:ac:cb:ed:66:50:b6:a0:
5c:02:03:c9:92:01:07:c5:2f:52:d0:16:5b:23:dc:
5c:9c:04:77:b9:45:6c:51:bb:f1:6e:68:4b:63:05:
33:dc:03:af:df:69:a0:79:50:56:8c:f3:42:1e:b3:
e2:be:6f:c2:23:b6:12:15:dc:3b:a2:d2:19:6b:e6:
78:2a:78:6a:27:8c:58:7e:e0:70:ae:e8:26:6c:53:
45:08:d2:90:8c:e0:87:57:7f:15:50:ca:03:2a:dc:
0b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:1B:09:ED:8D:36:39:A0:5F:6F:59:BD:33:BE:D6:9C:44:75:DB:5B
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/3hsJ7Y02OaBfb1m9M77WnER121s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.35.0/24
IPv6:
2a12:a4c1::/32
Signature Algorithm: sha256WithRSAEncryption
18:d3:59:15:e6:45:c6:ad:97:f8:eb:bc:06:b4:eb:b0:22:74:
14:c0:b2:09:e4:b3:c4:ae:45:c0:e5:f4:50:48:48:70:ac:4d:
de:15:33:47:57:41:2a:51:42:23:04:b2:7b:14:dd:13:43:8b:
69:a1:98:bf:53:73:ce:1d:ac:a0:54:2f:9f:51:db:d5:aa:27:
29:1f:5c:47:4c:f4:4e:7b:15:d9:ea:97:02:77:f9:f6:3d:8a:
a8:6a:dc:be:0f:2b:bd:40:0d:a8:99:d9:92:1c:f0:b2:8f:34:
79:b0:de:d0:96:23:c3:2f:2d:a3:03:d0:f4:4d:72:37:9f:27:
10:1d:8e:7a:97:9f:71:e6:a0:d7:10:88:ef:8c:28:e9:a0:e4:
a1:c2:a3:f6:2d:6e:33:ad:2a:67:1b:07:8e:f5:09:9b:e3:74:
4c:fb:74:d2:53:20:a2:f9:a9:54:d3:49:96:1d:01:bc:39:0c:
66:0b:37:7b:ec:57:a2:97:db:1a:d7:4e:df:97:80:fd:59:7f:
6e:9b:56:d3:ad:53:3c:61:c3:5b:60:59:60:51:98:67:d5:c1:
79:37:a3:ae:2b:4a:93:bb:67:8d:ea:87:46:af:03:66:e6:65:
16:ee:78:d6:1f:89:e0:23:c9:a0:65:bf:a4:02:92:90:a2:06:
cc:0a:9d:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDODA2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0NDg4NzgwHhcNMjIwMzMx
MjAyMjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkZTFiMDllZDhkMzYz
OWEwNWY2ZjU5YmQzM2JlZDY5YzQ0NzVkYjViMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqNV2hNK1JME5f7FBh9/tycV0L579ib/7mKvd1u1f0okuPbVw
2cd1pEEVSMFBvzpzmZt4qPO/5frNQ3mUkr0ESU+XuoEM7ufwmCmkEKeJjCtmH7GU
93KbVwtzWlAgqg6VyGerSsnSz/ic5wzHC0KCqdXodftrOIQwIlsdUEAkwKFMYwqr
ZAIq6gzjnRnCojBezimpKoV/tcoI1IPa16zL7WZQtqBcAgPJkgEHxS9S0BZbI9xc
nAR3uUVsUbvxbmhLYwUz3AOv32mgeVBWjPNCHrPivm/CI7YSFdw7otIZa+Z4Knhq
J4xYfuBwrugmbFNFCNKQjOCHV38VUMoDKtwLUwIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFN4bCe2NNjmgX29ZvTO+1pxEddtbMB8GA1UdIwQYMBaAFKf9P4kzXc+Chmay
j62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1LzEv
M2hzSjdZMDJPYUJmYjFtOU03N1duRVIxMjFzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8z
ODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1LzEvcF8wX2lUTmR6NEtH
WnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTUjMA0EAgACMAcDBQAqEqTBMA0G
CSqGSIb3DQEBCwUAA4IBAQAY01kV5kXGrZf467wGtOuwInQUwLIJ5LPErkXA5fRQ
SEhwrE3eFTNHV0EqUUIjBLJ7FN0TQ4tpoZi/U3POHaygVC+fUdvVqicpH1xHTPRO
exXZ6pcCd/n2PYqoaty+Dyu9QA2omdmSHPCyjzR5sN7QliPDLy2jA9D0TXI3nycQ
HY56l59x5qDXEIjvjCjpoOShwqP2LW4zrSpnGweO9Qmb43RM+3TSUyCi+alU00mW
HQG8OQxmCzd77Feil9sa107fl4D9WX9um1bTrVM8YcNbYFlgUZhn1cF5N6OuK0qT
u2eN6odGrwNm5mUW7njWH4ngI8mgZb+kApKQogbMCp1C
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:02 2023 by rpki-client on console-ams.rpki-client.org