Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/a3rBCnVVwJWYTesBVGHPHbyoM-g.roa
File: a3rBCnVVwJWYTesBVGHPHbyoM-g.roa (raw, json)
Hash identifier: SPCu97rX8GKj9N1UErKevjM32XoesQpPbfHYaVEviRo=
Subject key identifier: 6B:7A:C1:0A:75:55:C0:95:98:4D:EB:01:54:61:CF:1D:BC:A8:33:E8
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 0182ADA970ED21AC44A286EBA9C980D6FCA1
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/a3rBCnVVwJWYTesBVGHPHbyoM-g.roa
Signing time: Wed 17 Aug 2022 21:15:39 +0000
ROA not before: Wed 17 Aug 2022 21:15:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45036
IP address blocks: 193.53.40.0/24 maxlen: 24
194.32.145.0/24 maxlen: 24
194.32.144.0/24 maxlen: 24
2a12:a4c2::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ad:a9:70:ed:21:ac:44:a2:86:eb:a9:c9:80:d6:fc:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Aug 17 21:15:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b7ac10a7555c095984deb015461cf1dbca833e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0e:38:79:5d:f5:34:c9:8e:a6:00:b0:f9:3c:
5f:2d:a7:06:f9:e0:80:a2:63:e6:db:50:be:a1:83:
ff:81:a8:44:f3:1a:dd:8f:47:fc:26:8c:c5:78:5b:
00:fc:bc:85:da:cc:e2:4a:ae:bd:18:6f:c9:3f:81:
14:4d:f4:f5:e6:5a:91:0b:11:dd:15:af:98:77:c4:
65:17:81:f8:ad:71:96:0e:71:81:b6:57:63:f2:52:
ea:a0:e9:08:b4:e3:6d:21:5b:61:a7:9d:b8:59:89:
05:9a:bb:a3:2a:e8:fc:2a:ec:0a:af:2d:e4:a1:ba:
17:a1:9d:5c:0b:cb:94:75:f2:c9:cd:af:69:59:aa:
8e:0d:1e:d0:32:f6:a2:00:cc:78:31:6d:77:2f:0f:
6b:c6:c1:27:90:ca:c7:64:39:71:ef:15:e1:e6:6a:
59:9a:61:08:16:7e:ee:11:a6:e9:cf:13:aa:42:4a:
9b:58:3d:65:9f:d6:8f:1b:1a:75:a4:4a:73:41:c2:
50:06:f7:24:24:38:5b:13:90:83:f8:9f:31:08:51:
84:dd:18:2d:93:50:83:a5:0e:9d:e7:62:86:8c:3f:
24:00:05:91:83:f4:e5:ac:61:f0:b8:3b:3d:fa:bc:
d9:83:17:dc:92:c6:14:4d:2b:4f:16:1b:e0:a0:ca:
94:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:7A:C1:0A:75:55:C0:95:98:4D:EB:01:54:61:CF:1D:BC:A8:33:E8
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/a3rBCnVVwJWYTesBVGHPHbyoM-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.40.0/24
194.32.144.0/23
IPv6:
2a12:a4c2::/32
Signature Algorithm: sha256WithRSAEncryption
78:56:81:9c:29:1b:c3:eb:f8:fc:04:9b:9f:5c:b3:c5:0f:09:
bf:49:b1:0c:c8:3b:ea:d0:81:6d:4a:63:9f:48:7b:63:bf:70:
a6:3e:ba:11:a6:bd:7d:3a:93:06:14:a6:21:c0:e4:8d:52:64:
cc:e3:af:f7:69:bf:66:50:4d:d9:71:14:de:84:8a:57:e6:af:
da:84:25:f0:e4:2f:3a:58:e7:81:9a:16:e5:b4:23:78:d7:b1:
79:17:c8:e8:69:2e:c9:f4:1b:a8:99:4f:98:9b:17:4f:44:53:
4d:26:7a:dd:75:e1:23:d3:b0:95:41:d5:1d:fd:8c:c2:3d:af:
bc:bf:52:c3:d5:52:a7:48:9e:92:ae:04:e1:86:e5:a9:9c:a3:
6f:15:d6:91:95:8c:e5:bc:95:f3:a0:41:6e:ec:ab:67:52:5f:
e1:72:47:01:db:44:69:d8:ba:16:f0:a1:ef:e0:d5:d7:7c:43:
91:7b:8a:ba:ec:4e:ff:de:1b:f7:78:60:ee:b7:a1:0c:31:ad:
47:a0:fa:c6:48:69:67:4b:b8:45:f0:f7:2d:89:52:21:33:ad:
a5:9e:63:41:6d:ed:65:4a:c7:d0:17:2d:eb:37:7d:ab:f3:3a:
b7:6f:ef:0a:80:64:d9:a8:d4:d2:ae:e7:25:dc:28:ca:cf:75:
2b:b7:b5:d5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYKtqXDtIaxEoobrqcmA1vyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjIwODE3MjExNTM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjdhYzEwYTc1NTVjMDk1OTg0ZGViMDE1NDYxY2YxZGJjYTgzM2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0w44eV31NMmOpgCw+TxfLacG+eCA
omPm21C+oYP/gahE8xrdj0f8JozFeFsA/LyF2sziSq69GG/JP4EUTfT15lqRCxHd
Fa+Yd8RlF4H4rXGWDnGBtldj8lLqoOkItONtIVthp524WYkFmrujKuj8KuwKry3k
oboXoZ1cC8uUdfLJza9pWaqODR7QMvaiAMx4MW13Lw9rxsEnkMrHZDlx7xXh5mpZ
mmEIFn7uEabpzxOqQkqbWD1ln9aPGxp1pEpzQcJQBvckJDhbE5CD+J8xCFGE3Rgt
k1CDpQ6d52KGjD8kAAWRg/TlrGHwuDs9+rzZgxfcksYUTStPFhvgoMqUeQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGt6wQp1VcCVmE3rAVRhzx28qDPoMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvYTNyQkNuVlZ3SldZVGVzQlZHSFBIYnlvTS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwTUoAwQB
wiCQMA0EAgACMAcDBQAqEqTCMA0GCSqGSIb3DQEBCwUAA4IBAQB4VoGcKRvD6/j8
BJufXLPFDwm/SbEMyDvq0IFtSmOfSHtjv3CmProRpr19OpMGFKYhwOSNUmTM46/3
ab9mUE3ZcRTehIpX5q/ahCXw5C86WOeBmhbltCN417F5F8joaS7J9BuomU+YmxdP
RFNNJnrddeEj07CVQdUd/YzCPa+8v1LD1VKnSJ6SrgThhuWpnKNvFdaRlYzlvJXz
oEFu7KtnUl/hckcB20Rp2LoW8KHv4NXXfEORe4q67E7/3hv3eGDut6EMMa1HoPrG
SGlnS7hF8PctiVIhM62lnmNBbe1lSsfQFy3rN32r8zq3b+8KgGTZqNTSrucl3CjK
z3Urt7XV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:26 2023 by rpki-client on console-fra.rpki-client.org