Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/3upQBYZ9Q_Dq3Ix4_hq1uClA2oY.roa
File: 3upQBYZ9Q_Dq3Ix4_hq1uClA2oY.roa (raw, json)
Hash identifier: bgJAqaPgwMYRm9tIKFdGMXZBZzmSgTavrM5doPKLpwk=
Subject key identifier: DE:EA:50:05:86:7D:43:F0:EA:DC:8C:78:FE:1A:B5:B8:29:40:DA:86
Certificate issuer: /CN=96b8acfa17af93bedbefc6feb4688f98604b8aae
Certificate serial: 01BC8796
Authority key identifier: 96:B8:AC:FA:17:AF:93:BE:DB:EF:C6:FE:B4:68:8F:98:60:4B:8A:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lris-hevk77b78b-tGiPmGBLiq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/3upQBYZ9Q_Dq3Ix4_hq1uClA2oY.roa
Signing time: Sat 01 Jan 2022 10:54:01 +0000
ROA not before: Sat 01 Jan 2022 10:54:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21217
IP address blocks: 194.88.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29132694 (0x1bc8796)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b8acfa17af93bedbefc6feb4688f98604b8aae
Validity
Not Before: Jan 1 10:54:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=deea5005867d43f0eadc8c78fe1ab5b82940da86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:74:00:06:71:76:61:e5:e2:65:9a:e7:c8:6e:
2a:29:52:23:63:d5:1c:f2:f8:58:7f:f9:4d:4f:0f:
07:63:80:d2:88:9b:dd:1f:25:bc:4a:4b:d4:05:62:
d0:1e:49:9a:04:46:40:3b:15:51:f6:32:4c:a9:6f:
be:42:04:c1:c4:19:17:4a:0e:f4:ca:4e:9b:15:f7:
a7:e9:c2:44:73:16:46:67:0e:74:e7:c7:ec:59:e6:
94:77:c4:ed:9c:75:ee:43:5e:92:43:79:d4:be:77:
43:a7:78:2c:65:1d:d4:80:91:8c:7b:81:1e:49:88:
76:40:6c:38:1c:a8:b1:86:c5:9d:81:5f:bc:3c:7c:
57:01:83:8b:a2:b4:d5:93:90:f3:4a:d2:42:d8:17:
a4:4f:3c:3c:f3:0b:40:8d:2c:14:4c:58:02:77:80:
2d:40:a9:58:60:14:86:cd:f3:a3:07:93:c4:06:55:
89:c8:ad:37:c0:9f:fb:15:0f:20:77:29:5e:ec:90:
9d:4f:af:2b:a9:db:e9:dc:18:f5:bf:aa:9c:83:bf:
9a:b6:84:73:ed:53:5f:f5:b0:82:e0:2e:70:60:0e:
07:a3:63:d7:0c:bf:e7:ad:32:c7:2f:e7:af:fb:83:
35:0c:9e:4f:70:66:ae:a3:e9:ae:67:13:59:ab:e1:
43:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:EA:50:05:86:7D:43:F0:EA:DC:8C:78:FE:1A:B5:B8:29:40:DA:86
X509v3 Authority Key Identifier:
keyid:96:B8:AC:FA:17:AF:93:BE:DB:EF:C6:FE:B4:68:8F:98:60:4B:8A:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lris-hevk77b78b-tGiPmGBLiq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/3upQBYZ9Q_Dq3Ix4_hq1uClA2oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/lris-hevk77b78b-tGiPmGBLiq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.88.9.0/24
Signature Algorithm: sha256WithRSAEncryption
79:10:62:a3:7b:9c:5f:96:a9:81:98:aa:06:a4:5a:9b:49:f7:
0f:b1:b0:8f:66:f5:98:2d:d6:6c:7d:59:05:10:13:9b:8a:35:
86:b9:8c:35:cb:64:9c:d7:c7:e1:d2:bf:fb:fb:76:e4:1b:5c:
25:25:0d:b8:13:5a:1f:73:29:5d:8e:59:cf:01:31:bc:64:f5:
bf:bd:98:77:bb:9f:25:f0:e0:9b:f7:b1:b1:f5:33:d3:86:f7:
21:3d:e7:29:0b:bf:52:cc:6a:d8:64:66:ed:76:13:c1:3f:42:
8c:d6:8c:21:a4:de:ab:9b:8b:1e:ad:bd:5b:41:0a:ed:0e:7b:
48:2f:43:da:3c:1e:79:e6:7b:67:63:bf:9b:6a:47:cb:5e:f3:
bf:56:c2:ff:f9:15:06:b1:d8:b0:8f:17:76:2a:26:a4:b1:a9:
4f:1c:e1:6b:46:19:0c:aa:28:89:e0:6f:ec:1d:cc:0e:53:a9:
2e:5e:c7:75:67:58:79:2d:44:37:b4:47:7c:ab:07:13:98:34:
19:45:b6:82:96:5f:23:e8:a2:f7:ea:c9:10:cb:d6:2b:87:ce:
55:0e:fd:d0:2f:87:bc:94:a6:0e:96:ed:ef:2f:cf:7c:ef:ef:
a9:5a:ad:b1:4b:67:df:cb:3b:99:a5:40:9d:7c:33:07:b6:4e:
f9:b7:be:c6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAbyHljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NmI4YWNmYTE3YWY5M2JlZGJlZmM2ZmViNDY4OGY5ODYwNGI4YWFlMB4XDTIyMDEw
MTEwNTQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGVlYTUwMDU4Njdk
NDNmMGVhZGM4Yzc4ZmUxYWI1YjgyOTQwZGE4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMd0AAZxdmHl4mWa58huKilSI2PVHPL4WH/5TU8PB2OA0oib
3R8lvEpL1AVi0B5JmgRGQDsVUfYyTKlvvkIEwcQZF0oO9MpOmxX3p+nCRHMWRmcO
dOfH7FnmlHfE7Zx17kNekkN51L53Q6d4LGUd1ICRjHuBHkmIdkBsOByosYbFnYFf
vDx8VwGDi6K01ZOQ80rSQtgXpE88PPMLQI0sFExYAneALUCpWGAUhs3zoweTxAZV
icitN8Cf+xUPIHcpXuyQnU+vK6nb6dwY9b+qnIO/mraEc+1TX/WwguAucGAOB6Nj
1wy/560yxy/nr/uDNQyeT3BmrqPprmcTWavhQyUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTe6lAFhn1D8OrcjHj+GrW4KUDahjAfBgNVHSMEGDAWgBSWuKz6F6+Tvtvv
xv60aI+YYEuKrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xyaXMtaGV2azc3Yjc4Yi10R2lQbUdCTGlxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvYzQ3YjQ2LWNjZGMtNGI1ZS04NjJlLWJkZGZmMTk3YzI5ZC8x
LzN1cFFCWVo5UV9EcTNJeDRfaHExdUNsQTJvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
YzQ3YjQ2LWNjZGMtNGI1ZS04NjJlLWJkZGZmMTk3YzI5ZC8xL2xyaXMtaGV2azc3
Yjc4Yi10R2lQbUdCTGlxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJYCTANBgkqhkiG9w0BAQsFAAOC
AQEAeRBio3ucX5apgZiqBqRam0n3D7Gwj2b1mC3WbH1ZBRATm4o1hrmMNctknNfH
4dK/+/t25BtcJSUNuBNaH3MpXY5ZzwExvGT1v72Yd7ufJfDgm/exsfUz04b3IT3n
KQu/Usxq2GRm7XYTwT9CjNaMIaTeq5uLHq29W0EK7Q57SC9D2jweeeZ7Z2O/m2pH
y17zv1bC//kVBrHYsI8XdiompLGpTxzha0YZDKooieBv7B3MDlOpLl7HdWdYeS1E
N7RHfKsHE5g0GUW2gpZfI+ii9+rJEMvWK4fOVQ790C+HvJSmDpbt7y/PfO/vqVqt
sUtn38s7maVAnXwzB7ZO+be+xg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-ams.rpki-client.org