Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/3cbb9c-5006-46be-b4c3-ff8f5545eba2/1/Aft9RjG1bANs_GX9ut3IVJp1liE.roa
File: Aft9RjG1bANs_GX9ut3IVJp1liE.roa (raw, json)
Hash identifier: 1q/RA2lOHFKSjvw6k9WytuAWEbp7kIykRZ0IbfB+q5c=
Subject key identifier: 01:FB:7D:46:31:B5:6C:03:6C:FC:65:FD:BA:DD:C8:54:9A:75:96:21
Certificate issuer: /CN=1e01986e6551bb3a015ac64ed6747c234b2a79e0
Certificate serial: FA4D
Authority key identifier: 1E:01:98:6E:65:51:BB:3A:01:5A:C6:4E:D6:74:7C:23:4B:2A:79:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HgGYbmVRuzoBWsZO1nR8I0sqeeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/3cbb9c-5006-46be-b4c3-ff8f5545eba2/1/Aft9RjG1bANs_GX9ut3IVJp1liE.roa
Signing time: Thu 21 Apr 2022 11:26:07 +0000
ROA not before: Thu 21 Apr 2022 11:26:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31454
IP address blocks: 194.102.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64077 (0xfa4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e01986e6551bb3a015ac64ed6747c234b2a79e0
Validity
Not Before: Apr 21 11:26:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01fb7d4631b56c036cfc65fdbaddc8549a759621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:37:a9:8a:35:8e:0a:c5:22:27:a8:1b:a6:2a:
e5:de:f5:c6:8f:5d:56:15:9c:a3:ca:a4:bc:56:b1:
94:ed:1c:e6:63:00:21:84:40:fd:bd:69:0f:cf:55:
5e:d8:fc:84:d4:68:7e:b9:95:79:e4:8a:44:56:fa:
70:9d:09:5c:d1:9b:2c:49:ce:b3:af:70:c1:6e:2d:
5e:e4:17:fb:e7:01:ae:f3:65:9e:b4:ff:78:a0:ae:
5c:7e:45:8e:12:c4:55:e4:1b:27:81:66:16:15:a7:
b7:ef:3f:f8:ac:54:96:63:e1:67:a7:06:74:74:3c:
2d:ed:d9:dd:2d:16:ef:d4:52:32:ef:b6:5b:94:6c:
f4:5b:d6:9e:af:6f:49:64:4c:17:75:8e:fe:6b:e8:
f7:26:8a:52:28:da:3f:8c:0e:0e:7c:84:86:bb:bc:
00:ad:83:4b:73:2e:6c:7b:76:6b:f7:d6:11:36:ff:
fa:84:71:98:e9:39:88:1e:cc:fd:23:08:18:a3:be:
e0:7f:0a:7e:62:cb:f4:ca:b4:16:58:f4:da:41:10:
dc:c5:dc:cd:6d:96:8a:74:8c:19:96:ea:8e:01:6f:
f8:fd:72:32:6c:4c:46:ee:b6:f5:f9:17:c1:63:a0:
71:e7:94:e2:83:b2:11:c8:4d:9d:97:0d:15:25:40:
b2:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:FB:7D:46:31:B5:6C:03:6C:FC:65:FD:BA:DD:C8:54:9A:75:96:21
X509v3 Authority Key Identifier:
keyid:1E:01:98:6E:65:51:BB:3A:01:5A:C6:4E:D6:74:7C:23:4B:2A:79:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HgGYbmVRuzoBWsZO1nR8I0sqeeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/3cbb9c-5006-46be-b4c3-ff8f5545eba2/1/Aft9RjG1bANs_GX9ut3IVJp1liE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/3cbb9c-5006-46be-b4c3-ff8f5545eba2/1/HgGYbmVRuzoBWsZO1nR8I0sqeeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.102.86.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:e8:db:45:cf:4e:90:5f:5d:38:19:19:0f:5f:c5:ea:eb:1c:
60:a1:76:c4:3d:ff:c1:c2:f3:d0:30:97:e0:38:a2:31:28:cd:
24:1b:3d:43:1f:9c:09:3e:ed:0e:f4:d8:49:d5:2f:ca:f2:c8:
2a:4d:c4:46:f1:f2:95:75:b8:3d:64:03:0d:d6:59:99:79:8a:
5d:35:51:02:4d:db:c6:b6:63:50:0c:b0:47:9a:f6:85:bd:86:
d0:60:44:ac:e6:1f:d3:2f:12:71:16:4f:76:af:59:56:ee:a7:
0f:40:5e:37:06:6f:7b:dd:a2:89:3a:09:b6:63:6c:67:35:e3:
4f:c5:e2:fb:9b:2e:56:ca:cb:31:6c:f9:4f:de:84:70:6c:9c:
1d:43:a5:cc:8a:17:a2:18:63:34:9c:3b:c7:d2:b4:26:f3:77:
c6:1c:2c:99:68:d6:e3:eb:d9:c5:a6:e0:cf:ff:a2:2c:39:3e:
af:87:44:6b:a7:45:e3:22:ea:af:39:a9:19:ee:9f:43:55:62:
97:c5:12:69:3c:7f:cb:b9:2d:dc:87:45:a4:76:34:1b:c9:6b:
52:fd:33:6c:97:23:1d:17:db:d4:4c:83:f9:89:59:b3:5a:02:
3b:88:6f:28:25:bc:56:45:2c:5a:55:2b:28:f6:10:b5:1c:7f:
1e:34:88:b2
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAPpNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFl
MDE5ODZlNjU1MWJiM2EwMTVhYzY0ZWQ2NzQ3YzIzNGIyYTc5ZTAwHhcNMjIwNDIx
MTEyNjA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwMWZiN2Q0NjMxYjU2
YzAzNmNmYzY1ZmRiYWRkYzg1NDlhNzU5NjIxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsDepijWOCsUiJ6gbpirl3vXGj11WFZyjyqS8VrGU7RzmYwAh
hED9vWkPz1Ve2PyE1Gh+uZV55IpEVvpwnQlc0ZssSc6zr3DBbi1e5Bf75wGu82We
tP94oK5cfkWOEsRV5BsngWYWFae37z/4rFSWY+FnpwZ0dDwt7dndLRbv1FIy77Zb
lGz0W9aer29JZEwXdY7+a+j3JopSKNo/jA4OfISGu7wArYNLcy5se3Zr99YRNv/6
hHGY6TmIHsz9IwgYo77gfwp+Ysv0yrQWWPTaQRDcxdzNbZaKdIwZluqOAW/4/XIy
bExG7rb1+RfBY6Bx55Tig7IRyE2dlw0VJUCyyQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFAH7fUYxtWwDbPxl/brdyFSadZYhMB8GA1UdIwQYMBaAFB4BmG5lUbs6AVrG
TtZ0fCNLKnngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SGdHWWJtVlJ1em9CV3NaTzFuUjhJMHNxZWVBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84Ny8zY2JiOWMtNTAwNi00NmJlLWI0YzMtZmY4ZjU1NDVlYmEyLzEv
QWZ0OVJqRzFiQU5zX0dYOXV0M0lWSnAxbGlFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8z
Y2JiOWMtNTAwNi00NmJlLWI0YzMtZmY4ZjU1NDVlYmEyLzEvSGdHWWJtVlJ1em9C
V3NaTzFuUjhJMHNxZWVBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmZWMA0GCSqGSIb3DQEBCwUAA4IB
AQA/6NtFz06QX104GRkPX8Xq6xxgoXbEPf/BwvPQMJfgOKIxKM0kGz1DH5wJPu0O
9NhJ1S/K8sgqTcRG8fKVdbg9ZAMN1lmZeYpdNVECTdvGtmNQDLBHmvaFvYbQYESs
5h/TLxJxFk92r1lW7qcPQF43Bm973aKJOgm2Y2xnNeNPxeL7my5WyssxbPlP3oRw
bJwdQ6XMiheiGGM0nDvH0rQm83fGHCyZaNbj69nFpuDP/6IsOT6vh0Rrp0XjIuqv
OakZ7p9DVWKXxRJpPH/LuS3ch0WkdjQbyWtS/TNslyMdF9vUTIP5iVmzWgI7iG8o
JbxWRSxaVSso9hC1HH8eNIiy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:35 2023 by rpki-client on console-ams.rpki-client.org