Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3ocIc8SLGnSie6FHIEcKVPrfiac.roa
File: 3ocIc8SLGnSie6FHIEcKVPrfiac.roa (raw, json)
Hash identifier: ls3veIT6dgvWdEKVJyipC366ay+g9vvMjQTif1XpKmE=
Subject key identifier: DE:87:08:73:C4:8B:1A:74:A2:7B:A1:47:20:47:0A:54:FA:DF:89:A7
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0182EF198268AE1B320EA7E0D05D55AFBB49
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3ocIc8SLGnSie6FHIEcKVPrfiac.roa
Signing time: Tue 30 Aug 2022 14:13:22 +0000
ROA not before: Tue 30 Aug 2022 14:13:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21859
IP address blocks: 82.153.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ef:19:82:68:ae:1b:32:0e:a7:e0:d0:5d:55:af:bb:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 30 14:13:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de870873c48b1a74a27ba14720470a54fadf89a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0c:c1:69:e4:96:80:f3:35:ad:27:b5:53:33:
10:1a:c3:fa:5f:0c:5d:99:ad:f7:15:8e:3c:82:42:
c4:80:48:fa:92:c2:c1:49:ef:65:1f:48:bb:15:ae:
82:ce:6e:f8:bc:79:2e:0d:88:e5:6a:c0:14:4c:50:
b8:e7:19:10:3d:d1:91:39:a3:89:02:cb:ed:d4:bc:
f1:d5:70:5b:cb:78:47:0d:6d:c7:f3:9c:b7:5a:f6:
66:16:63:a3:21:d9:a2:24:b5:72:91:bd:f3:a2:c3:
cf:d5:dd:c7:86:73:05:03:51:39:ab:b8:3f:c9:27:
79:f6:af:07:78:0e:0d:16:b3:89:8c:e7:a4:82:eb:
87:f2:12:b7:d4:85:c7:21:a4:74:8d:d3:4a:52:1b:
93:8e:f9:33:20:6a:f0:30:54:45:5e:8c:3b:fb:9f:
c4:c2:c6:81:b7:ab:9e:12:cd:38:55:40:59:e3:71:
85:57:7e:eb:c0:fb:38:ab:33:ef:9f:01:5d:e3:51:
f2:64:94:e5:49:8d:d1:a1:1b:60:b5:73:84:cf:c7:
9d:e1:e6:25:0f:fa:0a:d4:a5:f3:30:a0:63:c9:83:
43:6c:e6:c1:fe:59:0a:9b:06:1a:e6:10:ef:dc:df:
ee:f9:30:17:cd:ca:52:f6:e2:e9:71:6b:74:1b:74:
ad:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:87:08:73:C4:8B:1A:74:A2:7B:A1:47:20:47:0A:54:FA:DF:89:A7
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3ocIc8SLGnSie6FHIEcKVPrfiac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.241.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:5c:d5:df:78:bf:d3:90:83:d0:a4:f8:13:62:b6:02:1d:c0:
dc:63:58:58:aa:2e:8e:2d:66:46:f8:f6:86:38:9a:a9:33:e4:
9b:87:1e:75:b3:a9:6a:ff:2b:07:e9:6b:5e:ef:30:e7:18:21:
3a:9d:84:15:b9:10:0b:db:af:10:39:4c:bd:31:7b:7f:ec:9a:
78:8c:aa:48:fd:cd:0f:c6:6a:43:c2:e3:98:94:e1:5d:f9:f7:
b6:aa:6f:65:d3:3f:99:eb:d6:93:ff:da:b5:df:02:68:e3:31:
4c:a1:29:c6:14:5d:1a:7f:53:9a:0e:2d:d7:59:3a:90:40:ec:
35:ea:17:13:61:49:2f:48:0a:ed:35:6a:f4:f3:02:a3:70:c2:
a5:69:cd:0e:43:8d:29:89:e0:bd:a5:a1:d4:63:c3:ac:05:8d:
e4:37:be:10:1a:1d:5a:d2:34:18:4f:61:a7:b6:41:fa:65:b4:
c2:e5:81:67:92:2b:1a:a2:c7:b8:58:5f:e2:a4:02:6d:73:3a:
60:2c:8d:45:65:57:d2:9e:33:b6:8b:e2:0a:17:a9:1c:62:b2:
ec:09:2d:e3:29:aa:6b:65:99:2e:a2:77:fb:36:72:53:14:c8:
10:f5:9f:d5:e4:82:97:f2:38:fe:bc:94:9e:48:5d:b0:78:ef:
7a:60:32:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLvGYJorhsyDqfg0F1Vr7tJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIwODMwMTQxMzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTg3MDg3M2M0OGIxYTc0YTI3YmExNDcyMDQ3MGE1NGZhZGY4OWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQzBaeSWgPM1rSe1UzMQGsP6Xwxd
ma33FY48gkLEgEj6ksLBSe9lH0i7Fa6Czm74vHkuDYjlasAUTFC45xkQPdGROaOJ
Asvt1Lzx1XBby3hHDW3H85y3WvZmFmOjIdmiJLVykb3zosPP1d3HhnMFA1E5q7g/
ySd59q8HeA4NFrOJjOekguuH8hK31IXHIaR0jdNKUhuTjvkzIGrwMFRFXow7+5/E
wsaBt6ueEs04VUBZ43GFV37rwPs4qzPvnwFd41HyZJTlSY3RoRtgtXOEz8ed4eYl
D/oK1KXzMKBjyYNDbObB/lkKmwYa5hDv3N/u+TAXzcpS9uLpcWt0G3StWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6HCHPEixp0onuhRyBHClT634mnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvM29jSWM4U0xHblNpZTZGSElFY0tWUHJmaWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnxMA0G
CSqGSIb3DQEBCwUAA4IBAQCeXNXfeL/TkIPQpPgTYrYCHcDcY1hYqi6OLWZG+PaG
OJqpM+Sbhx51s6lq/ysH6Wte7zDnGCE6nYQVuRAL268QOUy9MXt/7Jp4jKpI/c0P
xmpDwuOYlOFd+fe2qm9l0z+Z69aT/9q13wJo4zFMoSnGFF0af1OaDi3XWTqQQOw1
6hcTYUkvSArtNWr08wKjcMKlac0OQ40pieC9paHUY8OsBY3kN74QGh1a0jQYT2Gn
tkH6ZbTC5YFnkisaose4WF/ipAJtczpgLI1FZVfSnjO2i+IKF6kcYrLsCS3jKapr
ZZkuonf7NnJTFMgQ9Z/V5IKX8jj+vJSeSF2weO96YDLf
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:47 2023 by rpki-client on console-ams.rpki-client.org