Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/7j5Q66rCjdlYSdHXKeTDuqgaqqM.roa
File: 7j5Q66rCjdlYSdHXKeTDuqgaqqM.roa (raw, json)
Hash identifier: g66dGTej1Q4RVmzeAv4SfbbdAG2mkTs/HM1WqO8f4Vc=
Subject key identifier: EE:3E:50:EB:AA:C2:8D:D9:58:49:D1:D7:29:E4:C3:BA:A8:1A:AA:A3
Certificate issuer: /CN=c4a31628565820b3a5a3e1cfc87773e283fb95c1
Certificate serial: 018342542BBD01A3C426F12C0E9330BB1C54
Authority key identifier: C4:A3:16:28:56:58:20:B3:A5:A3:E1:CF:C8:77:73:E2:83:FB:95:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xKMWKFZYILOlo-HPyHdz4oP7lcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/7j5Q66rCjdlYSdHXKeTDuqgaqqM.roa
Signing time: Thu 15 Sep 2022 18:05:55 +0000
ROA not before: Thu 15 Sep 2022 18:05:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41599
IP address blocks: 195.3.252.0/22 maxlen: 24
2001:67c:380::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:42:54:2b:bd:01:a3:c4:26:f1:2c:0e:93:30:bb:1c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4a31628565820b3a5a3e1cfc87773e283fb95c1
Validity
Not Before: Sep 15 18:05:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee3e50ebaac28dd95849d1d729e4c3baa81aaaa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2c:62:38:50:2c:e9:c3:4f:3a:56:9a:a8:2f:
7d:2a:01:0a:75:98:67:2d:48:4e:21:b9:90:a3:23:
bf:53:5a:c9:ad:69:f1:fd:69:4f:fb:ae:c4:ae:f8:
a4:ad:c2:f6:58:45:2f:bf:17:96:ca:40:65:23:22:
06:b4:57:58:19:77:4d:77:97:73:ce:4b:d0:db:4b:
23:2e:64:c5:57:3a:d0:61:5a:89:0c:b1:23:26:7f:
c6:8e:c5:46:96:47:61:67:68:a7:7a:0c:48:7a:d9:
0a:b2:2b:d5:6c:05:43:41:9a:c1:0d:d7:04:2f:cd:
af:93:ec:5a:fb:83:bc:34:40:2d:37:5e:e8:c5:01:
15:55:28:68:b5:a6:4f:05:46:a3:8e:66:03:3c:b2:
97:5f:f7:b0:43:1d:7f:57:9e:bc:9a:eb:a1:74:67:
0d:8a:fe:0f:19:ae:b3:2c:a4:10:ee:e7:69:c8:0d:
55:5b:12:6a:72:ae:89:99:ba:58:d3:41:ff:24:6a:
49:e8:fb:6f:6b:bd:c4:a8:45:5e:bb:85:53:44:15:
f4:ee:a8:7d:78:d0:86:38:85:ff:f4:47:0b:8b:e8:
33:43:cd:dd:61:a6:dd:31:2a:fc:56:dc:64:bc:a6:
45:dc:35:97:7d:5c:81:06:7c:8a:73:a5:37:e1:77:
a9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:3E:50:EB:AA:C2:8D:D9:58:49:D1:D7:29:E4:C3:BA:A8:1A:AA:A3
X509v3 Authority Key Identifier:
keyid:C4:A3:16:28:56:58:20:B3:A5:A3:E1:CF:C8:77:73:E2:83:FB:95:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xKMWKFZYILOlo-HPyHdz4oP7lcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/7j5Q66rCjdlYSdHXKeTDuqgaqqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.3.252.0/22
IPv6:
2001:67c:380::/48
Signature Algorithm: sha256WithRSAEncryption
4b:b5:d8:ac:8a:7e:a8:2f:2a:cb:35:0b:5e:1f:90:cc:67:ff:
cc:3e:16:f9:8d:a7:9e:40:67:6b:b4:f0:aa:d0:a8:a7:a0:14:
f9:6c:16:5f:5d:47:d4:35:86:16:ab:6e:ac:b9:78:a3:e2:b9:
b0:f9:5b:88:e8:3e:06:b7:51:13:34:1e:d3:23:bf:71:f5:2a:
21:a7:4c:5b:3f:29:8d:25:af:38:44:4b:2d:f9:41:0e:21:33:
2c:a6:89:ba:ef:60:21:de:6a:a3:a0:cb:e9:07:b3:06:8a:8c:
49:64:4d:27:d1:09:db:87:87:02:c4:af:47:9f:a6:dc:56:3a:
b0:ce:87:1d:43:77:4e:e9:68:f3:ab:01:81:b7:3f:dc:9d:c3:
e7:35:a5:87:29:3f:a9:c2:53:77:b0:87:24:65:d3:3e:54:45:
e8:05:a5:18:cf:4c:a5:ca:fd:5b:73:16:ed:a0:69:de:1b:f3:
1a:24:a5:34:d4:d1:43:5f:32:0b:42:91:e9:f4:1f:cf:a5:e0:
e4:64:20:43:f6:5b:e3:aa:26:28:c7:0a:94:25:ff:8f:47:7f:
c7:d9:45:f3:ac:d5:7e:2e:ed:0a:9e:44:9b:1e:16:7d:54:ea:
9b:65:81:10:e4:85:60:88:9b:0d:b0:a1:bf:08:95:f1:3f:7c:
17:0e:f2:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYNCVCu9AaPEJvEsDpMwuxxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YTMxNjI4NTY1ODIwYjNhNWEzZTFjZmM4Nzc3M2UyODNm
Yjk1YzEwHhcNMjIwOTE1MTgwNTU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTNlNTBlYmFhYzI4ZGQ5NTg0OWQxZDcyOWU0YzNiYWE4MWFhYWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyxiOFAs6cNPOlaaqC99KgEKdZhn
LUhOIbmQoyO/U1rJrWnx/WlP+67ErvikrcL2WEUvvxeWykBlIyIGtFdYGXdNd5dz
zkvQ20sjLmTFVzrQYVqJDLEjJn/GjsVGlkdhZ2inegxIetkKsivVbAVDQZrBDdcE
L82vk+xa+4O8NEAtN17oxQEVVShotaZPBUajjmYDPLKXX/ewQx1/V568muuhdGcN
iv4PGa6zLKQQ7udpyA1VWxJqcq6JmbpY00H/JGpJ6Ptva73EqEVeu4VTRBX07qh9
eNCGOIX/9EcLi+gzQ83dYabdMSr8VtxkvKZF3DWXfVyBBnyKc6U34XepGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO4+UOuqwo3ZWEnR1ynkw7qoGqqjMB8GA1UdIwQY
MBaAFMSjFihWWCCzpaPhz8h3c+KD+5XBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEtNV0tGWllJTE9sby1IUHlIZHo0b1A3bGNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi83YTgwYWEtMDAwYS00NzE0LWEyZmEt
ZmIzMDdiYWRlYzRkLzEvN2o1UTY2ckNqZGxZU2RIWEtlVER1cWdhcXFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi83YTgwYWEtMDAwYS00NzE0LWEyZmEtZmIzMDdiYWRlYzRk
LzEveEtNV0tGWllJTE9sby1IUHlIZHo0b1A3bGNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwwP8MA8E
AgACMAkDBwAgAQZ8A4AwDQYJKoZIhvcNAQELBQADggEBAEu12KyKfqgvKss1C14f
kMxn/8w+FvmNp55AZ2u08KrQqKegFPlsFl9dR9Q1hharbqy5eKPiubD5W4joPga3
URM0HtMjv3H1KiGnTFs/KY0lrzhESy35QQ4hMyymibrvYCHeaqOgy+kHswaKjElk
TSfRCduHhwLEr0efptxWOrDOhx1Dd07paPOrAYG3P9ydw+c1pYcpP6nCU3ewhyRl
0z5URegFpRjPTKXK/VtzFu2gad4b8xokpTTU0UNfMgtCken0H8+l4ORkIEP2W+Oq
JijHCpQl/49Hf8fZRfOs1X4u7QqeRJseFn1U6ptlgRDkhWCImw2wob8IlfE/fBcO
8h0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:44 2023 by rpki-client on console-ams.rpki-client.org