Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/cad2dd-9136-4045-86a2-25c2a31d7b6c/1/C3U-68YpTuhNtCFA1E9LOg6m7UI.roa
File: C3U-68YpTuhNtCFA1E9LOg6m7UI.roa (raw, json)
Hash identifier: u86fPZKKsa03j2RjTwG/SPDdxvw0jG+lnVFA3/fnUmQ=
Subject key identifier: 0B:75:3E:EB:C6:29:4E:E8:4D:B4:21:40:D4:4F:4B:3A:0E:A6:ED:42
Certificate issuer: /CN=5a76d183993d141dd0662ce31d367b784d3d228f
Certificate serial: 9D3CDF
Authority key identifier: 5A:76:D1:83:99:3D:14:1D:D0:66:2C:E3:1D:36:7B:78:4D:3D:22:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WnbRg5k9FB3QZizjHTZ7eE09Io8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/cad2dd-9136-4045-86a2-25c2a31d7b6c/1/C3U-68YpTuhNtCFA1E9LOg6m7UI.roa
Signing time: Sat 01 Jan 2022 00:56:52 +0000
ROA not before: Sat 01 Jan 2022 00:56:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50340
IP address blocks: 195.96.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10304735 (0x9d3cdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a76d183993d141dd0662ce31d367b784d3d228f
Validity
Not Before: Jan 1 00:56:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b753eebc6294ee84db42140d44f4b3a0ea6ed42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f1:08:bf:02:1d:dc:13:5c:bd:81:32:74:50:
2f:7d:6d:dc:c8:7e:88:28:ef:2b:46:a7:03:bf:23:
ae:cd:d3:19:ba:d5:14:f3:99:6e:c9:4f:ef:3f:5b:
43:c1:24:ac:d4:73:6f:ce:43:f4:8c:36:f8:1b:ac:
76:4d:85:51:3a:df:b1:65:f0:f7:3f:e3:33:96:24:
d3:c9:4b:3f:36:82:4f:b5:e4:6b:79:39:7c:42:8f:
f5:61:27:db:34:23:e4:3c:bf:50:43:64:7b:e9:7a:
0f:79:35:80:be:09:c1:51:5a:03:80:66:33:42:33:
1e:47:db:d8:6f:a5:65:da:2a:b6:24:de:94:ba:f4:
a5:34:a7:6b:1c:7e:4c:29:a7:99:02:ef:6c:77:fe:
7b:0e:d3:8e:cd:db:51:ec:62:68:96:41:c3:52:f6:
2f:f5:61:60:a9:3e:c9:78:e4:20:28:5d:19:56:ed:
e5:9d:f6:46:d8:a7:8e:04:52:17:97:86:cd:e1:e6:
bf:bb:40:fa:c9:e8:51:f1:a6:93:75:49:9a:31:8c:
94:01:ba:3a:ca:34:64:da:b7:78:30:e0:5a:e3:cf:
8a:c1:83:08:39:ec:62:7c:aa:bb:9e:fb:e6:28:bf:
75:a6:d8:da:13:7a:c4:bf:86:b4:58:b6:d9:d0:11:
d3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:75:3E:EB:C6:29:4E:E8:4D:B4:21:40:D4:4F:4B:3A:0E:A6:ED:42
X509v3 Authority Key Identifier:
keyid:5A:76:D1:83:99:3D:14:1D:D0:66:2C:E3:1D:36:7B:78:4D:3D:22:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnbRg5k9FB3QZizjHTZ7eE09Io8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/cad2dd-9136-4045-86a2-25c2a31d7b6c/1/C3U-68YpTuhNtCFA1E9LOg6m7UI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/cad2dd-9136-4045-86a2-25c2a31d7b6c/1/WnbRg5k9FB3QZizjHTZ7eE09Io8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.147.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:5e:4e:cb:5e:3c:e1:f0:83:b9:3d:d4:da:3b:a5:9a:57:75:
b8:2b:e4:ce:1d:3e:1e:c7:5b:cf:3f:7b:bb:17:47:aa:65:b0:
5f:6a:81:4d:2f:33:20:28:51:f5:50:a1:0d:39:db:89:2c:8d:
f7:fc:ac:1e:b8:bf:e4:8f:b2:12:b6:f0:01:ee:4e:fc:59:7e:
66:ab:cf:40:e7:c1:c8:b7:7b:bf:82:a9:12:01:ac:bc:9c:8b:
37:ed:8c:12:14:7d:da:11:69:49:d6:aa:73:0c:f2:fe:ea:37:
10:84:7b:b3:91:6c:64:21:aa:3b:38:36:82:e5:75:eb:32:25:
70:94:bf:dc:60:82:5b:c7:01:21:bd:42:ac:c8:29:9a:21:49:
7f:84:b5:42:81:71:58:11:6c:4e:df:16:63:9e:d1:7a:cc:52:
ba:b7:66:e6:38:b0:35:ce:7f:e2:69:84:c3:b1:32:c5:3c:64:
9e:90:9e:cd:bd:c7:5f:53:29:b1:df:f7:96:3a:8e:80:ed:11:
d6:fa:58:99:4e:43:19:35:ac:34:7e:d3:b5:99:3f:75:37:e2:
9c:da:5f:af:6a:f6:03:16:69:5f:3b:f2:7d:68:34:80:45:97:
46:da:ff:38:90:de:77:81:44:93:43:58:a9:8e:3b:b8:c0:af:
d7:ef:a5:59
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJ083zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTc2ZDE4Mzk5M2QxNDFkZDA2NjJjZTMxZDM2N2I3ODRkM2QyMjhmMB4XDTIyMDEw
MTAwNTY1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGI3NTNlZWJjNjI5
NGVlODRkYjQyMTQwZDQ0ZjRiM2EwZWE2ZWQ0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7xCL8CHdwTXL2BMnRQL31t3Mh+iCjvK0anA78jrs3TGbrV
FPOZbslP7z9bQ8EkrNRzb85D9Iw2+Busdk2FUTrfsWXw9z/jM5Yk08lLPzaCT7Xk
a3k5fEKP9WEn2zQj5Dy/UENke+l6D3k1gL4JwVFaA4BmM0IzHkfb2G+lZdoqtiTe
lLr0pTSnaxx+TCmnmQLvbHf+ew7Tjs3bUexiaJZBw1L2L/VhYKk+yXjkIChdGVbt
5Z32RtinjgRSF5eGzeHmv7tA+snoUfGmk3VJmjGMlAG6Oso0ZNq3eDDgWuPPisGD
CDnsYnyqu5775ii/dabY2hN6xL+GtFi22dAR0wMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQLdT7rxilO6E20IUDUT0s6DqbtQjAfBgNVHSMEGDAWgBRadtGDmT0UHdBm
LOMdNnt4TT0ijzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1duYlJnNWs5RkIzUVppempIVFo3ZUUwOUlvOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvY2FkMmRkLTkxMzYtNDA0NS04NmEyLTI1YzJhMzFkN2I2Yy8x
L0MzVS02OFlwVHVoTnRDRkExRTlMT2c2bTdVSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
Y2FkMmRkLTkxMzYtNDA0NS04NmEyLTI1YzJhMzFkN2I2Yy8xL1duYlJnNWs5RkIz
UVppempIVFo3ZUUwOUlvOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMNgkzANBgkqhkiG9w0BAQsFAAOC
AQEAtl5Oy1484fCDuT3U2julmld1uCvkzh0+Hsdbzz97uxdHqmWwX2qBTS8zIChR
9VChDTnbiSyN9/ysHri/5I+yErbwAe5O/Fl+ZqvPQOfByLd7v4KpEgGsvJyLN+2M
EhR92hFpSdaqcwzy/uo3EIR7s5FsZCGqOzg2guV16zIlcJS/3GCCW8cBIb1CrMgp
miFJf4S1QoFxWBFsTt8WY57ResxSurdm5jiwNc5/4mmEw7EyxTxknpCezb3HX1Mp
sd/3ljqOgO0R1vpYmU5DGTWsNH7TtZk/dTfinNpfr2r2AxZpXzvyfWg0gEWXRtr/
OJDed4FEk0NYqY47uMCv1++lWQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:45 2023 by rpki-client on console-ams.rpki-client.org