Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/508017-e484-4094-807c-86a3a795da49/1/z3H4uLx9HDo_SEQ0zXpO0B6SNbY.roa
File: z3H4uLx9HDo_SEQ0zXpO0B6SNbY.roa (raw, json)
Hash identifier: kecLc/Lu/F+WBHz71ej1FtGtFUbu0UvAfFNJzP+lH4g=
Subject key identifier: CF:71:F8:B8:BC:7D:1C:3A:3F:48:44:34:CD:7A:4E:D0:1E:92:35:B6
Certificate issuer: /CN=1da3393991409489ef9fd7460a75a370cae9dca7
Certificate serial: A2C0C0
Authority key identifier: 1D:A3:39:39:91:40:94:89:EF:9F:D7:46:0A:75:A3:70:CA:E9:DC:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HaM5OZFAlInvn9dGCnWjcMrp3Kc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/508017-e484-4094-807c-86a3a795da49/1/z3H4uLx9HDo_SEQ0zXpO0B6SNbY.roa
Signing time: Mon 24 Jan 2022 21:53:28 +0000
ROA not before: Mon 24 Jan 2022 21:53:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 194.45.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10666176 (0xa2c0c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1da3393991409489ef9fd7460a75a370cae9dca7
Validity
Not Before: Jan 24 21:53:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf71f8b8bc7d1c3a3f484434cd7a4ed01e9235b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:55:d3:24:8c:4b:d4:e7:cd:78:10:e1:26:7a:
16:66:c3:7b:7a:45:b2:aa:2f:88:e4:0d:63:31:6d:
71:e7:02:8c:10:a8:7d:c5:a7:62:a4:e1:e3:d3:e1:
52:d3:4f:68:bc:24:bf:f8:68:fe:50:f2:e4:4b:bc:
86:c5:eb:04:32:a3:4e:39:44:32:86:d2:84:97:d8:
05:73:ad:6b:18:7b:7e:d0:f9:98:7f:4c:2a:32:f1:
a4:89:cf:e2:02:73:73:16:11:e6:9d:c3:ab:d3:58:
44:4b:6c:b5:e8:39:d5:45:e5:c0:6a:4f:1e:f0:fb:
a5:3f:9d:06:21:b3:ae:6c:68:30:d5:a3:1b:2c:be:
ff:2c:c6:be:55:44:c0:e0:02:51:23:21:9d:89:6c:
ad:60:a0:92:e2:42:6c:de:76:a3:ea:45:13:31:c1:
10:56:7d:3f:3c:29:e9:bb:e0:9e:14:3a:15:3f:c6:
5f:1d:ba:8c:e1:eb:c7:f8:a4:76:48:91:70:d3:a4:
0b:5b:3d:82:13:7e:f7:fb:4b:3d:f9:e7:0a:40:c5:
75:d4:ac:31:b0:e2:5a:4e:52:43:ee:74:89:e5:05:
22:cf:52:df:8f:93:b7:30:f9:12:65:33:22:0d:1c:
d1:fb:d6:77:aa:a0:8d:6e:9f:57:2b:ec:cb:36:c2:
bf:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:71:F8:B8:BC:7D:1C:3A:3F:48:44:34:CD:7A:4E:D0:1E:92:35:B6
X509v3 Authority Key Identifier:
keyid:1D:A3:39:39:91:40:94:89:EF:9F:D7:46:0A:75:A3:70:CA:E9:DC:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HaM5OZFAlInvn9dGCnWjcMrp3Kc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/508017-e484-4094-807c-86a3a795da49/1/z3H4uLx9HDo_SEQ0zXpO0B6SNbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/508017-e484-4094-807c-86a3a795da49/1/HaM5OZFAlInvn9dGCnWjcMrp3Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.45.100.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:9a:96:69:fe:18:11:a4:3e:ad:ad:f5:b4:6e:81:47:e4:ab:
8e:c5:ec:19:cb:46:d1:a3:5a:72:7a:2f:a5:97:1a:81:44:a7:
e7:ab:81:7e:54:93:01:e4:47:1a:48:55:c6:72:00:a2:7f:cc:
2c:f4:bb:76:78:e8:ea:37:b1:f9:61:75:1a:31:1f:44:fd:3f:
f2:6d:74:5e:a2:5d:04:96:4b:7d:3f:8e:59:50:13:23:e9:76:
64:d4:dc:d0:7e:af:fd:39:7e:1b:3d:2e:a1:7e:bc:71:95:a1:
06:28:2e:49:ef:ed:f3:a0:36:6f:53:1e:45:72:07:d9:54:e8:
6a:a3:c4:2f:0b:64:f1:c9:9a:08:36:72:ce:16:51:c8:d0:d6:
da:67:b0:4c:43:5f:59:87:e1:59:0d:9a:84:58:94:70:ee:fd:
dd:07:8f:bc:0b:3b:84:de:f2:3f:e9:86:29:69:01:02:e2:ab:
0e:02:19:a8:d6:d3:bd:10:bb:f0:67:64:01:8b:0a:12:08:ce:
05:21:95:75:72:32:17:28:ad:7b:a7:ef:85:d5:0e:a9:73:ea:
a7:a5:d6:4c:cd:23:0b:dc:25:1b:55:0e:ca:25:50:ef:95:70:
9c:e9:55:97:60:90:d5:0b:b0:99:6a:cc:69:0d:82:cb:cd:42:
ec:3f:8a:69
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKLAwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGEzMzkzOTkxNDA5NDg5ZWY5ZmQ3NDYwYTc1YTM3MGNhZTlkY2E3MB4XDTIyMDEy
NDIxNTMyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Y3MWY4YjhiYzdk
MWMzYTNmNDg0NDM0Y2Q3YTRlZDAxZTkyMzViNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKNV0ySMS9TnzXgQ4SZ6FmbDe3pFsqoviOQNYzFtcecCjBCo
fcWnYqTh49PhUtNPaLwkv/ho/lDy5Eu8hsXrBDKjTjlEMobShJfYBXOtaxh7ftD5
mH9MKjLxpInP4gJzcxYR5p3Dq9NYREtsteg51UXlwGpPHvD7pT+dBiGzrmxoMNWj
Gyy+/yzGvlVEwOACUSMhnYlsrWCgkuJCbN52o+pFEzHBEFZ9Pzwp6bvgnhQ6FT/G
Xx26jOHrx/ikdkiRcNOkC1s9ghN+9/tLPfnnCkDFddSsMbDiWk5SQ+50ieUFIs9S
34+TtzD5EmUzIg0c0fvWd6qgjW6fVyvsyzbCv8sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTPcfi4vH0cOj9IRDTNek7QHpI1tjAfBgNVHSMEGDAWgBQdozk5kUCUie+f
10YKdaNwyuncpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hhTTVPWkZBbEludm45ZEdDbldqY01ycDNLYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvNTA4MDE3LWU0ODQtNDA5NC04MDdjLTg2YTNhNzk1ZGE0OS8x
L3ozSDR1THg5SERvX1NFUTB6WHBPMEI2U05iWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
NTA4MDE3LWU0ODQtNDA5NC04MDdjLTg2YTNhNzk1ZGE0OS8xL0hhTTVPWkZBbElu
dm45ZEdDbldqY01ycDNLYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMItZDANBgkqhkiG9w0BAQsFAAOC
AQEA0JqWaf4YEaQ+ra31tG6BR+SrjsXsGctG0aNacnovpZcagUSn56uBflSTAeRH
GkhVxnIAon/MLPS7dnjo6jex+WF1GjEfRP0/8m10XqJdBJZLfT+OWVATI+l2ZNTc
0H6v/Tl+Gz0uoX68cZWhBiguSe/t86A2b1MeRXIH2VToaqPELwtk8cmaCDZyzhZR
yNDW2mewTENfWYfhWQ2ahFiUcO793QePvAs7hN7yP+mGKWkBAuKrDgIZqNbTvRC7
8GdkAYsKEgjOBSGVdXIyFyite6fvhdUOqXPqp6XWTM0jC9wlG1UOyiVQ75VwnOlV
l2CQ1QuwmWrMaQ2Cy81C7D+KaQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:46 2023 by rpki-client on console-ams.rpki-client.org