Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/a3dzM-LVWtXpbcCEDGxntWlzcRQ.roa
File: a3dzM-LVWtXpbcCEDGxntWlzcRQ.roa (raw, json)
Hash identifier: yea9ALok7Diif1WBX8qu7jgxYjjUKGtREfnOaHAznbc=
Subject key identifier: 6B:77:73:33:E2:D5:5A:D5:E9:6D:C0:84:0C:6C:67:B5:69:73:71:14
Certificate issuer: /CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Certificate serial: 040853DA
Authority key identifier: D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/a3dzM-LVWtXpbcCEDGxntWlzcRQ.roa
Signing time: Sat 01 Jan 2022 13:56:34 +0000
ROA not before: Sat 01 Jan 2022 13:56:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204526
IP address blocks: 94.177.8.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67654618 (0x40853da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Validity
Not Before: Jan 1 13:56:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b777333e2d55ad5e96dc0840c6c67b569737114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:97:03:c0:df:03:57:d1:b2:2e:ee:c1:6d:a6:
e2:5a:8c:12:b3:f9:cb:e7:cb:44:6c:70:e0:27:a2:
98:53:53:83:df:08:8a:ab:44:2b:c4:51:6e:b5:3f:
a5:65:79:f9:08:ad:1c:05:be:5d:95:86:08:49:75:
80:4e:21:43:2d:9e:99:28:8d:d3:80:10:cf:76:3e:
7c:1f:58:87:bc:2d:09:4e:d8:a7:2f:e2:88:d7:68:
3c:16:d8:b7:b6:83:45:3e:2f:22:a8:8c:3c:17:05:
4b:e2:d5:ab:44:cf:18:cb:78:02:79:cf:d3:5d:ab:
d5:fe:c1:68:05:2e:a2:3d:7b:75:3c:2c:a0:85:6a:
2f:fd:26:4e:c8:25:f8:53:28:21:02:78:12:5b:0d:
55:a7:ef:a7:d7:d6:b3:a3:22:4d:15:c0:f8:7e:fc:
ce:a0:0d:45:35:42:dc:cc:2a:a8:ea:3b:2b:61:a5:
93:99:e2:75:f3:a5:30:cc:c6:34:ce:b3:82:a2:77:
b9:d0:ed:70:4a:a9:70:6d:5d:f7:3a:bb:bb:cd:30:
53:68:b8:b4:fe:c7:fe:28:80:59:a7:89:6b:01:72:
64:2c:94:db:38:d7:e7:13:e5:fa:94:f0:38:9a:59:
1d:3e:e2:1e:c7:58:84:f0:70:06:d1:31:e4:95:5a:
82:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:77:73:33:E2:D5:5A:D5:E9:6D:C0:84:0C:6C:67:B5:69:73:71:14
X509v3 Authority Key Identifier:
keyid:D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/a3dzM-LVWtXpbcCEDGxntWlzcRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.177.8.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:c4:3c:a0:5e:69:b1:50:e3:c9:dd:ad:59:63:b3:02:e7:63:
39:1e:b9:b5:fc:2d:02:46:a4:f3:ca:6d:07:9b:00:3a:75:68:
d5:22:02:6a:44:6c:4f:25:04:9a:45:0b:93:c8:da:41:eb:5b:
e3:7e:44:48:2c:0a:5e:88:21:ec:cf:e0:e7:95:fc:0a:78:a0:
39:37:97:85:72:9b:2d:55:e7:11:18:87:21:35:32:58:a4:06:
45:a4:d2:ae:06:37:ff:b9:b5:99:56:81:1a:98:43:57:37:71:
8c:ab:c9:a1:1d:66:c0:06:73:05:1c:9f:83:44:d1:6a:67:46:
34:bb:20:75:1c:37:6d:94:ad:43:20:cf:7a:ef:0d:81:80:f4:
1c:57:81:2b:13:c4:1e:8f:02:fe:7e:09:c0:f6:01:2b:26:78:
ac:3e:f9:c0:47:49:47:20:e2:b2:12:e0:38:19:60:34:b1:da:
22:b7:17:88:73:2f:2f:09:4a:b0:46:85:13:21:c8:19:25:28:
53:2e:3c:b2:d0:04:54:dc:fa:c6:4a:1a:79:d0:5a:97:0e:30:
22:99:3b:3e:2c:b7:44:d1:93:34:29:d4:ce:1a:76:51:5a:5e:
18:35:ab:6d:c0:18:f4:06:54:f8:3d:6c:d1:55:00:4a:fb:be:
2e:a9:8d:08
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBAhT2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGNmMGZiZDVmNmUxNzU5OTAzY2M2OWRlMGRjNGVhMjRjMWY4M2RmMB4XDTIyMDEw
MTEzNTYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI3NzczMzNlMmQ1
NWFkNWU5NmRjMDg0MGM2YzY3YjU2OTczNzExNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGXA8DfA1fRsi7uwW2m4lqMErP5y+fLRGxw4CeimFNTg98I
iqtEK8RRbrU/pWV5+QitHAW+XZWGCEl1gE4hQy2emSiN04AQz3Y+fB9Yh7wtCU7Y
py/iiNdoPBbYt7aDRT4vIqiMPBcFS+LVq0TPGMt4AnnP012r1f7BaAUuoj17dTws
oIVqL/0mTsgl+FMoIQJ4ElsNVafvp9fWs6MiTRXA+H78zqANRTVC3MwqqOo7K2Gl
k5nidfOlMMzGNM6zgqJ3udDtcEqpcG1d9zq7u80wU2i4tP7H/iiAWaeJawFyZCyU
2zjX5xPl+pTwOJpZHT7iHsdYhPBwBtEx5JVagskCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRrd3Mz4tVa1eltwIQMbGe1aXNxFDAfBgNVHSMEGDAWgBTUzw+9X24XWZA8
xp3g3E6iTB+D3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFNOFB2Vjl1RjFtUVBNYWQ0TnhPb2t3Zmc5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvZDM0ZmEyLTNhMzctNDMwOC1iNzgzLTU4NTdmMWMxNzYyNC8x
L2EzZHpNLUxWV3RYcGJjQ0VER3hudFdsemNSUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
ZDM0ZmEyLTNhMzctNDMwOC1iNzgzLTU4NTdmMWMxNzYyNC8xLzFNOFB2Vjl1RjFt
UVBNYWQ0TnhPb2t3Zmc5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAV6xCDANBgkqhkiG9w0BAQsFAAOC
AQEAXcQ8oF5psVDjyd2tWWOzAudjOR65tfwtAkak88ptB5sAOnVo1SICakRsTyUE
mkULk8jaQetb435ESCwKXogh7M/g55X8CnigOTeXhXKbLVXnERiHITUyWKQGRaTS
rgY3/7m1mVaBGphDVzdxjKvJoR1mwAZzBRyfg0TRamdGNLsgdRw3bZStQyDPeu8N
gYD0HFeBKxPEHo8C/n4JwPYBKyZ4rD75wEdJRyDishLgOBlgNLHaIrcXiHMvLwlK
sEaFEyHIGSUoUy48stAEVNz6xkoaedBalw4wIpk7Piy3RNGTNCnUzhp2UVpeGDWr
bcAY9AZU+D1s0VUASvu+LqmNCA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-fra.rpki-client.org