Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/3R9SMrQ5wErPrqCvr0TQbjchhL8.roa
File: 3R9SMrQ5wErPrqCvr0TQbjchhL8.roa (raw, json)
Hash identifier: EbsYRRsN/cknhi6DX13gsKlNJXB9dqIcYUHdwjNhlfM=
Subject key identifier: DD:1F:52:32:B4:39:C0:4A:CF:AE:A0:AF:AF:44:D0:6E:37:21:84:BF
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 018F609E
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/3R9SMrQ5wErPrqCvr0TQbjchhL8.roa
Signing time: Tue 29 Mar 2022 06:52:06 +0000
ROA not before: Tue 29 Mar 2022 06:52:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8778
IP address blocks: 195.80.160.0/19 maxlen: 19
195.28.64.0/19 maxlen: 19
2a00:9060::/32 maxlen: 32
2a02:dd8::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26173598 (0x18f609e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Mar 29 06:52:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd1f5232b439c04acfaea0afaf44d06e372184bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8b:a7:1d:0e:20:4a:35:68:46:e7:20:a0:45:
3e:67:fc:e2:d8:a6:84:2a:dd:8d:da:73:88:b7:8c:
7e:34:60:d9:e1:ff:e4:6d:d7:e8:4e:38:10:4b:7d:
af:ce:82:b9:0a:93:be:e7:c0:c1:5a:89:d9:a9:c5:
b6:b6:79:53:72:b2:d7:19:b7:18:5c:ec:5e:a1:f9:
dc:c9:53:bd:7d:16:e4:f7:e0:15:9b:26:b1:ca:7c:
4c:64:6f:2b:08:9c:c6:99:96:6e:f1:05:bb:16:8b:
f4:33:65:06:aa:2c:35:a9:59:45:2b:46:a6:bd:75:
70:6b:70:19:05:ca:87:d0:7e:d1:a3:fd:00:90:8a:
b0:d8:b9:14:0b:3c:11:bf:e7:4d:42:b8:72:a1:62:
e5:25:db:d0:40:a9:6f:e8:b6:83:1e:2d:27:4e:a1:
e3:d7:bb:8b:88:8c:4c:7e:53:30:0d:1d:e1:39:a5:
24:ed:32:02:a2:17:1c:12:d6:48:fe:d1:a9:63:c4:
eb:c8:6e:3e:80:4d:69:79:2d:c7:ce:a7:77:a0:ea:
5b:32:0d:55:46:e2:16:0c:45:34:b0:a5:35:d7:5b:
02:ec:7f:cf:fa:c1:ca:af:ff:7e:80:da:f2:83:aa:
d1:47:21:a5:f6:8f:ee:fd:d5:9a:d9:f2:c1:0c:38:
26:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1F:52:32:B4:39:C0:4A:CF:AE:A0:AF:AF:44:D0:6E:37:21:84:BF
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/3R9SMrQ5wErPrqCvr0TQbjchhL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.28.64.0/19
195.80.160.0/19
IPv6:
2a00:9060::/32
2a02:dd8::/29
Signature Algorithm: sha256WithRSAEncryption
61:5a:99:37:73:b9:86:a0:14:7c:eb:59:39:5f:a6:d5:7a:c0:
b8:4c:4e:59:eb:6c:ea:39:c0:0b:38:46:ac:4a:30:78:fc:7d:
20:f7:71:6c:97:67:7f:9d:1d:85:75:de:1f:31:52:1c:d1:fa:
9a:9c:85:16:e1:17:e2:df:f3:14:68:c4:d8:14:f7:53:72:df:
6f:08:d9:d0:cf:9d:48:7d:62:54:88:b9:4a:9d:9e:da:5d:67:
a2:04:49:4e:a5:de:53:5a:d3:ec:97:fb:2b:8d:ed:37:36:7e:
9a:43:fa:09:79:2e:5f:01:86:dc:24:38:be:80:8b:5f:8d:f8:
76:aa:49:57:f7:d1:e1:84:d7:51:84:2b:6d:20:0a:7c:42:58:
6b:b3:e4:a4:4f:0c:41:bc:58:5f:4e:46:e0:ae:a7:29:ce:64:
6c:e6:f9:76:35:b0:a9:bd:b0:ad:63:f6:59:ce:93:64:b2:3c:
96:54:5c:7e:15:e2:f4:47:fb:0d:28:4e:3e:04:46:5e:5b:12:
c4:a4:a7:fa:97:e3:b8:50:d2:14:7c:60:d2:fc:e3:e2:0d:4e:
7b:75:7f:52:b3:34:c1:f2:2d:ee:07:5d:da:c2:71:cf:14:a7:
cb:e1:7e:d0:68:85:38:8c:e5:28:a8:dc:64:dc:02:75:b7:b3:
4d:8b:d9:8e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEAY9gnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGEyYWUyY2QwOTQzMzMwMThjNDFkYWFmYjQ3NGM2Y2ZhODBkMDdkMB4XDTIyMDMy
OTA2NTIwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQxZjUyMzJiNDM5
YzA0YWNmYWVhMGFmYWY0NGQwNmUzNzIxODRiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeLpx0OIEo1aEbnIKBFPmf84timhCrdjdpziLeMfjRg2eH/
5G3X6E44EEt9r86CuQqTvufAwVqJ2anFtrZ5U3Ky1xm3GFzsXqH53MlTvX0W5Pfg
FZsmscp8TGRvKwicxpmWbvEFuxaL9DNlBqosNalZRStGpr11cGtwGQXKh9B+0aP9
AJCKsNi5FAs8Eb/nTUK4cqFi5SXb0ECpb+i2gx4tJ06h49e7i4iMTH5TMA0d4Tml
JO0yAqIXHBLWSP7RqWPE68huPoBNaXktx86nd6DqWzINVUbiFgxFNLClNddbAux/
z/rByq//foDa8oOq0UchpfaP7v3VmtnywQw4JlcCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBTdH1IytDnASs+uoK+vRNBuNyGEvzAfBgNVHSMEGDAWgBQEoq4s0JQzMBjE
Har7R0xs+oDQfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JLS3VMTkNVTXpBWXhCMnEtMGRNYlBxQTBIMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvNjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8x
LzNSOVNNclE1d0VyUHJxQ3ZyMFRRYmpjaGhMOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
NjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8xL0JLS3VMTkNVTXpB
WXhCMnEtMGRNYlBxQTBIMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEBcMcQAMEBcNQoDAUBAIAAjAOAwUA
KgCQYAMFAyoCDdgwDQYJKoZIhvcNAQELBQADggEBAGFamTdzuYagFHzrWTlfptV6
wLhMTlnrbOo5wAs4RqxKMHj8fSD3cWyXZ3+dHYV13h8xUhzR+pqchRbhF+Lf8xRo
xNgU91Ny328I2dDPnUh9YlSIuUqdntpdZ6IESU6l3lNa0+yX+yuN7Tc2fppD+gl5
Ll8BhtwkOL6Ai1+N+HaqSVf30eGE11GEK20gCnxCWGuz5KRPDEG8WF9ORuCupynO
ZGzm+XY1sKm9sK1j9lnOk2SyPJZUXH4V4vRH+w0oTj4ERl5bEsSkp/qX47hQ0hR8
YNL84+INTnt1f1KzNMHyLe4HXdrCcc8Up8vhftBohTiM5Sio3GTcAnW3s02L2Y4=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:47 2023 by rpki-client on console-ams.rpki-client.org