Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c05b70-d65a-46ed-a8ee-e2173ee37f91/1/s1pT7wWvnpx8ggvaZOMpQex7lK0.roa
File: s1pT7wWvnpx8ggvaZOMpQex7lK0.roa (raw, json)
Hash identifier: 3vAV/UCPJ+HCYlYx0ODcK5Klv4C/A/9e3kIrNKA5gyI=
Subject key identifier: B3:5A:53:EF:05:AF:9E:9C:7C:82:0B:DA:64:E3:29:41:EC:7B:94:AD
Certificate issuer: /CN=f69ff1c62b1afcf52ffdbd500dd47e1a68f13fc7
Certificate serial: 02FC621C
Authority key identifier: F6:9F:F1:C6:2B:1A:FC:F5:2F:FD:BD:50:0D:D4:7E:1A:68:F1:3F:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9p_xxisa_PUv_b1QDdR-GmjxP8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c05b70-d65a-46ed-a8ee-e2173ee37f91/1/s1pT7wWvnpx8ggvaZOMpQex7lK0.roa
Signing time: Sat 01 Jan 2022 14:02:31 +0000
ROA not before: Sat 01 Jan 2022 14:02:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 193.3.38.0/24 maxlen: 24
2a10:8e00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50094620 (0x2fc621c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f69ff1c62b1afcf52ffdbd500dd47e1a68f13fc7
Validity
Not Before: Jan 1 14:02:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b35a53ef05af9e9c7c820bda64e32941ec7b94ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3a:05:f2:3e:77:2f:38:e0:f0:17:e0:53:d8:
fe:6d:ec:9a:44:a2:2c:30:1a:68:7a:ef:28:56:23:
f7:00:eb:a7:b3:d0:14:96:55:c0:7a:49:3d:1f:18:
80:7e:dc:25:f1:80:32:ef:91:d0:fa:89:8f:49:9e:
2d:2d:58:35:bd:d9:d9:64:e0:0c:b1:ce:21:4a:46:
b4:8b:98:79:4a:2e:32:03:b2:44:45:62:14:7d:46:
58:4d:a4:cf:33:d7:2a:91:fc:7a:ef:0a:8a:73:65:
93:f8:a8:94:e7:20:16:ee:89:f1:8d:43:a2:09:1e:
06:ee:30:d3:14:75:09:d7:66:22:3d:d3:c1:d3:c6:
5b:3f:b4:6f:29:80:ac:c1:e4:cf:70:10:6a:50:97:
e4:62:90:5c:a2:09:4d:6e:e8:fb:80:99:24:26:4a:
bd:19:2e:96:91:9c:d7:32:7a:82:81:16:61:d1:3b:
73:e9:1a:4f:bb:4c:16:56:75:84:0f:04:13:54:58:
2d:3f:67:d6:e9:94:78:d7:66:7f:9d:ee:52:42:ed:
25:73:ec:44:43:99:8b:9e:6d:85:ea:82:ab:20:97:
f7:b9:91:91:3b:41:b5:36:56:d1:18:27:f4:dc:6e:
8b:1e:fb:d0:2f:ad:da:30:e1:dd:c9:c6:7c:0a:f9:
c7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5A:53:EF:05:AF:9E:9C:7C:82:0B:DA:64:E3:29:41:EC:7B:94:AD
X509v3 Authority Key Identifier:
keyid:F6:9F:F1:C6:2B:1A:FC:F5:2F:FD:BD:50:0D:D4:7E:1A:68:F1:3F:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9p_xxisa_PUv_b1QDdR-GmjxP8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c05b70-d65a-46ed-a8ee-e2173ee37f91/1/s1pT7wWvnpx8ggvaZOMpQex7lK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c05b70-d65a-46ed-a8ee-e2173ee37f91/1/9p_xxisa_PUv_b1QDdR-GmjxP8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.38.0/24
IPv6:
2a10:8e00::/32
Signature Algorithm: sha256WithRSAEncryption
ba:c5:0a:a5:14:bc:44:c9:7b:6c:55:f3:96:29:f3:de:36:0c:
52:d1:b8:ad:f6:b6:a8:99:76:76:0c:6a:d8:d1:b4:6f:73:dd:
42:c7:2d:44:28:2a:8d:34:e0:66:35:12:74:5f:60:e3:74:0a:
f7:10:b2:1a:5e:fa:4d:ad:59:1e:10:84:57:02:4d:d0:51:c0:
75:f7:03:d6:9a:c6:08:ac:16:46:12:b4:be:75:3d:f8:7a:c0:
42:70:7a:87:35:f8:16:8d:b7:b8:3a:e8:56:e1:d9:35:54:9c:
63:08:6e:a0:34:cb:1d:90:89:42:bf:73:6f:3d:58:54:3a:a2:
06:49:3a:bc:17:6b:19:94:13:06:56:0f:81:8b:74:da:ca:a3:
16:50:2b:17:2f:b6:c5:f9:aa:91:12:51:de:74:0b:a4:82:25:
a7:14:ce:9d:74:8d:85:dd:34:a0:4e:32:b2:2b:26:90:9d:52:
b9:5f:f1:76:59:b6:b6:3f:91:b7:ef:d5:db:96:4d:88:1a:6e:
ef:0c:4d:8c:b5:7c:36:f9:64:07:4a:8b:76:35:4c:11:b3:dd:
9a:30:d8:d6:33:e0:e0:58:7d:eb:81:23:5a:6c:d3:1f:98:21:
ea:db:8c:c5:02:4d:fd:68:53:34:fa:55:6d:05:19:d8:21:c8:
4a:49:73:c2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAvxiHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NjlmZjFjNjJiMWFmY2Y1MmZmZGJkNTAwZGQ0N2UxYTY4ZjEzZmM3MB4XDTIyMDEw
MTE0MDIzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjM1YTUzZWYwNWFm
OWU5YzdjODIwYmRhNjRlMzI5NDFlYzdiOTRhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOU6BfI+dy844PAX4FPY/m3smkSiLDAaaHrvKFYj9wDrp7PQ
FJZVwHpJPR8YgH7cJfGAMu+R0PqJj0meLS1YNb3Z2WTgDLHOIUpGtIuYeUouMgOy
REViFH1GWE2kzzPXKpH8eu8KinNlk/iolOcgFu6J8Y1DogkeBu4w0xR1CddmIj3T
wdPGWz+0bymArMHkz3AQalCX5GKQXKIJTW7o+4CZJCZKvRkulpGc1zJ6goEWYdE7
c+kaT7tMFlZ1hA8EE1RYLT9n1umUeNdmf53uUkLtJXPsREOZi55theqCqyCX97mR
kTtBtTZW0Rgn9Nxuix770C+t2jDh3cnGfAr5x/cCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSzWlPvBa+enHyCC9pk4ylB7HuUrTAfBgNVHSMEGDAWgBT2n/HGKxr89S/9
vVAN1H4aaPE/xzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlwX3h4aXNhX1BVdl9iMVFEZFItR21qeFA4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvYzA1YjcwLWQ2NWEtNDZlZC1hOGVlLWUyMTczZWUzN2Y5MS8x
L3MxcFQ3d1d2bnB4OGdndmFaT01wUWV4N2xLMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
YzA1YjcwLWQ2NWEtNDZlZC1hOGVlLWUyMTczZWUzN2Y5MS8xLzlwX3h4aXNhX1BV
dl9iMVFEZFItR21qeFA4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMEDJjANBAIAAjAHAwUAKhCOADAN
BgkqhkiG9w0BAQsFAAOCAQEAusUKpRS8RMl7bFXzlinz3jYMUtG4rfa2qJl2dgxq
2NG0b3PdQsctRCgqjTTgZjUSdF9g43QK9xCyGl76Ta1ZHhCEVwJN0FHAdfcD1prG
CKwWRhK0vnU9+HrAQnB6hzX4Fo23uDroVuHZNVScYwhuoDTLHZCJQr9zbz1YVDqi
Bkk6vBdrGZQTBlYPgYt02sqjFlArFy+2xfmqkRJR3nQLpIIlpxTOnXSNhd00oE4y
sismkJ1SuV/xdlm2tj+Rt+/V25ZNiBpu7wxNjLV8NvlkB0qLdjVMEbPdmjDY1jPg
4Fh964EjWmzTH5gh6tuMxQJN/WhTNPpVbQUZ2CHISklzwg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:58 2023 by rpki-client on console-ams.rpki-client.org