Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ab3sTVJa76YO_W9WPCqoboZPM24.roa
File: ab3sTVJa76YO_W9WPCqoboZPM24.roa (raw, json)
Hash identifier: /YMLrpHg6yYNXAJg3Tr8PWNnfAiGoLWYlHzpebwt6e4=
Subject key identifier: 69:BD:EC:4D:52:5A:EF:A6:0E:FD:6F:56:3C:2A:A8:6E:86:4F:33:6E
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 3A082DB6
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ab3sTVJa76YO_W9WPCqoboZPM24.roa
Signing time: Sat 01 Jan 2022 14:00:40 +0000
ROA not before: Sat 01 Jan 2022 14:00:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201488
IP address blocks: 94.42.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 973614518 (0x3a082db6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 14:00:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69bdec4d525aefa60efd6f563c2aa86e864f336e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7b:b1:a8:9e:35:c7:38:03:25:53:57:3e:39:
fb:c1:41:09:52:85:09:54:ae:d8:c6:f3:fa:92:e0:
39:52:0e:25:35:ea:7d:90:99:75:40:f3:6a:cb:68:
eb:31:c0:ca:95:bd:64:7c:7f:60:b5:af:96:33:ab:
48:d5:2b:8a:26:86:a8:df:ef:7f:72:2e:2b:0c:a0:
e2:43:6d:b1:37:19:5a:95:02:55:9f:5d:db:5f:2c:
88:54:e2:a6:56:d6:ea:3d:8c:56:a7:bd:aa:f1:2e:
1d:7d:63:0c:42:4c:a3:e9:45:1e:40:ad:41:4d:00:
f5:d8:a0:c0:85:99:6f:69:55:05:63:a7:dc:d1:48:
e5:2b:2b:bc:35:fc:c0:01:fe:a2:3e:31:ce:44:61:
b3:87:3f:42:da:bc:e1:64:84:1e:b7:d0:35:70:ff:
78:bf:5b:90:b2:5a:44:0b:77:9f:f7:24:c0:e8:59:
81:97:88:6d:c8:c2:8b:df:14:4c:0b:fe:60:9f:32:
67:88:71:3c:6a:5c:14:fe:e3:71:61:d8:a7:e3:3b:
49:00:ab:b4:38:8e:c0:48:4b:e3:52:59:3d:31:f2:
76:fd:f3:35:b8:30:1e:26:3e:2e:2b:53:83:a4:d1:
84:54:4e:b2:80:ff:6e:23:e1:44:79:9c:03:27:34:
c1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BD:EC:4D:52:5A:EF:A6:0E:FD:6F:56:3C:2A:A8:6E:86:4F:33:6E
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ab3sTVJa76YO_W9WPCqoboZPM24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.42.89.0/24
Signature Algorithm: sha256WithRSAEncryption
77:8f:e9:6b:bc:0e:94:95:a8:e9:18:33:56:50:2e:5a:fa:b9:
f4:16:ba:65:14:95:bb:6c:b8:03:e1:f1:02:38:76:73:70:c5:
45:dc:b3:8c:dc:d1:62:90:06:41:bb:33:64:3c:e1:6f:f6:3a:
65:16:d0:2b:33:ab:32:38:93:05:27:ae:df:fb:47:88:1c:ce:
31:b9:6f:68:2f:47:a2:e1:04:9f:6e:0d:fe:d9:de:d0:f6:1d:
26:d9:b6:6b:5d:13:40:fc:0f:94:4a:8d:f7:fe:cb:6e:c8:48:
bb:ff:9a:01:87:08:52:3f:b1:9d:23:2f:ab:ef:c2:7f:e9:af:
40:ee:5b:4e:1e:e6:d9:5c:0d:3f:2e:bd:5f:91:88:13:fd:0b:
d9:e1:d3:22:3a:6a:ae:87:15:ac:0d:41:b0:15:17:52:f3:7d:
ec:10:ea:b9:3e:63:b8:04:05:76:58:c4:fa:58:00:e4:c9:83:
b8:bb:49:e7:8d:21:57:fa:39:f3:d3:31:fb:a1:00:2f:3b:6f:
ab:ce:0a:59:a2:f0:a4:5d:b0:ea:32:f3:bc:8c:20:70:40:e7:
b1:0c:36:47:95:a7:1b:f8:d7:ef:82:0a:4a:d3:30:6a:98:65:
10:ed:44:6d:a4:64:aa:6f:89:44:91:33:a2:07:f3:84:bc:c7:
64:c9:52:5a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOggttjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDA0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjliZGVjNGQ1MjVh
ZWZhNjBlZmQ2ZjU2M2MyYWE4NmU4NjRmMzM2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL17saieNcc4AyVTVz45+8FBCVKFCVSu2Mbz+pLgOVIOJTXq
fZCZdUDzasto6zHAypW9ZHx/YLWvljOrSNUriiaGqN/vf3IuKwyg4kNtsTcZWpUC
VZ9d218siFTiplbW6j2MVqe9qvEuHX1jDEJMo+lFHkCtQU0A9digwIWZb2lVBWOn
3NFI5SsrvDX8wAH+oj4xzkRhs4c/Qtq84WSEHrfQNXD/eL9bkLJaRAt3n/ckwOhZ
gZeIbcjCi98UTAv+YJ8yZ4hxPGpcFP7jcWHYp+M7SQCrtDiOwEhL41JZPTHydv3z
NbgwHiY+LitTg6TRhFROsoD/biPhRHmcAyc0wV0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRpvexNUlrvpg79b1Y8Kqhuhk8zbjAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L2FiM3NUVkphNzZZT19XOVdQQ3FvYm9aUE0yNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF4qWTANBgkqhkiG9w0BAQsFAAOC
AQEAd4/pa7wOlJWo6RgzVlAuWvq59Ba6ZRSVu2y4A+HxAjh2c3DFRdyzjNzRYpAG
QbszZDzhb/Y6ZRbQKzOrMjiTBSeu3/tHiBzOMblvaC9HouEEn24N/tne0PYdJtm2
a10TQPwPlEqN9/7LbshIu/+aAYcIUj+xnSMvq+/Cf+mvQO5bTh7m2VwNPy69X5GI
E/0L2eHTIjpqrocVrA1BsBUXUvN97BDquT5juAQFdljE+lgA5MmDuLtJ540hV/o5
89Mx+6EALztvq84KWaLwpF2w6jLzvIwgcEDnsQw2R5WnG/jX74IKStMwaphlEO1E
baRkqm+JRJEzogfzhLzHZMlSWg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:02 2023 by rpki-client on console-ams.rpki-client.org