Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/b9a830-6992-49c6-8973-eacb4965fe38/1/3aPndK7nXlrt0guyzgVNGjNIsAs.roa
File: 3aPndK7nXlrt0guyzgVNGjNIsAs.roa (raw, json)
Hash identifier: jXfwaqX3N50+YVBUcKUxhy7mmNr9vZOCeVUu4m8WV6k=
Subject key identifier: DD:A3:E7:74:AE:E7:5E:5A:ED:D2:0B:B2:CE:05:4D:1A:33:48:B0:0B
Certificate issuer: /CN=4c3e9da3bf593802cc833fe5d947a52696f58c8d
Certificate serial: 056F0EF0
Authority key identifier: 4C:3E:9D:A3:BF:59:38:02:CC:83:3F:E5:D9:47:A5:26:96:F5:8C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TD6do79ZOALMgz_l2UelJpb1jI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/b9a830-6992-49c6-8973-eacb4965fe38/1/3aPndK7nXlrt0guyzgVNGjNIsAs.roa
Signing time: Sat 01 Jan 2022 10:59:35 +0000
ROA not before: Sat 01 Jan 2022 10:59:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39122
IP address blocks: 193.203.126.0/24 maxlen: 24
2a0d:1f00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91164400 (0x56f0ef0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c3e9da3bf593802cc833fe5d947a52696f58c8d
Validity
Not Before: Jan 1 10:59:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dda3e774aee75e5aedd20bb2ce054d1a3348b00b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:db:ee:af:d8:46:12:1a:50:49:27:71:f4:c7:
09:1f:93:cc:87:9e:b4:f8:79:20:99:b8:e5:55:8c:
ac:ef:56:ad:96:2c:51:f6:a2:21:a2:d6:39:4d:89:
d7:6f:02:e3:a9:80:8b:d6:6d:97:94:03:f7:21:1c:
3f:26:20:2a:9a:60:94:8d:84:94:7f:b6:bc:5e:18:
f1:21:86:57:0e:82:8b:0e:dc:eb:90:2a:3b:9c:1f:
da:c5:5e:a4:14:06:ba:41:09:dc:1f:55:ae:f5:8b:
40:0f:b9:ff:8f:cb:27:6b:bc:77:44:7e:6f:9e:c6:
df:a8:3c:c0:e7:df:03:ec:7d:7e:f7:6f:ae:f2:dd:
27:86:c7:be:e0:89:57:44:49:fc:1c:4f:89:43:c7:
59:17:61:c9:69:ea:4c:d9:6d:f9:46:88:b8:d9:c2:
94:77:13:b5:b5:b9:80:fc:ec:ec:e3:c2:b5:1c:0e:
d6:63:a9:52:e3:e0:ba:68:1a:b6:14:a7:dd:fe:7f:
1e:40:6f:3c:a1:a6:76:62:df:7b:f4:e8:5c:60:80:
35:89:94:eb:87:35:7a:62:5f:fe:d0:d2:11:d5:09:
9b:b9:1e:f8:67:7e:1e:19:3b:67:f5:e9:4d:61:f2:
bf:00:59:85:db:2e:01:4f:75:d9:f8:57:0f:36:f2:
f6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A3:E7:74:AE:E7:5E:5A:ED:D2:0B:B2:CE:05:4D:1A:33:48:B0:0B
X509v3 Authority Key Identifier:
keyid:4C:3E:9D:A3:BF:59:38:02:CC:83:3F:E5:D9:47:A5:26:96:F5:8C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TD6do79ZOALMgz_l2UelJpb1jI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b9a830-6992-49c6-8973-eacb4965fe38/1/3aPndK7nXlrt0guyzgVNGjNIsAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b9a830-6992-49c6-8973-eacb4965fe38/1/TD6do79ZOALMgz_l2UelJpb1jI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.126.0/24
IPv6:
2a0d:1f00::/29
Signature Algorithm: sha256WithRSAEncryption
f0:02:9f:e6:a6:42:4e:08:3f:0e:07:3f:51:8b:0a:20:3f:f0:
5e:1f:1f:e2:79:1c:c7:0d:b8:d0:da:33:0b:f9:7d:16:92:db:
ee:65:81:04:41:78:16:6f:bb:f1:29:de:ce:8a:a5:0a:92:9f:
5d:ac:c5:d5:ad:4b:ca:00:34:12:49:b1:d4:f4:4f:c4:71:f3:
27:63:74:3d:25:bb:07:8a:e4:1e:c7:e8:a6:7b:fd:4a:8d:1a:
1b:13:c2:21:74:b7:fc:c1:65:6e:82:4b:2c:65:27:84:a3:b3:
47:28:53:de:0b:8c:8b:b2:cb:5b:ec:5a:27:1e:f4:57:2c:73:
ef:de:0f:b4:41:11:c9:a3:d6:eb:9e:0a:9d:2f:12:a7:d4:5e:
7b:57:e9:d6:f0:2a:0f:cd:b1:a1:4e:9a:6d:2c:7a:36:5f:ab:
db:f8:0a:59:96:8f:9e:6a:fb:79:70:37:7e:6b:a5:10:c2:69:
f9:3c:b7:3b:b3:fe:ea:ef:dc:86:b5:3a:71:99:a0:66:07:12:
64:27:ca:ba:c2:ae:66:a9:6f:c5:83:e8:6a:82:59:d5:91:62:
d1:d0:de:b6:7d:e8:d7:ad:4f:8b:7d:5f:68:ed:00:a6:71:0e:
5a:99:02:ed:8b:8e:6b:eb:b7:ee:79:c9:0c:ec:de:10:ce:55:
12:5a:f3:36
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBW8O8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YzNlOWRhM2JmNTkzODAyY2M4MzNmZTVkOTQ3YTUyNjk2ZjU4YzhkMB4XDTIyMDEw
MTEwNTkzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRhM2U3NzRhZWU3
NWU1YWVkZDIwYmIyY2UwNTRkMWEzMzQ4YjAwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/b7q/YRhIaUEkncfTHCR+TzIeetPh5IJm45VWMrO9WrZYs
UfaiIaLWOU2J128C46mAi9Ztl5QD9yEcPyYgKppglI2ElH+2vF4Y8SGGVw6Ciw7c
65AqO5wf2sVepBQGukEJ3B9VrvWLQA+5/4/LJ2u8d0R+b57G36g8wOffA+x9fvdv
rvLdJ4bHvuCJV0RJ/BxPiUPHWRdhyWnqTNlt+UaIuNnClHcTtbW5gPzs7OPCtRwO
1mOpUuPgumgathSn3f5/HkBvPKGmdmLfe/ToXGCANYmU64c1emJf/tDSEdUJm7ke
+Gd+Hhk7Z/XpTWHyvwBZhdsuAU912fhXDzby9oECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTdo+d0rudeWu3SC7LOBU0aM0iwCzAfBgNVHSMEGDAWgBRMPp2jv1k4AsyD
P+XZR6UmlvWMjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RENmRvNzlaT0FMTWd6X2wyVWVsSnBiMWpJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvYjlhODMwLTY5OTItNDljNi04OTczLWVhY2I0OTY1ZmUzOC8x
LzNhUG5kSzduWGxydDBndXl6Z1ZOR2pOSXNBcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
YjlhODMwLTY5OTItNDljNi04OTczLWVhY2I0OTY1ZmUzOC8xL1RENmRvNzlaT0FM
TWd6X2wyVWVsSnBiMWpJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMHLfjANBAIAAjAHAwUDKg0fADAN
BgkqhkiG9w0BAQsFAAOCAQEA8AKf5qZCTgg/Dgc/UYsKID/wXh8f4nkcxw240Noz
C/l9FpLb7mWBBEF4Fm+78SnezoqlCpKfXazF1a1LygA0Ekmx1PRPxHHzJ2N0PSW7
B4rkHsfopnv9So0aGxPCIXS3/MFlboJLLGUnhKOzRyhT3guMi7LLW+xaJx70Vyxz
794PtEERyaPW654KnS8Sp9Ree1fp1vAqD82xoU6abSx6Nl+r2/gKWZaPnmr7eXA3
fmulEMJp+Ty3O7P+6u/chrU6cZmgZgcSZCfKusKuZqlvxYPoaoJZ1ZFi0dDetn3o
161Pi31faO0ApnEOWpkC7YuOa+u37nnJDOzeEM5VElrzNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:00 2024 by rpki-client on console-ams.rpki-client.org