Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/10f316-0b65-4323-ad93-e51800f909e6/1/f3CDTLfKPm3xnBheaY3RQlgbRv0.roa
File: f3CDTLfKPm3xnBheaY3RQlgbRv0.roa (raw, json)
Hash identifier: ocUUeeWLkWjArLczsP6y+QA4uJ2I7V9T+JDWISXd8Fs=
Subject key identifier: 7F:70:83:4C:B7:CA:3E:6D:F1:9C:18:5E:69:8D:D1:42:58:1B:46:FD
Certificate issuer: /CN=ed5356c1c81877a01f57123b3f58f3ab686147a9
Certificate serial: 8D3219
Authority key identifier: ED:53:56:C1:C8:18:77:A0:1F:57:12:3B:3F:58:F3:AB:68:61:47:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7VNWwcgYd6AfVxI7P1jzq2hhR6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/10f316-0b65-4323-ad93-e51800f909e6/1/f3CDTLfKPm3xnBheaY3RQlgbRv0.roa
Signing time: Sat 01 Jan 2022 01:55:02 +0000
ROA not before: Sat 01 Jan 2022 01:55:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212667
IP address blocks: 193.3.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9253401 (0x8d3219)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed5356c1c81877a01f57123b3f58f3ab686147a9
Validity
Not Before: Jan 1 01:55:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f70834cb7ca3e6df19c185e698dd142581b46fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:28:43:e8:bf:44:ed:40:4c:78:85:1c:cc:60:
71:27:4f:94:74:93:66:8c:8c:18:12:90:29:3a:9b:
e1:ae:65:ad:9b:df:fc:96:2a:c9:e0:78:39:c3:f5:
b1:c5:4a:c6:c8:53:97:da:84:9b:ef:dd:03:9a:1e:
48:21:e4:9f:d1:ee:48:d6:92:c7:5a:f4:69:34:06:
d5:ea:c4:1b:d5:28:57:d3:16:2e:72:70:c5:d2:4e:
8d:e7:9b:68:2f:a8:12:a2:31:90:6a:65:62:a1:3b:
a0:05:38:d6:ef:6b:ad:86:47:cd:21:04:8f:b3:b9:
b7:10:ed:7a:e8:d5:96:de:d9:50:0c:ee:a6:71:55:
e7:3e:02:f6:0b:2b:8c:4d:d4:97:34:8a:99:89:36:
d9:57:7d:16:5d:1f:f2:a9:74:78:4b:fe:b3:f4:03:
3a:ac:98:47:74:b3:ce:21:c5:67:d0:d0:50:eb:53:
9a:ca:b5:90:56:5c:01:5a:0e:dc:4c:d6:a4:80:4c:
b0:9d:09:d1:31:ca:86:bf:07:6c:56:ca:58:59:f7:
e2:c5:d1:62:38:11:93:84:7f:7a:98:c1:31:62:02:
c5:d0:1f:85:ed:3e:8b:48:97:c2:ff:c1:95:b9:00:
94:c4:9a:05:f2:53:95:e1:8d:bb:9d:5c:0a:fd:7c:
a4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:70:83:4C:B7:CA:3E:6D:F1:9C:18:5E:69:8D:D1:42:58:1B:46:FD
X509v3 Authority Key Identifier:
keyid:ED:53:56:C1:C8:18:77:A0:1F:57:12:3B:3F:58:F3:AB:68:61:47:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7VNWwcgYd6AfVxI7P1jzq2hhR6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/10f316-0b65-4323-ad93-e51800f909e6/1/f3CDTLfKPm3xnBheaY3RQlgbRv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/10f316-0b65-4323-ad93-e51800f909e6/1/7VNWwcgYd6AfVxI7P1jzq2hhR6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.170.0/24
Signature Algorithm: sha256WithRSAEncryption
63:91:3b:94:cb:b1:e0:46:68:01:84:2d:ec:6c:88:2e:d7:03:
a2:a2:e9:a0:a7:4d:97:d7:64:ca:a7:87:dc:4a:52:5a:68:99:
db:48:5d:cd:2e:00:49:1c:5c:83:47:c5:25:3b:4f:61:cc:1a:
33:04:a0:5a:0e:13:ec:85:90:40:21:9b:c5:f8:40:49:dd:60:
d1:af:db:b3:b5:30:04:f7:a2:9c:4a:dd:4e:c9:68:0c:7c:33:
1c:86:61:9a:0f:79:8f:2f:1b:f9:8b:ae:b0:9f:dc:f6:c4:4d:
a4:87:e8:f0:1b:da:ce:f4:30:ac:d3:5d:00:25:27:92:28:e4:
c8:e5:cc:6d:d6:4e:6c:d0:3a:29:ae:2c:de:e1:c3:a2:e7:03:
b6:de:d6:2b:c4:56:ec:c5:51:d2:55:33:da:0a:41:c9:b3:56:
4c:df:a1:c1:55:aa:76:e5:24:5e:49:bb:60:0d:bc:fe:68:6b:
b9:59:51:52:07:93:fc:30:8d:ec:71:1b:c5:e7:8d:d6:8f:88:
bc:a1:a9:25:a7:30:67:7f:6e:9f:5e:92:aa:65:f9:cd:1b:e7:
57:0b:32:7b:68:2b:2e:a6:bc:98:b4:96:e1:8d:e4:af:8e:5c:
d2:99:ce:b7:ee:7f:66:4d:88:69:9f:eb:2f:3f:c0:6c:09:bc:
df:58:a6:de
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAI0yGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZDUzNTZjMWM4MTg3N2EwMWY1NzEyM2IzZjU4ZjNhYjY4NjE0N2E5MB4XDTIyMDEw
MTAxNTUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Y3MDgzNGNiN2Nh
M2U2ZGYxOWMxODVlNjk4ZGQxNDI1ODFiNDZmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwoQ+i/RO1ATHiFHMxgcSdPlHSTZoyMGBKQKTqb4a5lrZvf
/JYqyeB4OcP1scVKxshTl9qEm+/dA5oeSCHkn9HuSNaSx1r0aTQG1erEG9UoV9MW
LnJwxdJOjeebaC+oEqIxkGplYqE7oAU41u9rrYZHzSEEj7O5txDteujVlt7ZUAzu
pnFV5z4C9gsrjE3UlzSKmYk22Vd9Fl0f8ql0eEv+s/QDOqyYR3SzziHFZ9DQUOtT
msq1kFZcAVoO3EzWpIBMsJ0J0THKhr8HbFbKWFn34sXRYjgRk4R/epjBMWICxdAf
he0+i0iXwv/BlbkAlMSaBfJTleGNu51cCv18pNcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR/cINMt8o+bfGcGF5pjdFCWBtG/TAfBgNVHSMEGDAWgBTtU1bByBh3oB9X
Ejs/WPOraGFHqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdWTld3Y2dZZDZBZlZ4STdQMWp6cTJoaFI2ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvMTBmMzE2LTBiNjUtNDMyMy1hZDkzLWU1MTgwMGY5MDllNi8x
L2YzQ0RUTGZLUG0zeG5CaGVhWTNSUWxnYlJ2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQv
MTBmMzE2LTBiNjUtNDMyMy1hZDkzLWU1MTgwMGY5MDllNi8xLzdWTld3Y2dZZDZB
ZlZ4STdQMWp6cTJoaFI2ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEDqjANBgkqhkiG9w0BAQsFAAOC
AQEAY5E7lMux4EZoAYQt7GyILtcDoqLpoKdNl9dkyqeH3EpSWmiZ20hdzS4ASRxc
g0fFJTtPYcwaMwSgWg4T7IWQQCGbxfhASd1g0a/bs7UwBPeinErdTsloDHwzHIZh
mg95jy8b+YuusJ/c9sRNpIfo8BvazvQwrNNdACUnkijkyOXMbdZObNA6Ka4s3uHD
oucDtt7WK8RW7MVR0lUz2gpBybNWTN+hwVWqduUkXkm7YA28/mhruVlRUgeT/DCN
7HEbxeeN1o+IvKGpJacwZ39un16SqmX5zRvnVwsye2grLqa8mLSW4Y3kr45c0pnO
t+5/Zk2IaZ/rLz/AbAm831im3g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:24 2023 by rpki-client on console-fra.rpki-client.org