Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/P3sDwJlEYUEaiTsNduBXylYLY8w.roa
File: P3sDwJlEYUEaiTsNduBXylYLY8w.roa (raw, json)
Hash identifier: QF+1bJLrkDm0T5mvieE+t8eMJPualh96240QGAoS+Rg=
Subject key identifier: 3F:7B:03:C0:99:44:61:41:1A:89:3B:0D:76:E0:57:CA:56:0B:63:CC
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01856EAFF51FF000D041C460631BE6DA08A0
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/P3sDwJlEYUEaiTsNduBXylYLY8w.roa
Signing time: Sun 01 Jan 2023 18:55:03 +0000
ROA not before: Sun 01 Jan 2023 18:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205194
IP address blocks: 192.162.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:f5:1f:f0:00:d0:41:c4:60:63:1b:e6:da:08:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 18:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f7b03c0994461411a893b0d76e057ca560b63cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8c:dd:f9:1e:83:3f:95:8b:53:2f:a2:09:b6:
bb:c9:f2:bd:95:81:ad:8a:40:02:6e:85:e0:b0:b8:
a7:b9:98:26:1b:2f:da:a9:80:e7:5c:4e:d9:51:c8:
c9:ca:ed:5c:84:b1:17:43:ef:b4:6d:3f:35:b2:2b:
f1:88:3a:69:0a:1d:7c:c3:ea:57:4f:1d:a4:67:8f:
b8:27:eb:4c:80:60:f8:91:98:b3:18:04:2e:7e:97:
55:65:39:2c:44:47:19:02:d4:ab:94:d9:8e:73:38:
06:5e:ac:1a:d3:63:5e:88:20:ed:8b:03:d1:57:e8:
44:6b:9d:40:68:bc:31:42:d9:65:2a:6d:55:44:95:
c3:28:9f:e3:6c:ec:2e:1e:32:76:4d:f4:b3:f9:a3:
a8:c0:48:e1:79:18:9f:ff:61:3f:3f:cb:16:8b:ec:
3f:be:91:18:50:bd:71:3c:1d:c2:21:62:db:22:67:
a1:1d:29:28:df:4d:38:fe:2c:54:07:08:e0:64:87:
2c:3c:0a:06:15:15:77:dc:cd:73:aa:09:a7:d5:88:
e8:c5:2f:dd:04:23:6f:5d:75:ab:2b:62:48:46:60:
ff:1e:2d:13:a1:b7:90:dc:96:a7:84:95:80:31:a5:
65:84:0f:0a:41:47:98:0d:6c:8a:75:ed:a6:64:72:
12:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:7B:03:C0:99:44:61:41:1A:89:3B:0D:76:E0:57:CA:56:0B:63:CC
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/P3sDwJlEYUEaiTsNduBXylYLY8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.65.0/24
Signature Algorithm: sha256WithRSAEncryption
74:5a:24:10:6e:6a:5b:07:19:f2:02:f2:ee:33:dd:64:34:41:
0a:ca:90:d1:66:04:8e:e1:1b:1e:cd:69:3a:e2:da:f6:14:0d:
ec:b0:ef:64:78:43:41:72:33:d7:a3:59:24:28:e9:47:b1:bf:
bc:aa:50:60:a4:2d:7e:f2:15:41:05:08:80:0a:5c:25:a4:42:
d3:53:40:27:58:2a:b9:0f:aa:3f:80:5d:7a:83:6a:32:00:98:
14:50:1f:3d:af:51:88:6d:54:a1:6e:aa:1f:5a:5f:ff:b1:9d:
7c:48:1d:55:cf:f0:b8:8b:ac:1d:cc:d3:67:4c:1a:68:57:52:
a9:4d:7b:5c:cc:4d:b0:15:71:7f:86:15:84:15:74:0c:49:f1:
bd:e7:00:02:eb:41:1b:5b:21:8e:dc:9b:73:d7:85:e8:f7:49:
31:00:35:81:d7:63:00:f9:34:00:f7:56:09:eb:79:ef:c8:83:
8e:0e:0c:da:0c:fe:7c:a3:b2:17:5a:7b:81:aa:4c:72:ed:04:
33:14:6d:7c:90:c1:71:69:c7:1f:e8:dc:e6:43:6e:54:77:a0:
16:fa:3b:a2:0c:74:ce:48:2c:15:e9:0a:ed:90:51:af:80:fe:
4b:1b:bf:f0:5b:46:94:88:fb:7e:10:e1:fe:1e:14:13:9a:84:
1c:98:9b:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur/Uf8ADQQcRgYxvm2gigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwMTAxMTg1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjdiMDNjMDk5NDQ2MTQxMWE4OTNiMGQ3NmUwNTdjYTU2MGI2M2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4zd+R6DP5WLUy+iCba7yfK9lYGt
ikACboXgsLinuZgmGy/aqYDnXE7ZUcjJyu1chLEXQ++0bT81sivxiDppCh18w+pX
Tx2kZ4+4J+tMgGD4kZizGAQufpdVZTksREcZAtSrlNmOczgGXqwa02NeiCDtiwPR
V+hEa51AaLwxQtllKm1VRJXDKJ/jbOwuHjJ2TfSz+aOowEjheRif/2E/P8sWi+w/
vpEYUL1xPB3CIWLbImehHSko3004/ixUBwjgZIcsPAoGFRV33M1zqgmn1YjoxS/d
BCNvXXWrK2JIRmD/Hi0TobeQ3JanhJWAMaVlhA8KQUeYDWyKde2mZHISsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD97A8CZRGFBGok7DXbgV8pWC2PMMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvUDNzRHdKbEVZVUVhaVRzTmR1Qlh5bFlMWTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKJBMA0G
CSqGSIb3DQEBCwUAA4IBAQB0WiQQbmpbBxnyAvLuM91kNEEKypDRZgSO4RsezWk6
4tr2FA3ssO9keENBcjPXo1kkKOlHsb+8qlBgpC1+8hVBBQiAClwlpELTU0AnWCq5
D6o/gF16g2oyAJgUUB89r1GIbVShbqofWl//sZ18SB1Vz/C4i6wdzNNnTBpoV1Kp
TXtczE2wFXF/hhWEFXQMSfG95wAC60EbWyGO3Jtz14Xo90kxADWB12MA+TQA91YJ
63nvyIOODgzaDP58o7IXWnuBqkxy7QQzFG18kMFxaccf6NzmQ25Ud6AW+juiDHTO
SCwV6QrtkFGvgP5LG7/wW0aUiPt+EOH+HhQTmoQcmJs+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:46 2025 by rpki-client