Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/3hWcmgHeZ8uHB_fa443HBjFKxlo.roa
File: 3hWcmgHeZ8uHB_fa443HBjFKxlo.roa (raw, json)
Hash identifier: bJwq+zxw2TghnacbgQFgIpkMC5t4wge/tAL+BarzfK8=
Subject key identifier: DE:15:9C:9A:01:DE:67:CB:87:07:F7:DA:E3:8D:C7:06:31:4A:C6:5A
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018480B6F1B5E1EB633AE2069C8DFE4544CA
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/3hWcmgHeZ8uHB_fa443HBjFKxlo.roa
Signing time: Wed 16 Nov 2022 13:53:03 +0000
ROA not before: Wed 16 Nov 2022 13:53:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3209
IP address blocks: 194.126.198.0/24 maxlen: 24
185.45.248.0/23 maxlen: 23
185.45.250.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:b6:f1:b5:e1:eb:63:3a:e2:06:9c:8d:fe:45:44:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Nov 16 13:53:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de159c9a01de67cb8707f7dae38dc706314ac65a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8c:02:08:88:1a:f6:b0:64:fb:22:c3:f0:81:
a8:e4:d4:af:74:54:af:93:f5:db:94:06:15:6b:0c:
11:22:bd:27:42:46:d4:26:bf:f4:0b:e3:f7:a2:14:
ed:77:4d:17:de:c2:19:bd:bd:bc:fb:55:6b:72:ea:
7a:1f:37:f2:21:78:f4:1b:e9:8e:9b:ad:96:f7:80:
9f:2f:e5:91:d5:58:21:68:e7:0b:9f:07:95:86:16:
e5:c0:8c:c8:d2:52:fe:f0:ed:00:17:09:72:9e:1b:
b5:c1:f5:86:57:ff:ec:29:e5:fa:5b:38:f0:75:9f:
29:1c:61:5d:88:d6:25:36:a8:2a:64:a0:94:94:07:
d3:3f:47:c3:9d:70:0d:3d:e2:9e:52:cb:c4:d9:16:
86:c5:1e:0f:3f:52:6d:84:31:d5:45:ec:31:07:51:
2c:d8:74:56:b9:c3:f8:bf:37:c7:8f:e9:22:68:fc:
cd:d4:15:da:ef:c8:65:e4:49:07:85:de:b3:05:85:
8f:82:68:ec:22:da:7f:e5:60:fd:34:f7:20:e3:90:
c7:ec:0f:e4:6f:75:6c:06:6e:7f:3b:fe:ae:f4:fa:
ac:05:f9:12:ad:b1:d8:b5:c8:3b:75:11:74:0a:bc:
f0:5a:f7:18:b8:6c:77:90:c8:be:f6:03:3e:6b:27:
9e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:15:9C:9A:01:DE:67:CB:87:07:F7:DA:E3:8D:C7:06:31:4A:C6:5A
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/3hWcmgHeZ8uHB_fa443HBjFKxlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.248.0/22
194.126.198.0/24
Signature Algorithm: sha256WithRSAEncryption
64:6b:2a:55:f3:83:9c:32:61:55:20:02:af:7a:f3:6d:1a:78:
30:78:37:1a:45:ce:08:6c:5e:47:f2:95:37:29:59:b0:f9:c5:
45:7d:64:56:a4:1b:77:f4:36:4d:e6:86:b6:35:2c:25:ad:e0:
94:de:06:27:5d:b6:15:33:3d:fd:bd:d9:67:05:42:d3:36:a8:
8a:31:04:6c:bf:f5:04:ef:76:be:d0:88:1f:22:fe:c1:17:38:
6c:c2:76:9b:02:f0:f2:f0:88:06:41:a3:51:0f:74:b8:41:75:
37:c8:46:1d:6a:ca:29:8b:16:a4:5c:57:a7:33:5a:0b:fb:fd:
e6:ea:32:38:c2:eb:24:70:7a:2f:b0:57:b7:81:41:6d:b4:59:
fd:e7:fb:94:08:fc:86:fb:77:6c:1f:c1:24:88:3c:d6:c6:77:
03:32:e4:58:e2:83:83:b3:e3:0e:10:df:a7:d3:6f:08:ee:d3:
79:ea:06:d6:5a:96:bb:c0:40:34:29:63:53:d8:f4:ef:fa:8d:
1f:f2:f3:f1:92:08:1f:f6:e5:74:a6:20:3b:f9:8f:7e:d6:3e:
24:ae:be:8a:74:8b:64:a7:37:13:2c:ea:fd:59:d3:00:34:4a:
09:c0:cc:4d:3f:25:e3:06:3c:a0:fa:43:09:6a:a3:50:da:77:
69:39:54:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSAtvG14etjOuIGnI3+RUTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjIxMTE2MTM1MzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTE1OWM5YTAxZGU2N2NiODcwN2Y3ZGFlMzhkYzcwNjMxNGFjNjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYwCCIga9rBk+yLD8IGo5NSvdFSv
k/XblAYVawwRIr0nQkbUJr/0C+P3ohTtd00X3sIZvb28+1Vrcup6HzfyIXj0G+mO
m62W94CfL+WR1VghaOcLnweVhhblwIzI0lL+8O0AFwlynhu1wfWGV//sKeX6Wzjw
dZ8pHGFdiNYlNqgqZKCUlAfTP0fDnXANPeKeUsvE2RaGxR4PP1JthDHVRewxB1Es
2HRWucP4vzfHj+kiaPzN1BXa78hl5EkHhd6zBYWPgmjsItp/5WD9NPcg45DH7A/k
b3VsBm5/O/6u9PqsBfkSrbHYtcg7dRF0CrzwWvcYuGx3kMi+9gM+ayeeUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN4VnJoB3mfLhwf32uONxwYxSsZaMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvM2hXY21nSGVaOHVIQl9mYTQ0M0hCakZLeGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuS34AwQA
wn7GMA0GCSqGSIb3DQEBCwUAA4IBAQBkaypV84OcMmFVIAKvevNtGngweDcaRc4I
bF5H8pU3KVmw+cVFfWRWpBt39DZN5oa2NSwlreCU3gYnXbYVMz39vdlnBULTNqiK
MQRsv/UE73a+0IgfIv7BFzhswnabAvDy8IgGQaNRD3S4QXU3yEYdasopixakXFen
M1oL+/3m6jI4wuskcHovsFe3gUFttFn95/uUCPyG+3dsH8EkiDzWxncDMuRY4oOD
s+MOEN+n028I7tN56gbWWpa7wEA0KWNT2PTv+o0f8vPxkggf9uV0piA7+Y9+1j4k
rr6KdItkpzcTLOr9WdMANEoJwMxNPyXjBjyg+kMJaqNQ2ndpOVSm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:26 2024 by rpki-client on console-fra.rpki-client.org