Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/3mlb87VPgE2BI5FSHU54mi0LPfE.roa
File: 3mlb87VPgE2BI5FSHU54mi0LPfE.roa (raw, json)
Hash identifier: Ntg2tKQ21cXb9xUgsSk+VdDe3WkalD5+GNwj+XVlOT4=
Subject key identifier: DE:69:5B:F3:B5:4F:80:4D:81:23:91:52:1D:4E:78:9A:2D:0B:3D:F1
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01856D6649E5AFDD181F8DD49D9E29EB669E
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/3mlb87VPgE2BI5FSHU54mi0LPfE.roa
Signing time: Sun 01 Jan 2023 12:54:58 +0000
ROA not before: Sun 01 Jan 2023 12:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200451
IP address blocks: 84.207.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:49:e5:af:dd:18:1f:8d:d4:9d:9e:29:eb:66:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 12:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de695bf3b54f804d812391521d4e789a2d0b3df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:65:c9:8e:0b:63:8d:9c:21:d4:68:cc:46:b4:
45:9a:b6:31:59:1f:31:ed:28:aa:b4:ec:9c:e9:09:
ca:0b:ae:26:5b:06:d0:9c:33:9d:e7:0a:26:5a:6f:
35:34:42:6f:de:81:7f:ac:49:6a:96:e0:62:a4:16:
15:cd:97:d0:ac:57:da:ab:25:16:78:c7:9f:35:53:
0a:1b:f7:fb:38:dc:b1:46:1f:cc:6a:4b:b9:a6:fe:
e7:68:0f:42:53:87:bf:cf:d9:4f:56:06:05:42:6d:
63:f6:f6:2a:d7:e2:76:a0:27:9b:02:3d:fb:99:60:
9a:13:64:be:c4:70:52:b3:b9:71:f3:e1:9d:d7:93:
af:3d:23:32:84:ec:32:af:a3:af:89:35:be:47:52:
78:e9:61:fa:49:e7:02:dc:a5:df:81:9c:14:dd:61:
b6:d1:64:cc:6d:69:76:35:7d:47:96:56:5d:aa:b7:
78:37:62:dc:4c:c9:c2:2c:92:a8:14:a5:25:e9:82:
92:e5:74:53:91:65:d2:71:7a:79:f7:af:53:41:31:
d4:51:9f:ba:79:a4:cb:07:3f:99:a9:18:23:46:a9:
cf:63:f3:8a:07:2b:4b:b9:ee:57:9d:c8:fd:9b:cf:
8b:ce:93:f5:36:d8:ec:ed:35:62:4e:e1:49:0d:5c:
eb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:69:5B:F3:B5:4F:80:4D:81:23:91:52:1D:4E:78:9A:2D:0B:3D:F1
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/3mlb87VPgE2BI5FSHU54mi0LPfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.207.213.0/24
Signature Algorithm: sha256WithRSAEncryption
15:30:ab:a1:90:f1:da:80:ab:c9:e0:5d:23:16:f9:7f:b2:30:
03:c6:4f:ff:68:c8:92:56:86:95:e8:fa:29:dd:f4:3b:a6:53:
4a:14:28:d1:c1:f6:45:84:47:8a:73:5b:50:29:cf:51:2f:8e:
84:53:a3:fe:73:5d:25:71:95:3a:08:83:f6:fc:fa:cf:aa:e2:
c6:2f:eb:d7:67:c0:2c:b8:70:3d:22:dd:10:b1:79:f9:e9:6f:
c7:e1:10:78:14:2d:3e:17:05:1e:3d:78:6b:45:a6:ce:d3:99:
7e:06:10:01:00:1f:54:26:1b:ce:87:5b:5b:24:1a:f7:c4:a8:
f0:7e:07:c7:61:f7:17:40:a7:23:14:99:e0:df:bb:bc:3d:3b:
21:f0:42:b5:b5:a2:0c:cb:e4:42:6a:37:59:bc:ab:23:6a:dd:
90:be:e2:7f:f1:90:1f:a2:37:af:b2:8b:b8:a9:fc:dc:24:1f:
8c:4b:d0:5d:c1:80:ba:12:f6:8c:49:52:1b:6e:e7:8b:b7:c2:
7b:41:22:ca:fc:6d:9e:37:88:97:0d:3a:5b:5d:af:6d:4a:d5:
df:59:ea:57:85:6b:44:ff:db:f2:5d:4c:6a:0e:90:c7:56:ba:
ea:d3:56:77:cf:fa:5b:dc:3f:79:8e:0a:1b:01:98:c4:b2:b2:
64:bd:a5:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZknlr90YH43UnZ4p62aeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjMwMTAxMTI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTY5NWJmM2I1NGY4MDRkODEyMzkxNTIxZDRlNzg5YTJkMGIzZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWXJjgtjjZwh1GjMRrRFmrYxWR8x
7SiqtOyc6QnKC64mWwbQnDOd5womWm81NEJv3oF/rElqluBipBYVzZfQrFfaqyUW
eMefNVMKG/f7ONyxRh/Maku5pv7naA9CU4e/z9lPVgYFQm1j9vYq1+J2oCebAj37
mWCaE2S+xHBSs7lx8+Gd15OvPSMyhOwyr6OviTW+R1J46WH6SecC3KXfgZwU3WG2
0WTMbWl2NX1HllZdqrd4N2LcTMnCLJKoFKUl6YKS5XRTkWXScXp5969TQTHUUZ+6
eaTLBz+ZqRgjRqnPY/OKBytLue5Xncj9m8+LzpP1Ntjs7TViTuFJDVzr8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN5pW/O1T4BNgSORUh1OeJotCz3xMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvM21sYjg3VlBnRTJCSTVGU0hVNTRtaTBMUGZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVM/VMA0G
CSqGSIb3DQEBCwUAA4IBAQAVMKuhkPHagKvJ4F0jFvl/sjADxk//aMiSVoaV6Pop
3fQ7plNKFCjRwfZFhEeKc1tQKc9RL46EU6P+c10lcZU6CIP2/PrPquLGL+vXZ8As
uHA9It0QsXn56W/H4RB4FC0+FwUePXhrRabO05l+BhABAB9UJhvOh1tbJBr3xKjw
fgfHYfcXQKcjFJng37u8PTsh8EK1taIMy+RCajdZvKsjat2QvuJ/8ZAfojevsou4
qfzcJB+MS9BdwYC6EvaMSVIbbueLt8J7QSLK/G2eN4iXDTpbXa9tStXfWepXhWtE
/9vyXUxqDpDHVrrq01Z3z/pb3D95jgobAZjEsrJkvaUi
-----END CERTIFICATE-----
Generated at Wed Apr 16 14:00:31 2025 by rpki-client