Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/3P-CfrRbEKyovGWqP8TcbDbSi4U.roa
File: 3P-CfrRbEKyovGWqP8TcbDbSi4U.roa (raw, json)
Hash identifier: yfDx0l6QdHY66DpqepPw+ifUZibndGKzF749gnrZiCs=
Subject key identifier: DC:FF:82:7E:B4:5B:10:AC:A8:BC:65:AA:3F:C4:DC:6C:36:D2:8B:85
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 04C04AA6
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/3P-CfrRbEKyovGWqP8TcbDbSi4U.roa
Signing time: Tue 07 Jun 2022 06:31:20 +0000
ROA not before: Tue 07 Jun 2022 06:31:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208677
IP address blocks: 37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
178.170.242.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
87.242.88.0/21 maxlen: 21
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.107.0/24 maxlen: 24
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
37.18.122.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
141.101.201.0/24 maxlen: 24
45.89.224.0/22 maxlen: 22
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79710886 (0x4c04aa6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Jun 7 06:31:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcff827eb45b10aca8bc65aa3fc4dc6c36d28b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:54:e8:23:8d:46:2c:37:b6:09:1d:e5:9e:3c:
8f:cf:9f:f8:42:a3:25:30:d9:c6:94:d5:85:9c:76:
54:72:e8:c4:da:dc:b5:32:d2:50:6c:4d:c4:77:2f:
4c:9a:6c:e4:37:5d:f2:75:cb:bc:b1:20:9f:33:59:
e4:e9:1f:5e:e4:37:10:63:dc:74:5a:9c:4a:dd:52:
b8:d5:3d:ac:d6:eb:a1:ba:6a:84:36:b2:ba:36:d7:
c3:fd:a6:e0:d6:00:a7:99:a9:34:46:b0:03:82:10:
98:7b:5f:e4:78:e6:82:09:18:2a:97:4e:10:ef:e7:
f8:9c:ae:22:aa:5e:e8:58:fc:6d:31:36:0b:ce:93:
3e:d9:01:bd:45:1d:da:98:b4:90:7e:f6:da:f1:6f:
a0:15:f9:15:de:f8:65:77:c9:ea:14:c0:9e:62:17:
25:a7:b1:cc:f3:ed:f8:3f:0b:e4:29:42:e5:28:58:
5e:11:01:be:ec:b2:50:e2:33:10:b0:e7:fe:91:69:
6e:18:52:83:69:32:76:f3:15:0f:01:88:f3:d1:74:
fc:c2:82:02:d4:86:8d:4e:cb:71:05:82:c5:fe:11:
bf:80:cc:da:6b:9f:b7:dd:ea:00:50:34:0e:70:fa:
ea:de:c2:1d:14:7e:45:1a:56:8c:c3:74:b1:70:97:
02:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FF:82:7E:B4:5B:10:AC:A8:BC:65:AA:3F:C4:DC:6C:36:D2:8B:85
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/3P-CfrRbEKyovGWqP8TcbDbSi4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.180.0/23
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.201.0/24
46.243.206.0/24
46.243.226.0/23
46.243.244.0/23
87.242.88.0/21
94.139.252.0/22
141.101.201.0/24
178.170.191.0-178.170.197.255
178.170.242.0/24
188.72.106.0-188.72.109.255
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
6f:dc:b3:86:bc:5f:7c:f0:6b:ad:66:da:98:2a:e8:4c:41:f3:
6a:29:bb:32:5f:4e:23:f7:98:78:66:b7:40:7a:58:9c:d4:1e:
58:02:9f:1b:dd:9a:f3:d1:6f:58:f5:18:1d:e6:3a:67:cd:b8:
bf:97:1e:73:4f:58:ba:5c:86:ce:35:d5:06:c5:0c:d0:99:06:
38:3c:1e:dc:2e:3e:14:05:6e:d3:a2:20:70:74:c0:4e:27:31:
9d:02:d9:7b:e9:c9:41:d7:0e:2a:29:63:ed:1a:3e:5a:40:ff:
99:76:57:5c:26:0c:12:04:82:4b:b7:70:03:78:bd:e2:f4:46:
91:37:1e:3a:bc:fd:b3:51:48:f9:a4:06:31:af:07:d3:70:b1:
0e:fe:b1:ee:9c:28:fb:01:be:f9:34:bc:eb:0e:e0:b7:61:8e:
2a:14:e5:76:9b:9a:2e:91:5d:8c:59:fd:75:0f:e3:1b:4a:0e:
2e:53:0a:e2:21:f2:35:a1:f3:30:d5:cb:b2:ba:25:fa:6f:fe:
35:60:dd:c5:0c:b0:65:16:c3:0b:23:bb:f7:13:c3:22:d5:04:
0f:01:21:df:81:89:55:e2:9e:e6:8a:66:f0:ce:c6:8c:3b:ba:
7a:bd:62:32:46:45:2b:f9:a7:d9:c3:d5:17:09:82:47:7f:98:
82:fd:d9:f4
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIEBMBKpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OTE5ZTFmM2ZlNjliNGViZGZmMDJhOWE4NTdlN2M2YzJiMjUzMDFhMB4XDTIyMDYw
NzA2MzEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNmZjgyN2ViNDVi
MTBhY2E4YmM2NWFhM2ZjNGRjNmMzNmQyOGI4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9U6CONRiw3tgkd5Z48j8+f+EKjJTDZxpTVhZx2VHLoxNrc
tTLSUGxNxHcvTJps5Ddd8nXLvLEgnzNZ5OkfXuQ3EGPcdFqcSt1SuNU9rNbrobpq
hDayujbXw/2m4NYAp5mpNEawA4IQmHtf5HjmggkYKpdOEO/n+JyuIqpe6Fj8bTE2
C86TPtkBvUUd2pi0kH722vFvoBX5Fd74ZXfJ6hTAnmIXJaexzPPt+D8L5ClC5ShY
XhEBvuyyUOIzELDn/pFpbhhSg2kydvMVDwGI89F0/MKCAtSGjU7LcQWCxf4Rv4DM
2muft93qAFA0DnD66t7CHRR+RRpWjMN0sXCXAtMCAwEAAaOCAuEwggLdMB0GA1Ud
DgQWBBTc/4J+tFsQrKi8Zao/xNxsNtKLhTAfBgNVHSMEGDAWgBT5GeHz/mm069/w
KpqFfnxsKyUwGjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2Y2LzFjOTgwOS0xZjYwLTQzYzItODEwMy1kYWQwNDIwYjg1ZDMv
MS8zUC1DZnJSYkVLeW92R1dxUDhUY2JEYlNpNFUucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y2
LzFjOTgwOS0xZjYwLTQzYzItODEwMy1kYWQwNDIwYjg1ZDMvMS8xLVJuaDhfNXB0
T3ZmOENxYWhYNThiQ3NsTUJvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIH0BggrBgEFBQcBBwEB/wSB5DCB4TCBzwQCAAEwgcgwDAMEAyUSCAMEACUSCgME
ACUSFgMEASUSSDAMAwQCJRJkAwQAJRJmMAwDBAAlEmsDBAAlEnoDBAAl5osDBAEl
5rQwDAMEAyXmuAMEACXmugMEAyXmwAMEACXm4AMEACXm6QMEAi0JGAMEAi1Z4DAM
AwQALvONAwQELvOAAwQALvPJAwQALvPOAwQBLvPiAwQBLvP0AwQDV/JYAwQCXov8
AwQAjWXJMAwDBACyqr8DBAGyqsQDBACyqvIwDAMEAbxIagMEAbxIbDANBAIAAjAH
AwUDKgwrgDANBgkqhkiG9w0BAQsFAAOCAQEAb9yzhrxffPBrrWbamCroTEHzaim7
Ml9OI/eYeGa3QHpYnNQeWAKfG92a89FvWPUYHeY6Z824v5cec09YulyGzjXVBsUM
0JkGODwe3C4+FAVu06IgcHTATicxnQLZe+nJQdcOKilj7Ro+WkD/mXZXXCYMEgSC
S7dwA3i94vRGkTceOrz9s1FI+aQGMa8H03CxDv6x7pwo+wG++TS86w7gt2GOKhTl
dpuaLpFdjFn9dQ/jG0oOLlMK4iHyNaHzMNXLsrol+m/+NWDdxQywZRbDCyO79xPD
ItUEDwEh34GJVeKe5opm8M7GjDu6er1iMkZFK/mn2cPVFwmCR3+Ygv3Z9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:55 2024 by rpki-client on console-ams.rpki-client.org