Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/1-w3fcXdpmsbcQ2INaxye9bpzb7g.roa
File: 1-w3fcXdpmsbcQ2INaxye9bpzb7g.roa (raw, json)
Hash identifier: TtPEQIPUcog4k6zU3gfVRerWERDxz6UlsmuJFEjOwCI=
Subject key identifier: FB:0D:DF:71:77:69:9A:C6:DC:43:62:0D:6B:1C:9E:F5:BA:73:6F:B8
Certificate issuer: /CN=42cde365d7d2b58506e4d4abf0c2ef7cd5e3b462
Certificate serial: 0185DE52AA20237A527537910F223A4FA644
Authority key identifier: 42:CD:E3:65:D7:D2:B5:85:06:E4:D4:AB:F0:C2:EF:7C:D5:E3:B4:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/1-w3fcXdpmsbcQ2INaxye9bpzb7g.roa
Signing time: Mon 23 Jan 2023 11:10:37 +0000
ROA not before: Mon 23 Jan 2023 11:10:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30848
IP address blocks: 150.252.224.0/20 maxlen: 24
77.239.128.0/19 maxlen: 24
95.142.176.0/20 maxlen: 24
178.236.160.0/20 maxlen: 24
81.21.16.0/20 maxlen: 24
82.134.192.0/18 maxlen: 24
185.25.72.0/22 maxlen: 24
185.3.108.0/22 maxlen: 24
82.113.192.0/19 maxlen: 24
217.61.160.0/20 maxlen: 24
176.57.112.0/20 maxlen: 24
82.97.224.0/20 maxlen: 24
45.33.224.0/20 maxlen: 24
37.148.224.0/21 maxlen: 24
80.210.96.0/19 maxlen: 24
82.180.32.0/19 maxlen: 24
5.8.96.0/19 maxlen: 24
83.217.176.0/20 maxlen: 24
5.63.168.0/21 maxlen: 24
2a00:7ca0::/32 maxlen: 32
2a02:1630::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:52:aa:20:23:7a:52:75:37:91:0f:22:3a:4f:a6:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42cde365d7d2b58506e4d4abf0c2ef7cd5e3b462
Validity
Not Before: Jan 23 11:10:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb0ddf7177699ac6dc43620d6b1c9ef5ba736fb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:76:4d:9f:33:16:95:0e:e9:65:a5:1d:2c:fe:
a0:7e:1e:5c:b4:d2:f1:6e:47:c9:5a:f8:83:92:a7:
e0:8f:ab:b0:0a:9d:f9:ce:69:68:87:b7:41:f5:4f:
32:6d:c5:92:88:89:b4:84:d8:f5:54:10:08:ba:94:
5f:f7:49:e1:27:b5:ee:6c:33:d1:fc:e4:f5:bd:45:
0b:a4:71:47:2a:93:4f:6e:25:0e:94:b4:c0:e9:09:
e5:96:fe:ca:4c:24:7a:57:97:25:d8:ff:9e:16:1a:
20:4e:d2:37:aa:f1:35:cb:8b:91:ad:4e:5e:7e:f3:
07:5d:10:38:46:54:3e:77:ea:39:78:9d:4c:f1:81:
2f:76:f4:6f:31:f9:d4:9e:bf:56:78:86:5f:a8:dc:
8d:1b:3c:1d:5c:6a:34:4e:62:93:20:1b:57:32:8e:
dd:ae:e9:83:5a:92:f5:3e:fa:bc:b8:26:45:7a:d3:
14:5f:d6:d5:6f:e4:d4:75:c5:a9:13:bc:de:f2:b0:
00:2b:65:8f:3f:7a:1a:40:cd:71:dc:5b:0c:a9:e3:
80:6d:ca:ef:05:ca:da:5e:b8:82:92:52:c0:aa:00:
7e:5c:1a:c0:fe:2b:56:57:dc:24:af:c6:82:7a:c5:
2e:c9:13:7b:46:4b:e5:80:0e:9a:21:b4:5b:ac:f3:
04:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:0D:DF:71:77:69:9A:C6:DC:43:62:0D:6B:1C:9E:F5:BA:73:6F:B8
X509v3 Authority Key Identifier:
keyid:42:CD:E3:65:D7:D2:B5:85:06:E4:D4:AB:F0:C2:EF:7C:D5:E3:B4:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/1-w3fcXdpmsbcQ2INaxye9bpzb7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/Qs3jZdfStYUG5NSr8MLvfNXjtGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.96.0/19
5.63.168.0/21
37.148.224.0/21
45.33.224.0/20
77.239.128.0/19
80.210.96.0/19
81.21.16.0/20
82.97.224.0/20
82.113.192.0/19
82.134.192.0/18
82.180.32.0/19
83.217.176.0/20
95.142.176.0/20
150.252.224.0/20
176.57.112.0/20
178.236.160.0/20
185.3.108.0/22
185.25.72.0/22
217.61.160.0/20
IPv6:
2a00:7ca0::/32
2a02:1630::/32
Signature Algorithm: sha256WithRSAEncryption
21:cd:56:5b:4f:52:e7:d1:17:4c:5f:90:4c:de:47:52:b7:d1:
b0:92:f6:11:b4:6c:5f:e2:d9:8e:86:67:55:b3:45:f4:cf:51:
55:c3:2f:bc:66:57:2b:04:84:a9:21:75:ed:ed:95:ef:41:9b:
63:41:a1:0f:c0:d5:0a:b6:4f:bd:c7:1d:bb:8e:b4:5f:e5:83:
eb:5d:08:1d:68:9a:cb:66:17:5b:40:ff:d1:74:10:a8:52:f2:
ca:85:c4:db:29:2e:75:f9:76:ed:77:d8:b4:b3:34:45:db:68:
bf:ba:15:cf:b3:3b:b8:96:ba:a7:4c:09:98:ef:7d:93:bd:ab:
a7:1e:65:8c:53:84:40:1f:85:bb:15:a2:4c:ff:11:c3:cc:93:
92:91:90:33:cd:d7:f0:9a:39:f4:95:98:62:0f:bb:1b:67:c3:
5a:a6:50:1e:9e:31:33:24:f2:7d:2a:39:cd:8b:15:1c:f7:9e:
90:cb:6d:d4:5b:bc:ff:8f:62:34:d3:df:52:1f:32:9a:0e:8c:
7a:1a:4b:76:98:54:c1:51:39:ef:94:be:8f:50:42:3e:f6:e6:
1b:07:6a:11:ab:ae:ef:79:59:7d:39:de:f9:a7:27:3d:69:12:
24:8d:e0:b5:5c:d4:19:b7:10:3b:64:f0:92:98:df:15:71:08:
96:29:87:9f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAYXeUqogI3pSdTeRDyI6T6ZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2RlMzY1ZDdkMmI1ODUwNmU0ZDRhYmYwYzJlZjdjZDVl
M2I0NjIwHhcNMjMwMTIzMTExMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjBkZGY3MTc3Njk5YWM2ZGM0MzYyMGQ2YjFjOWVmNWJhNzM2ZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nZNnzMWlQ7pZaUdLP6gfh5ctNLx
bkfJWviDkqfgj6uwCp35zmloh7dB9U8ybcWSiIm0hNj1VBAIupRf90nhJ7XubDPR
/OT1vUULpHFHKpNPbiUOlLTA6Qnllv7KTCR6V5cl2P+eFhogTtI3qvE1y4uRrU5e
fvMHXRA4RlQ+d+o5eJ1M8YEvdvRvMfnUnr9WeIZfqNyNGzwdXGo0TmKTIBtXMo7d
rumDWpL1Pvq8uCZFetMUX9bVb+TUdcWpE7ze8rAAK2WPP3oaQM1x3FsMqeOAbcrv
BcraXriCklLAqgB+XBrA/itWV9wkr8aCesUuyRN7RkvlgA6aIbRbrPMEYwIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFPsN33F3aZrG3ENiDWscnvW6c2+4MB8GA1UdIwQY
MBaAFELN42XX0rWFBuTUq/DC73zV47RiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXMzalpkZlN0WVVHNU5TcjhNTHZmTlhqdEdJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC81NDAxOGMtMDFlOC00MTdmLTg1NmEt
MDJlMWJkNjA1MGU1LzEvMS13M2ZjWGRwbXNiY1EySU5heHllOWJwemI3Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvNTQwMThjLTAxZTgtNDE3Zi04NTZhLTAyZTFiZDYwNTBl
NS8xL1FzM2paZGZTdFlVRzVOU3I4TUx2Zk5YanRHSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBowYIKwYBBQUHAQcBAf8EgZMwgZAweAQCAAEwcgMEBQUI
YAMEAwU/qAMEAyWU4AMEBC0h4AMEBU3vgAMEBVDSYAMEBFEVEAMEBFJh4AMEBVJx
wAMEBlKGwAMEBVK0IAMEBFPZsAMEBF+OsAMEBJb84AMEBLA5cAMEBLLsoAMEArkD
bAMEArkZSAMEBNk9oDAUBAIAAjAOAwUAKgB8oAMFACoCFjAwDQYJKoZIhvcNAQEL
BQADggEBACHNVltPUufRF0xfkEzeR1K30bCS9hG0bF/i2Y6GZ1WzRfTPUVXDL7xm
VysEhKkhde3tle9Bm2NBoQ/A1Qq2T73HHbuOtF/lg+tdCB1omstmF1tA/9F0EKhS
8sqFxNspLnX5du132LSzNEXbaL+6Fc+zO7iWuqdMCZjvfZO9q6ceZYxThEAfhbsV
okz/EcPMk5KRkDPN1/CaOfSVmGIPuxtnw1qmUB6eMTMk8n0qOc2LFRz3npDLbdRb
vP+PYjTT31IfMpoOjHoaS3aYVMFROe+Uvo9QQj725hsHahGrru95WX053vmnJz1p
EiSN4LVc1Bm3EDtk8JKY3xVxCJYph58=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:46 2025 by rpki-client