Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/_D3buaSpu2U3LFbyWBtsdlJj-Sw.roa
File: _D3buaSpu2U3LFbyWBtsdlJj-Sw.roa (raw, json)
Hash identifier: 0L1uCIe7riRb/N5dzHO0wlYGEeg/yLnHpHeuagWOz2s=
Subject key identifier: FC:3D:DB:B9:A4:A9:BB:65:37:2C:56:F2:58:1B:6C:76:52:63:F9:2C
Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial: 34E589B0
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/_D3buaSpu2U3LFbyWBtsdlJj-Sw.roa
Signing time: Tue 29 Mar 2022 06:26:06 +0000
ROA not before: Tue 29 Mar 2022 06:26:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29345
IP address blocks: 85.254.192.0/23 maxlen: 24
85.254.193.0/24 maxlen: 24
91.240.246.0/23 maxlen: 23
2a02:501::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 887458224 (0x34e589b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Validity
Not Before: Mar 29 06:26:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc3ddbb9a4a9bb65372c56f2581b6c765263f92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3d:9a:4b:30:ff:27:73:9f:01:43:f2:67:7e:
61:6c:d8:87:58:32:2f:29:9d:03:de:d0:d1:a0:c1:
c2:4d:16:f0:9b:00:c0:b1:3f:91:b5:43:b6:80:22:
9b:a9:0c:fe:b0:e2:2e:d2:3e:8d:d8:8c:c9:36:3b:
01:43:83:3f:80:8b:19:99:34:d9:c2:c1:48:4f:9f:
1f:20:d1:b2:86:b8:15:f0:48:29:93:15:76:ce:de:
c0:c9:f1:3b:35:94:72:cd:0e:40:f9:9f:7c:12:d2:
63:22:13:06:ef:8c:5c:32:c5:35:9c:66:90:d9:d1:
88:27:23:3e:00:3f:77:0e:88:ac:d3:5a:e1:aa:95:
59:1c:e0:1a:98:7b:d5:6b:73:b5:9e:c8:02:17:d7:
f1:a0:12:a9:cd:88:d4:71:98:ad:d7:47:de:8b:ed:
12:67:9d:ec:7c:a2:c1:9d:ba:b3:3b:51:89:93:d1:
e5:94:14:22:62:07:df:c1:2d:0b:0b:a9:85:27:51:
ec:14:c0:75:73:8f:f2:76:5b:10:9b:a8:3d:6f:4e:
78:72:e6:fa:26:93:14:e6:75:8c:45:6b:62:fe:8e:
47:6e:39:e5:dc:da:eb:a9:fc:2c:e2:ab:56:54:23:
82:6c:91:05:0d:fb:9c:df:6c:c0:79:97:9f:45:19:
5d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:3D:DB:B9:A4:A9:BB:65:37:2C:56:F2:58:1B:6C:76:52:63:F9:2C
X509v3 Authority Key Identifier:
keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/_D3buaSpu2U3LFbyWBtsdlJj-Sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.192.0/23
91.240.246.0/23
IPv6:
2a02:501::/32
Signature Algorithm: sha256WithRSAEncryption
78:0e:5a:0c:b6:8b:20:88:b6:99:fb:86:4c:1a:f5:9b:f8:a2:
5f:81:c1:4c:53:ac:3b:db:7e:43:90:94:89:52:2b:ea:9b:c4:
55:49:e7:3d:da:9b:8f:7f:9f:79:6f:f0:e1:86:a5:1c:1f:ba:
dd:6b:5f:c1:63:e5:0a:97:1c:82:54:ee:4f:5c:4f:bf:4e:ac:
a9:81:aa:14:c5:d7:18:06:bb:df:f2:fe:02:6f:ef:71:a8:f8:
10:c1:14:77:65:66:00:15:64:68:94:b4:d5:1f:9c:5b:8f:18:
70:6a:a8:78:0e:97:57:9c:29:31:53:d7:bd:83:ee:0d:38:3d:
f7:7b:f3:b1:da:a7:f6:be:f3:f0:33:89:a2:1f:df:f9:f5:fc:
28:76:82:2b:f1:64:ac:ba:3a:ee:8c:ff:c6:7e:7c:a9:86:19:
2a:21:dd:d7:9f:ae:22:82:bd:7f:40:10:b3:88:1c:7c:41:0d:
b6:77:62:83:a8:99:27:6e:c4:e7:d7:61:d6:28:1c:f8:8f:df:
d6:4e:4d:c4:3d:ec:df:7b:c9:38:51:88:c5:d2:55:5d:cd:21:
7d:30:fd:2f:71:45:4a:c4:fc:0c:b5:b5:b6:f5:3c:1c:57:2e:
62:e3:97:27:c4:9f:ae:5b:d8:d9:85:fe:84:56:9a:5a:6d:c0:
5a:94:a6:3a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENOWJsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjBiMjRhNzQwZjJlNjE2MzIwNTBhZGMxNDZjMWVlNmEzZTY4NmM1MB4XDTIyMDMy
OTA2MjYwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmMzZGRiYjlhNGE5
YmI2NTM3MmM1NmYyNTgxYjZjNzY1MjYzZjkyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMY9mksw/ydznwFD8md+YWzYh1gyLymdA97Q0aDBwk0W8JsA
wLE/kbVDtoAim6kM/rDiLtI+jdiMyTY7AUODP4CLGZk02cLBSE+fHyDRsoa4FfBI
KZMVds7ewMnxOzWUcs0OQPmffBLSYyITBu+MXDLFNZxmkNnRiCcjPgA/dw6IrNNa
4aqVWRzgGph71WtztZ7IAhfX8aASqc2I1HGYrddH3ovtEmed7HyiwZ26sztRiZPR
5ZQUImIH38EtCwuphSdR7BTAdXOP8nZbEJuoPW9OeHLm+iaTFOZ1jEVrYv6OR245
5dza66n8LOKrVlQjgmyRBQ37nN9swHmXn0UZXe0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBT8Pdu5pKm7ZTcsVvJYG2x2UmP5LDAfBgNVHSMEGDAWgBQyCySnQPLmFjIF
CtwUbB7mo+aGxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01nc2twMER5NWhZeUJRcmNGR3dlNXFQbWhzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvOWMyN2U0LWQ3YjEtNDNjMS1hMzhmLTk0OTE0ZjVkZGIzYy8x
L19EM2J1YVNwdTJVM0xGYnlXQnRzZGxKai1Tdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
OWMyN2U0LWQ3YjEtNDNjMS1hMzhmLTk0OTE0ZjVkZGIzYy8xL01nc2twMER5NWhZ
eUJRcmNGR3dlNXFQbWhzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAVX+wAMEAVvw9jANBAIAAjAHAwUA
KgIFATANBgkqhkiG9w0BAQsFAAOCAQEAeA5aDLaLIIi2mfuGTBr1m/iiX4HBTFOs
O9t+Q5CUiVIr6pvEVUnnPdqbj3+feW/w4YalHB+63WtfwWPlCpccglTuT1xPv06s
qYGqFMXXGAa73/L+Am/vcaj4EMEUd2VmABVkaJS01R+cW48YcGqoeA6XV5wpMVPX
vYPuDTg993vzsdqn9r7z8DOJoh/f+fX8KHaCK/FkrLo67oz/xn58qYYZKiHd15+u
IoK9f0AQs4gcfEENtndig6iZJ27E59dh1igc+I/f1k5NxD3s33vJOFGIxdJVXc0h
fTD9L3FFSsT8DLW1tvU8HFcuYuOXJ8SfrlvY2YX+hFaaWm3AWpSmOg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:22 2025 by rpki-client