Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3nqDcNNFMG2c-VezwHyQcdCsNqw.roa
File: 3nqDcNNFMG2c-VezwHyQcdCsNqw.roa (raw, json)
Hash identifier: tskv/SbTCpU8Srso2tmlQKRfHlj0QOn6JwDkp5wyP2Y=
Subject key identifier: DE:7A:83:70:D3:45:30:6D:9C:F9:57:B3:C0:7C:90:71:D0:AC:36:AC
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01866FCA59B86DBBD3A8BDBD4D3B1B252A00
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3nqDcNNFMG2c-VezwHyQcdCsNqw.roa
Signing time: Mon 20 Feb 2023 17:06:17 +0000
ROA not before: Mon 20 Feb 2023 17:06:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15611
IP address blocks: 213.176.96.0/24 maxlen: 24
213.176.4.0/24 maxlen: 24
213.176.5.0/24 maxlen: 24
62.60.128.0/21 maxlen: 24
62.60.136.0/24 maxlen: 24
62.60.137.0/24 maxlen: 24
62.60.139.0/24 maxlen: 24
62.60.140.0/24 maxlen: 24
62.60.143.0/24 maxlen: 24
62.60.141.0/24 maxlen: 24
62.60.142.0/24 maxlen: 24
62.60.145.0/24 maxlen: 24
62.60.152.0/22 maxlen: 24
62.60.146.0/24 maxlen: 24
213.176.124.0/24 maxlen: 24
213.176.125.0/24 maxlen: 24
213.176.122.0/24 maxlen: 24
213.176.123.0/24 maxlen: 24
62.60.220.0/22 maxlen: 24
62.60.168.0/21 maxlen: 24
62.60.172.0/22 maxlen: 24
62.60.176.0/22 maxlen: 24
62.60.180.0/22 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.188.0/22 maxlen: 24
62.60.208.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6f:ca:59:b8:6d:bb:d3:a8:bd:bd:4d:3b:1b:25:2a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Feb 20 17:06:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de7a8370d345306d9cf957b3c07c9071d0ac36ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:11:a2:88:12:05:62:65:3a:07:00:fd:a0:45:
24:bb:1c:6d:17:1e:b8:86:e2:e8:94:fe:85:c1:33:
17:02:ba:53:43:3f:35:f8:a1:e6:f7:5e:62:21:3a:
a3:ee:67:1a:89:e4:3e:84:cb:20:32:c7:7a:3e:7f:
5d:a8:d2:9b:1e:55:97:6b:8e:c4:6d:ec:b6:07:80:
79:cc:84:ab:76:cf:85:a5:a8:c8:d5:43:04:ea:f7:
51:f9:46:67:45:9c:d2:72:d5:48:4b:62:0e:e0:c4:
bc:5c:23:77:03:88:ff:b0:d4:9d:8c:6f:bb:19:96:
a4:0f:74:1b:73:7b:a2:e0:4c:31:0a:b9:74:d2:3a:
62:f7:ed:0e:11:1f:00:4f:e0:17:21:28:0b:78:c8:
0e:a0:ff:20:a2:a1:9a:15:0c:d8:7a:65:b1:3f:d0:
0c:c5:70:95:d1:ba:45:e5:fd:c0:42:2e:67:15:de:
8d:83:29:d4:94:b1:7d:61:58:a5:3a:72:df:9f:36:
46:18:d7:06:60:36:33:f4:d1:b0:d0:81:2d:43:51:
1f:58:1b:07:25:38:ff:84:ba:b2:f0:32:a5:46:ef:
cd:d0:68:08:a4:3f:98:50:26:bf:b3:64:9e:a2:18:
23:d1:29:60:b6:37:ef:0f:c8:01:40:4b:f3:6e:0f:
07:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7A:83:70:D3:45:30:6D:9C:F9:57:B3:C0:7C:90:71:D0:AC:36:AC
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3nqDcNNFMG2c-VezwHyQcdCsNqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.128.0-62.60.137.255
62.60.139.0-62.60.143.255
62.60.145.0-62.60.146.255
62.60.152.0/22
62.60.168.0-62.60.191.255
62.60.208.0/22
62.60.220.0/22
213.176.4.0/23
213.176.96.0/24
213.176.122.0-213.176.125.255
Signature Algorithm: sha256WithRSAEncryption
11:51:24:fd:45:bd:4f:db:99:03:34:8a:83:2b:e3:f7:e2:a4:
85:08:bd:50:a3:01:40:e4:97:63:b8:86:1d:06:7f:e7:5c:a0:
25:08:da:bd:a6:8f:1e:20:e6:66:d5:0b:b2:ef:79:f9:a3:87:
c6:84:e7:14:36:c2:df:57:d2:58:5f:2f:ea:42:24:2d:70:e8:
e6:1e:58:a6:dc:77:35:d1:b1:e4:73:2f:dd:76:c9:3f:98:7b:
da:27:0c:f9:8b:26:ea:62:0c:ff:d4:a5:2b:43:bd:0d:75:80:
da:4d:9d:4c:5c:49:33:41:c5:59:e4:03:e3:1b:4f:46:df:1f:
2a:2a:db:24:9a:0a:fc:b6:31:3c:a7:cb:de:d9:b0:45:af:ab:
3e:56:99:c7:ff:2b:a2:0b:d7:33:3b:fb:7f:ae:55:91:25:c8:
21:00:57:2d:92:70:6a:2d:cf:dc:86:3c:ae:8a:2b:e6:79:b2:
f2:f8:f4:84:19:f7:07:0f:ce:b2:03:02:5c:bb:61:80:11:6f:
87:15:df:f6:6f:7a:ce:d3:f9:87:54:10:49:38:80:d9:df:2d:
ad:34:1e:78:74:1e:19:94:71:5e:c5:81:98:1a:9c:63:6b:0c:
55:15:dd:cb:b2:0b:2c:23:b3:25:44:34:74:ba:2f:29:b4:fb:
66:e5:22:84
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYZvylm4bbvTqL29TTsbJSoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMjIwMTcwNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTdhODM3MGQzNDUzMDZkOWNmOTU3YjNjMDdjOTA3MWQwYWMzNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRGiiBIFYmU6BwD9oEUkuxxtFx64
huLolP6FwTMXArpTQz81+KHm915iITqj7mcaieQ+hMsgMsd6Pn9dqNKbHlWXa47E
bey2B4B5zISrds+FpajI1UME6vdR+UZnRZzSctVIS2IO4MS8XCN3A4j/sNSdjG+7
GZakD3Qbc3ui4EwxCrl00jpi9+0OER8AT+AXISgLeMgOoP8goqGaFQzYemWxP9AM
xXCV0bpF5f3AQi5nFd6NgynUlLF9YVilOnLfnzZGGNcGYDYz9NGw0IEtQ1EfWBsH
JTj/hLqy8DKlRu/N0GgIpD+YUCa/s2Seohgj0SlgtjfvD8gBQEvzbg8HbwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFN56g3DTRTBtnPlXs8B8kHHQrDasMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvM25xRGNOTkZNRzJjLVZlendIeVFjZENzTnF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkMAwDBAc+PIAD
BAE+PIgwDAMEAD48iwMEBD48gDAMAwQAPjyRAwQAPjySAwQCPjyYMAwDBAM+PKgD
BAY+PIADBAI+PNADBAI+PNwDBAHVsAQDBADVsGAwDAMEAdWwegMEAdWwfDANBgkq
hkiG9w0BAQsFAAOCAQEAEVEk/UW9T9uZAzSKgyvj9+KkhQi9UKMBQOSXY7iGHQZ/
51ygJQjavaaPHiDmZtULsu95+aOHxoTnFDbC31fSWF8v6kIkLXDo5h5Yptx3NdGx
5HMv3XbJP5h72icM+Ysm6mIM/9SlK0O9DXWA2k2dTFxJM0HFWeQD4xtPRt8fKirb
JJoK/LYxPKfL3tmwRa+rPlaZx/8rogvXMzv7f65VkSXIIQBXLZJwai3P3IY8roor
5nmy8vj0hBn3Bw/OsgMCXLthgBFvhxXf9m96ztP5h1QQSTiA2d8trTQeeHQeGZRx
XsWBmBqcY2sMVRXdy7ILLCOzJUQ0dLovKbT7ZuUihA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:15:38 2025 by rpki-client