Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/3ifeN1kJwYF6-tog5zohFSkOq2I.roa
File: 3ifeN1kJwYF6-tog5zohFSkOq2I.roa (raw, json)
Hash identifier: CgpuyMilxOXYW5WVuKOQHk/kM119IoBVG9WkYo8b37g=
Subject key identifier: DE:27:DE:37:59:09:C1:81:7A:FA:DA:20:E7:3A:21:15:29:0E:AB:62
Certificate issuer: /CN=d44de659759b0274124a7b481d0976840b7ade06
Certificate serial: 16E7DC3E
Authority key identifier: D4:4D:E6:59:75:9B:02:74:12:4A:7B:48:1D:09:76:84:0B:7A:DE:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/3ifeN1kJwYF6-tog5zohFSkOq2I.roa
Signing time: Fri 29 Apr 2022 11:42:52 +0000
ROA not before: Fri 29 Apr 2022 11:42:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52023
IP address blocks: 91.212.148.0/24 maxlen: 24
37.143.165.0/24 maxlen: 24
37.143.166.0/24 maxlen: 24
37.143.162.0/24 maxlen: 24
37.143.164.0/24 maxlen: 24
37.143.163.0/24 maxlen: 24
37.143.167.0/24 maxlen: 24
37.143.169.0/24 maxlen: 24
37.143.170.0/24 maxlen: 24
2a03:8f84::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 384293950 (0x16e7dc3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d44de659759b0274124a7b481d0976840b7ade06
Validity
Not Before: Apr 29 11:42:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de27de375909c1817afada20e73a2115290eab62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e8:ce:89:d0:f2:89:b5:a5:5a:e1:f5:95:23:
21:32:65:5e:5b:b1:ff:57:18:52:c2:2f:d1:7c:7c:
af:72:0a:16:00:98:64:69:c0:b0:27:59:c0:fb:4e:
9c:8b:49:8c:88:a1:f0:05:67:4f:f3:ca:ff:0b:f3:
6a:fe:73:a6:2d:e6:cf:1a:b8:71:fd:ef:e3:fe:af:
83:11:00:5c:57:54:a1:e5:21:1a:a5:b0:2c:ca:88:
fc:e3:72:11:79:f4:84:6e:b6:3e:30:dc:4a:6d:af:
4b:8a:79:27:7c:b4:f7:fe:00:b7:e7:a5:c8:3d:92:
2b:55:90:cf:9d:13:61:2c:04:5f:52:67:b2:e4:47:
bd:9d:8f:22:cb:b0:12:9f:1d:3b:62:b4:77:ea:d3:
b8:2c:cd:c5:17:33:d5:06:31:f7:9c:1b:d3:e5:c1:
92:8e:14:2a:40:5c:22:1a:16:c6:90:c9:b8:fb:3f:
e0:8f:17:99:02:2d:97:4c:e9:eb:6f:cc:94:3f:13:
72:b6:2f:2d:5d:0e:c4:2c:64:eb:75:06:c0:19:39:
d3:b0:0d:b0:c9:f2:ee:2e:80:60:d3:78:52:23:f5:
08:44:ef:5f:df:32:6d:09:37:43:e3:4b:94:a9:a6:
0e:87:65:a2:f5:6a:6d:3e:66:15:c3:48:4c:fa:db:
35:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:27:DE:37:59:09:C1:81:7A:FA:DA:20:E7:3A:21:15:29:0E:AB:62
X509v3 Authority Key Identifier:
keyid:D4:4D:E6:59:75:9B:02:74:12:4A:7B:48:1D:09:76:84:0B:7A:DE:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/3ifeN1kJwYF6-tog5zohFSkOq2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/1E3mWXWbAnQSSntIHQl2hAt63gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.162.0-37.143.167.255
37.143.169.0-37.143.170.255
91.212.148.0/24
IPv6:
2a03:8f84::/32
Signature Algorithm: sha256WithRSAEncryption
a4:b7:25:cd:44:f6:6e:3b:58:93:35:aa:e3:ab:ae:c4:55:98:
4b:48:da:9d:3d:a1:9e:d7:51:b8:6b:c8:d1:19:e3:2f:f4:f9:
a3:8a:70:1c:a3:ab:da:8e:64:f6:eb:a7:5e:aa:eb:cf:9d:09:
77:9b:0c:98:43:05:a5:37:84:47:46:62:a2:63:b7:f6:de:52:
6e:07:0e:b7:49:3a:16:b4:b2:92:0b:7b:d5:97:99:b3:dc:13:
9d:7a:65:99:47:94:6e:a3:26:14:e0:ee:ea:73:f1:8d:1e:f5:
47:e9:be:aa:ce:1f:67:0d:e7:68:34:4c:c5:13:ba:9d:7d:13:
db:a9:08:90:4e:3d:39:b0:4f:08:cb:88:d2:b3:26:82:28:4d:
9b:ab:92:93:b0:f3:4d:f5:3a:d9:d7:86:04:73:c4:56:ac:58:
06:72:19:df:08:02:41:e3:53:d0:43:8d:48:6b:25:32:7b:9d:
d0:68:6e:85:fc:84:06:1a:1e:c2:28:67:5f:d2:ac:7c:7a:55:
2b:b3:a3:d6:b0:d4:67:f0:d8:67:70:4c:bd:21:cd:3c:18:d4:
55:c2:31:49:ba:50:66:39:eb:a7:c1:54:bf:73:0c:0a:66:47:
5f:45:1b:c0:72:c3:95:38:f3:27:df:d6:04:75:cf:a8:a7:6e:
47:e3:33:fc
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEFufcPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDRkZTY1OTc1OWIwMjc0MTI0YTdiNDgxZDA5NzY4NDBiN2FkZTA2MB4XDTIyMDQy
OTExNDI1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGUyN2RlMzc1OTA5
YzE4MTdhZmFkYTIwZTczYTIxMTUyOTBlYWI2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPozonQ8om1pVrh9ZUjITJlXlux/1cYUsIv0Xx8r3IKFgCY
ZGnAsCdZwPtOnItJjIih8AVnT/PK/wvzav5zpi3mzxq4cf3v4/6vgxEAXFdUoeUh
GqWwLMqI/ONyEXn0hG62PjDcSm2vS4p5J3y09/4At+elyD2SK1WQz50TYSwEX1Jn
suRHvZ2PIsuwEp8dO2K0d+rTuCzNxRcz1QYx95wb0+XBko4UKkBcIhoWxpDJuPs/
4I8XmQItl0zp62/MlD8TcrYvLV0OxCxk63UGwBk507ANsMny7i6AYNN4UiP1CETv
X98ybQk3Q+NLlKmmDodlovVqbT5mFcNITPrbNQMCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBTeJ943WQnBgXr62iDnOiEVKQ6rYjAfBgNVHSMEGDAWgBTUTeZZdZsCdBJK
e0gdCXaEC3reBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFFM21XWFdiQW5RU1NudElIUWwyaEF0NjNnWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvNzUyMTZkLTY4NGItNDdjYy1hOTVlLWRiNGQzOWRjNGVjNy8x
LzNpZmVOMWtKd1lGNi10b2c1em9oRlNrT3EySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
NzUyMTZkLTY4NGItNDdjYy1hOTVlLWRiNGQzOWRjNGVjNy8xLzFFM21XWFdiQW5R
U1NudElIUWwyaEF0NjNnWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwKAQCAAEwIjAMAwQBJY+iAwQDJY+gMAwDBAAlj6kD
BAAlj6oDBABb1JQwDQQCAAIwBwMFACoDj4QwDQYJKoZIhvcNAQELBQADggEBAKS3
Jc1E9m47WJM1quOrrsRVmEtI2p09oZ7XUbhryNEZ4y/0+aOKcByjq9qOZPbrp16q
68+dCXebDJhDBaU3hEdGYqJjt/beUm4HDrdJOha0spILe9WXmbPcE516ZZlHlG6j
JhTg7upz8Y0e9UfpvqrOH2cN52g0TMUTup19E9upCJBOPTmwTwjLiNKzJoIoTZur
kpOw8031OtnXhgRzxFasWAZyGd8IAkHjU9BDjUhrJTJ7ndBoboX8hAYaHsIoZ1/S
rHx6VSuzo9aw1Gfw2GdwTL0hzTwY1FXCMUm6UGY566fBVL9zDApmR19FG8Byw5U4
8yff1gR1z6inbkfjM/w=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:36 2023 by rpki-client on console-fra.rpki-client.org