Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/eb301d-ab50-4c3e-8c78-9df37109c81d/1/3PPOOhdEXU1VxKyUhS0zrgsU6kw.roa
File: 3PPOOhdEXU1VxKyUhS0zrgsU6kw.roa (raw, json)
Hash identifier: RSA/r+HIgaCkdC5t1Ef/dJNA92AqIdzE4Q324fd+wTU=
Subject key identifier: DC:F3:CE:3A:17:44:5D:4D:55:C4:AC:94:85:2D:33:AE:0B:14:EA:4C
Certificate issuer: /CN=9be76ef4aa498c21524dd7edad16de1d3db002e3
Certificate serial: 018570CBF2E8CDC92F02576E58229D69DBED
Authority key identifier: 9B:E7:6E:F4:AA:49:8C:21:52:4D:D7:ED:AD:16:DE:1D:3D:B0:02:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-du9KpJjCFSTdftrRbeHT2wAuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/eb301d-ab50-4c3e-8c78-9df37109c81d/1/3PPOOhdEXU1VxKyUhS0zrgsU6kw.roa
Signing time: Mon 02 Jan 2023 04:44:51 +0000
ROA not before: Mon 02 Jan 2023 04:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12817
IP address blocks: 194.145.150.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:f2:e8:cd:c9:2f:02:57:6e:58:22:9d:69:db:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9be76ef4aa498c21524dd7edad16de1d3db002e3
Validity
Not Before: Jan 2 04:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcf3ce3a17445d4d55c4ac94852d33ae0b14ea4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2b:bb:97:51:2f:b8:37:59:d4:3a:85:16:b2:
23:aa:08:0e:ac:6d:9c:1e:b0:32:77:25:8f:61:8a:
6f:79:c1:d5:77:95:ac:8f:76:3e:f2:2f:8e:5c:02:
e4:14:29:c0:5a:0d:76:ae:59:34:42:f0:95:4f:b5:
74:b9:1b:a8:64:d5:31:6b:42:e9:e5:3d:06:56:8f:
39:ae:3a:c9:35:22:37:13:16:8e:90:ce:a6:2a:f1:
b1:7b:d0:4f:8d:31:ec:6c:11:ac:3d:7e:56:6d:5c:
7e:d3:fd:b3:6d:f7:d4:fb:da:11:18:90:0c:d0:66:
31:17:a9:c1:7d:27:fc:96:83:2a:78:08:d8:05:53:
5c:32:41:2a:34:d6:92:97:9f:73:2b:29:54:d9:c0:
7a:50:38:11:58:cf:64:9f:8b:ec:84:e4:e8:d3:f9:
63:ab:6b:b9:b1:5f:cd:82:7d:c3:43:1c:53:f1:c9:
d9:58:5d:38:d1:fc:d2:ca:fa:dd:d1:24:38:57:98:
38:1e:1b:b6:b1:e8:ad:d1:77:85:6c:cf:4a:0e:3d:
d1:63:eb:1b:b4:1f:da:86:9c:6b:46:ec:ec:e9:fb:
09:7e:5b:ae:26:06:19:bd:2f:02:0b:70:a8:7c:2a:
cc:42:fa:41:d5:e4:0f:99:73:f7:06:0c:f8:85:70:
5b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F3:CE:3A:17:44:5D:4D:55:C4:AC:94:85:2D:33:AE:0B:14:EA:4C
X509v3 Authority Key Identifier:
keyid:9B:E7:6E:F4:AA:49:8C:21:52:4D:D7:ED:AD:16:DE:1D:3D:B0:02:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-du9KpJjCFSTdftrRbeHT2wAuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eb301d-ab50-4c3e-8c78-9df37109c81d/1/3PPOOhdEXU1VxKyUhS0zrgsU6kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eb301d-ab50-4c3e-8c78-9df37109c81d/1/m-du9KpJjCFSTdftrRbeHT2wAuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.145.150.0/23
Signature Algorithm: sha256WithRSAEncryption
21:70:03:e4:20:5a:70:1a:92:46:ef:1e:ad:9c:06:d9:b7:49:
c5:99:0e:71:4d:42:c4:a7:c1:34:3a:87:3f:44:a2:60:6f:30:
ce:1b:04:86:03:c2:fc:6b:b1:82:6a:b6:43:db:f2:4a:96:89:
7d:99:f9:d6:14:e1:ec:4f:38:b1:8d:a5:f8:b1:51:f9:60:81:
42:f7:2d:85:d7:34:08:d4:cb:c7:7b:38:22:92:d4:08:d2:bf:
71:d6:65:22:77:e8:bc:9d:af:16:89:90:6b:95:4d:7b:74:33:
f2:fb:1c:1f:3d:7a:bd:8f:39:b2:78:07:dd:39:28:37:5e:4f:
3a:d4:c2:d9:ea:9b:f4:ab:e0:fa:12:ef:8a:e8:a1:61:94:93:
42:c2:0c:5b:1a:71:3f:58:59:ed:08:58:72:c0:98:dc:14:67:
e4:ea:05:d7:be:61:3e:88:6c:b0:c0:11:5d:ae:eb:6e:61:10:
8e:c9:37:ed:b7:c6:7b:86:63:c5:32:43:da:e5:b9:06:01:15:
4c:3d:20:de:16:bb:7e:11:ba:b7:c6:ac:fa:ae:78:fb:78:5b:
04:1b:6c:20:fd:2a:92:45:8b:35:10:29:fa:a2:71:ff:23:d9:
a2:62:30:5d:2a:fb:c8:ff:81:c9:ff:37:0c:6f:96:b2:03:96:
c6:3d:7d:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy/LozckvAlduWCKdadvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZTc2ZWY0YWE0OThjMjE1MjRkZDdlZGFkMTZkZTFkM2Ri
MDAyZTMwHhcNMjMwMTAyMDQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2YzY2UzYTE3NDQ1ZDRkNTVjNGFjOTQ4NTJkMzNhZTBiMTRlYTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyu7l1EvuDdZ1DqFFrIjqggOrG2c
HrAydyWPYYpvecHVd5Wsj3Y+8i+OXALkFCnAWg12rlk0QvCVT7V0uRuoZNUxa0Lp
5T0GVo85rjrJNSI3ExaOkM6mKvGxe9BPjTHsbBGsPX5WbVx+0/2zbffU+9oRGJAM
0GYxF6nBfSf8loMqeAjYBVNcMkEqNNaSl59zKylU2cB6UDgRWM9kn4vshOTo0/lj
q2u5sV/Ngn3DQxxT8cnZWF040fzSyvrd0SQ4V5g4Hhu2seit0XeFbM9KDj3RY+sb
tB/ahpxrRuzs6fsJfluuJgYZvS8CC3CofCrMQvpB1eQPmXP3Bgz4hXBb4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNzzzjoXRF1NVcSslIUtM64LFOpMMB8GA1UdIwQY
MBaAFJvnbvSqSYwhUk3X7a0W3h09sALjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbS1kdTlLcEpqQ0ZTVGRmdHJSYmVIVDJ3QXVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lYjMwMWQtYWI1MC00YzNlLThjNzgt
OWRmMzcxMDljODFkLzEvM1BQT09oZEVYVTFWeEt5VWhTMHpyZ3NVNmt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lYjMwMWQtYWI1MC00YzNlLThjNzgtOWRmMzcxMDljODFk
LzEvbS1kdTlLcEpqQ0ZTVGRmdHJSYmVIVDJ3QXVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpGWMA0G
CSqGSIb3DQEBCwUAA4IBAQAhcAPkIFpwGpJG7x6tnAbZt0nFmQ5xTULEp8E0Ooc/
RKJgbzDOGwSGA8L8a7GCarZD2/JKlol9mfnWFOHsTzixjaX4sVH5YIFC9y2F1zQI
1MvHezgiktQI0r9x1mUid+i8na8WiZBrlU17dDPy+xwfPXq9jzmyeAfdOSg3Xk86
1MLZ6pv0q+D6Eu+K6KFhlJNCwgxbGnE/WFntCFhywJjcFGfk6gXXvmE+iGywwBFd
rutuYRCOyTftt8Z7hmPFMkPa5bkGARVMPSDeFrt+Ebq3xqz6rnj7eFsEG2wg/SqS
RYs1ECn6onH/I9miYjBdKvvI/4HJ/zcMb5ayA5bGPX3U
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:09:51 2025 by rpki-client