Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/_t3eHrtPHOmoqubOF-jn0_TQ3Ww.roa
File: _t3eHrtPHOmoqubOF-jn0_TQ3Ww.roa (raw, json)
Hash identifier: i8tzIazEucf/RY4zAmciE/mBzlPDo8QPhT3pQb6NGsg=
Subject key identifier: FE:DD:DE:1E:BB:4F:1C:E9:A8:AA:E6:CE:17:E8:E7:D3:F4:D0:DD:6C
Certificate issuer: /CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Certificate serial: 018570F06E98CEB45E8AE8D3817D7EEC9A98
Authority key identifier: BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/_t3eHrtPHOmoqubOF-jn0_TQ3Ww.roa
Signing time: Mon 02 Jan 2023 05:24:43 +0000
ROA not before: Mon 02 Jan 2023 05:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41451
IP address blocks: 185.46.172.0/24 maxlen: 24
195.43.80.0/24 maxlen: 24
2a0c:f40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:6e:98:ce:b4:5e:8a:e8:d3:81:7d:7e:ec:9a:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Validity
Not Before: Jan 2 05:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=feddde1ebb4f1ce9a8aae6ce17e8e7d3f4d0dd6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:09:da:f0:ad:12:12:c8:28:18:8c:99:b1:ee:
6b:59:44:c2:b3:19:d2:a3:2e:4d:47:3b:14:41:68:
75:7f:9f:19:55:4d:20:55:36:5e:86:45:5f:89:1a:
92:97:41:23:58:8a:d7:b3:c2:a3:4d:33:74:45:30:
7b:f7:50:89:fb:b1:23:72:c8:57:97:73:76:5d:9d:
75:e7:24:e3:e5:e8:07:89:a7:f4:85:70:58:45:5a:
a9:2d:15:56:39:e2:e4:72:2c:70:26:20:ae:ab:66:
0c:de:38:13:7f:f4:1e:23:34:75:2c:71:da:f5:92:
65:d9:7f:ef:50:87:c8:60:ea:95:b6:13:9c:32:03:
be:2a:a0:e5:e7:97:62:58:39:83:1c:56:50:72:78:
e5:fb:80:68:43:d5:47:e0:d7:9d:d1:c0:ce:68:5f:
28:f0:8a:b0:f2:fb:a7:76:89:7a:f5:79:4d:6a:f4:
23:8d:f5:2b:52:82:60:c6:2f:a2:dd:e6:52:09:91:
89:1b:ca:7c:12:fa:57:68:35:d9:8a:6a:73:30:1e:
4e:6f:59:6a:98:19:1e:a6:f9:cd:de:30:4b:d0:df:
f4:f3:1b:08:e2:8b:67:04:9e:df:5f:b3:30:26:06:
e7:68:55:c0:ae:fa:3e:48:2b:65:94:fe:65:e3:c7:
c8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:DD:DE:1E:BB:4F:1C:E9:A8:AA:E6:CE:17:E8:E7:D3:F4:D0:DD:6C
X509v3 Authority Key Identifier:
keyid:BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/_t3eHrtPHOmoqubOF-jn0_TQ3Ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.172.0/24
195.43.80.0/24
IPv6:
2a0c:f40::/32
Signature Algorithm: sha256WithRSAEncryption
3b:ff:23:20:af:8f:6d:e9:de:cd:98:c2:61:33:51:3e:f0:15:
81:1f:a4:80:ff:30:24:c0:3f:ac:26:ca:30:ff:e5:a1:02:85:
dc:5f:df:92:42:bf:c5:4e:e4:fc:f1:23:76:a2:2a:a1:13:f7:
e5:a7:c3:48:96:e1:ba:13:bb:a9:d2:b7:91:e5:7d:eb:37:22:
99:bb:b7:bb:a7:46:a0:ea:28:c3:bc:61:b7:06:41:a2:e4:14:
ea:23:6f:28:1d:b7:d3:4d:c8:d8:21:02:df:2b:be:c1:07:ff:
d3:f2:88:ac:ec:9d:5d:13:ee:c1:b2:3d:39:55:1a:ac:3d:ba:
74:35:c8:67:ab:88:3d:16:66:cb:b6:60:41:cf:31:9b:ce:59:
20:46:5a:30:ca:b1:7d:f6:74:da:ac:c3:e0:99:a4:75:b0:c8:
90:c0:f0:b5:36:cd:2a:62:44:12:bc:b7:73:3b:ce:2b:3d:c5:
df:98:fa:5a:bd:28:4a:30:64:58:09:81:4d:ec:25:0b:3b:e3:
e4:a4:b5:08:fa:5d:93:f3:4b:2b:30:a7:6f:4f:cf:81:6a:11:
d0:94:e9:b2:52:6c:73:f7:cf:02:c5:dd:c1:e0:4e:3b:a1:1b:
39:64:07:31:3e:16:78:ba:99:b0:3c:ca:4a:cb:c3:3c:2c:34:
6c:3c:61:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw8G6YzrReiujTgX1+7JqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmQyZGE1NDQ3ZDAwNzYxNmViZGRjMmE3MGZlYWM1ZTc3
YzRhOGIwHhcNMjMwMTAyMDUyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWRkZGUxZWJiNGYxY2U5YThhYWU2Y2UxN2U4ZTdkM2Y0ZDBkZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwna8K0SEsgoGIyZse5rWUTCsxnS
oy5NRzsUQWh1f58ZVU0gVTZehkVfiRqSl0EjWIrXs8KjTTN0RTB791CJ+7EjcshX
l3N2XZ115yTj5egHiaf0hXBYRVqpLRVWOeLkcixwJiCuq2YM3jgTf/QeIzR1LHHa
9ZJl2X/vUIfIYOqVthOcMgO+KqDl55diWDmDHFZQcnjl+4BoQ9VH4Ned0cDOaF8o
8Iqw8vundol69XlNavQjjfUrUoJgxi+i3eZSCZGJG8p8EvpXaDXZimpzMB5Ob1lq
mBkepvnN3jBL0N/08xsI4otnBJ7fX7MwJgbnaFXArvo+SCtllP5l48fI8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP7d3h67TxzpqKrmzhfo59P00N1sMB8GA1UdIwQY
MBaAFLz9LaVEfQB2FuvdwqcP6sXnfEqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQt
YmJmZTIxOTZjNmFmLzEvX3QzZUhydFBIT21vcXViT0Ytam4wX1RRM1d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQtYmJmZTIxOTZjNmFm
LzEvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuS6sAwQA
wytQMA0EAgACMAcDBQAqDA9AMA0GCSqGSIb3DQEBCwUAA4IBAQA7/yMgr49t6d7N
mMJhM1E+8BWBH6SA/zAkwD+sJsow/+WhAoXcX9+SQr/FTuT88SN2oiqhE/flp8NI
luG6E7up0reR5X3rNyKZu7e7p0ag6ijDvGG3BkGi5BTqI28oHbfTTcjYIQLfK77B
B//T8ois7J1dE+7Bsj05VRqsPbp0Nchnq4g9FmbLtmBBzzGbzlkgRlowyrF99nTa
rMPgmaR1sMiQwPC1Ns0qYkQSvLdzO84rPcXfmPpavShKMGRYCYFN7CULO+PkpLUI
+l2T80srMKdvT8+BahHQlOmyUmxz988Cxd3B4E47oRs5ZAcxPhZ4upmwPMpKy8M8
LDRsPGFF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:28 2025 by rpki-client