Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/3Yw3FHPGcfQWE0AjwmUnYPJ_CCQ.roa
File: 3Yw3FHPGcfQWE0AjwmUnYPJ_CCQ.roa (raw, json)
Hash identifier: s7au9qctxqwRZmMU99jHvo9y19kZeUFFGqZGCehzh6M=
Subject key identifier: DD:8C:37:14:73:C6:71:F4:16:13:40:23:C2:65:27:60:F2:7F:08:24
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 14511E8D
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/3Yw3FHPGcfQWE0AjwmUnYPJ_CCQ.roa
Signing time: Fri 18 Mar 2022 18:06:53 +0000
ROA not before: Fri 18 Mar 2022 18:06:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43094
IP address blocks: 91.242.84.0/23 maxlen: 23
91.242.104.0/21 maxlen: 21
91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
194.114.144.0/24 maxlen: 25
91.242.78.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 340860557 (0x14511e8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 18 18:06:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd8c371473c671f416134023c2652760f27f0824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6e:51:ec:96:a4:8a:5a:21:51:a3:ff:5e:f7:
3f:6c:da:34:7c:8e:fd:5a:82:2b:14:f1:36:59:05:
00:35:0c:8c:bb:f5:5b:02:2b:e1:39:78:2a:53:2b:
e3:c0:bb:c5:f0:62:57:08:81:63:0a:b9:62:bb:ba:
13:dc:d1:72:de:82:09:6e:70:b3:4d:0a:8d:f4:81:
43:d8:f3:05:94:5f:82:d5:a2:1d:61:0d:80:6a:5c:
bf:fe:1e:28:3a:71:b9:55:d5:58:1a:71:69:e5:0d:
b3:a8:51:90:50:9c:a3:ba:e1:a9:ab:a6:90:24:04:
27:5a:a2:e4:a3:67:69:58:e5:b4:05:1e:9f:7c:7e:
4b:66:8e:6b:58:ee:48:ef:b9:10:2f:01:52:41:86:
7e:91:9c:97:4d:23:9e:20:78:67:60:35:cb:d8:8a:
7a:0d:3e:a5:30:52:05:f7:55:55:7f:38:4a:ed:22:
4d:0b:ae:b8:cc:87:a3:5d:1a:af:cf:c7:23:e4:80:
cd:09:29:b8:8e:03:f8:58:ce:a3:a0:7b:fe:dc:c8:
d4:95:f8:78:5d:67:d7:de:68:16:a5:2a:f1:3b:fa:
0a:00:86:be:0f:8c:45:56:3d:79:2e:87:3b:5d:30:
01:c8:f9:3f:a9:18:4c:a3:5b:8e:cf:0c:83:1f:64:
af:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:8C:37:14:73:C6:71:F4:16:13:40:23:C2:65:27:60:F2:7F:08:24
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/3Yw3FHPGcfQWE0AjwmUnYPJ_CCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.78.0/23
91.242.84.0/23
91.242.104.0-91.242.127.255
194.114.144.0/24
Signature Algorithm: sha256WithRSAEncryption
44:b5:c0:13:41:a5:ca:ba:47:e1:c6:12:a6:e3:24:a1:18:46:
bf:a5:82:dc:dc:ba:dd:e8:c9:f8:db:9f:57:d3:22:8f:02:55:
05:a1:57:e1:65:ae:e1:ce:af:c0:0d:3e:ea:a2:a5:cf:12:ba:
fc:d1:b6:69:e5:7c:4c:6d:77:89:20:5a:47:b1:b7:3d:18:64:
1f:1d:99:f4:08:28:f3:25:45:e3:29:38:1c:1c:06:ea:73:72:
9c:e2:9e:ac:da:90:64:01:ef:dd:d7:c3:bf:f8:52:f1:76:dc:
fd:81:69:f9:1c:6d:90:1a:a3:8e:84:ef:5b:d2:b6:e5:d1:61:
45:19:b6:2c:00:5b:e7:b1:ca:7c:e0:ba:70:db:22:8c:a1:18:
51:14:97:8d:e2:79:71:02:77:b8:e2:9e:17:17:0c:30:98:7a:
13:0c:c4:a0:a1:85:0b:82:f2:0e:cb:3d:36:7c:d9:65:cc:35:
af:e9:1e:6d:71:9d:c4:c8:63:7f:ab:f1:53:7c:d7:9d:73:a1:
9f:1f:26:ab:7e:51:4c:fe:ee:4a:d3:98:44:c7:26:c8:05:a8:
58:e0:ab:a4:1d:85:b8:62:a4:e6:16:27:c9:60:d7:4c:30:8a:
42:24:de:77:39:8c:c6:73:e9:25:10:62:e9:d4:cb:2b:08:18:
9f:8c:c5:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEFFEejTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDMx
ODE4MDY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ4YzM3MTQ3M2M2
NzFmNDE2MTM0MDIzYzI2NTI3NjBmMjdmMDgyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALduUeyWpIpaIVGj/173P2zaNHyO/VqCKxTxNlkFADUMjLv1
WwIr4Tl4KlMr48C7xfBiVwiBYwq5Yru6E9zRct6CCW5ws00KjfSBQ9jzBZRfgtWi
HWENgGpcv/4eKDpxuVXVWBpxaeUNs6hRkFCco7rhqaumkCQEJ1qi5KNnaVjltAUe
n3x+S2aOa1juSO+5EC8BUkGGfpGcl00jniB4Z2A1y9iKeg0+pTBSBfdVVX84Su0i
TQuuuMyHo10ar8/HI+SAzQkpuI4D+FjOo6B7/tzI1JX4eF1n195oFqUq8Tv6CgCG
vg+MRVY9eS6HO10wAcj5P6kYTKNbjs8Mgx9kr+8CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTdjDcUc8Zx9BYTQCPCZSdg8n8IJDAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
LzNZdzNGSFBHY2ZRV0UwQWp3bVVuWVBKX0NDUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAVvyTgMEAVvyVDAMAwQDW/JoAwQH
W/IAAwQAwnKQMA0GCSqGSIb3DQEBCwUAA4IBAQBEtcATQaXKukfhxhKm4yShGEa/
pYLc3Lrd6Mn4259X0yKPAlUFoVfhZa7hzq/ADT7qoqXPErr80bZp5XxMbXeJIFpH
sbc9GGQfHZn0CCjzJUXjKTgcHAbqc3Kc4p6s2pBkAe/d18O/+FLxdtz9gWn5HG2Q
GqOOhO9b0rbl0WFFGbYsAFvnscp84Lpw2yKMoRhRFJeN4nlxAne44p4XFwwwmHoT
DMSgoYULgvIOyz02fNllzDWv6R5tcZ3EyGN/q/FTfNedc6GfHyarflFM/u5K05hE
xybIBahY4KukHYW4YqTmFifJYNdMMIpCJN53OYzGc+klEGLp1MsrCBifjMUs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org