Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/3PEr2Aq74tTnA6IwrbcJdZLQAS8.roa
File: 3PEr2Aq74tTnA6IwrbcJdZLQAS8.roa (raw, json)
Hash identifier: J1cEgLWVB2ZSXQcCgNrJpqlyeZkoq8M33tb2GP/8Lsc=
Subject key identifier: DC:F1:2B:D8:0A:BB:E2:D4:E7:03:A2:30:AD:B7:09:75:92:D0:01:2F
Certificate issuer: /CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Certificate serial: 01856F66C1BF5B6327D2153D387AB99F8138
Authority key identifier: A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/3PEr2Aq74tTnA6IwrbcJdZLQAS8.roa
Signing time: Sun 01 Jan 2023 22:14:43 +0000
ROA not before: Sun 01 Jan 2023 22:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8820
IP address blocks: 81.92.0.0/20 maxlen: 24
195.8.254.2/31 maxlen: 32
212.60.128.0/19 maxlen: 24
78.41.48.0/22 maxlen: 24
82.139.192.0/18 maxlen: 24
195.8.224.0/19 maxlen: 24
213.240.128.0/18 maxlen: 24
46.236.192.0/18 maxlen: 24
195.8.253.0/24 maxlen: 24
212.17.224.0/19 maxlen: 24
2a01:170:1000::/36 maxlen: 48
2a01:170::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:c1:bf:5b:63:27:d2:15:3d:38:7a:b9:9f:81:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Validity
Not Before: Jan 1 22:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcf12bd80abbe2d4e703a230adb7097592d0012f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9b:08:d3:38:66:0f:ee:9f:ff:f9:73:3f:d0:
36:1e:f1:df:99:5c:0a:93:67:4d:86:56:f8:8d:5a:
ab:76:ed:ab:f5:25:a8:7f:b3:bd:22:14:74:5a:92:
cf:34:12:7d:11:bc:af:f1:51:3f:43:9f:84:55:88:
ef:be:75:c3:09:a5:25:ad:89:0e:9a:d4:2e:df:8a:
c8:81:07:50:a0:09:6d:28:75:9d:f2:e0:7a:e6:d8:
6f:bb:c8:ea:8b:7b:6e:31:f4:13:0d:ce:a5:91:93:
ca:2a:77:34:24:d6:4b:7e:8d:c5:42:ce:ae:3b:fb:
cd:ef:7d:72:7d:f2:fe:66:93:fe:da:49:f6:50:cd:
b8:2a:3f:2b:a2:e0:0b:ca:79:8a:58:a2:e9:de:c7:
b5:41:42:ef:1f:29:f5:00:28:cb:91:4f:00:e0:d0:
17:ec:58:4c:14:88:99:5c:c8:28:b3:fc:d9:2f:59:
eb:b8:d2:b1:52:ee:dc:19:94:c1:71:1d:27:c6:b3:
1f:19:08:a7:a4:1f:13:53:fc:f4:61:ee:8e:1b:f9:
02:6c:20:60:49:e2:69:af:2f:fe:5a:61:a2:a9:4e:
e5:27:5a:18:53:de:de:1e:78:70:01:43:b5:2c:a6:
43:76:8c:ca:6e:6b:2e:77:aa:0f:07:2d:02:64:c2:
e3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F1:2B:D8:0A:BB:E2:D4:E7:03:A2:30:AD:B7:09:75:92:D0:01:2F
X509v3 Authority Key Identifier:
keyid:A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/3PEr2Aq74tTnA6IwrbcJdZLQAS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.192.0/18
78.41.48.0/22
81.92.0.0/20
82.139.192.0/18
195.8.224.0/19
212.17.224.0/19
212.60.128.0/19
213.240.128.0/18
IPv6:
2a01:170::/32
Signature Algorithm: sha256WithRSAEncryption
26:73:de:c4:ac:7f:1c:67:7a:b0:76:0f:e0:fe:4c:e2:3b:ae:
3f:0e:85:7d:96:e0:ea:b5:ad:6c:15:b1:5b:a9:66:c7:91:93:
37:d4:df:58:c3:11:1a:0f:5f:6e:43:00:6e:2b:92:34:11:12:
21:44:e2:af:12:a6:c4:dc:fe:0c:1f:17:a5:2a:5b:fd:2e:e9:
c7:c2:eb:d7:9e:91:0e:a1:ec:2d:cd:be:47:77:5e:e6:37:4c:
4c:66:f4:57:fe:80:bc:ca:d2:61:16:c8:2b:ff:ae:0a:57:ab:
ae:04:e8:c0:23:d4:fd:3b:b6:5a:92:12:86:b6:6b:1c:ae:fb:
4e:ac:dc:64:a7:70:09:b1:91:54:e6:9b:b5:1f:b2:68:e6:87:
b1:41:86:69:ec:67:4e:bf:ba:84:1d:01:db:b6:b3:55:f9:f6:
c7:c5:a9:10:3f:97:40:45:69:c2:03:24:6f:5e:42:e8:1d:3b:
e2:bc:36:b5:02:60:b0:bd:4c:bd:8f:7e:dc:53:60:10:26:2f:
53:44:7f:36:8a:58:75:1a:67:60:65:7d:76:5b:ce:74:71:e9:
26:2c:e0:27:bf:8b:0e:2c:a3:5b:77:e4:71:b9:97:dd:ec:a5:
ca:9b:69:0e:1c:8c:b9:0a:fd:22:18:33:b2:21:18:a9:29:cb:
88:d6:63:86
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVvZsG/W2Mn0hU9OHq5n4E4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjEyZThkZjNhYmQ1NTU5ZjljZjk2ODBhZjY1ZGQxNjU4
OWRlODYwHhcNMjMwMTAxMjIxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2YxMmJkODBhYmJlMmQ0ZTcwM2EyMzBhZGI3MDk3NTkyZDAwMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspsI0zhmD+6f//lzP9A2HvHfmVwK
k2dNhlb4jVqrdu2r9SWof7O9IhR0WpLPNBJ9Ebyv8VE/Q5+EVYjvvnXDCaUlrYkO
mtQu34rIgQdQoAltKHWd8uB65thvu8jqi3tuMfQTDc6lkZPKKnc0JNZLfo3FQs6u
O/vN731yffL+ZpP+2kn2UM24Kj8rouALynmKWKLp3se1QULvHyn1ACjLkU8A4NAX
7FhMFIiZXMgos/zZL1nruNKxUu7cGZTBcR0nxrMfGQinpB8TU/z0Ye6OG/kCbCBg
SeJpry/+WmGiqU7lJ1oYU97eHnhwAUO1LKZDdozKbmsud6oPBy0CZMLjMwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNzxK9gKu+LU5wOiMK23CXWS0AEvMB8GA1UdIwQY
MBaAFKKxLo3zq9VVn5z5aAr2XdFlid6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEt
YjRjYjYzN2RhOGMzLzEvM1BFcjJBcTc0dFRuQTZJd3JiY0pkWkxRQVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEtYjRjYjYzN2RhOGMz
LzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQGLuzAAwQC
TikwAwQEUVwAAwQGUovAAwQFwwjgAwQF1BHgAwQF1DyAAwQG1fCAMA0EAgACMAcD
BQAqAQFwMA0GCSqGSIb3DQEBCwUAA4IBAQAmc97ErH8cZ3qwdg/g/kziO64/DoV9
luDqta1sFbFbqWbHkZM31N9YwxEaD19uQwBuK5I0ERIhROKvEqbE3P4MHxelKlv9
LunHwuvXnpEOoewtzb5Hd17mN0xMZvRX/oC8ytJhFsgr/64KV6uuBOjAI9T9O7Za
khKGtmscrvtOrNxkp3AJsZFU5pu1H7Jo5oexQYZp7GdOv7qEHQHbtrNV+fbHxakQ
P5dARWnCAyRvXkLoHTvivDa1AmCwvUy9j37cU2AQJi9TRH82ilh1GmdgZX12W850
cekmLOAnv4sOLKNbd+RxuZfd7KXKm2kOHIy5Cv0iGDOyIRipKcuI1mOG
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:14 2025 by rpki-client