Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/aIMozQ5JARDoVB6-Nokp5mV-lq4.roa
File: aIMozQ5JARDoVB6-Nokp5mV-lq4.roa (raw, json)
Hash identifier: TmjbwZzPfZcy/zT5SbSkNzDvtrYFkcSXoIf5OcYUrhY=
Subject key identifier: 68:83:28:CD:0E:49:01:10:E8:54:1E:BE:36:89:29:E6:65:7E:96:AE
Certificate issuer: /CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Certificate serial: 01840EED223DB2E01592FE4B5197A9F7BF9C
Authority key identifier: DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/aIMozQ5JARDoVB6-Nokp5mV-lq4.roa
Signing time: Tue 25 Oct 2022 11:35:32 +0000
ROA not before: Tue 25 Oct 2022 11:35:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206805
IP address blocks: 185.159.111.0/24 maxlen: 24
45.84.152.0/23 maxlen: 23
45.84.155.0/24 maxlen: 24
45.84.154.0/24 maxlen: 24
193.19.100.0/23 maxlen: 23
45.145.188.0/23 maxlen: 23
185.247.192.0/22 maxlen: 24
185.228.48.0/22 maxlen: 24
178.159.32.0/23 maxlen: 24
188.64.149.0/24 maxlen: 24
2a0c:ee00:20c::/48 maxlen: 48
2a0c:ee00:100::/40 maxlen: 40
2a0c:ee00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0e:ed:22:3d:b2:e0:15:92:fe:4b:51:97:a9:f7:bf:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Validity
Not Before: Oct 25 11:35:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=688328cd0e490110e8541ebe368929e6657e96ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:19:dc:87:79:59:ba:6c:11:2a:b0:44:8c:10:
fe:e6:54:4e:72:8c:d8:d8:87:01:04:12:f8:a5:66:
e9:b7:73:cb:2b:c6:22:d9:24:ec:1c:8a:42:e1:54:
8c:53:b3:85:ae:6f:72:d0:65:ec:5c:03:b5:6d:71:
bc:05:de:55:47:81:81:d3:9f:9f:d1:1c:86:0b:bd:
77:b5:4a:6f:5b:8a:a3:10:9b:44:9b:7f:57:e2:ac:
57:e5:8c:e5:a5:c7:32:b2:0a:d6:dd:36:d9:c1:58:
46:e6:98:6a:40:c1:05:95:a8:91:a6:be:b6:77:5b:
9c:1b:32:44:fd:f2:61:6e:c1:b2:fa:46:50:db:33:
65:0d:eb:69:81:e6:3a:0c:ff:57:be:bc:0e:67:7c:
d1:83:71:f0:50:b5:38:aa:c3:45:1d:da:69:f3:82:
85:22:92:67:78:7e:5d:f7:c2:fd:f4:8f:9c:3d:e1:
32:1f:9d:3d:e8:94:0b:8c:f5:3c:f3:5f:f8:84:5c:
15:71:7e:75:aa:d1:63:dc:98:98:9e:22:12:00:88:
38:51:cc:b7:b9:a5:47:11:a8:9a:a0:07:16:dc:43:
57:1b:52:e7:c2:2d:eb:75:3e:47:94:99:a0:8b:12:
7c:af:82:16:f6:ab:4e:50:8a:39:80:62:56:c1:5d:
97:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:83:28:CD:0E:49:01:10:E8:54:1E:BE:36:89:29:E6:65:7E:96:AE
X509v3 Authority Key Identifier:
keyid:DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/aIMozQ5JARDoVB6-Nokp5mV-lq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.152.0/22
45.145.188.0/23
178.159.32.0/23
185.159.111.0/24
185.228.48.0/22
185.247.192.0/22
188.64.149.0/24
193.19.100.0/23
IPv6:
2a0c:ee00::/39
2a0c:ee00:20c::/48
Signature Algorithm: sha256WithRSAEncryption
42:71:ef:64:b4:0b:16:33:14:9f:09:49:8d:71:09:7a:c4:ac:
ed:b4:cb:6b:45:55:15:6b:71:c5:e9:cd:e1:ae:64:8b:3f:3a:
6d:55:1f:a9:86:69:76:a2:8a:63:b6:a3:7a:2f:14:6d:7c:12:
23:aa:7a:e4:a3:bf:3f:42:05:03:89:72:54:c9:9a:da:08:ed:
a0:53:03:71:92:bd:dd:59:0e:e6:14:fc:a2:f2:15:3b:4a:57:
e6:3d:75:c5:47:da:b3:7e:07:7e:cf:1a:bf:7e:05:ac:ab:d1:
3f:c3:7d:c5:ba:f5:e1:6e:59:eb:1a:f5:df:07:85:f2:4b:91:
0f:28:e2:bb:d4:de:e0:47:a7:47:6c:68:a8:ca:a5:a1:cf:0d:
2a:a3:65:1c:b9:1c:70:ec:95:51:55:a2:a2:3f:fe:9f:3c:a4:
5d:d8:8d:91:5e:c3:69:ed:26:48:71:b8:b1:75:bf:48:36:61:
30:1e:fa:d9:c0:eb:40:8f:3e:79:a8:90:26:9a:bd:9d:18:62:
ac:e7:d1:b4:73:19:df:99:5e:53:09:76:bb:35:9f:05:c7:19:
46:ff:b9:26:1e:46:ed:96:f7:48:43:cd:72:69:0d:95:17:36:
7b:74:ee:8e:40:1a:d6:e4:15:31:af:f8:a4:9a:fc:97:39:3a:
c6:fd:57:a0
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYQO7SI9suAVkv5LUZep97+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkM2Q0MDExMTc1ZTVkZjdhM2Y1N2QzOGU3ODE1MGEyYzA1
ZmRkMWQwHhcNMjIxMDI1MTEzNTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODgzMjhjZDBlNDkwMTEwZTg1NDFlYmUzNjg5MjllNjY1N2U5NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRnch3lZumwRKrBEjBD+5lROcozY
2IcBBBL4pWbpt3PLK8Yi2STsHIpC4VSMU7OFrm9y0GXsXAO1bXG8Bd5VR4GB05+f
0RyGC713tUpvW4qjEJtEm39X4qxX5YzlpccysgrW3TbZwVhG5phqQMEFlaiRpr62
d1ucGzJE/fJhbsGy+kZQ2zNlDetpgeY6DP9XvrwOZ3zRg3HwULU4qsNFHdpp84KF
IpJneH5d98L99I+cPeEyH5096JQLjPU881/4hFwVcX51qtFj3JiYniISAIg4Ucy3
uaVHEaiaoAcW3ENXG1Lnwi3rdT5HlJmgixJ8r4IW9qtOUIo5gGJWwV2XowIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFGiDKM0OSQEQ6FQevjaJKeZlfpauMB8GA1UdIwQY
MBaAFN09QBEXXl33o/V9OOeBUKLAX90dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQt
MmQwYTc4YmU4OTJkLzEvYUlNb3pRNUpBUkRvVkI2LU5va3A1bVYtbHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQtMmQwYTc4YmU4OTJk
LzEvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTA2BAIAATAwAwQCLVSYAwQB
LZG8AwQBsp8gAwQAuZ9vAwQCueQwAwQCuffAAwQAvECVAwQBwRNkMBcEAgACMBED
BgEqDO4AAAMHACoM7gACDDANBgkqhkiG9w0BAQsFAAOCAQEAQnHvZLQLFjMUnwlJ
jXEJesSs7bTLa0VVFWtxxenN4a5kiz86bVUfqYZpdqKKY7ajei8UbXwSI6p65KO/
P0IFA4lyVMma2gjtoFMDcZK93VkO5hT8ovIVO0pX5j11xUfas34Hfs8av34FrKvR
P8N9xbr14W5Z6xr13weF8kuRDyjiu9Te4EenR2xoqMqloc8NKqNlHLkccOyVUVWi
oj/+nzykXdiNkV7Dae0mSHG4sXW/SDZhMB762cDrQI8+eaiQJpq9nRhirOfRtHMZ
35leUwl2uzWfBccZRv+5Jh5G7Zb3SEPNcmkNlRc2e3TujkAa1uQVMa/4pJr8lzk6
xv1XoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:29 2024 by rpki-client on console-fra.rpki-client.org