Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/3MplvQwrryNGHOry1suzZuKO5KY.roa
File: 3MplvQwrryNGHOry1suzZuKO5KY.roa (raw, json)
Hash identifier: CpfIpVYhBgACPbm4W2ZPEbAR0V8LRLc2yv1Y/FnhO+c=
Subject key identifier: DC:CA:65:BD:0C:2B:AF:23:46:1C:EA:F2:D6:CB:B3:66:E2:8E:E4:A6
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01849BA165C396E65373A35D3D49274D498A
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/3MplvQwrryNGHOry1suzZuKO5KY.roa
Signing time: Mon 21 Nov 2022 19:19:16 +0000
ROA not before: Mon 21 Nov 2022 19:19:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 185.231.205.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.84.1.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9b:a1:65:c3:96:e6:53:73:a3:5d:3d:49:27:4d:49:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Nov 21 19:19:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcca65bd0c2baf23461ceaf2d6cbb366e28ee4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:dc:8d:d2:97:4c:74:33:56:24:28:ae:47:7a:
73:08:cb:31:91:cc:a5:a8:03:c2:75:db:ca:c7:e2:
ee:16:14:fb:98:5f:a0:da:68:e8:f4:2d:a1:fb:3a:
38:61:12:93:ec:4d:87:11:31:af:64:66:9f:e7:9e:
f1:83:90:ae:25:99:c3:09:c3:c0:12:9c:b5:be:ef:
b1:a1:e1:8f:bf:a5:f3:66:ec:96:41:dc:78:65:6d:
d6:ce:69:ca:56:ed:2b:32:bb:c0:e1:a6:d6:6e:d3:
a2:bb:68:97:ed:10:58:6d:7d:76:24:fc:2b:45:8b:
43:28:85:e5:63:fd:57:3e:ea:0f:c7:03:d7:45:b3:
7b:9b:7f:43:94:ce:f3:60:26:76:17:8f:90:bd:42:
f0:e2:43:fd:5b:61:3f:05:e0:61:d9:4b:54:78:75:
79:61:55:47:70:5c:03:14:48:b0:1a:d8:04:47:b7:
00:f2:c0:69:a1:a2:bd:60:9d:ff:d3:29:4f:b4:13:
6f:2d:d9:55:c2:29:f7:26:ff:60:f9:39:eb:3e:21:
cb:53:30:eb:7b:9b:f7:95:d9:d6:e1:96:e6:f4:40:
c8:64:22:95:b8:48:99:68:cd:96:e8:49:e3:40:5e:
d1:c8:4b:ad:56:a0:e7:6b:f3:ec:53:ac:16:51:b6:
d5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:CA:65:BD:0C:2B:AF:23:46:1C:EA:F2:D6:CB:B3:66:E2:8E:E4:A6
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/3MplvQwrryNGHOry1suzZuKO5KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.144.0/23
45.67.35.0/24
45.84.0.0/23
45.87.154.0/24
45.159.248.0/24
45.159.250.0/24
93.185.166.0/24
185.231.204.0/23
185.231.207.0/24
193.57.138.0/24
194.4.48.0/23
194.4.51.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:bf:b8:6b:a9:4b:7d:8c:69:71:81:64:5a:38:21:db:0c:e5:
f4:7d:39:b7:d7:d2:88:4d:6b:b0:a8:c9:07:06:6a:9d:c3:1a:
86:2d:a7:97:31:b4:72:0d:59:fd:8f:3c:2e:e2:18:85:f1:47:
d3:68:1d:a7:ef:6c:6c:c8:f3:6c:ae:29:41:31:dc:4e:d6:54:
ad:4d:56:92:00:9e:14:c8:a5:ad:2c:40:03:a0:7f:3f:ff:48:
ec:42:8f:05:3b:06:72:81:34:e0:b9:65:f1:cb:04:13:28:f1:
f4:19:69:86:eb:ce:02:8c:5e:92:9f:4b:87:d7:0c:14:e9:23:
1c:24:61:c2:c7:3d:65:c2:c6:bf:57:26:77:27:72:b1:d9:82:
b2:be:92:67:b0:8b:8c:5d:8e:71:5c:c5:6d:e8:70:29:08:9a:
62:0c:40:89:4a:5e:aa:c8:0b:8e:c9:04:40:bc:9f:07:c4:e3:
53:66:a3:32:cf:70:4e:2c:60:52:c2:26:03:c6:5b:ac:33:26:
fc:9a:55:9d:29:35:78:c7:25:f5:7b:30:7c:d0:00:24:f4:35:
2d:7b:56:a0:5e:d0:c3:37:63:32:2b:5d:6b:b5:96:fd:ed:c1:
e7:ee:a7:f8:87:c0:a7:f3:b8:93:4d:74:5c:fd:76:69:6b:12:
e1:bd:e4:16
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYSboWXDluZTc6NdPUknTUmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIxMTIxMTkxOTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2NhNjViZDBjMmJhZjIzNDYxY2VhZjJkNmNiYjM2NmUyOGVlNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidyN0pdMdDNWJCiuR3pzCMsxkcyl
qAPCddvKx+LuFhT7mF+g2mjo9C2h+zo4YRKT7E2HETGvZGaf557xg5CuJZnDCcPA
Epy1vu+xoeGPv6XzZuyWQdx4ZW3WzmnKVu0rMrvA4abWbtOiu2iX7RBYbX12JPwr
RYtDKIXlY/1XPuoPxwPXRbN7m39DlM7zYCZ2F4+QvULw4kP9W2E/BeBh2UtUeHV5
YVVHcFwDFEiwGtgER7cA8sBpoaK9YJ3/0ylPtBNvLdlVwin3Jv9g+TnrPiHLUzDr
e5v3ldnW4Zbm9EDIZCKVuEiZaM2W6EnjQF7RyEutVqDna/PsU6wWUbbV/QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNzKZb0MK68jRhzq8tbLs2bijuSmMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvM01wbHZRd3JyeU5HSE9yeTFzdXpadUtPNUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBLQiQAwQA
LUMjAwQBLVQAAwQALVeaAwQALZ/4AwQALZ/6AwQAXbmmAwQBuefMAwQAuefPAwQA
wTmKAwQBwgQwAwQAwgQzMA0GCSqGSIb3DQEBCwUAA4IBAQA8v7hrqUt9jGlxgWRa
OCHbDOX0fTm319KITWuwqMkHBmqdwxqGLaeXMbRyDVn9jzwu4hiF8UfTaB2n72xs
yPNsrilBMdxO1lStTVaSAJ4UyKWtLEADoH8//0jsQo8FOwZygTTguWXxywQTKPH0
GWmG684CjF6Sn0uH1wwU6SMcJGHCxz1lwsa/VyZ3J3Kx2YKyvpJnsIuMXY5xXMVt
6HApCJpiDECJSl6qyAuOyQRAvJ8HxONTZqMyz3BOLGBSwiYDxlusMyb8mlWdKTV4
xyX1ezB80AAk9DUte1agXtDDN2MyK11rtZb97cHn7qf4h8Cn87iTTXRc/XZpaxLh
veQW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:23 2024 by rpki-client on console-fra.rpki-client.org