Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/3MEpCwXqtLsMK0gaYj9Yl0DP7OU.roa
File: 3MEpCwXqtLsMK0gaYj9Yl0DP7OU.roa (raw, json)
Hash identifier: cOg5Pug77Q19FVJ2NYT/5zesA1HXrIf+JVsWGPjhvnU=
Subject key identifier: DC:C1:29:0B:05:EA:B4:BB:0C:2B:48:1A:62:3F:58:97:40:CF:EC:E5
Certificate issuer: /CN=29b79380fe407439cc2ecd3fac18157db36cf768
Certificate serial: 02743B26
Authority key identifier: 29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/3MEpCwXqtLsMK0gaYj9Yl0DP7OU.roa
Signing time: Sat 01 Jan 2022 13:07:29 +0000
ROA not before: Sat 01 Jan 2022 13:07:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1759
IP address blocks: 143.161.74.0/24 maxlen: 24
143.161.91.0/24 maxlen: 24
143.161.96.0/22 maxlen: 22
143.161.92.0/22 maxlen: 22
143.161.100.0/23 maxlen: 23
2a05:6747::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41171750 (0x2743b26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b79380fe407439cc2ecd3fac18157db36cf768
Validity
Not Before: Jan 1 13:07:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcc1290b05eab4bb0c2b481a623f589740cfece5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:21:1e:bd:c9:c7:b9:99:f3:e2:af:a0:1e:b6:
29:62:42:19:99:87:fe:7f:b5:36:98:a2:da:bf:7f:
68:99:b8:bc:b7:41:50:02:78:bc:15:71:71:a1:b7:
90:aa:83:8e:5e:af:09:75:b1:23:b7:a0:ba:13:eb:
7c:ea:26:dc:81:b8:34:6c:7b:20:f9:67:1e:00:99:
8e:4a:e8:4b:d1:61:5d:74:9c:69:1d:d7:2d:ed:87:
66:6d:23:c4:9f:6b:8a:08:57:cc:2b:ac:8e:a6:b9:
8a:b5:eb:6c:38:73:93:84:3d:b6:7e:60:7c:a1:2d:
ed:3d:03:3a:2d:75:89:ce:cd:34:f9:13:3c:a3:d9:
af:fd:ac:eb:9f:d3:a2:dc:0f:17:fd:cf:3f:30:3b:
44:bb:aa:ad:ca:60:80:bc:38:58:23:c6:58:25:52:
d2:08:5c:f8:5d:f9:1e:b0:50:59:73:7d:2d:34:eb:
f0:ec:5d:5a:96:70:83:bf:42:71:55:36:10:91:ae:
a1:8b:e0:5d:8d:6c:c8:c5:05:15:31:5a:9f:b4:63:
1c:b8:dd:06:b3:6b:64:c8:56:67:d5:0e:ce:18:13:
6e:27:fd:32:35:0d:25:4a:45:97:1d:47:a4:22:bd:
e8:9f:3b:23:f0:40:b9:16:f1:d1:92:96:c6:7d:6b:
f3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C1:29:0B:05:EA:B4:BB:0C:2B:48:1A:62:3F:58:97:40:CF:EC:E5
X509v3 Authority Key Identifier:
keyid:29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/3MEpCwXqtLsMK0gaYj9Yl0DP7OU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/KbeTgP5AdDnMLs0_rBgVfbNs92g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.161.74.0/24
143.161.91.0-143.161.101.255
IPv6:
2a05:6747::/48
Signature Algorithm: sha256WithRSAEncryption
71:6b:9f:4e:b8:e9:d3:e6:78:2e:6c:ba:50:cd:3c:bb:39:2d:
e9:a9:6e:41:58:27:62:ff:84:3a:cc:ee:59:38:cd:07:35:08:
c1:40:3b:71:77:fa:85:26:c9:13:1f:af:d7:20:7a:12:1d:dc:
8d:5f:40:b4:b8:81:9b:b0:40:44:2c:3e:21:ac:08:37:47:23:
ad:4d:cf:9e:57:3b:e4:31:a2:70:d2:81:41:a7:05:71:54:ac:
31:d2:fc:ab:0d:dd:cf:c1:a4:dd:11:70:e3:e2:67:8f:b2:f2:
db:94:a2:28:9f:25:c9:bd:e5:8d:25:ec:54:b8:50:8d:d1:42:
c2:e4:85:96:d5:b3:30:49:7d:5d:af:37:30:69:f4:57:85:cb:
4b:a8:fc:2c:cc:7c:99:be:cf:62:47:40:fd:d1:78:8b:db:34:
e3:19:6c:59:56:e0:df:d4:95:65:45:43:2a:68:22:67:55:60:
0a:51:2a:d8:cb:b1:7b:9c:20:05:84:1d:a4:5e:e4:cb:a8:c2:
e4:68:7c:5b:19:2b:67:92:28:cc:7a:18:11:62:2a:ce:78:b6:
58:e1:ce:2e:d3:e2:c3:1a:7f:a5:3c:da:27:3b:be:e5:2d:00:
c2:97:e9:5e:ea:8f:22:93:19:98:ed:54:bb:e8:18:77:09:ed:
9a:2d:9f:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEAnQ7JjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWI3OTM4MGZlNDA3NDM5Y2MyZWNkM2ZhYzE4MTU3ZGIzNmNmNzY4MB4XDTIyMDEw
MTEzMDcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNjMTI5MGIwNWVh
YjRiYjBjMmI0ODFhNjIzZjU4OTc0MGNmZWNlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKghHr3Jx7mZ8+KvoB62KWJCGZmH/n+1Npii2r9/aJm4vLdB
UAJ4vBVxcaG3kKqDjl6vCXWxI7eguhPrfOom3IG4NGx7IPlnHgCZjkroS9FhXXSc
aR3XLe2HZm0jxJ9righXzCusjqa5irXrbDhzk4Q9tn5gfKEt7T0DOi11ic7NNPkT
PKPZr/2s65/TotwPF/3PPzA7RLuqrcpggLw4WCPGWCVS0ghc+F35HrBQWXN9LTTr
8OxdWpZwg79CcVU2EJGuoYvgXY1syMUFFTFan7RjHLjdBrNrZMhWZ9UOzhgTbif9
MjUNJUpFlx1HpCK96J87I/BAuRbx0ZKWxn1r8wECAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBTcwSkLBeq0uwwrSBpiP1iXQM/s5TAfBgNVHSMEGDAWgBQpt5OA/kB0Ocwu
zT+sGBV9s2z3aDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tiZVRnUDVBZERuTUxzMF9yQmdWZmJOczkyZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvMzkzODQyLWU3ZWYtNDg5My05YzFiLTFlODQyMTE4ZGI2Zi8x
LzNNRXBDd1hxdExzTUswZ2FZajlZbDBEUDdPVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
MzkzODQyLWU3ZWYtNDg5My05YzFiLTFlODQyMTE4ZGI2Zi8xL0tiZVRnUDVBZERu
TUxzMF9yQmdWZmJOczkyZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wGgQCAAEwFAMEAI+hSjAMAwQAj6FbAwQBj6FkMA8E
AgACMAkDBwAqBWdHAAAwDQYJKoZIhvcNAQELBQADggEBAHFrn0646dPmeC5sulDN
PLs5LempbkFYJ2L/hDrM7lk4zQc1CMFAO3F3+oUmyRMfr9cgehId3I1fQLS4gZuw
QEQsPiGsCDdHI61Nz55XO+QxonDSgUGnBXFUrDHS/KsN3c/BpN0RcOPiZ4+y8tuU
oiifJcm95Y0l7FS4UI3RQsLkhZbVszBJfV2vNzBp9FeFy0uo/CzMfJm+z2JHQP3R
eIvbNOMZbFlW4N/UlWVFQypoImdVYApRKtjLsXucIAWEHaRe5MuowuRofFsZK2eS
KMx6GBFiKs54tljhzi7T4sMaf6U82ic7vuUtAMKX6V7qjyKTGZjtVLvoGHcJ7Zot
n8c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:23 2024 by rpki-client on console-ams.rpki-client.org